diff --git a/content/assets/cover/README.md b/content/assets/cover/README.md
deleted file mode 100644
index 50c63b7f2..000000000
--- a/content/assets/cover/README.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# Cover images
-
-The cover images in this folder were obtained from Unsplash.
-
-## License
-
-See the [Unsplash License](https://unsplash.com/license) for details.
diff --git a/content/assets/cover/ai-chatbots.webp b/content/assets/cover/ai-chatbots.webp
deleted file mode 100644
index 4c29ee225..000000000
Binary files a/content/assets/cover/ai-chatbots.webp and /dev/null differ
diff --git a/content/assets/cover/alternative-networks.webp b/content/assets/cover/alternative-networks.webp
deleted file mode 100644
index 0bdc04fb0..000000000
Binary files a/content/assets/cover/alternative-networks.webp and /dev/null differ
diff --git a/content/assets/cover/android.webp b/content/assets/cover/android.webp
deleted file mode 100644
index eb705a2a3..000000000
Binary files a/content/assets/cover/android.webp and /dev/null differ
diff --git a/content/assets/cover/browser-extensions.webp b/content/assets/cover/browser-extensions.webp
deleted file mode 100644
index e3717a3af..000000000
Binary files a/content/assets/cover/browser-extensions.webp and /dev/null differ
diff --git a/content/assets/cover/calendar.webp b/content/assets/cover/calendar.webp
deleted file mode 100644
index 90943cf4f..000000000
Binary files a/content/assets/cover/calendar.webp and /dev/null differ
diff --git a/content/assets/cover/cloud.webp b/content/assets/cover/cloud.webp
deleted file mode 100644
index ff5ff5f6c..000000000
Binary files a/content/assets/cover/cloud.webp and /dev/null differ
diff --git a/content/assets/cover/cryptocurrency.webp b/content/assets/cover/cryptocurrency.webp
deleted file mode 100644
index df638fdb5..000000000
Binary files a/content/assets/cover/cryptocurrency.webp and /dev/null differ
diff --git a/content/assets/cover/data-broker-removals.webp b/content/assets/cover/data-broker-removals.webp
deleted file mode 100644
index 7a7a7f316..000000000
Binary files a/content/assets/cover/data-broker-removals.webp and /dev/null differ
diff --git a/content/assets/cover/data-redaction.webp b/content/assets/cover/data-redaction.webp
deleted file mode 100644
index 607966605..000000000
Binary files a/content/assets/cover/data-redaction.webp and /dev/null differ
diff --git a/content/assets/cover/desktop-browsers.webp b/content/assets/cover/desktop-browsers.webp
deleted file mode 100644
index aa819ef8a..000000000
Binary files a/content/assets/cover/desktop-browsers.webp and /dev/null differ
diff --git a/content/assets/cover/desktop.webp b/content/assets/cover/desktop.webp
deleted file mode 100644
index 4f676d697..000000000
Binary files a/content/assets/cover/desktop.webp and /dev/null differ
diff --git a/content/assets/cover/device-integrity.webp b/content/assets/cover/device-integrity.webp
deleted file mode 100644
index 3e48016ac..000000000
Binary files a/content/assets/cover/device-integrity.webp and /dev/null differ
diff --git a/content/assets/cover/dns.webp b/content/assets/cover/dns.webp
deleted file mode 100644
index 8cb2b7498..000000000
Binary files a/content/assets/cover/dns.webp and /dev/null differ
diff --git a/content/assets/cover/document-collaboration.webp b/content/assets/cover/document-collaboration.webp
deleted file mode 100644
index 4f2c87ab7..000000000
Binary files a/content/assets/cover/document-collaboration.webp and /dev/null differ
diff --git a/content/assets/cover/email-aliasing.webp b/content/assets/cover/email-aliasing.webp
deleted file mode 100644
index 213b1cbff..000000000
Binary files a/content/assets/cover/email-aliasing.webp and /dev/null differ
diff --git a/content/assets/cover/email-clients.webp b/content/assets/cover/email-clients.webp
deleted file mode 100644
index 004e387b1..000000000
Binary files a/content/assets/cover/email-clients.webp and /dev/null differ
diff --git a/content/assets/cover/email.webp b/content/assets/cover/email.webp
deleted file mode 100644
index 1bf4c4705..000000000
Binary files a/content/assets/cover/email.webp and /dev/null differ
diff --git a/content/assets/cover/encryption.webp b/content/assets/cover/encryption.webp
deleted file mode 100644
index 51ae8afd6..000000000
Binary files a/content/assets/cover/encryption.webp and /dev/null differ
diff --git a/content/assets/cover/file-sharing.webp b/content/assets/cover/file-sharing.webp
deleted file mode 100644
index 444dac664..000000000
Binary files a/content/assets/cover/file-sharing.webp and /dev/null differ
diff --git a/content/assets/cover/financial-services.webp b/content/assets/cover/financial-services.webp
deleted file mode 100644
index 52ed31c6a..000000000
Binary files a/content/assets/cover/financial-services.webp and /dev/null differ
diff --git a/content/assets/cover/frontends.webp b/content/assets/cover/frontends.webp
deleted file mode 100644
index ccefe705a..000000000
Binary files a/content/assets/cover/frontends.webp and /dev/null differ
diff --git a/content/assets/cover/health.webp b/content/assets/cover/health.webp
deleted file mode 100644
index 793ae0217..000000000
Binary files a/content/assets/cover/health.webp and /dev/null differ
diff --git a/content/assets/cover/language-tools.webp b/content/assets/cover/language-tools.webp
deleted file mode 100644
index f36f5fc0c..000000000
Binary files a/content/assets/cover/language-tools.webp and /dev/null differ
diff --git a/content/assets/cover/maps.webp b/content/assets/cover/maps.webp
deleted file mode 100644
index e4f5e320d..000000000
Binary files a/content/assets/cover/maps.webp and /dev/null differ
diff --git a/content/assets/cover/mobile-browsers.webp b/content/assets/cover/mobile-browsers.webp
deleted file mode 100644
index addd57797..000000000
Binary files a/content/assets/cover/mobile-browsers.webp and /dev/null differ
diff --git a/content/assets/cover/multi-factor-authentication.webp b/content/assets/cover/multi-factor-authentication.webp
deleted file mode 100644
index f50eb2516..000000000
Binary files a/content/assets/cover/multi-factor-authentication.webp and /dev/null differ
diff --git a/content/assets/cover/news-aggregators.webp b/content/assets/cover/news-aggregators.webp
deleted file mode 100644
index 5aa8ad4f0..000000000
Binary files a/content/assets/cover/news-aggregators.webp and /dev/null differ
diff --git a/content/assets/cover/notebooks.webp b/content/assets/cover/notebooks.webp
deleted file mode 100644
index 7e66900db..000000000
Binary files a/content/assets/cover/notebooks.webp and /dev/null differ
diff --git a/content/assets/cover/office-suites.webp b/content/assets/cover/office-suites.webp
deleted file mode 100644
index ee000c210..000000000
Binary files a/content/assets/cover/office-suites.webp and /dev/null differ
diff --git a/content/assets/cover/passwords.webp b/content/assets/cover/passwords.webp
deleted file mode 100644
index 8b9a92844..000000000
Binary files a/content/assets/cover/passwords.webp and /dev/null differ
diff --git a/content/assets/cover/pastebins.webp b/content/assets/cover/pastebins.webp
deleted file mode 100644
index 87951fb5f..000000000
Binary files a/content/assets/cover/pastebins.webp and /dev/null differ
diff --git a/content/assets/cover/photo-management.webp b/content/assets/cover/photo-management.webp
deleted file mode 100644
index 87298d7ce..000000000
Binary files a/content/assets/cover/photo-management.webp and /dev/null differ
diff --git a/content/assets/cover/real-time-communication.webp b/content/assets/cover/real-time-communication.webp
deleted file mode 100644
index ccba2f63f..000000000
Binary files a/content/assets/cover/real-time-communication.webp and /dev/null differ
diff --git a/content/assets/cover/router.webp b/content/assets/cover/router.webp
deleted file mode 100644
index 348be92c3..000000000
Binary files a/content/assets/cover/router.webp and /dev/null differ
diff --git a/content/assets/cover/search-engines.webp b/content/assets/cover/search-engines.webp
deleted file mode 100644
index c0377da19..000000000
Binary files a/content/assets/cover/search-engines.webp and /dev/null differ
diff --git a/content/assets/cover/social-networks.webp b/content/assets/cover/social-networks.webp
deleted file mode 100644
index 162e25297..000000000
Binary files a/content/assets/cover/social-networks.webp and /dev/null differ
diff --git a/content/assets/cover/tor.webp b/content/assets/cover/tor.webp
deleted file mode 100644
index 9247b7fd1..000000000
Binary files a/content/assets/cover/tor.webp and /dev/null differ
diff --git a/content/assets/cover/vpn.webp b/content/assets/cover/vpn.webp
deleted file mode 100644
index e6e059c3c..000000000
Binary files a/content/assets/cover/vpn.webp and /dev/null differ
diff --git a/content/blog/.authors.yml b/content/blog/.authors.yml
deleted file mode 100644
index fbf218368..000000000
--- a/content/blog/.authors.yml
+++ /dev/null
@@ -1,96 +0,0 @@
-authors:
-  aprilfools:
-    name: Anita Key
-    description: Government Liaison
-    avatar: https://github.com/privacyguides.png
-  contributors:
-    type: Organization
-    name: Privacy Guides
-    description: Various Authors
-    avatar: https://github.com/privacyguides.png
-  danarel:
-    name: Dan Arel
-    description: Former Team Member
-    avatar: https://github.com/danarel.png
-  dngray:
-    name: Daniel Gray
-    description: Team Member
-    avatar: https://github.com/dngray.png
-  em:
-    name: Em
-    description: Staff Writer
-    avatar: https://github.com/EmAtPrivacyGuides.png
-    mastodon:
-      username: Em0nM4stodon
-      instance: infosec.exchange
-  kevpham:
-    name: Kevin Pham
-    description: News Intern
-    avatar: https://github.com/kpham42.png
-  freddy:
-    name: Freddy
-    description: Team Member
-    avatar: https://github.com/freddy-m.png
-    mastodon:
-      username: freddy
-      instance: social.lol
-    twitter: m00ws
-    bluesky: freddy.lol
-  fria:
-    name: fria
-    description: Team Member
-    avatar: https://github.com/friadev.png
-  jordan:
-    name: Jordan Warne
-    description: Video Producer
-    avatar: https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/jordan/288/7793_2.png
-    mastodon:
-      username: jw
-      instance: social.lol
-  jonah:
-    name: Jonah Aragon
-    description: Project Director
-    avatar: https://github.com/jonaharagon.png
-    mastodon:
-      username: jonah
-      instance: neat.computer
-    twitter: jonaharagon
-    bluesky: jonaharagon.com
-  justin:
-    name: Justin Ehrenhofer
-    description: Guest Contributor
-    avatar: https://github.com/SamsungGalaxyPlayer.png
-    mastodon:
-      username: sgp
-      instance: neat.computer
-  kaitebay:
-    name: Kai Tebay
-    description: Former Team Member
-    avatar: https://github.com/kaitebay.png
-  matchboxbananasynergy:
-    name: mbananasynergy
-    description: Former Team Member
-    avatar: https://github.com/matchboxbananasynergy.png
-  mfwmyfacewhen:
-    name: mfwmyfacewhen
-    description: Former Team Member
-    avatar: https://github.com/ghost.png
-  natebartram:
-    name: Nate Bartram
-    description: Guest Contributor
-    avatar: https://gitlab.com/uploads/-/system/user/avatar/8993331/avatar.png
-  niek-de-wilde:
-    name: Niek de Wilde
-    description: Team Member
-    avatar: https://github.com/blacklight447.png
-    mastodon:
-      username: blacklight447
-      instance: mastodon.social
-  ptrmdn:
-    name: Peter Marsden
-    description: Guest Contributor
-    avatar: https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/ptrmdn/288/14291_2.png
-  sam-howell:
-    name: Sam Howell
-    description: Guest Contributor
-    avatar: https://gitlab.com/uploads/-/system/user/avatar/5349522/avatar.png
diff --git a/content/blog/archive/2019.md b/content/blog/archive/2019.md
deleted file mode 100644
index 56f6f900c..000000000
--- a/content/blog/archive/2019.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# 2019
-
-!!! danger "Old Content"
-
-    These posts are 5 years old. They may not accurately reflect the current opinion of our team.
diff --git a/content/blog/archive/2020.md b/content/blog/archive/2020.md
deleted file mode 100644
index 048bcefc8..000000000
--- a/content/blog/archive/2020.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# 2020
-
-!!! danger "Old Content"
-
-    These posts are 4 years old. They may not accurately reflect the current opinion of our team.
diff --git a/content/blog/archive/2021.md b/content/blog/archive/2021.md
deleted file mode 100644
index 95f7633b5..000000000
--- a/content/blog/archive/2021.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# 2021
-
-!!! danger "Old Content"
-
-    These posts are 3 years old. They may not accurately reflect the current opinion of our team.
diff --git a/content/blog/archive/2022.md b/content/blog/archive/2022.md
deleted file mode 100644
index 936d66a35..000000000
--- a/content/blog/archive/2022.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# 2022
-
-!!! danger "Old Content"
-
-    These posts are 2 years old. They may not accurately reflect the current opinion of our team.
diff --git a/content/blog/assets/images/activists-guide-securing-your-smartphone/cover.webp b/content/blog/assets/images/activists-guide-securing-your-smartphone/cover.webp
deleted file mode 100644
index 417a03170..000000000
Binary files a/content/blog/assets/images/activists-guide-securing-your-smartphone/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp b/content/blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp
deleted file mode 100644
index d209772f5..000000000
Binary files a/content/blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/biometrics.webp b/content/blog/assets/images/biometrics-explained/biometrics.webp
deleted file mode 100644
index be0b3c400..000000000
Binary files a/content/blog/assets/images/biometrics-explained/biometrics.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/capacitve-diagram.webp b/content/blog/assets/images/biometrics-explained/capacitve-diagram.webp
deleted file mode 100644
index b400823b2..000000000
Binary files a/content/blog/assets/images/biometrics-explained/capacitve-diagram.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/finger-minutiae.webp b/content/blog/assets/images/biometrics-explained/finger-minutiae.webp
deleted file mode 100644
index 2475ad8db..000000000
Binary files a/content/blog/assets/images/biometrics-explained/finger-minutiae.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/kinect-skeleton.webp b/content/blog/assets/images/biometrics-explained/kinect-skeleton.webp
deleted file mode 100644
index af8ade413..000000000
Binary files a/content/blog/assets/images/biometrics-explained/kinect-skeleton.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/model-free-gait.webp b/content/blog/assets/images/biometrics-explained/model-free-gait.webp
deleted file mode 100644
index 6094e69e3..000000000
Binary files a/content/blog/assets/images/biometrics-explained/model-free-gait.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/optical-diagram.webp b/content/blog/assets/images/biometrics-explained/optical-diagram.webp
deleted file mode 100644
index 8c6b45489..000000000
Binary files a/content/blog/assets/images/biometrics-explained/optical-diagram.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/types-of-fingerprint.webp b/content/blog/assets/images/biometrics-explained/types-of-fingerprint.webp
deleted file mode 100644
index ebefbb7ec..000000000
Binary files a/content/blog/assets/images/biometrics-explained/types-of-fingerprint.webp and /dev/null differ
diff --git a/content/blog/assets/images/biometrics-explained/ultrasonic-diagram.webp b/content/blog/assets/images/biometrics-explained/ultrasonic-diagram.webp
deleted file mode 100644
index 1c62a201d..000000000
Binary files a/content/blog/assets/images/biometrics-explained/ultrasonic-diagram.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-1.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-1.webp
deleted file mode 100644
index 38e0c7e0b..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-1.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-2.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-2.webp
deleted file mode 100644
index f69208025..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-2.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-3.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-3.webp
deleted file mode 100644
index 9b3c70d70..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-3.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-cover.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-cover.webp
deleted file mode 100644
index 0f5f299e0..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-fightchatcontrol-website.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-fightchatcontrol-website.webp
deleted file mode 100644
index 4aa446307..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-fightchatcontrol-website.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-map-chatcontroleu-20250903.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-map-chatcontroleu-20250903.webp
deleted file mode 100644
index c1e0d9ed9..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-map-chatcontroleu-20250903.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-2.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-2.webp
deleted file mode 100644
index f61db43cf..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-2.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-4.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-4.webp
deleted file mode 100644
index 3626472c5..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-4.webp and /dev/null differ
diff --git a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-video.webp b/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-video.webp
deleted file mode 100644
index 6c61e2ad9..000000000
Binary files a/content/blog/assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-video.webp and /dev/null differ
diff --git a/content/blog/assets/images/choosing-the-right-messenger/cover.webp b/content/blog/assets/images/choosing-the-right-messenger/cover.webp
deleted file mode 100644
index 604cc6705..000000000
Binary files a/content/blog/assets/images/choosing-the-right-messenger/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/brave1.webp b/content/blog/assets/images/clearing-your-browsing-data/brave1.webp
deleted file mode 100644
index a922e2b01..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/brave1.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/brave2.webp b/content/blog/assets/images/clearing-your-browsing-data/brave2.webp
deleted file mode 100644
index 511aff25d..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/brave2.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/brave3.webp b/content/blog/assets/images/clearing-your-browsing-data/brave3.webp
deleted file mode 100644
index 7ae69ed62..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/brave3.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/brave4.webp b/content/blog/assets/images/clearing-your-browsing-data/brave4.webp
deleted file mode 100644
index 94f7602c6..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/brave4.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/brave5.webp b/content/blog/assets/images/clearing-your-browsing-data/brave5.webp
deleted file mode 100644
index 4c533f17f..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/brave5.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/brave6.webp b/content/blog/assets/images/clearing-your-browsing-data/brave6.webp
deleted file mode 100644
index d10f19dc2..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/brave6.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/chrome1.webp b/content/blog/assets/images/clearing-your-browsing-data/chrome1.webp
deleted file mode 100644
index 9475ccacb..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/chrome1.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/chrome2.webp b/content/blog/assets/images/clearing-your-browsing-data/chrome2.webp
deleted file mode 100644
index b4a1b55fe..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/chrome2.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/chrome3.webp b/content/blog/assets/images/clearing-your-browsing-data/chrome3.webp
deleted file mode 100644
index 16bccf8b7..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/chrome3.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/chrome4.webp b/content/blog/assets/images/clearing-your-browsing-data/chrome4.webp
deleted file mode 100644
index ea1107de5..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/chrome4.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/dimmis-vart-JPu345g_OYM-unsplash.webp b/content/blog/assets/images/clearing-your-browsing-data/dimmis-vart-JPu345g_OYM-unsplash.webp
deleted file mode 100644
index 94e908c6a..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/dimmis-vart-JPu345g_OYM-unsplash.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/edge1.webp b/content/blog/assets/images/clearing-your-browsing-data/edge1.webp
deleted file mode 100644
index bf3852f61..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/edge1.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/edge2.webp b/content/blog/assets/images/clearing-your-browsing-data/edge2.webp
deleted file mode 100644
index e29f4ea56..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/edge2.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/edge3.webp b/content/blog/assets/images/clearing-your-browsing-data/edge3.webp
deleted file mode 100644
index ef2536feb..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/edge3.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/edge4.webp b/content/blog/assets/images/clearing-your-browsing-data/edge4.webp
deleted file mode 100644
index 312494fe9..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/edge4.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/edge5.webp b/content/blog/assets/images/clearing-your-browsing-data/edge5.webp
deleted file mode 100644
index 5ce3bb4e8..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/edge5.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/firefox1.webp b/content/blog/assets/images/clearing-your-browsing-data/firefox1.webp
deleted file mode 100644
index 06f901df7..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/firefox1.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/firefox2.webp b/content/blog/assets/images/clearing-your-browsing-data/firefox2.webp
deleted file mode 100644
index 61cc8757b..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/firefox2.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/firefox3.webp b/content/blog/assets/images/clearing-your-browsing-data/firefox3.webp
deleted file mode 100644
index 7cba4fd99..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/firefox3.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/firefox4.webp b/content/blog/assets/images/clearing-your-browsing-data/firefox4.webp
deleted file mode 100644
index 8931b458d..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/firefox4.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/firefox5.webp b/content/blog/assets/images/clearing-your-browsing-data/firefox5.webp
deleted file mode 100644
index fe65c8fa3..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/firefox5.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/firefox6.webp b/content/blog/assets/images/clearing-your-browsing-data/firefox6.webp
deleted file mode 100644
index 51d27ba8c..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/firefox6.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/history1.webp b/content/blog/assets/images/clearing-your-browsing-data/history1.webp
deleted file mode 100644
index 7504e0c09..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/history1.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/history2.webp b/content/blog/assets/images/clearing-your-browsing-data/history2.webp
deleted file mode 100644
index 5d3771907..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/history2.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/history3.webp b/content/blog/assets/images/clearing-your-browsing-data/history3.webp
deleted file mode 100644
index a9f32789f..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/history3.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/safari.webp b/content/blog/assets/images/clearing-your-browsing-data/safari.webp
deleted file mode 100644
index 8e88b0ffa..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/safari.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/safari_privacy.webp b/content/blog/assets/images/clearing-your-browsing-data/safari_privacy.webp
deleted file mode 100644
index 493bfbc05..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/safari_privacy.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/safariprivacy1.webp b/content/blog/assets/images/clearing-your-browsing-data/safariprivacy1.webp
deleted file mode 100644
index d307cd5fa..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/safariprivacy1.webp and /dev/null differ
diff --git a/content/blog/assets/images/clearing-your-browsing-data/safariprivacy2.webp b/content/blog/assets/images/clearing-your-browsing-data/safariprivacy2.webp
deleted file mode 100644
index 71dd68aa0..000000000
Binary files a/content/blog/assets/images/clearing-your-browsing-data/safariprivacy2.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-calendar.webp b/content/blog/assets/images/cryptpad-review/cryptpad-calendar.webp
deleted file mode 100644
index 77c7ad97c..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-calendar.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-code.webp b/content/blog/assets/images/cryptpad-review/cryptpad-code.webp
deleted file mode 100644
index 62c406dc1..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-code.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-cover.webp b/content/blog/assets/images/cryptpad-review/cryptpad-cover.webp
deleted file mode 100644
index 386819d68..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-creatingfile.webp b/content/blog/assets/images/cryptpad-review/cryptpad-creatingfile.webp
deleted file mode 100644
index a3bba7469..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-creatingfile.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-deletingfiles.webp b/content/blog/assets/images/cryptpad-review/cryptpad-deletingfiles.webp
deleted file mode 100644
index 3d589d506..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-deletingfiles.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-diagram.webp b/content/blog/assets/images/cryptpad-review/cryptpad-diagram.webp
deleted file mode 100644
index 642b78792..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-diagram.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-document.webp b/content/blog/assets/images/cryptpad-review/cryptpad-document.webp
deleted file mode 100644
index 055b33eab..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-document.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-filetypes.webp b/content/blog/assets/images/cryptpad-review/cryptpad-filetypes.webp
deleted file mode 100644
index 489ba6774..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-filetypes.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-form.webp b/content/blog/assets/images/cryptpad-review/cryptpad-form.webp
deleted file mode 100644
index 61af3b6a8..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-form.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-kanban.webp b/content/blog/assets/images/cryptpad-review/cryptpad-kanban.webp
deleted file mode 100644
index b32bf8ebf..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-kanban.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-login.webp b/content/blog/assets/images/cryptpad-review/cryptpad-login.webp
deleted file mode 100644
index 10137f0a0..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-login.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-markdown.webp b/content/blog/assets/images/cryptpad-review/cryptpad-markdown.webp
deleted file mode 100644
index a02be7157..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-markdown.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-presentation.webp b/content/blog/assets/images/cryptpad-review/cryptpad-presentation.webp
deleted file mode 100644
index 67ece6b15..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-presentation.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-profile.webp b/content/blog/assets/images/cryptpad-review/cryptpad-profile.webp
deleted file mode 100644
index bf5ecb691..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-profile.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-richtext.webp b/content/blog/assets/images/cryptpad-review/cryptpad-richtext.webp
deleted file mode 100644
index c3ba96c3b..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-richtext.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-sheet.webp b/content/blog/assets/images/cryptpad-review/cryptpad-sheet.webp
deleted file mode 100644
index 5ffd7c5db..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-sheet.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-trackingchanges.webp b/content/blog/assets/images/cryptpad-review/cryptpad-trackingchanges.webp
deleted file mode 100644
index 4b003d485..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-trackingchanges.webp and /dev/null differ
diff --git a/content/blog/assets/images/cryptpad-review/cryptpad-whiteboard.webp b/content/blog/assets/images/cryptpad-review/cryptpad-whiteboard.webp
deleted file mode 100644
index f3e1df74d..000000000
Binary files a/content/blog/assets/images/cryptpad-review/cryptpad-whiteboard.webp and /dev/null differ
diff --git a/content/blog/assets/images/data-erasure/shredos.png b/content/blog/assets/images/data-erasure/shredos.png
deleted file mode 100644
index c64299047..000000000
Binary files a/content/blog/assets/images/data-erasure/shredos.png and /dev/null differ
diff --git a/content/blog/assets/images/delisting-startpage/cover.webp b/content/blog/assets/images/delisting-startpage/cover.webp
deleted file mode 100644
index 971e6ddb3..000000000
Binary files a/content/blog/assets/images/delisting-startpage/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/delisting-wire/cover.avif b/content/blog/assets/images/delisting-wire/cover.avif
deleted file mode 100644
index b6f6e8fe1..000000000
Binary files a/content/blog/assets/images/delisting-wire/cover.avif and /dev/null differ
diff --git a/content/blog/assets/images/differential-privacy/cover.webp b/content/blog/assets/images/differential-privacy/cover.webp
deleted file mode 100644
index 89c72f1a8..000000000
Binary files a/content/blog/assets/images/differential-privacy/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/cardiff-giant.jpg b/content/blog/assets/images/digital-provenance/cardiff-giant.jpg
deleted file mode 100644
index 130e5a4cf..000000000
Binary files a/content/blog/assets/images/digital-provenance/cardiff-giant.jpg and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/cover.jpg b/content/blog/assets/images/digital-provenance/cover.jpg
deleted file mode 100644
index fbda7ad82..000000000
Binary files a/content/blog/assets/images/digital-provenance/cover.jpg and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/geese1.jpeg b/content/blog/assets/images/digital-provenance/geese1.jpeg
deleted file mode 100644
index 44e30b9eb..000000000
Binary files a/content/blog/assets/images/digital-provenance/geese1.jpeg and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/geese2.jpeg b/content/blog/assets/images/digital-provenance/geese2.jpeg
deleted file mode 100644
index 529059685..000000000
Binary files a/content/blog/assets/images/digital-provenance/geese2.jpeg and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/geese3.jpeg b/content/blog/assets/images/digital-provenance/geese3.jpeg
deleted file mode 100644
index ecab07a36..000000000
Binary files a/content/blog/assets/images/digital-provenance/geese3.jpeg and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/geese4.jpeg b/content/blog/assets/images/digital-provenance/geese4.jpeg
deleted file mode 100644
index f10fd3ebf..000000000
Binary files a/content/blog/assets/images/digital-provenance/geese4.jpeg and /dev/null differ
diff --git a/content/blog/assets/images/digital-provenance/manifest.svg b/content/blog/assets/images/digital-provenance/manifest.svg
deleted file mode 100644
index 8c2647c6b..000000000
--- a/content/blog/assets/images/digital-provenance/manifest.svg
+++ /dev/null
@@ -1,40 +0,0 @@
-<svg host="65bd71144e" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="201px" height="301px" viewBox="-0.5 -0.5 201 301" content="&lt;mxfile&gt;&lt;diagram id=&quot;7obOEI9IPgsgN9EZozkg&quot; name=&quot;Page-1&quot;&gt;3ZZNb6MwEEB/Te6YrzjHlED3UmmlHPZsYABrDUbGKWR//ZpgCizOtkipKjWHCL/xgP08Gtg5Qdk9C1IXLzwFtrOttNs5p51te9Ze/ffgOoCD4w0gFzQdEJrAmf4BDS1NLzSFZjFRcs4krZcw4VUFiVwwIgRvl9MyzpZPrUkOK3BOCFvTXzSVxUCxZ038B9C8GJ+MLB0pyThZg6YgKW9nyAl3TiA4l8NV2QXAenejlyEvuhN9W5iASn4kwR4SXgm76L0F9s+jIi+kohk0Ui9TXse9Ny0tGanU6CmjjAWccXGLOKkHOHUVb6Tgv2EWwXbs+H4f0cnRMvPkhfjUZ66Xr3f0CkJCN0N6O8/AS5DiqqaM0VGtri1XD9vpoOzxOIrZITkjJLo48rdbT/7UhVZo1umudB6bRi2d8qrZYBLFBIFtMmlZfniM+gxeyRnPbr/7htHTEYW20bC91fA/ghFeG0a+wTB6hOH9yvDKa1tQCeeaJP24VQ1IbbuQpbrjCalL0tRDT8hoB6mhjAngLDHJ9xMMcWaU6G6ViN6tUteg0H2AQfxNDPpfZvDwTQyirytCb/3eYYSWG3pkhhNIjIpi7LnqVXy3F0Y4CIPgc3oh+mAv9B/g0L/n0DrTvCLyImCLzwx8s890f4it//mMQv+TfBoq8lE61XD6zLrFZt+qTvgX&lt;/diagram&gt;&lt;/mxfile&gt;">
-    <defs/>
-    <g>
-        <path d="M 0 23 L 0 0 L 200 0 L 200 23" fill="#d5e8d4" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 0 23 L 0 300 L 200 300 L 200 23" fill="#d5e8d4" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 0 23 L 200 23" fill="none" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="16">
-                C2PA Manifest
-            </text>
-        </g>
-        <path d="M 20 203 L 20 180 L 180 180 L 180 203" fill="#1ba1e2" stroke="#006eaf" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 203 L 20 280 L 180 280 L 180 203" fill="#1ba1e2" stroke="#006eaf" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 203 L 180 203" fill="none" stroke="#006eaf" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#ffffff" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="196">
-                Assertions
-            </text>
-        </g>
-        <rect x="30" y="220" width="40" height="40" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/>
-        <rect x="80" y="220" width="40" height="40" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/>
-        <rect x="130" y="220" width="40" height="40" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/>
-        <path d="M 20 133 L 20 110 L 180 110 L 180 133" fill="#f8cecc" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 133 L 20 170 L 180 170 L 180 133" fill="#f8cecc" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 133 L 180 133" fill="none" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="126">
-                Claim
-            </text>
-        </g>
-        <path d="M 20 63 L 20 40 L 180 40 L 180 63" fill="#ffe6cc" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 63 L 20 100 L 180 100 L 180 63" fill="#ffe6cc" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 63 L 180 63" fill="none" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="56">
-                Claim Signature
-            </text>
-        </g>
-    </g>
-</svg>
\ No newline at end of file
diff --git a/content/blog/assets/images/email-security/cover.png b/content/blog/assets/images/email-security/cover.png
deleted file mode 100644
index 0d5ba5c9b..000000000
Binary files a/content/blog/assets/images/email-security/cover.png and /dev/null differ
diff --git a/content/blog/assets/images/encryption-is-not-a-crime/encryption-is-not-a-crime-cover.webp b/content/blog/assets/images/encryption-is-not-a-crime/encryption-is-not-a-crime-cover.webp
deleted file mode 100644
index 6e75e5609..000000000
Binary files a/content/blog/assets/images/encryption-is-not-a-crime/encryption-is-not-a-crime-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/firefox-privacy/cover.webp b/content/blog/assets/images/firefox-privacy/cover.webp
deleted file mode 100644
index 5c8547df0..000000000
Binary files a/content/blog/assets/images/firefox-privacy/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp b/content/blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp
deleted file mode 100644
index 9ad0a5509..000000000
Binary files a/content/blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-cover.webp b/content/blog/assets/images/in-praise-of-tor/tor-cover.webp
deleted file mode 100644
index 7fb0c6782..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-darkweb.webp b/content/blog/assets/images/in-praise-of-tor/tor-darkweb.webp
deleted file mode 100644
index 84ce4cac4..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-darkweb.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-diagram.webp b/content/blog/assets/images/in-praise-of-tor/tor-diagram.webp
deleted file mode 100644
index c3c057191..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-diagram.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-privacyguides.webp b/content/blog/assets/images/in-praise-of-tor/tor-privacyguides.webp
deleted file mode 100644
index abe99c1ac..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-privacyguides.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-safestsetting.webp b/content/blog/assets/images/in-praise-of-tor/tor-safestsetting.webp
deleted file mode 100644
index f15321c51..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-safestsetting.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-torbrowser.webp b/content/blog/assets/images/in-praise-of-tor/tor-torbrowser.webp
deleted file mode 100644
index c65be9e4c..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-torbrowser.webp and /dev/null differ
diff --git a/content/blog/assets/images/in-praise-of-tor/tor-torcircuit.webp b/content/blog/assets/images/in-praise-of-tor/tor-torcircuit.webp
deleted file mode 100644
index ea132a17a..000000000
Binary files a/content/blog/assets/images/in-praise-of-tor/tor-torcircuit.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/cover.webp b/content/blog/assets/images/installing-and-using-tails/cover.webp
deleted file mode 100644
index 228545e04..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/mac-startup-security-utility.png b/content/blog/assets/images/installing-and-using-tails/mac-startup-security-utility.png
deleted file mode 100644
index 68adfdbb8..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/mac-startup-security-utility.png and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.webp
deleted file mode 100644
index c535c190d..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.webp
deleted file mode 100644
index f13f81ff2..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.webp
deleted file mode 100644
index c1143e412..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.webp
deleted file mode 100644
index 1e1d2c9f1..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.webp
deleted file mode 100644
index 06a331ecd..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.webp
deleted file mode 100644
index 4570fdba8..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.webp
deleted file mode 100644
index 9ce6a2d2d..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-16.png b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-16.png
deleted file mode 100644
index ab34b0395..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-16.png and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-17.png b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-17.png
deleted file mode 100644
index fc500e508..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-17.png and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-18.png b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-18.png
deleted file mode 100644
index 85318f387..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-18.png and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.webp
deleted file mode 100644
index 27d2afaec..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.webp
deleted file mode 100644
index f07e3400a..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.webp
deleted file mode 100644
index 9d4b4d7eb..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.webp
deleted file mode 100644
index a3ad6cab7..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.webp
deleted file mode 100644
index 0436189a8..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.webp
deleted file mode 100644
index a9b43dfde..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-8.png b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-8.png
deleted file mode 100644
index 9cacd1631..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-8.png and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.webp b/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.webp
deleted file mode 100644
index 827c913e0..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-logo-flat-inverted.svg b/content/blog/assets/images/installing-and-using-tails/tails-logo-flat-inverted.svg
deleted file mode 100644
index 6a7506cf0..000000000
--- a/content/blog/assets/images/installing-and-using-tails/tails-logo-flat-inverted.svg
+++ /dev/null
@@ -1,289 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   version="1.1"
-   width="445.93149"
-   height="222.96574"
-   id="svg3375"
-   sodipodi:docname="tails-logo-flat-inverted.svg"
-   inkscape:version="0.92.1 r15371">
-  <sodipodi:namedview
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1"
-     objecttolerance="10"
-     gridtolerance="10"
-     guidetolerance="10"
-     inkscape:pageopacity="0"
-     inkscape:pageshadow="2"
-     inkscape:window-width="1600"
-     inkscape:window-height="803"
-     id="namedview4163"
-     showgrid="false"
-     inkscape:zoom="2.5474765"
-     inkscape:cx="222.96574"
-     inkscape:cy="111.48287"
-     inkscape:window-x="0"
-     inkscape:window-y="27"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg3375" />
-  <defs
-     id="defs3377" />
-  <metadata
-     id="metadata3380">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title />
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <rect
-     width="445.93149"
-     height="222.96574"
-     x="0"
-     y="0"
-     id="rect5238-1-0"
-     style="fill:#56347c;fill-opacity:1;stroke:none;display:inline;enable-background:new" />
-  <g
-     transform="matrix(0.54009561,0,0,0.54009561,100.01996,109.64097)"
-     id="text3064"
-     style="font-style:normal;font-weight:normal;font-size:61.55144501px;line-height:125%;font-family:Sans;letter-spacing:0px;word-spacing:0px;fill:#ffffff;fill-opacity:1;stroke:none;enable-background:new">
-    <path
-       inkscape:connector-curvature="0"
-       d="m 146.40953,78.028847 h 33.47986 V -41.412792 h 40.49252 V -69.46348 h -114.4649 v 28.050688 h 40.49252 V 78.028847"
-       id="path5241"
-       style="font-variant:normal;font-weight:bold;font-stretch:normal;font-size:226.21522522px;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-    <path
-       inkscape:connector-curvature="0"
-       d="m 212.79027,46.811146 c 0,19.00206 12.89428,33.932283 33.25363,33.932283 12.66804,0 23.30018,-5.881604 32.80121,-14.251559 h 0.67865 l 2.48836,11.536977 h 27.14583 V 13.783723 c 0,-34.38468 -15.83509,-50.672211 -44.5644,-50.672211 -17.64477,0 -33.70608,6.10782 -47.95763,14.70399 l 11.7632,21.94287681 C 239.25744,-6.5756412 248.7585,-10.421306 258.25953,-10.421306 c 11.98939,0 16.96614,6.3340359 17.64478,16.2874959 C 231.56617,10.39049 212.79027,23.284786 212.79027,46.811146 m 31.67013,-2.488368 c 0,-8.59617 7.69134,-15.382638 31.44391,-18.549648 v 19.680724 c -5.88159,5.88159 -10.85834,9.50104 -18.54965,9.50104 -7.91752,0 -12.89426,-3.393236 -12.89426,-10.632116"
-       id="path5243"
-       style="font-variant:normal;font-weight:bold;font-stretch:normal;font-size:226.21522522px;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-    <path
-       inkscape:connector-curvature="0"
-       d="m 351.42697,-50.687616 c 11.31075,0 19.22829,-7.238898 19.22829,-17.418573 0,-10.179675 -7.91754,-17.192357 -19.22829,-17.192357 -11.08454,0 -19.2283,7.012682 -19.2283,17.192357 0,10.179675 8.14376,17.418573 19.2283,17.418573 M 334.91326,78.028847 h 33.25363 V -34.173905 H 334.91326 V 78.028847"
-       id="path5245"
-       style="font-variant:normal;font-weight:bold;font-stretch:normal;font-size:226.21522522px;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-    <path
-       inkscape:connector-curvature="0"
-       d="m 397.21082,43.191702 c 0,22.6215 7.69134,37.551727 30.53905,37.551727 7.4651,0 13.12049,-1.131077 16.73993,-2.714582 l -4.07187,-24.65746 c -1.80972,0.45243 -2.71459,0.452431 -4.07188,0.452431 -2.71458,0 -5.88159,-2.26216 -5.88159,-9.274825 V -80.548026 H 397.21082 V 43.191702"
-       id="path5247"
-       style="font-variant:normal;font-weight:bold;font-stretch:normal;font-size:226.21522522px;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-    <path
-       inkscape:connector-curvature="0"
-       d="m 451.76403,65.134579 c 11.31075,9.274815 28.27692,15.60885 42.98089,15.60885 30.0866,0 46.14791,-15.835086 46.14791,-36.194436 0,-20.585565 -16.0613,-28.503123 -30.31284,-33.706068 -11.53697,-4.2980851 -21.94288,-7.0126794 -21.94288,-14.2515593 0,-5.655375 4.07189,-8.8223937 12.66806,-8.8223937 7.91752,0 15.60885,3.6194494 23.75259,9.5010393 l 14.93021,-19.9069393 c -9.72725,-7.23888 -22.39533,-14.25156 -39.58767,-14.25156 -26.01472,0 -42.98089,14.25158 -42.98089,35.0633602 0,18.5496298 16.0613,27.8244778 29.6342,33.0274228 11.53696,4.5243 22.84773,7.91754 22.84773,15.382635 0,5.88159 -4.29809,9.50104 -14.25155,9.50104 -9.50103,0 -18.77588,-4.071882 -28.95555,-11.763192 l -14.93021,20.811801"
-       id="path5249"
-       style="font-variant:normal;font-weight:bold;font-stretch:normal;font-size:226.21522522px;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-  </g>
-  <g
-     transform="matrix(1.2550913,0,0,1.2550913,40.682161,35.305883)"
-     id="g5374"
-     style="fill:#ffffff;fill-opacity:1">
-    <path
-       inkscape:connector-curvature="0"
-       d="m 88.342066,56.730068 v 16.662869 c 0,0.510289 -0.341075,0.643984 -0.760689,0.296591 L 79.077314,66.649116 C 78.658103,66.302056 78.317029,65.609 78.317029,65.098711 v -2.097683 l -2.657657,-2.16078 c -2.850156,-2.317289 -5.132376,-7.0217 -5.132376,-10.464763 0,-3.442323 2.29778,-4.339449 5.132376,-2.002743 l 2.657657,2.160782 v -2.097681 c 0,-0.510046 0.341074,-0.643737 0.760285,-0.296677 l 8.503862,7.040243 c 0.420546,0.346435 0.76089,1.040613 0.76089,1.550659 z M 75.81131,51.432227 c -1.50022,-1.236708 -2.716309,-0.761675 -2.716309,1.060197 0,1.822367 1.216089,4.301887 2.716309,5.538595 l 2.505719,2.035532 V 53.467516 L 75.81131,51.431984 Z"
-       id="path5189-4"
-       style="fill:#ffffff;fill-opacity:1" />
-    <g
-       transform="matrix(0.46410314,0.9267926,-0.9267926,0.46410314,77.258376,-14.89278)"
-       id="g3500"
-       style="fill:#ffffff;fill-opacity:1">
-      <path
-         inkscape:connector-curvature="0"
-         d="M 97.976,37.8 C 97.972,37.779 97.968,37.758 97.963,37.737 97.947,37.669 97.927,37.602 97.901,37.538 97.898,37.53 97.896,37.522 97.893,37.515 97.863,37.446 97.826,37.38 97.786,37.317 97.775,37.299 97.762,37.283 97.75,37.266 97.715,37.216 97.676,37.169 97.634,37.125 97.623,37.113 97.613,37.101 97.601,37.089 97.548,37.037 97.49,36.989 97.428,36.946 97.413,36.935 97.396,36.927 97.38,36.917 97.349,36.898 97.32,36.877 97.288,36.86 L 96.743,36.576 71.837016,47.695585 25.252,24.269 l -0.666,0.33 c -0.006,0.003 -0.01,0.007 -0.016,0.01 -0.047,0.024 -0.09,0.055 -0.134,0.084 -0.029,0.019 -0.06,0.036 -0.087,0.057 -0.034,0.027 -0.063,0.059 -0.094,0.09 -0.031,0.03 -0.065,0.059 -0.093,0.092 -0.022,0.026 -0.039,0.056 -0.06,0.084 -0.031,0.043 -0.063,0.086 -0.088,0.132 -0.003,0.005 -0.007,0.01 -0.01,0.015 -0.015,0.028 -0.022,0.057 -0.035,0.085 -0.02,0.046 -0.041,0.09 -0.056,0.138 -0.013,0.041 -0.02,0.082 -0.029,0.123 -0.009,0.043 -0.019,0.085 -0.024,0.128 -0.005,0.043 -0.004,0.085 -0.005,0.127 -0.001,0.044 -0.003,0.087 0.001,0.13 0.002,0.023 0.005,0.046 0.009,0.069 -0.006,0.051 -0.015,0.1 -0.015,0.152 L 23.854,41.674 27.21708,40.107419 63.622,58.211 38.537615,69.347048 l -18.939,-9.469 L 2.6090632,51.38471 c -0.012,-0.006 -0.025,-0.009 -0.038,-0.014 -0.042,-0.02 -0.086,-0.035 -0.131,-0.05 -0.04,-0.014 -0.08,-0.028 -0.121,-0.038 -0.038,-0.009 -0.078,-0.014 -0.117,-0.019 -0.049,-0.007 -0.098,-0.014 -0.148,-0.015 -0.013,0 -0.024,-0.004 -0.037,-0.004 -0.025,0 -0.049,0.006 -0.074,0.007 -0.05,0.004 -0.099,0.007 -0.148,0.016 -0.04,0.007 -0.079,0.017 -0.118,0.027 -0.043,0.011 -0.085,0.024 -0.127,0.039 -0.039,0.015 -0.077,0.032 -0.114,0.051 -0.039,0.019 -0.077,0.039 -0.115,0.062 -0.035,0.022 -0.068,0.045 -0.1,0.07 -0.035,0.027 -0.07,0.054 -0.103,0.085 -0.031,0.029 -0.059,0.059 -0.087,0.09 -0.028,0.032 -0.056,0.064 -0.082,0.099 -0.028,0.038 -0.052,0.079 -0.076,0.12 -0.013,0.023 -0.03,0.042 -0.042,0.066 -0.006,0.012 -0.008,0.025 -0.014,0.037 -0.02,0.043 -0.036,0.089 -0.051,0.135 -0.013,0.039 -0.027,0.078 -0.036,0.117 -0.009,0.04 -0.014,0.081 -0.02,0.122 -0.007,0.048 -0.013,0.095 -0.014,0.142 0.001,0.014 -0.003,0.026 -0.003,0.039 v 19.531 c 0,0.026 0.006,0.051 0.008,0.077 0.003,0.048 0.006,0.096 0.014,0.143 0.007,0.042 0.017,0.082 0.028,0.122 0.011,0.042 0.023,0.083 0.038,0.123 0.015,0.04 0.033,0.079 0.052,0.117 0.019,0.038 0.038,0.076 0.061,0.112 0.022,0.035 0.046,0.069 0.071,0.102 0.027,0.035 0.054,0.069 0.084,0.102 0.028,0.031 0.059,0.059 0.09,0.087 0.032,0.029 0.064,0.056 0.1,0.082 0.038,0.027 0.077,0.051 0.118,0.075 0.023,0.014 0.043,0.031 0.068,0.043 L 37.945615,91.543048 c 0.007,0.004 0.015,0.004 0.022,0.008 0.017,0.008 0.032,0.017 0.049,0.025 0.01,0.004 0.02,0.007 0.03,0.011 0.056,0.022 0.113,0.041 0.171,0.055 0.012,0.003 0.024,0.006 0.036,0.009 0.016,0.003 0.032,0.005 0.048,0.008 0.077,0.014 0.154,0.024 0.232,0.024 0.001,0 0.002,0 0.003,0 h 0.001 10e-4 c 10e-4,0 0.002,0 0.003,0 0.078,0 0.156,-0.01 0.232,-0.024 0.016,-0.003 0.032,-0.005 0.048,-0.008 0.012,-0.003 0.024,-0.006 0.036,-0.009 0.058,-0.014 0.115,-0.033 0.17,-0.055 0.01,-0.004 0.021,-0.007 0.031,-0.011 0.017,-0.007 0.032,-0.017 0.049,-0.024 0.007,-0.003 0.015,-0.004 0.022,-0.008 L 61.746,81.642 l 9.462,5.221 c 0.018,0.01 0.037,0.017 0.056,0.026 0.019,0.01 0.038,0.02 0.058,0.029 0.008,0.003 0.016,0.007 0.024,0.01 0.031,0.013 0.063,0.023 0.095,0.033 0.019,0.006 0.038,0.013 0.058,0.019 0.021,0.006 0.043,0.011 0.064,0.015 0.015,0.003 0.029,0.006 0.044,0.008 0.007,0.001 0.015,0.003 0.022,0.004 0.014,0.002 0.028,0.006 0.042,0.008 0.059,0.008 0.117,0.013 0.176,0.013 h 0.001 0.001 c 10e-4,0 0.002,0 0.003,0 0.078,0 0.155,-0.01 0.232,-0.024 0.013,-0.002 0.026,-0.003 0.039,-0.006 0.01,-0.002 0.019,-0.006 0.029,-0.008 0.07,-0.017 0.14,-0.037 0.207,-0.065 0.007,-0.003 0.014,-0.007 0.021,-0.01 0.004,-0.002 0.008,-0.004 0.012,-0.006 0.006,-0.003 0.012,-0.003 0.018,-0.006 L 97.238,75.317 C 97.703,75.098 98,74.631 98,74.117 V 38.034 C 98,38.028 97.998,38.023 97.998,38.017 97.997,37.943 97.989,37.871 97.976,37.8 Z m -60.762385,40.617048 -7.614,3.666 3.972,1.986 3.641,-1.986 v 6.29 L 3.3410632,71.43771 v -9.829 l 8.6775518,4.241338 -7.2569997,3.35 3.972,1.986 7.2689997,-3.378 4.313,2.051 -7.487,3.456 3.972,1.986 7.503,-3.482 4.621,2.344 -7.381,3.407 3.972,1.986 7.395,-3.434 4.303,2.111 z M 65.228,76.939 39.861615,88.216048 v -16.57 L 65.228,60.37 Z M 3.3410632,58.52771 v -3.31 L 37.213615,71.821048 v 3.31 z"
-         id="path3502"
-         style="fill:#ffffff;fill-opacity:1" />
-    </g>
-    <polygon
-       points="45.366,56.241 39.076,59.22 33.117,56.241 39.407,53.262 "
-       transform="rotate(63.400001,48.43115,48.892589)"
-       id="polygon3506"
-       style="fill:#ffffff;fill-opacity:1" />
-    <polygon
-       points="29.145,47.634 35.103,50.613 28.814,53.593 22.855,50.613 "
-       transform="rotate(63.400001,48.414793,48.413403)"
-       id="polygon3508"
-       style="fill:#ffffff;fill-opacity:1" />
-    <g
-       transform="matrix(0,-0.2492475,0.19547686,0.16114179,71.005984,62.192969)"
-       id="Captions"
-       style="fill:#ffffff;fill-opacity:1" />
-    <g
-       transform="translate(122.10986,-55.111168)"
-       id="Captions-7"
-       style="fill:#ffffff;fill-opacity:1" />
-    <path
-       inkscape:connector-curvature="0"
-       d="m 45.058193,34.347585 c 2.124399,2.704098 4.295157,7.985437 4.295157,12.865587 0,4.87818 -2.170758,6.542025 -4.295157,5.703941 0,-1.998055 0,-16.795084 0,-18.569528 z"
-       id="path4818-2-4-3"
-       style="fill:#ffffff;fill-opacity:1" />
-    <g
-       transform="translate(74.936297,109.72221)"
-       id="Your_Icon"
-       style="fill:#ffffff;fill-opacity:1" />
-  </g>
-  <g
-     transform="matrix(0.53512829,0,0,0.50600414,141.30837,-72.432434)"
-     id="g3777"
-     style="fill:#ffffff;fill-opacity:1;enable-background:new">
-    <g
-       transform="matrix(1.1068913,-0.00147632,0.00147632,1.1068913,82.041299,617.01076)"
-       id="text3014-8-5-8-6-2-4"
-       style="font-style:normal;font-weight:normal;font-size:46.73732758px;line-height:79.00000215%;font-family:Sans;text-align:end;letter-spacing:0px;word-spacing:0px;text-anchor:end;display:inline;fill:#ffffff;fill-opacity:1;stroke:none;enable-background:new">
-      <path
-         inkscape:connector-curvature="0"
-         d="m -44.825494,-126.19021 c 0,2.58576 0.811813,4.35971 3.608044,4.35971 0.60134,0 1.503352,-0.24053 2.345228,-0.5412 l -0.360805,-1.08241 c -0.511138,0.24053 -1.262815,0.451 -1.804021,0.451 -1.984422,0 -2.435429,-1.23275 -2.435429,-3.06684 v -9.41098 h 4.179316 v -1.14254 h -4.179316 v -4.17932 h -1.142548 l -0.180402,4.17932 -2.285094,0.12027 v 1.02227 h 2.255027 v 9.29072"
-         id="path4089"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m -35.760285,-122.1913 h 1.32295 v -10.88426 c 1.773953,-1.80402 3.006704,-2.70604 4.720523,-2.70604 2.345226,0 3.307373,1.44322 3.307373,4.51006 v 9.08024 h 1.322949 v -9.26064 c 0,-3.72831 -1.383086,-5.53234 -4.359719,-5.53234 -1.984422,0 -3.487776,1.11248 -4.991126,2.61583 v -3.1871 -6.25394 h -1.32295 v 21.61819"
-         id="path4091"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m -21.107306,-129.37732 c 0,4.72052 2.976639,7.54682 6.67488,7.54682 2.10469,0 3.397575,-0.7216 4.5401213,-1.41315 l -0.5412063,-1.02227 c -1.082412,0.78174 -2.315163,1.29288 -3.878647,1.29288 -3.247236,0 -5.381998,-2.61584 -5.442132,-6.25394 h 10.4031918 c 0.060134,-0.36081 0.060134,-0.72161 0.060134,-1.08242 0,-4.23944 -2.1046958,-6.67488 -5.5323328,-6.67488 -3.217169,0 -6.284009,2.88644 -6.284009,7.60696 m 1.353016,-0.87194 c 0.30067,-3.45771 2.495566,-5.59247 4.96106,-5.59247 2.585762,0 4.239451,1.89423 4.239451,5.59247 h -9.200511"
-         id="path4093"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m -6.7526479,-126.34055 c 0,2.52563 1.7138233,4.51005 4.4198532,4.51005 1.68375184,0 3.09690511,-0.78174 4.359719,-1.89422 h 0.090201 l 0.3307373,1.53342 H 6.055906 v -8.53904 c 0,-4.57018 -2.1046958,-6.73501 -5.92320455,-6.73501 -2.34522585,0 -4.47998905,0.81181 -6.37420995,1.95436 l 1.5634855,2.9165 c 1.4432159,-0.84188 2.7060338,-1.35302 3.96884767,-1.35302 1.59355089,0 2.25502723,0.84188 2.34522823,2.16483 -5.8931316,0.60134 -8.3887009,2.31516 -8.3887009,5.44213 m 4.209384,-0.33074 c 0,-1.14254 1.0222821,-2.04455 4.1793169,-2.46549 v 2.61583 c -0.78174199,0.78174 -1.44321841,1.26281 -2.46549634,1.26281 -1.05234496,0 -1.71382056,-0.451 -1.71382056,-1.41315"
-         id="path4095"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 9.8203923,-122.1913 h 4.4198527 v -10.07245 c 0.932077,-0.96215 1.804023,-1.44322 2.525631,-1.44322 1.262814,0 1.834088,0.66148 1.834088,2.8263 v 8.68937 h 4.419854 v -10.07245 c 0.962144,-0.96215 1.804022,-1.44322 2.555697,-1.44322 1.262814,0 1.834089,0.66148 1.834089,2.8263 v 8.68937 h 4.419853 v -9.26064 c 0,-3.72831 -1.443221,-6.01341 -4.66039,-6.01341 -1.984421,0 -3.367508,1.14255 -4.690456,2.49556 -0.751675,-1.59355 -2.014493,-2.49556 -4.119183,-2.49556 -1.954355,0 -3.277307,1.05235 -4.510054,2.28509 h -0.120268 l -0.30067,-1.92429 H 9.8203923 v 14.91325"
-         id="path4097"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 35.600517,-122.1913 h 4.419853 v -10.07245 c 0.962144,-0.93208 1.653688,-1.44322 2.766167,-1.44322 1.262814,0 1.834088,0.66148 1.834088,2.8263 v 8.68937 h 4.419853 v -9.26064 c 0,-3.72831 -1.383086,-6.01341 -4.630322,-6.01341 -2.014489,0 -3.517843,1.05235 -4.780657,2.25503 h -0.120268 l -0.300671,-1.89423 h -3.608043 v 14.91325"
-         id="path4099"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 51.934902,-129.64792 c 0,4.93099 3.277311,7.81742 7.546825,7.81742 1.773952,0 3.75838,-0.6314 5.291796,-1.68375 l -1.473284,-2.67596 c -1.082412,0.66147 -2.104693,0.99221 -3.217172,0.99221 -1.984422,0 -3.487776,-0.99222 -3.878647,-3.24724 h 8.929908 c 0.0902,-0.36081 0.180402,-1.08242 0.180402,-1.86416 0,-4.05904 -2.104696,-7.15595 -6.344143,-7.15595 -3.577973,0 -7.035685,2.97664 -7.035685,7.81743 m 4.239451,-1.53342 c 0.30067,-1.98442 1.503353,-2.9165 2.886435,-2.9165 1.773953,0 2.495563,1.20268 2.495563,2.9165 h -5.381998"
-         id="path4101"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 67.045932,-123.90512 c 1.50335,1.23275 3.75838,2.07462 5.712735,2.07462 3.998911,0 6.133674,-2.10469 6.133674,-4.81072 0,-2.7361 -2.134761,-3.78845 -4.028982,-4.47999 -1.533417,-0.57127 -2.916502,-0.93208 -2.916502,-1.89422 0,-0.75167 0.541208,-1.17261 1.683754,-1.17261 1.052345,0 2.074626,0.48107 3.157038,1.26281 l 1.984424,-2.6459 c -1.292881,-0.96214 -2.976638,-1.89422 -5.26173,-1.89422 -3.457705,0 -5.712736,1.89423 -5.712736,4.66039 0,2.46549 2.134761,3.69824 3.938781,4.38979 1.533417,0.60134 3.03677,1.05234 3.03677,2.04455 0,0.78175 -0.571275,1.26282 -1.894223,1.26282 -1.262814,0 -2.495565,-0.54121 -3.848579,-1.56349 l -1.984424,2.76617"
-         id="path4103"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 83.894272,-139.29944 c 1.50335,0 2.555697,-0.96214 2.555697,-2.31516 0,-1.35301 -1.052347,-2.28509 -2.555697,-2.28509 -1.473283,0 -2.555698,0.93208 -2.555698,2.28509 0,1.35302 1.082415,2.31516 2.555698,2.31516 m -2.194893,17.10814 h 4.419853 v -14.91325 h -4.419853 v 14.91325"
-         id="path4105"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 89.107617,-129.64792 c 0,4.96105 3.217176,7.81742 7.366422,7.81742 1.623617,0 3.517843,-0.60134 4.961061,-1.86415 l -1.773956,-2.79623 c -0.721608,0.57127 -1.593554,1.08241 -2.675966,1.08241 -1.924288,0 -3.33744,-1.65369 -3.33744,-4.23945 0,-2.58576 1.353018,-4.23945 3.487775,-4.23945 0.691541,0 1.353017,0.2706 2.074625,0.87194 l 2.014492,-2.7361 c -0.99221,-1.02228 -2.525633,-1.71382 -4.35972,-1.71382 -4.119179,0 -7.757293,2.85637 -7.757293,7.81743"
-         id="path4107"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 105.5181,-140.11125 c 0.66147,0 1.20268,-0.48107 1.20268,-1.17261 0,-0.75168 -0.54121,-1.20268 -1.20268,-1.20268 -0.66148,0 -1.20268,0.451 -1.20268,1.20268 0,0.69154 0.5412,1.17261 1.20268,1.17261 m -0.69154,17.91995 h 1.32295 v -14.43217 h -1.32295 v 14.43217"
-         id="path4109"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 111.69735,-122.1913 h 1.32294 v -10.88426 c 1.77396,-1.80402 3.00671,-2.70604 4.72053,-2.70604 2.34522,0 3.30737,1.44322 3.30737,4.51006 v 9.08024 h 1.32295 v -9.26064 c 0,-3.72831 -1.38309,-5.53234 -4.35972,-5.53234 -1.98442,0 -3.48778,1.11248 -4.96106,2.58577 h -0.0902 l -0.12027,-2.22496 h -1.14254 v 14.43217"
-         id="path4111"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 126.46778,-129.37732 c 0,4.78065 2.8263,7.54682 6.55461,7.54682 1.83409,0 3.36751,-0.81181 4.60026,-1.92428 l -0.69155,-0.90202 c -0.99221,0.90201 -2.31516,1.65369 -3.84858,1.65369 -3.15703,0 -5.23166,-2.58577 -5.23166,-6.37421 0,-3.81851 2.2851,-6.43434 5.23166,-6.43434 1.41315,0 2.49557,0.66147 3.42765,1.53342 l 0.78174,-0.93208 c -0.96215,-0.90201 -2.25503,-1.77396 -4.23945,-1.77396 -3.51784,0 -6.58468,2.76617 -6.58468,7.60696"
-         id="path4113"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 139.44593,-129.37732 c 0,4.78065 3.0067,7.54682 6.46441,7.54682 3.48777,0 6.49448,-2.76617 6.49448,-7.54682 0,-4.84079 -3.00671,-7.60696 -6.49448,-7.60696 -3.45771,0 -6.46441,2.76617 -6.46441,7.60696 m 1.38308,0 c 0,-3.81851 2.16483,-6.43434 5.08133,-6.43434 2.9165,0 5.11139,2.61583 5.11139,6.43434 0,3.78844 -2.19489,6.37421 -5.11139,6.37421 -2.9165,0 -5.08133,-2.58577 -5.08133,-6.37421"
-         id="path4115"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 156.7993,-119.365 c 0,-1.02228 0.57128,-2.13476 1.89423,-3.03677 0.75167,0.1804 1.50335,0.24054 1.80402,0.24054 h 3.0969 c 2.16483,0 3.33744,0.60134 3.33744,2.19489 0,1.80402 -2.07463,3.63811 -5.32186,3.63811 -3.06684,0 -4.81073,-1.23275 -4.81073,-3.03677 m -1.26281,0.12027 c 0,2.43543 2.2851,3.99891 5.9232,3.99891 4.14925,0 6.82522,-2.37529 6.82522,-4.87085 0,-2.2851 -1.50336,-3.30738 -4.75059,-3.30738 h -3.09691 c -2.16482,0 -2.76616,-0.84188 -2.76616,-1.89422 0,-0.96214 0.5412,-1.56349 1.17261,-2.07463 0.66148,0.39088 1.59356,0.60135 2.40536,0.60135 2.8263,0 5.0212,-2.13477 5.0212,-5.08133 0,-1.53342 -0.66148,-2.8263 -1.59355,-3.63811 h 3.3675 v -1.11248 h -4.90092 c -0.45101,-0.1804 -1.11248,-0.36081 -1.89423,-0.36081 -2.82629,0 -5.08132,2.1047 -5.08132,5.08133 0,1.74389 0.90201,3.18711 1.80402,3.96885 v 0.12027 c -0.63141,0.451 -1.56349,1.35301 -1.56349,2.64589 0,1.11248 0.54121,1.89423 1.26282,2.31517 v 0.12026 c -1.32295,0.96215 -2.13476,2.22497 -2.13476,3.48778 m 5.71273,-8.59917 c -2.01448,0 -3.75837,-1.62362 -3.75837,-4.05905 0,-2.46549 1.71382,-3.99891 3.75837,-3.99891 2.04456,0 3.72832,1.56348 3.72832,3.99891 0,2.43543 -1.74389,4.05905 -3.72832,4.05905"
-         id="path4117"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 171.36161,-122.1913 h 1.32295 v -10.88426 c 1.77395,-1.80402 3.0067,-2.70604 4.72052,-2.70604 2.34522,0 3.30737,1.44322 3.30737,4.51006 v 9.08024 h 1.32295 v -9.26064 c 0,-3.72831 -1.38308,-5.53234 -4.35972,-5.53234 -1.98442,0 -3.48777,1.11248 -4.96106,2.58577 h -0.0902 l -0.12027,-2.22496 h -1.14254 v 14.43217"
-         id="path4119"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 188.02626,-140.11125 c 0.66148,0 1.20268,-0.48107 1.20268,-1.17261 0,-0.75168 -0.5412,-1.20268 -1.20268,-1.20268 -0.66147,0 -1.20268,0.451 -1.20268,1.20268 0,0.69154 0.54121,1.17261 1.20268,1.17261 m -0.69154,17.91995 h 1.32295 v -14.43217 h -1.32295 v 14.43217"
-         id="path4121"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 194.53623,-126.19021 c 0,2.58576 0.81181,4.35971 3.60804,4.35971 0.60134,0 1.50336,-0.24053 2.34523,-0.5412 l -0.3608,-1.08241 c -0.51114,0.24053 -1.26282,0.451 -1.80402,0.451 -1.98443,0 -2.43543,-1.23275 -2.43543,-3.06684 v -9.41098 h 4.17931 v -1.14254 h -4.17931 v -4.17932 h -1.14255 l -0.1804,4.17932 -2.2851,0.12027 v 1.02227 h 2.25503 v 9.29072"
-         id="path4123"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 202.10514,-129.37732 c 0,4.78065 3.0067,7.54682 6.46441,7.54682 3.48777,0 6.49448,-2.76617 6.49448,-7.54682 0,-4.84079 -3.00671,-7.60696 -6.49448,-7.60696 -3.45771,0 -6.46441,2.76617 -6.46441,7.60696 m 1.38308,0 c 0,-3.81851 2.16483,-6.43434 5.08133,-6.43434 2.9165,0 5.11139,2.61583 5.11139,6.43434 0,3.78844 -2.19489,6.37421 -5.11139,6.37421 -2.9165,0 -5.08133,-2.58577 -5.08133,-6.37421"
-         id="path4125"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 218.58659,-126.82162 c 0,3.0067 1.02228,4.99112 4.05904,4.99112 0.99222,0 1.74389,-0.15033 2.22496,-0.3608 l -0.5412,-3.27731 c -0.24054,0.0601 -0.36081,0.0601 -0.54121,0.0601 -0.3608,0 -0.78174,-0.30067 -0.78174,-1.23275 v -16.62707 h -4.41985 v 16.44667"
-         id="path4127"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 229.35527,-139.29944 c 1.50335,0 2.5557,-0.96214 2.5557,-2.31516 0,-1.35301 -1.05235,-2.28509 -2.5557,-2.28509 -1.47328,0 -2.5557,0.93208 -2.5557,2.28509 0,1.35302 1.08242,2.31516 2.5557,2.31516 m -2.19489,17.10814 h 4.41985 v -14.91325 h -4.41985 v 14.91325"
-         id="path4129"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 238.8682,-122.1913 h 5.1114 l 4.87085,-14.91325 H 244.611 l -1.95435,7.03569 c -0.39088,1.47328 -0.78175,3.03677 -1.14255,4.60025 h -0.12027 c -0.39087,-1.56348 -0.78174,-3.12697 -1.17261,-4.60025 l -1.92429,-7.03569 h -4.44992 l 5.02119,14.91325"
-         id="path4131"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 250.07191,-129.64792 c 0,4.93099 3.27731,7.81742 7.54683,7.81742 1.77395,0 3.75838,-0.6314 5.29179,-1.68375 l -1.47328,-2.67596 c -1.08241,0.66147 -2.1047,0.99221 -3.21717,0.99221 -1.98443,0 -3.48778,-0.99222 -3.87865,-3.24724 h 8.92991 c 0.0902,-0.36081 0.1804,-1.08242 0.1804,-1.86416 0,-4.05904 -2.1047,-7.15595 -6.34414,-7.15595 -3.57798,0 -7.03569,2.97664 -7.03569,7.81743 m 4.23945,-1.53342 c 0.30067,-1.98442 1.50335,-2.9165 2.88644,-2.9165 1.77395,0 2.49556,1.20268 2.49556,2.9165 h -5.382"
-         id="path4133"
-         style="font-weight:bold;-inkscape-font-specification:'Source Sans Pro Bold';fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 265.51369,-123.81492 c 1.29288,1.08241 3.15704,1.98442 5.29179,1.98442 3.12697,0 4.87086,-1.89422 4.87086,-4.05904 0,-2.8263 -2.4655,-3.57798 -4.72052,-4.41986 -1.71382,-0.6314 -3.39758,-1.26281 -3.39758,-2.9165 0,-1.32295 1.02228,-2.61583 3.24724,-2.61583 1.47329,0 2.49557,0.57127 3.45771,1.29288 l 0.72161,-0.93208 c -1.05235,-0.87194 -2.58577,-1.50335 -4.11918,-1.50335 -3.0067,0 -4.66039,1.74389 -4.66039,3.84858 0,2.4655 2.40536,3.33744 4.60025,4.11919 1.65369,0.60134 3.51784,1.38308 3.51784,3.1871 0,1.53342 -1.17261,2.85637 -3.42764,2.85637 -2.07462,0 -3.36751,-0.81181 -4.60025,-1.83409 l -0.78174,0.99221"
-         id="path4135"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 277.72983,-117.0799 -0.30068,1.17261 c 0.39088,0.1804 0.93208,0.30067 1.47329,0.30067 2.58576,0 4.02898,-2.3753 4.84079,-4.78066 l 5.71274,-16.23619 h -1.35302 l -3.0969,9.08024 c -0.39087,1.20268 -0.87195,2.76617 -1.32295,4.02898 h -0.12027 c -0.54121,-1.26281 -1.11248,-2.8263 -1.56349,-4.02898 l -3.48777,-9.08024 h -1.44322 l 5.92321,14.70277 -0.39088,1.26282 c -0.7216,2.19489 -1.92429,3.81851 -3.69824,3.81851 -0.42094,0 -0.87194,-0.12027 -1.17261,-0.24053"
-         id="path4137"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 290.7653,-123.81492 c 1.29288,1.08241 3.15704,1.98442 5.2918,1.98442 3.12697,0 4.87086,-1.89422 4.87086,-4.05904 0,-2.8263 -2.4655,-3.57798 -4.72053,-4.41986 -1.71381,-0.6314 -3.39757,-1.26281 -3.39757,-2.9165 0,-1.32295 1.02228,-2.61583 3.24724,-2.61583 1.47328,0 2.49556,0.57127 3.45771,1.29288 l 0.72161,-0.93208 c -1.05235,-0.87194 -2.58577,-1.50335 -4.11919,-1.50335 -3.0067,0 -4.66039,1.74389 -4.66039,3.84858 0,2.4655 2.40537,3.33744 4.60026,4.11919 1.65368,0.60134 3.51784,1.38308 3.51784,3.1871 0,1.53342 -1.17261,2.85637 -3.42764,2.85637 -2.07462,0 -3.36751,-0.81181 -4.60025,-1.83409 l -0.78175,0.99221"
-         id="path4139"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 305.05607,-126.19021 c 0,2.58576 0.81181,4.35971 3.60804,4.35971 0.60134,0 1.50335,-0.24053 2.34523,-0.5412 l -0.36081,-1.08241 c -0.51113,0.24053 -1.26281,0.451 -1.80402,0.451 -1.98442,0 -2.43543,-1.23275 -2.43543,-3.06684 v -9.41098 h 4.17932 v -1.14254 h -4.17932 v -4.17932 h -1.14254 l -0.18041,4.17932 -2.28509,0.12027 v 1.02227 h 2.25503 v 9.29072"
-         id="path4141"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 312.62497,-129.37732 c 0,4.72052 2.97664,7.54682 6.67488,7.54682 2.10469,0 3.39758,-0.7216 4.54013,-1.41315 l -0.54121,-1.02227 c -1.08241,0.78174 -2.31516,1.29288 -3.87865,1.29288 -3.24723,0 -5.382,-2.61584 -5.44213,-6.25394 h 10.40319 c 0.0601,-0.36081 0.0601,-0.72161 0.0601,-1.08242 0,-4.23944 -2.1047,-6.67488 -5.53234,-6.67488 -3.21717,0 -6.28401,2.88644 -6.28401,7.60696 m 1.35302,-0.87194 c 0.30067,-3.45771 2.49557,-5.59247 4.96106,-5.59247 2.58576,0 4.23945,1.89423 4.23945,5.59247 h -9.20051"
-         id="path4143"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-      <path
-         inkscape:connector-curvature="0"
-         d="m 328.33263,-122.1913 h 1.32295 v -10.88426 c 1.59355,-1.80402 3.03677,-2.70604 4.32965,-2.70604 2.22496,0 3.24724,1.44322 3.24724,4.51006 v 9.08024 h 1.32295 v -10.88426 c 1.59355,-1.80402 2.97664,-2.70604 4.32965,-2.70604 2.19489,0 3.21717,1.44322 3.21717,4.51006 v 9.08024 h 1.35302 v -9.26064 c 0,-3.72831 -1.44322,-5.53234 -4.32965,-5.53234 -1.65369,0 -3.24724,1.14255 -4.90093,2.94657 -0.51114,-1.77395 -1.68375,-2.94657 -3.99891,-2.94657 -1.59355,0 -3.24724,1.11248 -4.54012,2.58577 h -0.0902 l -0.12027,-2.22496 h -1.14255 v 14.43217"
-         id="path4145"
-         style="font-variant:normal;font-weight:300;font-stretch:normal;font-size:30.06702805px;line-height:79.00000215%;font-family:'Source Sans Pro';-inkscape-font-specification:'Source Sans Pro Light';text-align:start;text-anchor:start;fill:#ffffff;fill-opacity:1" />
-    </g>
-  </g>
-</svg>
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.webp b/content/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.webp
deleted file mode 100644
index d063c01f3..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.webp b/content/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.webp
deleted file mode 100644
index 191913489..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp b/content/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp
deleted file mode 100644
index 42ca870b1..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp b/content/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp
deleted file mode 100644
index 1944defc6..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-tailswebsite.png b/content/blog/assets/images/installing-and-using-tails/tails-usage-tailswebsite.png
deleted file mode 100644
index 5f8770915..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-tailswebsite.png and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp b/content/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp
deleted file mode 100644
index dc6b7bee1..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.webp b/content/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.webp
deleted file mode 100644
index daeb8fb11..000000000
Binary files a/content/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-1-download.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-1-download.webp
deleted file mode 100644
index f339d6a29..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-1-download.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-10-challengeresponse.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-10-challengeresponse.webp
deleted file mode 100644
index 3bf61ce31..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-10-challengeresponse.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-11-selectyubikey.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-11-selectyubikey.webp
deleted file mode 100644
index 2f7c4793a..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-11-selectyubikey.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-12-databasenew.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-12-databasenew.webp
deleted file mode 100644
index 81837d24c..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-12-databasenew.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-13-newentry.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-13-newentry.webp
deleted file mode 100644
index eaa3b87c7..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-13-newentry.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-14-entryicons.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-14-entryicons.webp
deleted file mode 100644
index be8ab80bc..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-14-entryicons.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-15-entrycreated.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-15-entrycreated.webp
deleted file mode 100644
index 6027dc4e4..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-15-entrycreated.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-16-useentry.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-16-useentry.webp
deleted file mode 100644
index d0f86b809..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-16-useentry.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-17-savedatabase.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-17-savedatabase.webp
deleted file mode 100644
index 569b071bb..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-17-savedatabase.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-18-downloadextension.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-18-downloadextension.webp
deleted file mode 100644
index 8f9e2ad8b..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-18-downloadextension.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-19-browserintegration.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-19-browserintegration.webp
deleted file mode 100644
index 85187d683..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-19-browserintegration.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-2-install.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-2-install.webp
deleted file mode 100644
index 66fbe10f9..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-2-install.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-20-errorconnection.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-20-errorconnection.webp
deleted file mode 100644
index 5a91d3e67..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-20-errorconnection.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-21-credentialsextension.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-21-credentialsextension.webp
deleted file mode 100644
index f98d0d9e8..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-21-credentialsextension.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-3-installwarning.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-3-installwarning.webp
deleted file mode 100644
index c75ae80da..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-3-installwarning.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-4-settings.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-4-settings.webp
deleted file mode 100644
index 76e8c2c76..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-4-settings.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-5-backupprevious.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-5-backupprevious.webp
deleted file mode 100644
index a586b6408..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-5-backupprevious.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-6-duckduckgo.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-6-duckduckgo.webp
deleted file mode 100644
index f55255f5c..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-6-duckduckgo.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-7-databasecreation.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-7-databasecreation.webp
deleted file mode 100644
index 4893df267..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-7-databasecreation.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-8-databaseencryption.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-8-databaseencryption.webp
deleted file mode 100644
index aeb1d2fe0..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-8-databaseencryption.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-9-passwordgenerate.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-9-passwordgenerate.webp
deleted file mode 100644
index ed2bb793c..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-9-passwordgenerate.webp and /dev/null differ
diff --git a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-cover.webp b/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-cover.webp
deleted file mode 100644
index bb6a5b286..000000000
Binary files a/content/blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/interview-with-micah-lee/micah-lee-cover.webp b/content/blog/assets/images/interview-with-micah-lee/micah-lee-cover.webp
deleted file mode 100644
index aac3fd342..000000000
Binary files a/content/blog/assets/images/interview-with-micah-lee/micah-lee-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/interview-with-micah-lee/social-preview-cover.webp b/content/blog/assets/images/interview-with-micah-lee/social-preview-cover.webp
deleted file mode 100644
index 9205049a7..000000000
Binary files a/content/blog/assets/images/interview-with-micah-lee/social-preview-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-applelabel.webp b/content/blog/assets/images/keepassium-review/keepassium-applelabel.webp
deleted file mode 100644
index 665161a00..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-applelabel.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-appprotection.webp b/content/blog/assets/images/keepassium-review/keepassium-appprotection.webp
deleted file mode 100644
index 0915e9225..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-appprotection.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-appstoremac.webp b/content/blog/assets/images/keepassium-review/keepassium-appstoremac.webp
deleted file mode 100644
index 483465bcd..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-appstoremac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-attachmentmac.webp b/content/blog/assets/images/keepassium-review/keepassium-attachmentmac.webp
deleted file mode 100644
index eafcc1d7c..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-attachmentmac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-autofill.webp b/content/blog/assets/images/keepassium-review/keepassium-autofill.webp
deleted file mode 100644
index 8e95c1aaf..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-autofill.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-autofillmac.webp b/content/blog/assets/images/keepassium-review/keepassium-autofillmac.webp
deleted file mode 100644
index cf81e5ff5..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-autofillmac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-backup.webp b/content/blog/assets/images/keepassium-review/keepassium-backup.webp
deleted file mode 100644
index b97d0a543..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-backup.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-cover.webp b/content/blog/assets/images/keepassium-review/keepassium-cover.webp
deleted file mode 100644
index 551bbcc46..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-databaseoptions.webp b/content/blog/assets/images/keepassium-review/keepassium-databaseoptions.webp
deleted file mode 100644
index 6dc031b42..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-databaseoptions.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-dataprotection.webp b/content/blog/assets/images/keepassium-review/keepassium-dataprotection.webp
deleted file mode 100644
index 85002d8e5..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-dataprotection.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-encryptionoptions.webp b/content/blog/assets/images/keepassium-review/keepassium-encryptionoptions.webp
deleted file mode 100644
index eff591530..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-encryptionoptions.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-entries.webp b/content/blog/assets/images/keepassium-review/keepassium-entries.webp
deleted file mode 100644
index 4949650cb..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-entries.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-entrymac.webp b/content/blog/assets/images/keepassium-review/keepassium-entrymac.webp
deleted file mode 100644
index fb7a4d22f..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-entrymac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-fileinfo.webp b/content/blog/assets/images/keepassium-review/keepassium-fileinfo.webp
deleted file mode 100644
index 58c59bceb..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-fileinfo.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-fileinfomac.webp b/content/blog/assets/images/keepassium-review/keepassium-fileinfomac.webp
deleted file mode 100644
index cb2ffcf49..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-fileinfomac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-generator.webp b/content/blog/assets/images/keepassium-review/keepassium-generator.webp
deleted file mode 100644
index 352f7c3f0..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-generator.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-generatormac.webp b/content/blog/assets/images/keepassium-review/keepassium-generatormac.webp
deleted file mode 100644
index dd3d48bb3..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-generatormac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-groups.webp b/content/blog/assets/images/keepassium-review/keepassium-groups.webp
deleted file mode 100644
index b8f1b7063..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-groups.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-largeindexedfont.webp b/content/blog/assets/images/keepassium-review/keepassium-largeindexedfont.webp
deleted file mode 100644
index bb0d4d30e..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-largeindexedfont.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-loginappmac.webp b/content/blog/assets/images/keepassium-review/keepassium-loginappmac.webp
deleted file mode 100644
index f9d16ffc0..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-loginappmac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-loginsafarimac.webp b/content/blog/assets/images/keepassium-review/keepassium-loginsafarimac.webp
deleted file mode 100644
index a8718e3e2..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-loginsafarimac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-movedatabase.webp b/content/blog/assets/images/keepassium-review/keepassium-movedatabase.webp
deleted file mode 100644
index 718c0fe84..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-movedatabase.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-moveentry.webp b/content/blog/assets/images/keepassium-review/keepassium-moveentry.webp
deleted file mode 100644
index 037c864e7..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-moveentry.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-newdatabase.webp b/content/blog/assets/images/keepassium-review/keepassium-newdatabase.webp
deleted file mode 100644
index b3ad2d18d..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-newdatabase.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-newdatabasemac.webp b/content/blog/assets/images/keepassium-review/keepassium-newdatabasemac.webp
deleted file mode 100644
index 07530cc70..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-newdatabasemac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-newentry.webp b/content/blog/assets/images/keepassium-review/keepassium-newentry.webp
deleted file mode 100644
index 3acc52dc3..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-newentry.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-offline.webp b/content/blog/assets/images/keepassium-review/keepassium-offline.webp
deleted file mode 100644
index 78674bfc0..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-offline.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-otp.webp b/content/blog/assets/images/keepassium-review/keepassium-otp.webp
deleted file mode 100644
index 34630f8e0..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-otp.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-otpentry.webp b/content/blog/assets/images/keepassium-review/keepassium-otpentry.webp
deleted file mode 100644
index 0d6e5c61c..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-otpentry.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-pdfviewer.webp b/content/blog/assets/images/keepassium-review/keepassium-pdfviewer.webp
deleted file mode 100644
index f18b92591..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-pdfviewer.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-pricing.webp b/content/blog/assets/images/keepassium-review/keepassium-pricing.webp
deleted file mode 100644
index 102d9dfb3..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-pricing.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-print.webp b/content/blog/assets/images/keepassium-review/keepassium-print.webp
deleted file mode 100644
index 61105322c..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-print.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-startdatabase.webp b/content/blog/assets/images/keepassium-review/keepassium-startdatabase.webp
deleted file mode 100644
index 5ef3a0d06..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-startdatabase.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-startwelcome.webp b/content/blog/assets/images/keepassium-review/keepassium-startwelcome.webp
deleted file mode 100644
index d33f78e6a..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-startwelcome.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-startwelcomemac.webp b/content/blog/assets/images/keepassium-review/keepassium-startwelcomemac.webp
deleted file mode 100644
index da2837f6d..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-startwelcomemac.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium-textsize.webp b/content/blog/assets/images/keepassium-review/keepassium-textsize.webp
deleted file mode 100644
index 6fe62e1bc..000000000
Binary files a/content/blog/assets/images/keepassium-review/keepassium-textsize.webp and /dev/null differ
diff --git a/content/blog/assets/images/keepassium-review/keepassium.svg b/content/blog/assets/images/keepassium-review/keepassium.svg
deleted file mode 100644
index 7d83b2cc6..000000000
--- a/content/blog/assets/images/keepassium-review/keepassium.svg
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg width="100%" height="100%" viewBox="0 0 500 501" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:2;">
-    <g id="Background" transform="matrix(0.957857,0,0,0.968993,-1477.01,-272.758)">
-        <path d="M2064,411C2064,339.803 2005.53,282 1933.5,282L1672.5,282C1600.48,282 1542,339.803 1542,411L1542,669C1542,740.197 1600.48,798 1672.5,798L1933.5,798C2005.53,798 2064,740.197 2064,669L2064,411Z" style="fill:rgb(10,163,234);"/>
-    </g>
-    <g id="Logomark" transform="matrix(1,0,0,1,-350,-87)">
-        <path d="M611.673,314.374C609.476,318.522 607.035,327.799 605.57,342.444C618.507,332.926 626.317,324.868 628.516,321.207C631.445,316.083 634.129,314.129 638.279,314.129C644.138,314.129 648.531,318.767 648.531,324.382C648.531,330.728 644.381,334.145 637.059,334.634C629.491,335.121 619.729,337.806 606.546,343.665C619.24,349.524 629.003,352.209 636.57,352.696C644.138,352.942 648.531,356.357 648.531,362.948C648.531,368.563 644.138,373.201 638.279,373.201C634.129,373.201 631.2,371.003 628.516,366.61C625.829,362.217 618.995,354.894 605.57,345.128C607.523,360.264 609.719,369.54 611.917,373.688C613.869,377.349 615.09,380.279 615.09,382.477C615.09,388.092 610.697,392.484 604.838,392.484C599.223,392.484 594.83,388.092 594.83,382.477C594.83,380.279 596.295,377.107 598.003,373.445C599.711,369.781 602.396,361.486 604.106,345.128C592.145,353.918 585.311,360.509 581.892,365.633C578.72,370.272 576.279,373.201 571.397,373.201C565.783,373.201 561.145,368.563 561.145,362.948C561.145,356.357 565.051,353.185 572.618,352.696C581.892,351.965 590.681,349.28 603.373,343.665C590.681,337.806 581.65,335.366 572.618,334.634C564.318,333.902 561.145,329.507 561.145,324.382C561.145,318.767 565.783,314.129 571.397,314.129C575.546,314.129 578.72,316.569 581.404,321.207C583.846,325.358 591.413,332.926 604.106,342.444C602.153,327.066 599.957,317.546 597.759,313.642C595.806,309.737 594.83,306.806 594.83,304.854C594.83,299.239 599.223,294.846 604.838,294.846C610.697,294.846 615.09,299.239 615.09,304.854C615.09,307.052 613.869,310.224 611.673,314.374ZM515.335,380.29C504.931,371.418 495.158,363.622 486.003,355.158C469.854,340.227 454.705,324.244 444.388,304.626C439.778,295.858 436.189,286.214 434.086,276.542C430.123,258.323 438.603,243.031 455.696,235.379C467.4,230.141 479.947,228.369 492.569,229.332C505.064,230.284 517.489,232.392 529.879,234.394C538.235,235.743 537.724,235.863 541.129,227.669C547.036,213.454 552.971,199.183 560.109,185.573C563.685,178.752 569.303,172.632 575.097,167.416C591.448,152.698 611.076,152.797 627.542,167.495C632.336,171.774 636.475,174.072 643.439,173.397C654.772,172.3 664.702,180.563 668.338,191.847C671.838,202.706 667.65,214.837 658.174,221.283C648.571,227.817 636.127,227.346 627.01,220.103C618.066,212.996 614.789,200.77 618.801,189.957C620.099,186.462 623.027,181.705 621.762,179.542C619.616,175.876 614.998,173.306 610.945,171.177C601.955,166.454 592.76,168.078 585.981,174.725C578.407,182.151 571.198,190.561 566.109,199.798C550.432,228.252 544.105,259.65 540.424,291.553C535.328,335.718 536.089,379.787 544.115,423.629C544.639,426.492 546.46,429.833 541.874,431.812C535.786,434.44 533.214,433.663 532.243,426.944C529.881,410.597 527.112,394.239 526.063,377.787C523.517,337.848 524.873,298.04 533.229,258.705C535.518,247.936 535.491,247.956 524.305,245.723C506.61,242.188 488.89,239.631 470.867,243.396C449.378,247.884 441.253,261.218 447.604,282.135C451.635,295.411 458.729,307.254 467.846,317.417C480.292,331.292 493.287,344.813 507.223,357.158C514.186,363.326 518.244,368.966 515.335,380.29ZM711.482,360.466C700.276,369.217 689.295,378.417 677.686,386.739C640.96,413.069 601.26,433.746 558.421,448.306C550.556,450.979 550.522,451.131 552.807,458.668C557.629,474.567 563.842,489.879 573.762,503.338C591.804,527.815 611.16,527.642 629.07,502.907C644.164,482.061 650.853,457.814 656.641,433.254C657.629,429.062 658.409,424.81 659.064,420.551C661.14,407.043 661.076,408.337 674.453,401.819C672.795,412.052 671.621,421.384 669.732,430.57C664.429,456.357 657.436,481.651 643.068,504.08C638.473,511.253 632.832,518.102 626.454,523.718C611.059,537.272 592.334,537.137 576.396,524.174C564.971,514.881 557.426,502.629 551.479,489.436C547.501,480.612 544.269,471.44 540.966,462.326C538.054,454.293 538.256,454.469 529.585,456.015C519.34,457.842 509.047,459.494 498.716,460.707C486.078,462.191 473.529,460.979 461.406,457.144C439.703,450.278 429.867,433.652 434.472,411.297C435.772,404.991 435.486,400.15 431.532,394.446C425.115,385.191 427.381,371.494 435.001,363.506C442.935,355.191 456.556,353.062 466.834,358.532C476.829,363.851 481.984,375.059 479.877,386.89C477.918,397.896 468.349,406.535 456.745,407.777C446.934,408.827 445.718,410.14 445.506,419.916C445.257,431.392 450.403,439.496 461.737,444.108C475.813,449.837 490.557,449.572 505.31,447.728C545.118,442.756 581.661,428.064 616.919,409.747C645.403,394.95 671.985,377.241 696.597,356.61C704.176,350.257 704.159,350.235 711.482,360.466ZM718.329,336.27C733.045,321.21 745.823,305.454 753.68,286.163C754.356,284.503 754.883,282.774 755.368,281.045C760.855,261.476 753.521,248.741 733.793,243.813C717.353,239.708 700.785,241.063 684.598,244.546C668.855,247.933 653.229,252.31 638.034,257.63C629.42,260.648 622.373,261.411 614.847,253.899C616.689,252.861 618.223,251.755 619.925,251.073C646.7,240.343 674.106,232.111 703.034,229.618C716.089,228.493 728.929,229.226 741.394,233.229C763.645,240.375 773.405,258.381 767.94,281.372C764.546,295.649 757.35,308.041 748.725,319.622C743.37,326.812 737.592,333.74 731.469,340.285C727.974,344.02 728.204,346.165 731.436,350.048C740.149,360.515 749.009,371.021 756.254,382.496C761.53,390.848 765.507,400.459 767.996,410.046C773.645,431.796 763.533,449.603 742.382,456.711C736.444,458.706 731.985,460.745 728.998,467.269C724.132,477.899 711.719,482.598 700.818,479.872C688.571,476.811 680.74,467.418 680.388,455.371C680.039,443.369 686.957,433.068 697.728,429.551C709.506,425.705 721.133,429.516 728.169,439.53C733.794,447.534 733.811,447.54 742.232,443.57C752.998,438.496 757.595,430.65 756.882,418.494C756.182,406.593 750.842,396.392 744.693,386.628C730.732,364.463 712.167,346.429 692.065,330.011C653.622,298.615 610.926,274.508 564.444,257.121C554.198,253.289 554.165,253.376 559.542,242.556C618.699,262.764 671.31,294.16 718.329,336.27Z" style="fill:white;"/>
-    </g>
-</svg>
\ No newline at end of file
diff --git a/content/blog/assets/images/macos-ventura-privacy-security-updates/cover.webp b/content/blog/assets/images/macos-ventura-privacy-security-updates/cover.webp
deleted file mode 100644
index 8dfe66dd4..000000000
Binary files a/content/blog/assets/images/macos-ventura-privacy-security-updates/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-privacy-and-security/mastodon-choosing-instance.webp b/content/blog/assets/images/mastodon-privacy-and-security/mastodon-choosing-instance.webp
deleted file mode 100644
index 5c9dd26aa..000000000
Binary files a/content/blog/assets/images/mastodon-privacy-and-security/mastodon-choosing-instance.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-privacy-and-security/mastodon-cover.webp b/content/blog/assets/images/mastodon-privacy-and-security/mastodon-cover.webp
deleted file mode 100644
index 97f25c0d3..000000000
Binary files a/content/blog/assets/images/mastodon-privacy-and-security/mastodon-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-privacy-and-security/mastodon-private-mention-encryption.webp b/content/blog/assets/images/mastodon-privacy-and-security/mastodon-private-mention-encryption.webp
deleted file mode 100644
index 289ec901e..000000000
Binary files a/content/blog/assets/images/mastodon-privacy-and-security/mastodon-private-mention-encryption.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-authorized-apps.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-authorized-apps.webp
deleted file mode 100644
index ed6a75af6..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-authorized-apps.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-login-history.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-login-history.webp
deleted file mode 100644
index 171df7391..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-login-history.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-sessions-list.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-sessions-list.webp
deleted file mode 100644
index 5000f61ea..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-sessions-list.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-options.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-options.webp
deleted file mode 100644
index a56a253f3..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-options.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-reach.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-reach.webp
deleted file mode 100644
index 6f9109b55..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-reach.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-csv.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-csv.webp
deleted file mode 100644
index 0279052a5..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-csv.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-file.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-file.webp
deleted file mode 100644
index 3e6301a7f..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-file.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-import.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-import.webp
deleted file mode 100644
index 17b2623c4..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-import.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-instance.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-instance.webp
deleted file mode 100644
index 5978afb6a..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-instance.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-user.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-user.webp
deleted file mode 100644
index b294f6b4f..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-user.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion-account.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion-account.webp
deleted file mode 100644
index fb1ce7d09..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion-account.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion.webp
deleted file mode 100644
index c54e0ffbe..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-export.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-export.webp
deleted file mode 100644
index a630de8e8..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-export.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-alias.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-alias.webp
deleted file mode 100644
index 0ca2c7fe1..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-alias.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-migration.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-migration.webp
deleted file mode 100644
index 26f4b02f5..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-migration.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-export.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-export.webp
deleted file mode 100644
index ac079130c..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-export.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-import.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-import.webp
deleted file mode 100644
index 7d8d8d081..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-import.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-enabled.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-enabled.webp
deleted file mode 100644
index 96a3195d9..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-enabled.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-mac-popup.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-mac-popup.webp
deleted file mode 100644
index afa7fb1b6..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-mac-popup.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-qrcode.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-qrcode.webp
deleted file mode 100644
index ee85e974a..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-qrcode.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-added.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-added.webp
deleted file mode 100644
index fcab02c01..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-added.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-prompted.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-prompted.webp
deleted file mode 100644
index c09adab46..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-prompted.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey.webp
deleted file mode 100644
index 692ef16b7..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-setup.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-setup.webp
deleted file mode 100644
index 9b49688cb..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-setup.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-personal-note.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-personal-note.webp
deleted file mode 100644
index 50fc2c831..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-personal-note.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-account-page.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-account-page.webp
deleted file mode 100644
index 5d3e0bc65..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-account-page.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-default.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-default.webp
deleted file mode 100644
index 0c5b83495..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-default.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-quote-posts.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-quote-posts.webp
deleted file mode 100644
index 8e3517d1b..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-quote-posts.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-visibility-types.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-visibility-types.webp
deleted file mode 100644
index 69e02ae43..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-visibility-types.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-private-mention.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-private-mention.webp
deleted file mode 100644
index d3b79cc53..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-private-mention.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-report.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-report.webp
deleted file mode 100644
index cddc5a5b3..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-report.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-tutorial-cover.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-tutorial-cover.webp
deleted file mode 100644
index eeb993003..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-tutorial-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-author-setup.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-author-setup.webp
deleted file mode 100644
index 17a30d295..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-author-setup.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-link-setup.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-link-setup.webp
deleted file mode 100644
index 491788ccb..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-link-setup.webp and /dev/null differ
diff --git a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-links.webp b/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-links.webp
deleted file mode 100644
index bbb83e882..000000000
Binary files a/content/blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-links.webp and /dev/null differ
diff --git a/content/blog/assets/images/merch-announcement/cover.png b/content/blog/assets/images/merch-announcement/cover.png
deleted file mode 100644
index 3b3f1944c..000000000
Binary files a/content/blog/assets/images/merch-announcement/cover.png and /dev/null differ
diff --git a/content/blog/assets/images/metadata-removal/preview-ios.webp b/content/blog/assets/images/metadata-removal/preview-ios.webp
deleted file mode 100644
index c9ff99ff4..000000000
Binary files a/content/blog/assets/images/metadata-removal/preview-ios.webp and /dev/null differ
diff --git a/content/blog/assets/images/metadata-removal/preview-macos.webp b/content/blog/assets/images/metadata-removal/preview-macos.webp
deleted file mode 100644
index fb635c5d8..000000000
Binary files a/content/blog/assets/images/metadata-removal/preview-macos.webp and /dev/null differ
diff --git a/content/blog/assets/images/metadata-removal/preview-windows.jpg b/content/blog/assets/images/metadata-removal/preview-windows.jpg
deleted file mode 100644
index 882eb602b..000000000
Binary files a/content/blog/assets/images/metadata-removal/preview-windows.jpg and /dev/null differ
diff --git a/content/blog/assets/images/metadata-removal/shortcut-ios.webp b/content/blog/assets/images/metadata-removal/shortcut-ios.webp
deleted file mode 100644
index 7eabe37c7..000000000
Binary files a/content/blog/assets/images/metadata-removal/shortcut-ios.webp and /dev/null differ
diff --git a/content/blog/assets/images/metadata-removal/shortcut-macos.webp b/content/blog/assets/images/metadata-removal/shortcut-macos.webp
deleted file mode 100644
index 7a32a48de..000000000
Binary files a/content/blog/assets/images/metadata-removal/shortcut-macos.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/01-datasets.webp b/content/blog/assets/images/monero-server-using-truenas/01-datasets.webp
deleted file mode 100644
index ab86b11b6..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/01-datasets.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/02-edit-acl.webp b/content/blog/assets/images/monero-server-using-truenas/02-edit-acl.webp
deleted file mode 100644
index 7dfe0eb22..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/02-edit-acl.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/03-arti-shell.webp b/content/blog/assets/images/monero-server-using-truenas/03-arti-shell.webp
deleted file mode 100644
index 427d41eaa..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/03-arti-shell.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/04-arti-shell.webp b/content/blog/assets/images/monero-server-using-truenas/04-arti-shell.webp
deleted file mode 100644
index 4be0d895e..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/04-arti-shell.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/05-i2p-install.webp b/content/blog/assets/images/monero-server-using-truenas/05-i2p-install.webp
deleted file mode 100644
index a67ac21a4..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/05-i2p-install.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/06-i2p-settings.webp b/content/blog/assets/images/monero-server-using-truenas/06-i2p-settings.webp
deleted file mode 100644
index 9014493d4..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/06-i2p-settings.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/07-monero-shell.webp b/content/blog/assets/images/monero-server-using-truenas/07-monero-shell.webp
deleted file mode 100644
index 7b79c8582..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/07-monero-shell.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/08-monero-shell.webp b/content/blog/assets/images/monero-server-using-truenas/08-monero-shell.webp
deleted file mode 100644
index 63c0abe48..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/08-monero-shell.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/09-monero-install.webp b/content/blog/assets/images/monero-server-using-truenas/09-monero-install.webp
deleted file mode 100644
index 8186ae2ed..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/09-monero-install.webp and /dev/null differ
diff --git a/content/blog/assets/images/monero-server-using-truenas/cover.webp b/content/blog/assets/images/monero-server-using-truenas/cover.webp
deleted file mode 100644
index 542840502..000000000
Binary files a/content/blog/assets/images/monero-server-using-truenas/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp b/content/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp
deleted file mode 100644
index 820d56dd1..000000000
Binary files a/content/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/multi-party-computation/cover.webp b/content/blog/assets/images/multi-party-computation/cover.webp
deleted file mode 100644
index bd5377bfe..000000000
Binary files a/content/blog/assets/images/multi-party-computation/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.webp b/content/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.webp
deleted file mode 100644
index 0e908d4ed..000000000
Binary files a/content/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp b/content/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp
deleted file mode 100644
index 2a72b9c77..000000000
Binary files a/content/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp b/content/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp
deleted file mode 100644
index 06864d1da..000000000
Binary files a/content/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp b/content/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp
deleted file mode 100644
index 8ceca8af3..000000000
Binary files a/content/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp b/content/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp
deleted file mode 100644
index c58e55ea0..000000000
Binary files a/content/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp b/content/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp
deleted file mode 100644
index 97e5a83b3..000000000
Binary files a/content/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp b/content/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp
deleted file mode 100644
index 67549266e..000000000
Binary files a/content/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp and /dev/null differ
diff --git a/content/blog/assets/images/onion-browser-review/D0A2D20B-5550-4C1F-8FC6-F6D84AEBDF13_1_102_o.jpeg b/content/blog/assets/images/onion-browser-review/D0A2D20B-5550-4C1F-8FC6-F6D84AEBDF13_1_102_o.jpeg
deleted file mode 100644
index 5c43c6aaa..000000000
Binary files a/content/blog/assets/images/onion-browser-review/D0A2D20B-5550-4C1F-8FC6-F6D84AEBDF13_1_102_o.jpeg and /dev/null differ
diff --git a/content/blog/assets/images/privacy-guides-partners-with-magic-grants-501-c-3/magicblog.webp b/content/blog/assets/images/privacy-guides-partners-with-magic-grants-501-c-3/magicblog.webp
deleted file mode 100644
index 8a20cccb4..000000000
Binary files a/content/blog/assets/images/privacy-guides-partners-with-magic-grants-501-c-3/magicblog.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-is-like-broccoli/broccoli-cover.webp b/content/blog/assets/images/privacy-is-like-broccoli/broccoli-cover.webp
deleted file mode 100644
index bfb1c9819..000000000
Binary files a/content/blog/assets/images/privacy-is-like-broccoli/broccoli-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-is-not-dead/cover.webp b/content/blog/assets/images/privacy-is-not-dead/cover.webp
deleted file mode 100644
index 703144467..000000000
Binary files a/content/blog/assets/images/privacy-is-not-dead/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-means-safety/privacy-means-safety-cover.webp b/content/blog/assets/images/privacy-means-safety/privacy-means-safety-cover.webp
deleted file mode 100644
index 5be0fed0e..000000000
Binary files a/content/blog/assets/images/privacy-means-safety/privacy-means-safety-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-pass/blind-signatures.webp b/content/blog/assets/images/privacy-pass/blind-signatures.webp
deleted file mode 100644
index 99d6637a4..000000000
Binary files a/content/blog/assets/images/privacy-pass/blind-signatures.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-pass/cover.webp b/content/blog/assets/images/privacy-pass/cover.webp
deleted file mode 100644
index 758784278..000000000
Binary files a/content/blog/assets/images/privacy-pass/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-pass/google-vpn.webp b/content/blog/assets/images/privacy-pass/google-vpn.webp
deleted file mode 100644
index b8ffec620..000000000
Binary files a/content/blog/assets/images/privacy-pass/google-vpn.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-pass/private-access-tokens.webp b/content/blog/assets/images/privacy-pass/private-access-tokens.webp
deleted file mode 100644
index bb7e1fbb6..000000000
Binary files a/content/blog/assets/images/privacy-pass/private-access-tokens.webp and /dev/null differ
diff --git a/content/blog/assets/images/privacy-washing-is-a-dirty-business/washing-cover.webp b/content/blog/assets/images/privacy-washing-is-a-dirty-business/washing-cover.webp
deleted file mode 100644
index 786e7ff3d..000000000
Binary files a/content/blog/assets/images/privacy-washing-is-a-dirty-business/washing-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/private-european-alternatives/eu-alternatives.svg b/content/blog/assets/images/private-european-alternatives/eu-alternatives.svg
deleted file mode 100644
index 35e927a57..000000000
--- a/content/blog/assets/images/private-european-alternatives/eu-alternatives.svg
+++ /dev/null
@@ -1,141 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg width="100%" height="100%" viewBox="0 0 1920 1080" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:2;">
-    <rect x="0" y="0" width="1920" height="1080" style="fill:rgb(0,51,153);"/>
-    <g transform="matrix(2.55845,0,0,2.55845,597.249,537.627)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M12.65,10C11.83,7.67 9.61,6 7,6C3.69,6 1,8.69 1,12C1,15.31 3.69,18 7,18C9.61,18 11.83,16.33 12.65,14L17,14L17,18L21,18L21,14L23,14L23,10L12.65,10ZM7,14C5.9,14 5,13.1 5,12C5,10.9 5.9,10 7,10C8.1,10 9,10.9 9,12C9,13.1 8.1,14 7,14Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,1322.75,537.627)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <g>
-                    <path d="M2,17L22,17L22,19L2,19L2,17ZM3.15,12.95L4,11.47L4.85,12.95L6.15,12.2L5.3,10.72L7,10.72L7,9.22L5.3,9.22L6.15,7.75L4.85,7L4,8.47L3.15,7L1.85,7.75L2.7,9.22L1,9.22L1,10.72L2.7,10.72L1.85,12.2L3.15,12.95ZM9.85,12.2L11.15,12.95L12,11.47L12.85,12.95L14.15,12.2L13.3,10.72L15,10.72L15,9.22L13.3,9.22L14.15,7.75L12.85,7L12,8.47L11.15,7L9.85,7.75L10.7,9.22L9,9.22L9,10.72L10.7,10.72L9.85,12.2ZM23,9.22L21.3,9.22L22.15,7.75L20.85,7L20,8.47L19.15,7L17.85,7.75L18.7,9.22L17,9.22L17,10.72L18.7,10.72L17.85,12.2L19.15,12.95L20,11.47L20.85,12.95L22.15,12.2L21.3,10.72L23,10.72L23,9.22Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-                </g>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,642.604,709.746)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <g>
-                    <g>
-                        <path d="M20,18C21.1,18 22,17.1 22,16L22,6C22,4.9 21.1,4 20,4L4,4C2.9,4 2,4.9 2,6L2,16C2,17.1 2.9,18 4,18L0,18L0,20L24,20L24,18L20,18ZM4,6L20,6L20,16L4,16L4,6Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-                    </g>
-                </g>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,1279.34,709.746)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M20,13L4,13C3.45,13 3,13.45 3,14L3,20C3,20.55 3.45,21 4,21L20,21C20.55,21 21,20.55 21,20L21,14C21,13.45 20.55,13 20,13ZM7,19C5.9,19 5,18.1 5,17C5,15.9 5.9,15 7,15C8.1,15 9,15.9 9,17C9,18.1 8.1,19 7,19ZM20,3L4,3C3.45,3 3,3.45 3,4L3,10C3,10.55 3.45,11 4,11L20,11C20.55,11 21,10.55 21,10L21,4C21,3.45 20.55,3 20,3ZM7,9C5.9,9 5,8.1 5,7C5,5.9 5.9,5 7,5C8.1,5 9,5.9 9,7C9,8.1 8.1,9 7,9Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,1144.75,858.679)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M9,17L7,17L7,10L9,10L9,17ZM13,17L11,17L11,7L13,7L13,17ZM17,17L15,17L15,13L17,13L17,17ZM19.5,19.1L4.5,19.1L4.5,5L19.5,5L19.5,19.1ZM19.5,3L4.5,3C3.4,3 2.5,3.9 2.5,5L2.5,19C2.5,20.1 3.4,21 4.5,21L19.5,21C20.6,21 21.5,20.1 21.5,19L21.5,5C21.5,3.9 20.6,3 19.5,3Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,776.985,858.679)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M17,12L12,12L12,17L17,17L17,12ZM16,1L16,3L8,3L8,1L6,1L6,3L5,3C3.89,3 3.01,3.9 3.01,5L3,19C3,20.1 3.89,21 5,21L19,21C20.1,21 21,20.1 21,19L21,5C21,3.9 20.1,3 19,3L18,3L18,1L16,1ZM19,19L5,19L5,8L19,8L19,19Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,960.869,904.116)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M19,2L14.82,2C14.4,0.84 13.3,0 12,0C10.7,0 9.6,0.84 9.18,2L5,2C3.9,2 3,2.9 3,4L3,20C3,21.1 3.9,22 5,22L19,22C20.1,22 21,21.1 21,20L21,4C21,2.9 20.1,2 19,2ZM12,2C12.55,2 13,2.45 13,3C13,3.55 12.55,4 12,4C11.45,4 11,3.55 11,3C11,2.45 11.45,2 12,2ZM19,20L5,20L5,4L7,4L7,7L17,7L17,4L19,4L19,20Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,960.869,175.884)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M20,4L4,4C2.9,4 2.01,4.9 2.01,6L2,18C2,19.1 2.9,20 4,20L20,20C21.1,20 22,19.1 22,18L22,6C22,4.9 21.1,4 20,4ZM20,8L12,13L4,8L4,6L12,11L20,6L20,8Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,1144.75,223.173)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <g>
-                    <g>
-                        <path d="M14,19.88L14,22L16.12,22L21.29,16.83L19.17,14.71L14,19.88Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-                    </g>
-                    <g>
-                        <path d="M20,8L14,2L6,2C4.9,2 4.01,2.9 4.01,4L4,20C4,21.1 4.89,22 5.99,22L12,22L12,19.05L20,11.05L20,8ZM13,9L13,3.5L18.5,9L13,9Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-                    </g>
-                    <g>
-                        <path d="M22.71,14L22,13.29C21.61,12.9 20.98,12.9 20.59,13.29L19.88,14L22,16.12L22.71,15.41C23.1,15.02 23.1,14.39 22.71,14Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-                    </g>
-                </g>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,776.985,223.173)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M19.3,16.9C19.7,16.2 20,15.4 20,14.5C20,12 18,10 15.5,10C13,10 11,12 11,14.5C11,17 13,19 15.5,19C16.4,19 17.2,18.7 17.9,18.3L21.1,21.5L22.5,20.1L19.3,16.9ZM15.5,17C14.1,17 13,15.9 13,14.5C13,13.1 14.1,12 15.5,12C16.9,12 18,13.1 18,14.5C18,15.9 16.9,17 15.5,17ZM12,20L12,22C6.48,22 2,17.52 2,12C2,6.48 6.48,2 12,2C16.84,2 20.87,5.44 21.8,10L19.73,10C19.09,7.54 17.33,5.53 15,4.59L15,5C15,6.1 14.1,7 13,7L11,7L11,9C11,9.55 10.55,10 10,10L8,10L8,12L10,12L10,15L9,15L4.21,10.21C4.08,10.79 4,11.38 4,12C4,16.41 7.59,20 12,20Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,1279.34,365.507)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M20,2L4,2C2.9,2 2.01,2.9 2.01,4L2,22L6,18L20,18C21.1,18 22,17.1 22,16L22,4C22,2.9 21.1,2 20,2ZM6,9L18,9L18,11L6,11L6,9ZM14,14L6,14L6,12L14,12L14,14ZM18,8L6,8L6,6L18,6L18,8Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-    <g transform="matrix(2.55845,0,0,2.55845,642.604,365.507)">
-        <g transform="matrix(1,0,0,1,-24,-24)">
-            <g transform="matrix(2,0,0,2,0,0)">
-                <rect x="0" y="0" width="24" height="24" style="fill:none;fill-rule:nonzero;"/>
-            </g>
-            <g transform="matrix(2,0,0,2,0,0)">
-                <path d="M20.5,3L20.34,3.03L15,5.1L9,3L3.36,4.9C3.15,4.97 3,5.15 3,5.38L3,20.5C3,20.78 3.22,21 3.5,21L3.66,20.97L9,18.9L15,21L20.64,19.1C20.85,19.03 21,18.85 21,18.62L21,3.5C21,3.22 20.78,3 20.5,3ZM15,19L9,16.89L9,5L15,7.11L15,19Z" style="fill:rgb(255,204,0);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-</svg>
diff --git a/content/blog/assets/images/private-european-alternatives/eu-alternatives.webp b/content/blog/assets/images/private-european-alternatives/eu-alternatives.webp
deleted file mode 100644
index 2affec0ce..000000000
Binary files a/content/blog/assets/images/private-european-alternatives/eu-alternatives.webp and /dev/null differ
diff --git a/content/blog/assets/images/proton-wallet-review/1.webp b/content/blog/assets/images/proton-wallet-review/1.webp
deleted file mode 100644
index 0ba9e8d45..000000000
Binary files a/content/blog/assets/images/proton-wallet-review/1.webp and /dev/null differ
diff --git a/content/blog/assets/images/proton-wallet-review/2.webp b/content/blog/assets/images/proton-wallet-review/2.webp
deleted file mode 100644
index d8e88d136..000000000
Binary files a/content/blog/assets/images/proton-wallet-review/2.webp and /dev/null differ
diff --git a/content/blog/assets/images/proton-wallet-review/3.webp b/content/blog/assets/images/proton-wallet-review/3.webp
deleted file mode 100644
index f9d3da67b..000000000
Binary files a/content/blog/assets/images/proton-wallet-review/3.webp and /dev/null differ
diff --git a/content/blog/assets/images/proton-wallet-review/4.webp b/content/blog/assets/images/proton-wallet-review/4.webp
deleted file mode 100644
index 73de10567..000000000
Binary files a/content/blog/assets/images/proton-wallet-review/4.webp and /dev/null differ
diff --git a/content/blog/assets/images/pwa-vs-iwa/iwa-diagram.webp b/content/blog/assets/images/pwa-vs-iwa/iwa-diagram.webp
deleted file mode 100644
index 4309a3ea8..000000000
Binary files a/content/blog/assets/images/pwa-vs-iwa/iwa-diagram.webp and /dev/null differ
diff --git a/content/blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp b/content/blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp
deleted file mode 100644
index 533ebfec1..000000000
Binary files a/content/blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/real-name-policies/realname-cover.webp b/content/blog/assets/images/real-name-policies/realname-cover.webp
deleted file mode 100644
index b0a9b2bcc..000000000
Binary files a/content/blog/assets/images/real-name-policies/realname-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/red-and-green-privacy-flags/dontcare-cover.webp b/content/blog/assets/images/red-and-green-privacy-flags/dontcare-cover.webp
deleted file mode 100644
index c55005136..000000000
Binary files a/content/blog/assets/images/red-and-green-privacy-flags/dontcare-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/relisting-startpage/cover.webp b/content/blog/assets/images/relisting-startpage/cover.webp
deleted file mode 100644
index 6b93f4f4a..000000000
Binary files a/content/blog/assets/images/relisting-startpage/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/restrict-act/cover.webp b/content/blog/assets/images/restrict-act/cover.webp
deleted file mode 100644
index 717dfce1e..000000000
Binary files a/content/blog/assets/images/restrict-act/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp b/content/blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp
deleted file mode 100644
index c6b33fda6..000000000
Binary files a/content/blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/security-privacy-anonymity/cover.jpeg b/content/blog/assets/images/security-privacy-anonymity/cover.jpeg
deleted file mode 100644
index 6c3ee581a..000000000
Binary files a/content/blog/assets/images/security-privacy-anonymity/cover.jpeg and /dev/null differ
diff --git a/content/blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp b/content/blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp
deleted file mode 100644
index c4a3e3269..000000000
Binary files a/content/blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp b/content/blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp
deleted file mode 100644
index b5ff67e3a..000000000
Binary files a/content/blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/the-dangers-of-end-to-end-encryption/cover.webp b/content/blog/assets/images/the-dangers-of-end-to-end-encryption/cover.webp
deleted file mode 100644
index 11d30fe74..000000000
Binary files a/content/blog/assets/images/the-dangers-of-end-to-end-encryption/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/the-dangers-of-end-to-end-encryption/fire.svg b/content/blog/assets/images/the-dangers-of-end-to-end-encryption/fire.svg
deleted file mode 100644
index ce4942671..000000000
--- a/content/blog/assets/images/the-dangers-of-end-to-end-encryption/fire.svg
+++ /dev/null
@@ -1,4 +0,0 @@
-<svg width="72" height="72" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" data-reactroot="">
-<path stroke-linejoin="round" stroke-linecap="round" stroke-width="0" stroke="#ffffff" fill="#eb7c0f" d="M12 22C9.28 22 4.57 19.33 4.05 14.99C3.69 11.95 5.51 9.6 6.01 8.99C6.42 11.1 7.53 12.7 8.95 12.99C9.21 13.04 9.54 13.06 9.93 12.99C9.82 10.67 10 6.33 12.86 3C13.17 2.63 13.66 2.3 14 2C14.24 4.64 14.98 6.12 15.8 7C16.91 8.19 18.59 9 19.48 11.28C19.52 11.37 19.63 11.65 19.72 12C20.34 14.38 20.04 17.88 17.76 19.99C15.85 21.76 13.35 22 13 22C12.49 22 12.56 22 12 22Z" transform="translate(2,2)"></path><path stroke-linejoin="round" stroke-linecap="round" stroke-width="1" stroke="#ffffff" fill="none" d="M12 22C9.28 22 4.57 19.33 4.05 14.99C3.69 11.95 5.51 9.6 6.01 8.99C6.42 11.1 7.53 12.7 8.95 12.99C9.21 13.04 9.54 13.06 9.93 12.99C9.82 10.67 10 6.33 12.86 3C13.17 2.63 13.66 2.3 14 2C14.24 4.64 14.98 6.12 15.8 7C16.91 8.19 18.59 9 19.48 11.28C19.52 11.37 19.63 11.65 19.72 12C20.34 14.38 20.04 17.88 17.76 19.99C15.85 21.76 13.35 22 13 22C12.49 22 12.56 22 12 22Z"></path>
-<path stroke-linejoin="round" stroke-linecap="round" stroke-miterlimit="10" stroke-width="0" stroke="#ffffff" fill="#FDD17B" d="M14 16C12.96 17.04 11.41 17.43 10 17C11.13 18.09 12.7 18.5 14 18C16.01 17.24 16.83 14.54 16 13C15.74 12.53 15.36 12.21 15 12C15.43 13.41 15.04 14.96 14 16Z" transform="translate(2,2)"></path><path stroke-linejoin="round" stroke-linecap="round" stroke-miterlimit="10" stroke-width="1" stroke="#ffffff" fill="none" d="M14 16C12.96 17.04 11.41 17.43 10 17C11.13 18.09 12.7 18.5 14 18C16.01 17.24 16.83 14.54 16 13C15.74 12.53 15.36 12.21 15 12C15.43 13.41 15.04 14.96 14 16Z"></path>
-</svg>
diff --git a/content/blog/assets/images/the-fight-for-privacy-after-death/cover.webp b/content/blog/assets/images/the-fight-for-privacy-after-death/cover.webp
deleted file mode 100644
index 02b95815d..000000000
Binary files a/content/blog/assets/images/the-fight-for-privacy-after-death/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/the-future-of-privacy/cover.webp b/content/blog/assets/images/the-future-of-privacy/cover.webp
deleted file mode 100644
index 4d11605e3..000000000
Binary files a/content/blog/assets/images/the-future-of-privacy/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/the-privacy-of-others/cover.webp b/content/blog/assets/images/the-privacy-of-others/cover.webp
deleted file mode 100644
index 70d325f6f..000000000
Binary files a/content/blog/assets/images/the-privacy-of-others/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp b/content/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp
deleted file mode 100644
index c7b03998c..000000000
Binary files a/content/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp b/content/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp
deleted file mode 100644
index cf87a73b4..000000000
Binary files a/content/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp and /dev/null differ
diff --git a/content/blog/assets/images/threads-launch-twitter/cover.webp b/content/blog/assets/images/threads-launch-twitter/cover.webp
deleted file mode 100644
index eb6d8decc..000000000
Binary files a/content/blog/assets/images/threads-launch-twitter/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/tor-security-slider-flaw/cover.png b/content/blog/assets/images/tor-security-slider-flaw/cover.png
deleted file mode 100644
index 8369eeef6..000000000
Binary files a/content/blog/assets/images/tor-security-slider-flaw/cover.png and /dev/null differ
diff --git a/content/blog/assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png b/content/blog/assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png
deleted file mode 100644
index b2070ff54..000000000
Binary files a/content/blog/assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png and /dev/null differ
diff --git a/content/blog/assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png b/content/blog/assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png
deleted file mode 100644
index ededca271..000000000
Binary files a/content/blog/assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png and /dev/null differ
diff --git a/content/blog/assets/images/tor-security-slider-flaw/standard-level-jetstream2.png b/content/blog/assets/images/tor-security-slider-flaw/standard-level-jetstream2.png
deleted file mode 100644
index e5053c6c0..000000000
Binary files a/content/blog/assets/images/tor-security-slider-flaw/standard-level-jetstream2.png and /dev/null differ
diff --git a/content/blog/assets/images/toward-a-passwordless-future/cover.webp b/content/blog/assets/images/toward-a-passwordless-future/cover.webp
deleted file mode 100644
index 29e5f265e..000000000
Binary files a/content/blog/assets/images/toward-a-passwordless-future/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/toward-a-passwordless-future/ctss.webp b/content/blog/assets/images/toward-a-passwordless-future/ctss.webp
deleted file mode 100644
index 138606a71..000000000
Binary files a/content/blog/assets/images/toward-a-passwordless-future/ctss.webp and /dev/null differ
diff --git a/content/blog/assets/images/twitter-elon-takeover/cover.webp b/content/blog/assets/images/twitter-elon-takeover/cover.webp
deleted file mode 100644
index e30e305b4..000000000
Binary files a/content/blog/assets/images/twitter-elon-takeover/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/uk-forced-apple-to-remove-adp/cover.webp b/content/blog/assets/images/uk-forced-apple-to-remove-adp/cover.webp
deleted file mode 100644
index 902f6c755..000000000
Binary files a/content/blog/assets/images/uk-forced-apple-to-remove-adp/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/where-are-all-the-mprs/icloud-private-relay.png b/content/blog/assets/images/where-are-all-the-mprs/icloud-private-relay.png
deleted file mode 100644
index b163d8fa6..000000000
Binary files a/content/blog/assets/images/where-are-all-the-mprs/icloud-private-relay.png and /dev/null differ
diff --git a/content/blog/assets/images/why-i-run-a-tor-relay/cover.png b/content/blog/assets/images/why-i-run-a-tor-relay/cover.png
deleted file mode 100644
index b24d2b81c..000000000
Binary files a/content/blog/assets/images/why-i-run-a-tor-relay/cover.png and /dev/null differ
diff --git a/content/blog/assets/images/you-can-say-no/no-cover.webp b/content/blog/assets/images/you-can-say-no/no-cover.webp
deleted file mode 100644
index c1e2ef161..000000000
Binary files a/content/blog/assets/images/you-can-say-no/no-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/your-online-life-is-irl/irl-cover.webp b/content/blog/assets/images/your-online-life-is-irl/irl-cover.webp
deleted file mode 100644
index 757b35b67..000000000
Binary files a/content/blog/assets/images/your-online-life-is-irl/irl-cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/cover.webp b/content/blog/assets/images/yubikey-reset-and-backup/cover.webp
deleted file mode 100644
index 86c0be9da..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/cover.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-1-download.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-1-download.webp
deleted file mode 100644
index 9ba30878f..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-1-download.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-10-reset-fido2.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-10-reset-fido2.webp
deleted file mode 100644
index 9ec1a7c1d..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-10-reset-fido2.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-11-reset-fido2close.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-11-reset-fido2close.webp
deleted file mode 100644
index 8f702c04b..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-11-reset-fido2close.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-12-reset-piv.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-12-reset-piv.webp
deleted file mode 100644
index b4b0c62f2..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-12-reset-piv.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-13-reset-cli.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-13-reset-cli.webp
deleted file mode 100644
index 80e38a468..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-13-reset-cli.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-14-config-certificates.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-14-config-certificates.webp
deleted file mode 100644
index a187fa221..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-14-config-certificates.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-15-config-certificatespin.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-15-config-certificatespin.webp
deleted file mode 100644
index db197b971..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-15-config-certificatespin.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-16-config-certificatespuk.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-16-config-certificatespuk.webp
deleted file mode 100644
index c8e9b13c5..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-16-config-certificatespuk.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-17-config-certificateskey.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-17-config-certificateskey.webp
deleted file mode 100644
index 7f9e19720..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-17-config-certificateskey.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-18-config-otp.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-18-config-otp.webp
deleted file mode 100644
index 46751dc9e..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-18-config-otp.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-19-config-otpfields.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-19-config-otpfields.webp
deleted file mode 100644
index b57fcf23b..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-19-config-otpfields.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-2-yubicoapp.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-2-yubicoapp.webp
deleted file mode 100644
index 7d5c922f0..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-2-yubicoapp.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-20-config-otpfieldsfilled.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-20-config-otpfieldsfilled.webp
deleted file mode 100644
index f264bdae3..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-20-config-otpfieldsfilled.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-21-config-otpfile.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-21-config-otpfile.webp
deleted file mode 100644
index 77ef92efd..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-21-config-otpfile.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-22-config-register.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-22-config-register.webp
deleted file mode 100644
index 328fc3f22..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-22-config-register.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-23-config-registersuccess.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-23-config-registersuccess.webp
deleted file mode 100644
index 614ec069b..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-23-config-registersuccess.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-24-config-tryitout.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-24-config-tryitout.webp
deleted file mode 100644
index 47572437a..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-24-config-tryitout.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-25-config-challenge.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-25-config-challenge.webp
deleted file mode 100644
index 3a964f4ed..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-25-config-challenge.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-26-config-challengepopup.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-26-config-challengepopup.webp
deleted file mode 100644
index 760e62e9f..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-26-config-challengepopup.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-27-config-challengespare.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-27-config-challengespare.webp
deleted file mode 100644
index 35030119a..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-27-config-challengespare.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-28-config-spareconfigured.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-28-config-spareconfigured.webp
deleted file mode 100644
index 8239f0319..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-28-config-spareconfigured.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-29-config-oathtotp.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-29-config-oathtotp.webp
deleted file mode 100644
index ed869ed14..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-29-config-oathtotp.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-3-keysplugged.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-3-keysplugged.webp
deleted file mode 100644
index cd39621ee..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-3-keysplugged.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-30-config-passkeys.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-30-config-passkeys.webp
deleted file mode 100644
index 11bba08cb..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-30-config-passkeys.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-31-config-passkeyspin.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-31-config-passkeyspin.webp
deleted file mode 100644
index 96934dd9e..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-31-config-passkeyspin.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-32-deleteslot.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-32-deleteslot.webp
deleted file mode 100644
index bcc91a87f..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-32-deleteslot.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-33-deleteslotpopup.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-33-deleteslotpopup.webp
deleted file mode 100644
index 6bb88c95a..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-33-deleteslotpopup.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-34-config-static.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-34-config-static.webp
deleted file mode 100644
index 59ef5f83d..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-34-config-static.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-35-config-statickeyboards.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-35-config-statickeyboards.webp
deleted file mode 100644
index 27a2f7732..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-35-config-statickeyboards.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-36-config-staticspare.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-36-config-staticspare.webp
deleted file mode 100644
index f37632133..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-36-config-staticspare.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-37-config-hotp.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-37-config-hotp.webp
deleted file mode 100644
index 863fb1dd0..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-37-config-hotp.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-38-config-oathhotppopup.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-38-config-oathhotppopup.webp
deleted file mode 100644
index 63a7b1ee6..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-38-config-oathhotppopup.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-39-config-pgppins.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-39-config-pgppins.webp
deleted file mode 100644
index c17678352..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-39-config-pgppins.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-4-keyspluggedspare.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-4-keyspluggedspare.webp
deleted file mode 100644
index 26e0b5a2d..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-4-keyspluggedspare.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-40-config-pgpgeneratekey.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-40-config-pgpgeneratekey.webp
deleted file mode 100644
index 111ae46ac..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-40-config-pgpgeneratekey.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-41-config-pgppassphrase.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-41-config-pgppassphrase.webp
deleted file mode 100644
index b3b8f9f11..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-41-config-pgppassphrase.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-42-config-pgpaddkeys.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-42-config-pgpaddkeys.webp
deleted file mode 100644
index 665f0263c..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-42-config-pgpaddkeys.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-43-config-pgp3subkeys.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-43-config-pgp3subkeys.webp
deleted file mode 100644
index 1c620ccaf..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-43-config-pgp3subkeys.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-44-config-pgpimportsubkeys.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-44-config-pgpimportsubkeys.webp
deleted file mode 100644
index a96771bfb..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-44-config-pgpimportsubkeys.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-45-config-pgpadminpin.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-45-config-pgpadminpin.webp
deleted file mode 100644
index 87ab6bfe0..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-45-config-pgpadminpin.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-5-slots.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-5-slots.webp
deleted file mode 100644
index 29fc5676d..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-5-slots.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-6-deletecredential.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-6-deletecredential.webp
deleted file mode 100644
index 69ace4f02..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-6-deletecredential.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-7-deletepopup.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-7-deletepopup.webp
deleted file mode 100644
index e82edc526..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-7-deletepopup.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-8-slotsempty.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-8-slotsempty.webp
deleted file mode 100644
index 1b94e92f4..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-8-slotsempty.webp and /dev/null differ
diff --git a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-9-reset-oath.webp b/content/blog/assets/images/yubikey-reset-and-backup/yubikey-9-reset-oath.webp
deleted file mode 100644
index 6cd8f39be..000000000
Binary files a/content/blog/assets/images/yubikey-reset-and-backup/yubikey-9-reset-oath.webp and /dev/null differ
diff --git a/content/blog/author/dngray.md b/content/blog/author/dngray.md
deleted file mode 100644
index 4f1ad34b1..000000000
--- a/content/blog/author/dngray.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Daniel Gray
-
-![Profile picture](https://github.com/dngray.png){ align=right }
-
-**Daniel** is a founding team member of Privacy Guides and part of its [executive committee](https://www.privacyguides.org/en/about/#executive-committee).
-
-[@dngray@mastodon.social](https://mastodon.social/@dngray "@dngray@mastodon.social")
-[dngray.bsky.social](https://bsky.app/profile/dngray.bsky.social "@dngray.bsky.social")
-{ .pg:buttons }
diff --git a/content/blog/author/em.md b/content/blog/author/em.md
deleted file mode 100644
index 252db8543..000000000
--- a/content/blog/author/em.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-description: Em is the Activism & Outreach Lead at Privacy Guides. She is a public‑interest technologist and researcher who has been working on various independent projects in data privacy, information security, and software engineering since 2018.
-schema:
-      -
-        "@context": https://schema.org
-    "@type": ProfilePage
-    dateCreated: "2025-02-03T19:00:00Z"
-    dateModified: "2024-02-03T19:00:00Z"
-    mainEntity:
-      -
-        "@context": https://schema.org
-        "@type": Person
-        name: Em
-        jobTitle: Staff Writer
-        description: Em is a full-time journalist at Privacy Guides.
-        url: https://www.privacyguides.org/articles/author/em/
-        image: https://www.privacyguides.org/articles/assets/external/github.com/EmAtPrivacyGuides.png.jpg
-        sameAs:
-          - https://infosec.exchange/@Em0nM4stodon
-          - https://emontheinternet.me/
-          - https://controlaltdelete.technology/
----
-
-# Em
-
-![Profile picture](https://github.com/EmAtPrivacyGuides.png){ align=right }
-
-[**Em**](https://emontheinternet.me/) is the Activism & Outreach Lead at *Privacy Guides*. She is a public‑interest technologist and researcher who has been working on various independent projects in data privacy, information security, and software engineering since 2018.
-
-Em is passionate about digital rights, privacy advocacy, solid security, and code for the public good. In her free time, you can find Em on Mastodon giving privacy tips or boosting photos of cats and moss.
-
-[@Em0nM4stodon@infosec.exchange](https://infosec.exchange/@Em0nM4stodon "@Em0nM4stodon@infosec.exchange")
-{ .pg:buttons }
diff --git a/content/blog/author/freddy.md b/content/blog/author/freddy.md
deleted file mode 100644
index 6c003acf0..000000000
--- a/content/blog/author/freddy.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Freddy
-
-![Profile picture](https://github.com/freddy-m.png){ align=right }
-
-[**Freddy**](https://freddy.lol) is a founding team member of Privacy Guides and part of its [executive committee](https://www.privacyguides.org/en/about/#executive-committee). He writes in American English reluctantly.
-
-[@freddy@social.lol](https://social.lol/@freddy "@freddy@social.lol")
-[@freddy.lol](https://bsky.app/profile/freddy.lol "@freddy.lol")
-{ .pg:buttons }
diff --git a/content/blog/author/jonah.md b/content/blog/author/jonah.md
deleted file mode 100644
index 5ba2c3de5..000000000
--- a/content/blog/author/jonah.md
+++ /dev/null
@@ -1,36 +0,0 @@
----
-description: Jonah is Privacy Guides' editor and Program Director. With over a decade of technical writing experience, his role includes researching and writing for Privacy Guides. He also runs Triplebit, a non-profit ISP behind many privacy-related tools.
-schema:
-      -
-        "@context": https://schema.org
-    "@type": ProfilePage
-    dateCreated: "2019-10-31T00:00:00Z"
-    dateModified: "2024-09-09T00:00:00Z"
-    mainEntity:
-      -
-        "@context": https://schema.org
-        "@type": Person
-        name: Jonah Aragon
-        jobTitle: Project Director
-        description: Jonah Aragon is the Project Director and staff writer at Privacy Guides.
-        url: https://www.privacyguides.org/articles/author/jonah/
-        image: https://www.privacyguides.org/articles/assets/external/github.com/jonaharagon.png.jpg
-        sameAs:
-          - https://www.jonaharagon.com
-          - https://discuss.privacyguides.net/u/jonah
-          - https://shop.jonaharagon.com
-          - https://jonaharagon.me
-          - https://mastodon.neat.computer/@jonah
-          - https://www.youtube.com/@jonaharagon
-          - https://www.wikidata.org/wiki/Q117304062
----
-
-# Jonah Aragon
-
-![Profile picture](https://github.com/jonaharagon.png){ align=right }
-
-[**Jonah Aragon**](https://www.jonaharagon.com) is *Privacy Guides'* editor and Program Director. With over a decade of technical writing experience, his role includes researching and writing for Privacy Guides. He also runs Triplebit, a non-profit ISP behind many privacy-related tools.
-
-[@jonah@neat.computer](https://mastodon.neat.computer/@jonah "@jonah@neat.computer")
-[@jonaharagon.com](https://bsky.app/profile/jonaharagon.com "@jonaharagon.com")
-{ .pg:buttons }
diff --git a/content/blog/author/niek-de-wilde.md b/content/blog/author/niek-de-wilde.md
deleted file mode 100644
index 9cac60853..000000000
--- a/content/blog/author/niek-de-wilde.md
+++ /dev/null
@@ -1,8 +0,0 @@
-# Niek de Wilde
-
-![Profile picture](https://github.com/blacklight447.png){ align=right }
-
-**Niek** is a founding team member of Privacy Guides and part of the [executive committee](https://www.privacyguides.org/en/about/#executive-committee). His day-to-day concerns for Privacy Guides entail both research and outreach.
-
-[@blacklight447@mastodon.social](https://mastodon.social/@blacklight447 "@blacklight447@mastodon.social")
-{ .pg:buttons }
diff --git a/content/blog/category/announcements.md b/content/blog/category/announcements.md
deleted file mode 100644
index ca25553b7..000000000
--- a/content/blog/category/announcements.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-description: The latest announcements and updates from the Privacy Guides team.
----
-
-# Announcements
-
-Follow this page for the latest updates & announcements from the Privacy Guides team, and join the [announcements category](https://discuss.privacyguides.net/c/announcements/5) on our forum to discuss anything you read here!
diff --git a/content/blog/category/news.md b/content/blog/category/news.md
deleted file mode 100644
index 2275c4f49..000000000
--- a/content/blog/category/news.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-description: Privacy Guides News presents the latest tech news about the world's best (and occasionally worst) software, hardware, and services in the privacy world.
----
-
-# News
-
-The latest tech news about the world's best (and occasionally worst) software, hardware, and services in the privacy world. *Privacy Guides News* has you covered for any important information you might need on your privacy journey.
diff --git a/content/blog/category/reviews.md b/content/blog/category/reviews.md
deleted file mode 100644
index 6125ff23c..000000000
--- a/content/blog/category/reviews.md
+++ /dev/null
@@ -1,7 +0,0 @@
----
-description: Read the latest privacy product reviews and stories from Privacy Guides contributing writers.
----
-
-# Reviews
-
-Looking for alternatives to privacy-invasive apps you use everyday? Do you just want to know all the details behind your favorite privacy tools? *Privacy Guides Reviews* is the place to find all that and more. This is your one stop to find the latest advice and recommendations on things we use every day directly from Privacy Guides contributors.
diff --git a/content/blog/editorial.md b/content/blog/editorial.md
deleted file mode 100644
index c4c61bdf3..000000000
--- a/content/blog/editorial.md
+++ /dev/null
@@ -1,107 +0,0 @@
----
-title: Editorial Policy
----
-
-This page provides transparent information about Privacy Guides, its editorial process, and how Privacy Guides creates trustworthy news, articles, and reviews.
-
-Moreover, it is a part of Privacy Guides' commitment to [**The Trust Project**](https://thetrustproject.org/), "an international consortium of news organizations implementing transparency standards and working with technology platforms to affirm and amplify journalism’s commitment to transparency, accuracy, inclusion and fairness so that the public can make informed news choices." Privacy Guides is not currently a news partner of the program, but wholeheartedly supports its mission and values.
-
-## Coverage Priorities
-
-First and foremost, Privacy Guides is committed to publishing content related to the personal privacy and cybersecurity industry and communities. We firmly believe that privacy is a human right, which should not be intruded upon by any corporation, government, or other entity.
-
-To further our beliefs, Privacy Guides strives to create coverage that promotes the ideals of personal privacy and security in online spaces, encourages companies to engage in privacy-friendly behavior, and holds privacy and security invasive entities accountable for their actions.
-
-## Our Philosophy
-
-Privacy Guides strongly believes in independent information published by independent people with varying points of view. As an organization, we are firm proponents of freedom of speech, expression, and the press. Privacy Guides contributors are free to share their own opinions, even when they are controversial. Every opinion article is clearly labeled as such at the beginning of the news content.
-
-## Ethics Policy
-
-Privacy Guides' ethical code is based in our willingness to be accurate, fair, and complete, and for all of our writers to act with honesty, transparency, and independence.
-
-### Truth and Accuracy
-
-Privacy Guides contributors are expected to be as accurate as possible. Getting facts from reliable sources is the defining principle of journalism. Privacy Guides always strives to provide all the relevant facts available, ensure those facts have been verified, and generally hold ourselves to the highest standards of accuracy and truth. When we are unable to corroborate certain information, Privacy Guides always makes that clear to readers.
-
-### Independence
-
-Privacy Guides contributors must always be independent voices in the privacy community. Privacy Guides does not act on behalf of special interests, whether corporate, political, or cultural, and whether formally or informally. Independent fact-checking is always involved in the publication process.
-
-### Fairness and Impartiality
-
-Many stories have at least two sides. While we are not obligated to present every viewpoint in every article we publish, our stories are balanced and add context. Our impartial reporting is a significant part of why our community has trust and confidence in our work.
-
-### Humanity
-
-Privacy Guides contributors do no harm. We are aware of the impact of our words on the lives of others. Private persons have privacy rights that must be balanced against the public interest in reporting information about them. Our pursuit of the news is not a license for arrogance, and we will always treat the subject of any story with respect.
-
-### Accountability
-
-As professional and responsible journalists, we will always hold ourselves accountable for our work. Corrections are published when errors are discovered, and we always listen to the concerns of our audience.
-
-## Corrections Policy
-
-Privacy Guides believes in transparency and honesty. Therefore, we will correct mistakes promptly and ensure our readers are notified. In the online world of journalism, completeness and freshness of content are huge values, and we believe accuracy is equally essential. We will ensure expediency when making corrections as needed.
-
-When an error is detected in an article, Privacy Guides will immediately work to find the correct information, clearly display the correction within the affected article, and include the following:
-
-- The correct information.
-- What was originally published that was incorrect.
-- The severity of the error.
-- The date when the change took place.
-
-When errors cannot be amended within the body of an article's content, corrections are displayed in the last paragraph of the content. Rather than remove completely the content containing a mistake, we provide clarification and admittance of our mistakes to preserve transparency.
-
-## Verification & Fact-Checking
-
-Privacy Guides prides itself on the validity of its content, and therefore does whatever it can to ensure that the information presented by its contributors is accurate. As a well-known global publication, Privacy Guides understands the importance of approaching claims with skepticism, thinking critically, and upholding accuracy in whatever way possible.
-
-Privacy Guides encourages its writers to keep the following considerations in mind before publishing content:
-
-- Always credit, acknowledge, and verify the source(s) of your information.
-- Consider whether you know enough about the information to qualify as a trustable source yourself.
-- Think critically when addressing claims.
-- Never make assumptions.
-
-We trust the integrity of our contributors and the accuracy of content published on this website. In the case that a mistake is made, we understand the importance of admitting to them and working diligently to provide the correct information. We always encourage our readers, sources, and other contributors to provide us with feedback on any of our content.
-
-## Unnamed Sources Policy
-
-Privacy Guides will only use unnamed sources in our news reporting if:
-
-1. The material is informative, not opinion or speculation.
-2. The material is vital to the news report.
-3. The source is reliable, and in a position to have accurate information.
-4. The information provided is not available except under conditions of anonymity imposed by the source.
-
-Privacy Guides will always identify sources whenever possible. Our readership is entitled to as much information as possible in order to judge the reliability of our sources themselves.
-
-:   Privacy Guides' credibility is our most important asset. If our readers don't have faith that the stories they are reading here are accurate and fair, or if they suspect content within the stories we publish is fabricated, then we would lose that credibility. For our contributors to protect their own credibility, they must use every available avenue to confirm and attribute information before relying on unnamed sources. If the only way to publish a story is to use unnamed sources, our contributors owe it to our readership to identify the sources as clearly as possible without exposing the identity of the individual granted anonymity.
-
-Our contributors should always question the motives behind a source requesting anonymity.
-
-:   Always keep your promises, but clarify conditions attached to any promise made in exchange for information beforehand. You must not take information from an anonymous support without the approval of our editorial team. We only use unnamed sources to tell important stories that would otherwise go unreported.
-
-The decision to use an unnamed source is not a decision made solely by the writer. To use an unnamed source, a contributor must have the written consent of a member of our editorial team: [Daniel](author/dngray.md), [Freddy](author/freddy.md), [Jonah](author/jonah.md), or [Niek](author/niek-de-wilde.md).
-
-Our editorial team will grant consent to the use of unnamed sources if the source is considered to be accurate and reliable, and if there is substantial justification for using the source's information without attribution. Privacy Guides should never be in the position of having to verify any factors within this policy after a story has been published.
-
-## Actionable Feedback
-
-Privacy Guides is committed to engaging with our readers and taking action based on their suggestions, complaints, and other feedback.
-
-Readers may help us develop an individual story or line of coverage, answer questions that a story may raise, identify related or under-covered issues, and teach us about new and diverse sources, experts, and perspectives. We believe that news organizations have a responsibility to engage with the public on the values, issues, and ideas of the times, and that news organizations have much to gain in return. In fact, actionable feedback may:
-
-- Further develop an individual story or line of coverage.
-- Help answer questions that a story may raise.
-- Help identify related questions or issues that the audience, including demographic segments of that audience, is discussing or are concerned about.
-- Yield new and diverse sources and experts.
-
-**We strongly encourage our readers to participate in our community forum: <https://discuss.privacyguides.net/>**
-
-Our staff contributors are also [listed](https://www.privacyguides.org/en/about/) alongside verified email links and other contact information, where you can ask them questions or report a complaint. Each article within our news section also clearly lists the author's byline, including contact and social media information when available.
-
-When necessary, we will make updates to our articles based on our readership's comments and feedback.
-
-We are proud of keeping this openness a top priority, in line with the nature of our community.
diff --git a/content/blog/index.md b/content/blog/index.md
deleted file mode 100644
index 94ec61548..000000000
--- a/content/blog/index.md
+++ /dev/null
@@ -1,12 +0,0 @@
----
-description: Privacy-related news stories, product reviews, opinion pieces, and other important articles from Privacy Guides contributors.
-canonical_url: https://www.privacyguides.org/posts/tag/articles/
-hide:
-  - footer
----
-
-# Latest Articles
-
-This is our home for privacy-related news stories, product reviews, opinion pieces, and other important articles.
-
-Unlike the rest of our website, these articles don't represent a consensus viewpoint of our community. Instead, they present the opinions of trusted authors within our community as-is. You may even find multiple articles on the same topic with competing viewpoints, intended to further [privacy discussion](https://discuss.privacyguides.net/).
diff --git a/content/blog/posts/.meta.yml b/content/blog/posts/.meta.yml
deleted file mode 100644
index 40956123a..000000000
--- a/content/blog/posts/.meta.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-comments: true
-social:
-  cards_layout: blog
diff --git a/content/blog/posts/activists-guide-securing-your-smartphone.md b/content/blog/posts/activists-guide-securing-your-smartphone.md
deleted file mode 100644
index 7486bfc8c..000000000
--- a/content/blog/posts/activists-guide-securing-your-smartphone.md
+++ /dev/null
@@ -1,319 +0,0 @@
----
-date:
-    created: 2025-01-23T19:15:00Z
-    updated: 2025-01-27T20:00:00Z
-categories:
-    - Tutorials
-authors:
-    - jonah
-description: Your phone is an essential tool, but it also represents a huge risk to your privacy and security. Understanding these best practices when it comes to securing your smartphone will help keep you and your data safe.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/activists-guide-securing-your-smartphone/cover.webp
----
-# The Protesters' Guide to Smartphone Security
-
-![Article cover photo showing a phone icon over a protest](../assets/images/activists-guide-securing-your-smartphone/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Koshu Kunii / Unsplash</small>
-
-For most protesters, activists, and journalists, your smartphone is an essential tool you depend on for organizing with your peers, accessing and distributing information, and helping others. It also represents a great risk, as a tool that is easily appropriated by authorities for targeted and mass surveillance.<!-- more -->
-
-The perennial question when it comes to protests is whether you should bring your phone at all. If you leave your phone at home, that is probably the safest your data will get, and you will be at very low risk of being tracked by mass surveillance tools. On the other hand, your phone is a critical resource when it comes to coordinating with others, getting updates on the protest from social media, or simply documenting what is going on with your phone's camera.
-
-If possible, bringing a separate device like a "burner phone," an old phone you can reset, or even a regular old-fashioned camera is a much better option than bringing your primary phone. Any data you don't bring with you can't be taken from you at the scene.
-
-However, getting access to or affording devices like these aren't a realistic option for many people. Whether you decide to take your smartphone or a secondary smartphone with you to the event, this guide will cover how to maximize that device's security and minimize risks to your privacy.
-
-**Update (2025-01-27):** This article has been updated based on some community [feedback](https://discuss.privacyguides.net/t/24316), notably I added the [Burner Phones](#burner-phones), [Minimize Your Stored Data](#minimize-your-stored-data), [Use Public Wi-Fi](#use-public-wi-fi), and [Check Your Keyboard](#check-your-keyboard) sections.
-
-## Your Risks at a Protest
-
-There are plenty of risks you should consider if you use your smartphone at a protest. We are going to try and cover the following in this guide:
-
-1. Losing your device.
-
-2. Authorities confiscating your smartphone.
-
-3. Service disruption, either due to intentional interference by authorities or caused by networks being overloaded by large groups of people.
-
-4. Targeted surveillance:
-    - Disrupting your service.
-    - Blocking delivery of calls/SMS to your number.
-    - Monitoring your unencrypted traffic.
-    - Monitoring communications over local radios like walkie-talkies, etc.
-
-5. Mass surveillance:
-    - Interference with web services. Popular communication platforms like Twitter or TikTok could be throttled or blocked.
-    - Interference with messengers and voice services like Signal or WhatsApp.
-    - Authorities could use public Wi-Fi networks in the area to monitor traffic and identify nearby devices.
-    - Cell phone companies could provide records to authorities of devices near cell towers in the area to track and identify protesters.
-
-Like all of our guides, we are going to cover the general best practices and provide helpful tips, but your individual situation may be different. You should always research and plan according to what you specifically are doing, and if you need legal advice you should always consult a qualified and licensed attorney.
-
-## "Burner Phones"
-
-Cell phones are generally tracked by law enforcement using two identifiers:
-
-1. Your **IMSI**, which uniquely identifies your SIM card
-2. Your **IMEI**, which uniquely identifies your phone
-
-Thus, simply using a prepaid SIM in your primary/personal device is not a foolproof method of avoiding tracking, because your IMEI is still correlatable between networks.
-
-Buying a secondary, disposable device is an option that will provide you with much greater protection than bringing your personal device. However, if the threat you face is serious enough that you feel the need to do this, you should strongly consider not bringing a phone at all. Properly securing a disposable/burner phone is fairly challenging and may not be worth it.
-
-If you *do* buy a secondary device for this purpose, you should buy it in-person, with **cash**.
-
-**Do not activate or power it on at home**. The location of a phone is tracked by network carriers for at least a year at minimum, but you should assume that location history is just kept forever. Therefore, you should activate and set up the device in a very public place that is not significant to your daily life, then always keep it powered off at locations associated with you. You don't want the phone's location to ever be recorded at your home or workplace.
-
-If possible, you should try to purchase and set up this phone well in advance. This certainly depends on your plans, but spreading out your purchase, activation, and use of the device makes it less easy to detect. It also makes it less likely that the store you bought the phone from still has security footage of your purchase.
-
-You will also want to make sure you do not identify yourself when purchasing a cellular plan. This is highly dependent on your country, but many prepaid plans will not require any identification to activate. There are also some global eSIM providers which will accept payment without the need to identify yourself to them.
-
-One last thing: Your secondary device should still be a reasonably modern smartphone. The security measures we cover below regarding [hardware and software security](#consider-your-phones-security-patches) still apply. Smartphones are more secure against the sort of threats that activists are likely to face—such as someone trying to crack into your device's data—than a simple/feature/"dumb" phone will be. They also have many more options for secure & encrypted communication methods that we'll cover below as well.
-
-Using a secondary device only at the protest allows you to leave your primary device powered on and at home. This potentially provides some plausible deniability, if someone requests the location of your phone during the time of the event later.
-
-## Secure Your Device
-
-If your phone falls into the wrong hands, the information on it could be hugely damaging to yourself or others. Make sure you've taken the necessary steps to prevent it from being broken into.
-
-### Use a Strong Screen Lock
-
-At a bare minimum, you should use a 6-digit PIN, but ideally you should protect your phone with an alphanumeric passphrase. This prevents people from trivially accessing your data, and additionally protects your data with strong encryption.
-
-Barring a massive security exploit (more on this [later](#consider-your-phones-security-patches)), most law enforcement tools work by essentially brute-forcing your PIN, running tons of guesses until it gets one right. This makes a long and unique passphrase your strongest protection against your data being stolen by people in possession of your device.
-
-In the United States and many other countries it is legal to refuse to unlock your phone or provide your passcode to law enforcement. **Know your rights** wherever you're located before attending a protest, so you aren't blindly following orders later.
-
-### Disable Biometric Authentication
-
-We commonly recommend using biometric features like Face ID or Touch ID to prevent "shoulder surfing" attacks, where an attacker steals your PIN by discreetly watching you enter it, or where your PIN is recorded by surveillance cameras in the area.
-
-**However**, in this situation it may make more sense to disable biometric authentication. Authorities are trained and known to use biometrics quickly to forcefully unlock your device, so you should be mindful of this fact when deciding what to do. If you disable biometrics, be wary of shoulder surfing attacks and prying eyes by obscuring or covering your phone whenever you unlock it.
-
-Whatever you do, make sure you know how to quickly shut down your phone or disable biometrics at a moment's notice. Many phones have begun replacing the standard "hold down the power button" function with voice assistants or other features, so practice performing the actual shutdown method beforehand to familiarize yourself.
-
-Modern iPhones require you to hold down the side button and either volume button before the power-off slider appears. Even if you don't get a chance to slide to power off, getting to this screen will at least disable biometric authentication, making your phone a bit more secure than it otherwise might be.
-
-In the United States, it is still a legal gray area when it comes to whether law enforcement can force you to use biometrics, but many court decisions have leaned toward saying they **can** compel you to use your fingerprint. Using a passphrase and disabling biometrics gives you more robust 5th Amendment rights. In other countries you should again familiarize yourself with your rights in this scenario, so that you can make the most informed decision.
-
-### Hide Your Notifications
-
-Even with your device locked, law enforcement can see everything you're up to simply by scrolling through your notifications. Reducing the amount of information accessible on the lock screen improves your security and the security of those you're messaging, so make sure your notifications are only visible when your device is unlocked.
-
-On an iPhone:
-
-1. Open **Settings**
-2. Navigate to **Notifications**
-3. Navigate to **Show Previews**
-4. Select **Never** (or, **When Unlocked**)
-
-On Android:
-
-1. Open **Settings**
-2. Navigate to **Notifications**
-3. Touch **Notifications on lock screen**
-    - Select **Don't show any notifications**
-4. Switch **Sensitive notifications** to **off**
-
-### Minimize Your Stored Data
-
-The best way to protect your data is to not have it on your phone in the first place. If you're using a secondary device, simply don't install anything other than what will be absolutely necessary during the protest, like a secure messenger.
-
-Otherwise, delete any cloud storage apps you don't need access to during the protest. If you're able to delete an app and then download it later and log in without experiencing any data loss, then that app probably doesn't *need* to be on your phone all the time.
-
-Some [password managers](https://www.privacyguides.org/en/passwords/) have the option to temporarily remove certain vaults from your devices, 1Password calls this [Travel Mode](https://support.1password.com/travel-mode/) for example. You can do this manually as well, by having a separate password manager or vault with only the essentials you will need at the time, and removing your primary password manager from your device for the duration of the event.
-
-### Disable Lock Screen Actions
-
-In a similar vein, any functionality you have enabled while your device is unlocked can pose a security risk. It is always best practice to reduce your attack surface by disabling these options whenever possible. Even though these features are typically designed to not pose a security risk to your data, they have been known to be exploited in the past to bypass lock screens and other security features.
-
-On an iPhone:
-
-1. Open **Settings**
-2. Navigate to **Face ID & Passcode**
-3. Scroll to the **Allow Access When Locked** section
-4. Switch all features you don't need **off**
-
-On Android, disabling functionality while the phone is locked will vary widely by manufacturer. Some like Samsung provide more flexible options in their lock screen settings, but others like Google do not provide the option to disable the quick settings panel or other similar features.
-
-### Avoid External Storage
-
-Your Android phone might have the option to store files or photos on a microSD card, but these cards are not always subject to the same encryption standards as your phone's built-in storage. You should check whether your microSD card can be encrypted in your phone's settings, although this will prevent it from being read by other devices like your computer later.
-
-Additionally, even *if* it's encrypted, it still won't benefit from the same security protections that your phone's built-in storage provides, such as advanced brute-force protections. Ideally you should remove all external storage devices from your phone during the event, and save photos, videos, and other files to your phone's encrypted internal storage.
-
-### Consider Your Phone's Security Patches
-
-Exploits against smartphones are discovered on a very regular basis, and spyware companies that work with law enforcement—like Cellebrite—abuse these exploits to crack into stolen devices. If your phone is no longer receiving regular updates from its manufacturer, you are in a very dangerous position as you may be vulnerable to the exploits used.
-
-In general, we consider the latest iPhone and latest Google Pixel to be the most secured against this sort of threat. You can increase your security further by using a [hardened alternative operating system](https://www.privacyguides.org/en/android/distributions/) on your Google Pixel.
-
-Robust security information about phones from other manufacturers is less common. If you use a different device you may still consider the risks to be worth it, but if confiscation is of *particular* concern to you, or especially if your phone no longer receives security patches, you may want to consider leaving the phone at home.
-
-## Protect Against Surveillance
-
-### Disable AirDrop
-
-One of the most innocuous features enabled on millions of iPhones is also one of the most dangerous for those seeking to protect their privacy in public. Apple's AirDrop protocol [uses](https://www.usenix.org/system/files/sec21-heinrich.pdf) trivially bypassed security measures that authorities like the Chinese government have openly [bragged](https://arstechnica.com/security/2024/01/hackers-can-id-unique-apple-airdrop-users-chinese-authorities-claim-to-do-just-that/) about cracking to identify users since at least 2022.
-
-You should assume that any device with AirDrop enabled is constantly broadcasting your name, email address, and phone number to everyone around you, **even if** you have it set to "Contacts Only." Apple has known about this [flaw](https://www.macrumors.com/2021/04/23/airdrop-researchers-security-flaw/) since 2019 and has not issued any fix.
-
-1. Open the **Settings** app
-2. Navigate to **General**
-3. Navigate to **AirDrop**
-4. Select **Receiving Off**
-
-### Lock Down Your Network
-
-Your phone signals can be used to track you even if you don't make a call or send a text. Some law enforcement agencies use "stingrays," devices which can impersonate a cell tower to track visitors to an area. It is speculated that more advanced ones can intercept unencrypted text messages and phone calls as well, making the use of an [encrypted messenger](#use-signal) during the event even more critical.
-
-While the capabilities of the most modern ones isn't fully known, you should definitely protect yourself from the subset of stingrays which abuse the lower security standards of older, 2G networks.
-
-On Android:
-
-1. Open **Settings**
-2. Navigate to **Network & internet**
-3. Navigate to **SIMs**
-4. Select your carrier or SIM card
-5. Switch **Allow 2G** to **off**
-
-You might also consider installing Privacy Cell ([F-Droid](https://f-droid.org/en/packages/com.stoutner.privacycell/) / [Google Play](https://play.google.com/store/apps/details?id=com.stoutner.privacycell)), an app that tells you whether you are connected to a cell network using the most modern security. Even the "5G" indicator on your phone alone doesn't guarantee you are using the latest-generation protocol.
-
-On iPhone:
-
-1. Open **Settings**
-2. Navigate to **Privacy & Security**
-3. Navigate to **Lockdown Mode**
-4. Select **Turn On Lockdown Mode**
-
-Note that enabling [Lockdown Mode](https://www.privacyguides.org/articles/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode) on an iPhone will change a variety of settings to harden its security. Many of them are smart improvements, but certain apps and features [won't work](https://support.apple.com/HT212650) normally, so read the previous links here for more details.
-
-### Use Airplane Mode Frequently
-
-Even after mitigating the risks of 2G networks, your cellular activity can still be tracked. If not by law enforcement then by your carrier, who will likely be responsive to law enforcement's requests for data after the fact.
-
-To prevent this, you should keep your phone turned off or use Airplane Mode to disable cellular connections whenever possible. Ideally you should only connect to networks in an emergency situation to communicate with others in your group, otherwise keeping messages and network transmissions to a minimum is key.
-
-If you absolutely need internet connectivity, and if it's possible, you should keep Airplane Mode on and connect to a public Wi-Fi network instead, which brings me to:
-
-### Use Public Wi-Fi
-
-If you're able, scope out businesses in the area that provide public Wi-Fi in advance. This is better than using cellular service, because less information about your device is shared with Wi-Fi networks as opposed to cell towers. Most modern phones support MAC address randomization, which makes it even harder to correlate your cell phone's connections between different Wi-Fi access points.
-
-There is a danger that public Wi-Fi services will be set up by authorities or others in the area to track protesters. You could consider using a [VPN service](https://www.privacyguides.org/en/vpn/) while connected to them to minimize the amount of metadata about your traffic that the Wi-Fi operator is able to collect.
-
-### Disable Location Services
-
-If you have to keep your device powered on and connected, you can at least minimize the number of parties who have access to your location data. Be mindful of apps that you choose to share your location with, and consider disabling location services entirely while you're at the event.
-
-On an iPhone:
-
-1. Open **Settings**
-2. Navigate to **Privacy & Security**
-3. Navigate to **Location Services**
-4. Switch **Location Services** to **off**
-
-On Android:
-
-1. Open **Settings**
-2. Navigate to **Location**
-3. Switch **Use location** to **off**
-
-If you use an Android phone, you should also check your Google account settings to [ensure location history is disabled](https://support.google.com/accounts/answer/3118687). Google is frequently tapped by law enforcement to provide location data, because they don't protect your personal information with strong encryption.
-
-### Check Your Keyboard
-
-An often overlooked security risk is the software keyboard installed on your device. The best encrypted messenger in the world is no match for all of your inputs being read by third-parties as you type them.
-
-If you are on [GrapheneOS](#consider-your-phones-security-patches), the default keyboard from AOSP that it comes with makes no internet connections, so if you don't install a third-party keyboard you should be fine. Most other Android users are using Google's *Gboard*, which does make internet connections you may decide you don't trust, so you could consider installing an offline alternative. iOS users are able to control whether their third-party keyboard has network access in their system settings, although it may be wiser to not install a third-party keyboard in the first place.
-
-This is [particularly relevant](https://xcancel.com/RealSexyCyborg/status/1197695344575799296) to people typing in languages like Chinese or others where you use an Input Method Editor (IME) to convert Latin letters to characters in the target language. These IMEs are very often third-party apps that have full internet access.
-
-## Other Tips
-
-### Use Signal
-
-[**Signal**](https://www.privacyguides.org/en/real-time-communication/#signal) is the most secure app for sending text messages and making voice calls with others. It is also impossible to configure Signal to lower its encryption security or other security standards, so you know that everyone in your group is using settings that are safe by default.
-
-You should turn on disappearing messages with a reasonably short interval for sensitive communications. You can do this by default in the Privacy section of Signal's app settings, and you can also do it on a per-conversation basis in each conversation's settings panel. This way there is a time limit for an attacker to crack your phone and extract your messages before they permanently disappear.
-
-Signal is battle-tested for this situation. [Signal has responded to 6 government requests](https://signal.org/bigbrother/) since 2016, and in each case the only information they were able to provide was at most:
-
-1. Whether the user was registered with Signal
-2. When that user registered with Signal
-3. When that user connected to Signal last
-
-Keep in mind that using Signal could still expose your phone's location, simply due to making a network request as we covered above. You should still keep your phone in [Airplane Mode](#use-airplane-mode-frequently) and minimize the use of Signal or any other networked app during the event.
-
-There *are* other [encrypted messengers](https://www.privacyguides.org/en/real-time-communication/), some of them even making use of technologies developed by Signal. However, they all come with trade-offs that could easily compromise your security. WhatsApp and Facebook Messenger are end-to-end encrypted for example, but they collect copious amounts of *metadata* about your messages, such as whom you're sending them to, when you're sending them, your location when you're sending them, etc. Apple's iMessage service in the Messages app has strong encryption but similar metadata concerns, and only works if everyone in your group has an iPhone.
-
-### Protect Your Access to Information
-
-Phones can be easily lost, taken, broken, or they can simply run out of juice. Bring a spare mobile battery or a charged power bank with you, and try to minimize your phone usage to preserve power. You should also make sure your mobile plan is topped up and you have enough mobile data prior to the event.
-
-You should also write down the number of an emergency contact or a lawyer on a physical piece of paper, or [even](https://xcancel.com/madeleine_rae/status/1266528386878443522) in Sharpie on your arm. You'll want this information easily accessible if you're arrested regardless of your phone's state or location.
-
-### Change Your Camera Settings
-
-Check your camera settings for things which may draw unwanted attention, like the flash or a shutter sound. You should go through these settings in advance and configure it for the safest possible use.
-
-### Back Up Your Data
-
-You should be prepared to have your phone taken or lost during a protest. You can limit the potential costs and headache to you if this happens by making sure you have an updated, encrypted backup of your data.
-
-If you have an iPhone, you can make a local backup to a macOS computer or a Windows computer with iTunes. You can also back up to iCloud, but these backups are only secure if you enable [Advanced Data Protection](https://www.privacyguides.org/en/os/ios-overview/#icloud) on your iCloud account. We strongly encourage [enabling Advanced Data Protection](https://support.apple.com/en-us/108756) for all iCloud users in any case, as it protects not only device backups but most iCloud account data as well.
-
-The backup situation on Android is not nearly as robust unfortunately, but you can back up photos and files with a variety of services. If you use an online backup service we recommend choosing one which uses strong client-side encryption, so that the service provider is unable to access your data.
-
-- [Recommended Photo Backup Services](https://www.privacyguides.org/en/photo-management/)
-- [Recommended Cloud Drive Services](https://www.privacyguides.org/en/cloud/)
-- [Recommended File Sync Services](https://www.privacyguides.org/en/file-sharing/)
-
-## At The Protest
-
-### Keep Your Device Locked
-
-You should always use your camera to take pictures or videos while your phone is locked, in case your device is taken while filming. This is easier if you've [disabled biometrics](#disable-biometric-authentication), because Face ID or similar features might unlock your device automatically when you don't want that to happen.
-
-On an iPhone you can hold down the camera icon on the lock screen to open the camera without unlocking your device. You could also configure the Action Button to open the camera, or use the dedicated camera button on the latest iPhone model.
-
-On a Google Pixel and most other Android devices, double-tapping the power button will open the camera without needing to unlock your device.
-
-You should learn and/or set up device shortcuts to do things quickly, ideally while the device remains locked whenever possible, and ensure you're familiar with the shortcuts before the event.
-
-### Have a Backup Communications Network
-
-In the event of an internet blackout, it might be a good idea to have a backup network prepared, organized with other attendees. Messaging apps like [Briar](https://www.privacyguides.org/en/real-time-communication/#briar) can operate in a local mesh mode, connecting to other devices in the area with Bluetooth or local Wi-Fi connections instead of relying on centralized internet services. Another newer option is [Meshtastic](https://meshtastic.org/), which uses peer-to-peer/mesh radio that is much more reliable than using either Wi-Fi or Bluetooth, but requires purchasing dedicated hardware that you connect to your phone.
-
-You might also want to consider local radios like walkie-talkies, although keep in mind these devices are nearly always unencrypted and can be easily monitored by others, so you won't want to use them to transmit sensitive information.
-
-## After The Event
-
-### If Your Phone Was Taken
-
-If you lose your phone, you may be able to locate or wipe your phone remotely depending on the model. Here are some instructions for common devices you can try:
-
-- [Finding a lost Android device](https://support.google.com/android/answer/3265955?hl=en)
-- [Finding a lost iPhone](https://support.apple.com/en-us/104978)
-
-If you were logged in to any online services on your phone, you should try and get them signed out. On many social media websites for example, you can go to your account's settings to see what devices are signed in and revoke their access remotely.
-
-Please be aware of the **legal consequences** of these actions. Wiping your device or revoking online account access could lead to obstruction of justice or destruction of evidence charges in some jurisdictions. You should always speak with your licensed attorney before deciding how to proceed. If your phone was taken by law enforcement you may have legal recourse to get it back.
-
-### Be Mindful of Others
-
-If you post your photos online, be mindful of identifiable faces or other characteristics of your fellow protesters or bystanders. Law enforcement or vigilantes use these photos to track down other attendees and arrest or harass them.
-
-To prevent this, you can obscure the faces of anyone in the image. Most phones have [built-in photo editing tools](https://www.privacyguides.org/en/os/ios-overview/#redacting-elements-in-images) that allow you to draw on an image. Blurring can sometimes be reversed, so blocking it out entirely is generally preferable.
-
-Be careful of the editing tools you use, and don't select highlighters or other semi-transparent editing tools. Even if you scribble over an area of a photo multiple times with a dark/black "highlighter" tool until it *appears* black, that can often be reversed with photo editing software by adjusting the contrast of the image. Using a shape/rectangle tool to draw a black box over areas you wish to redact is much better than trying to manually cross out image elements with drawing tools.
-
-The Signal app also has built-in tools for photo editing and blurring. You can send a photo to yourself in the "Notes to Self" chat, then save the edited image from that chat for sharing. Signal also automatically removes photo metadata, so if you use it you're already covered with our next section:
-
-### Scrub Photo Metadata
-
-Photos have hidden information, or *metadata*, embedded in them which include the type of phone/camera you used, the photo's location, and other potentially sensitive data.
-
-You should use a [metadata removal tool](https://www.privacyguides.org/en/data-redaction/) to remove this data from images before you share them with others. If you send a photo to someone using Signal, that app removes this metadata automatically.
diff --git a/content/blog/posts/age-verification-wants-your-face.md b/content/blog/posts/age-verification-wants-your-face.md
deleted file mode 100644
index 843830bb1..000000000
--- a/content/blog/posts/age-verification-wants-your-face.md
+++ /dev/null
@@ -1,112 +0,0 @@
----
-date:
-    created: 2025-05-06T21:45:00Z
-categories:
-    - News
-authors:
-    - em
-description: Age verification laws forcing platforms to restrict access to content online have been multiplying in recent years. The problem is, implementing such measure necessarily requires identifying each user accessing this content, one way or another. This is bad news for your privacy.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp
----
-
-# Age Verification Wants Your Face, and Your Privacy
-
-![A stylized photo showing a person holding a printed photo of their face in front of their actual face.](../assets/images/age-verification-wants-your-face/ageverification-cover.webp)
-
-<small aria-hidden="true">Photo: Kyle Glenn / Unsplash</small>
-
-Age verification laws and propositions forcing platforms to restrict content accessed by children and teens have been multiplying in recent years. The problem is, implementing such measures necessarily requires identifying each user accessing this content, one way or another. This is bad news for your privacy.<!-- more -->
-
-For a few years now, several legislators in North America, Europe, and Australia have expressed concern about children and teens accessing certain types of content online. While there is no doubt some online content can be worrisome, implementing a technological solution for this is [extremely problematic](https://www.jonaharagon.com/posts/age-verification-is-incompatible-with-the-internet/).
-
-By mandating platforms to be legally responsible to verify a user's age, regulators effectively force them to identify each user requesting access to content deemed inappropriate under a certain age threshold.
-
-If these regulations continue to proliferate, this could lead to the end of pseudonymity online.
-
-## How can age be verified online
-
-Verifying age online is [difficult](https://www.woodhullfoundation.org/fact-checked/online-age-verification-is-not-the-same-as-flashing-your-id-at-a-liquor-store/). There isn't any magical solution to it, it's either recording how a user looks or scanning official documents.
-
-Conducting verification "on-device" offers only few additional protections considering this information still has to be checked and reported with an external service, somehow.
-
-Moreover, processes used to keep this data "on-device" are often opaque. Taking into account how valuable this information is, it becomes very difficult to trust any for-profit third-party services which such a sensitive task.
-
-Users' faces and official documents are two types of very sensitive information. Who becomes responsible to collect, process, store, and safeguard this data? With whom does this data get shared, and for which other purposes? And how accurate is this data anyway?
-
-### Facial scans
-
-Some platforms and third-party providers of the rapidly growing "[identity verification industry](https://www.businessresearchinsights.com/market-reports/digital-identity-verification-market-118180)" have started to use facial recognition and face scan systems in order to determine a user's age.
-
-The problem is, the systems are [horrible for everyone's privacy](https://www.liberties.eu/en/stories/facial-recognition-privacy-concerns/44518), extremely problematic to use due to [racist and gendered biases](https://www.aclu-mn.org/en/news/biased-technology-automated-discrimination-facial-recognition), [inaccurate](https://www.eff.org/deeplinks/2025/01/face-scans-estimate-our-age-creepy-af-and-harmful) to determine the correct age, and on top of all that, [can be cheated](https://www.theregister.com/2022/05/22/ai_in_brief/).
-
-### Official documents
-
-The second solution is to require users to provide an official piece of ID. Considering an official ID often contain a photo, full legal name, date of birth, home address, and government specific codes, this is even worse.
-
-All this sensitive data then gets collected by either the platform itself or a third-party provider with little oversight or incentive to protect this data at all. Leaks and breaches for this enormous data trove are just around the corner. Unfortunately, this isn't speculative, [data leaks have already occurred](https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/).
-
-The more copies of your official documents exist online, the greater the risk this data *will get exposed*, and the less value this document has to actually identify you when it's *truly* needed.
-
-And again, this sort of verification is easy to cheat. Any determined teenager will soon learn how to either create a fake ID, use someone else's ID, or go around this verification system in another way.
-
-Age verification laws will *without a doubt* support a flourishing criminal industry to provide fake or stolen IDs even more easily online.
-
-## Where age verification is (or will be) required
-
-In April this year, [Discord started to test age verification systems](https://www.theverge.com/news/650493/discord-age-verification-face-id-scan-experiment) using facial or ID scans, as a way to comply with [Australia](https://www.bbc.co.uk/news/articles/c89vjj0lxx9o)'s and [UK](https://www.theverge.com/2023/10/26/23922397/uk-online-safety-bill-law-passed-royal-assent-moderation-regulation)'s new laws.
-
-This measure only applies to access certain protected posts for users located in Australia and the United Kingdom and at this time, but don't be surprised if it soon gets implemented at the account level for users everywhere.
-
-In the [United States](https://action.freespeechcoalition.com/age-verification-resources/state-avs-laws/), many states have already passed some types of age verification laws, and several others have proposed such laws. In [Canada](https://www.eff.org/deeplinks/2024/09/canadas-leaders-must-reject-overbroad-age-verification-bill) and [Europe](https://digital-strategy.ec.europa.eu/en/funding/call-tenders-development-consultancy-and-support-age-verification-solution), legislators have also been pushing for similar regulations to block content online subject to age verification.
-
-There is no doubt the more countries pass similar prohibitive laws, the more other countries will soon follow.
-
-Some hope however, this month a US federal judge ruled an age verification [law in Arkansas unconstitutional](https://thehill.com/homenews/state-watch/5228836-judge-blocks-social-media-age-verification-law-in-arkansas/).
-
-## Who decides what is sensitive content
-
-When talking about age verification, most assume this only applies to obvious pornographic content. However, many of these laws have [much wider reach](https://www.eff.org/deeplinks/2025/01/impact-age-verification-measures-goes-beyond-porn-sites).
-
-For example, the Australian law prohibits access to social media altogether for anyone under the age of 16. This means that, once the law comes into full effect after its transitional period, anyone who uses social media in Australia will have to prove they are older than this age. It is likely that all Australian users will have to provide some form of identifying data to continue using their social media accounts. **This is a privacy nightmare.**
-
-When laws target specific content, definition of what is appropriate and what isn't is often too broad. Moreover, this definition is subject to change from one administration to another.
-
-There are also wide differences from one country to another. For example, some countries sadly consider simple discussions of gender identity or sexual orientation to be sensitive content. What is deemed inappropriate to children in one culture might not be the same in another.
-
-Automating this sort of censorship leads to a lot of misfiring. There has already been numerous instances of [breastfeeding photos mislabelled](https://www.cbc.ca/news/world/facebook-clarifies-breastfeeding-pics-ok-updates-rules-1.2997124) for nudity. Important educational material for sex education could get censored and inaccessible to children, who critically need access to it *before* adulthood.
-
-Who will decide which content should be censored and which shouldn't? Will countries hosting the big tech platforms end up having a greater decision power in the matter? Will platforms simply decide to apply the strongest level of restriction worldwide?
-
-## Age verification isn't effective
-
-Even if we could somehow find a global consensus that is perfectly ethical and never misfires on which content children shouldn't access, it will likely fail.
-
-Children, and teenagers especially, are and have always been incredibly effective at going around such limitation to feed their curious minds.
-
-First, there are technical tools such as VPNs and proxies of all sort to go around location-based restrictions. Then, there's the classic fake ID, and its modern evolution: deepfake face. There will also be without a doubt a growing market of pre-verified "adult" accounts up for sale online.
-
-Perhaps age verification measures will work for a couple of months, until products to evade it get the word out, then they'll become useless. Only leaving the ashes of your social media legal consenting adult pseudonymity in its path.
-
-## Why it's bad news for everyone's privacy
-
-Age verification will require all platforms and/or third-party identification service providers to collect an enormous trove of sensitive data on everyone.
-
-This goes against all principles of data minimization, generally a vital part of data protection regulations.
-
-Daily occurrences of data breach incidents have taught us we cannot trust these services to safeguard our data. Data breaches for this sensitive information are only a matter of time.
-
-The concentration of such valuable data will likely be monetized and resold either by the platforms themselves, by the for-profit third-party "age assurance" providers they use, or eventually by the criminals who stole it from them.
-
-This data trove will include face scans of children with their location (trying to pass as adults), and faces and official documents from every adult in the world using social media, if this kind of regulation gets implemented at large.
-
-**The privacy and safety implications of this are absolutely disastrous**.
-
-## Age verification is not the solution
-
-Sadly, age verification legislation will not help safeguard children from harmful content online, but it will effectively remove protection for anyone needing pseudonymity online to [stay safe](privacy-means-safety.md). Moreover, it will put everyone at a much greater risk of victimization by identify theft, impersonation, stalking, and worse.
-
-Despite the perhaps well-intended legislators, technological solutions aren't always adequate to solve every problem we have. Here again, education and content moderation are likely much better ways to deal with this sort of issues.
-
-In the meantime, don't be surprised if you cross a teenager on the street suddenly pointing their phone to scan *your* adult face, or a young relative looking in your wallet. They probably won't be looking for your money, but most likely for your adult ID.
diff --git a/content/blog/posts/bad-faith-arguments.md b/content/blog/posts/bad-faith-arguments.md
deleted file mode 100644
index c156f5286..000000000
--- a/content/blog/posts/bad-faith-arguments.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-date:
-    created: 2024-09-09T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - jonah
-tags:
-    - Privacy Guides
-license: BY-SA
----
-# Bad-Faith Arguments in the Privacy Community
-
-The Privacy Guides community is one of the best privacy-related communities on the internet, and I think we have generally done a good job at promoting a positive and respectful environment where people can learn and grow.
-
-Unfortunately, as a public forum we are not immune to the small minority of individuals who feel empowered to spread anger, hostility, and divisiveness by their anonymity and general lack of consequences on the internet.<!-- more -->
-
-From now on, we are going to be strict about requiring all posts in our communities to be made in good faith.
-
-We will consider the following questions when reviewing posts:
-
-1. Is the poster presenting their criticism as informed or factual, when it's actually a matter of personal opinion, or worse, misinformation or false?
-2. Has the poster failed to provide reasoning for their criticism, and demonstrated an unwillingness to learn or discuss the topic?
-3. Is the poster writing something as if it is true and informed, when they're actually just speculating?
-4. Is the poster simply spreading negativity instead of actually trying to improve something?
-5. Is the poster engaging in ad hominem attacks against us or our community?
-
-If these answer to any of these questions is yes, the post will be removed and the poster will be asked to revise their statement. We will suspend posters who repeatedly engage in bad faith arguments.
-
-For almost everyone here, you won't see any negative impacts of this new policy. It is simply designed to allow us to remove the small number of people who occasionally join to spread unproductive negativity in the privacy space, at the expense of legitimate projects making the world a better place. Hopefully you will notice improvements in discussion quality overall.
-
----
-
-To give an example, there are two specific behaviors we want to discourage with this new policy.
-
-1. The constant use of words like "shilling," "fanboys," etc. to describe people who have a difference in opinion to your own is not acceptable.
-
-    To "[shill](https://en.wikipedia.org/wiki/Shill)" something is to promote something you have an employer relationship or some other actual conflict of interest with. To accuse someone in our community of being a planted shill without any evidence, simply because they like something that you dislike, is both a serious accusation and a bad-faith argument.
-
-    Even the use of terms like these informally to describe people who like a certain product more than others is disrespectful, and sows uncertainty and distrust within our community, so it will no longer be tolerated.
-
-2. A very small portion of GrapheneOS community members continually attempt to derail any conversations mentioning GrapheneOS with irrelevant details and confrontational attitudes.
-
-    This is not a reflection on the GrapheneOS project itself, but unfortunately this has become a repeated situation with certain community members of this specific project more than anyone else, so we have to call it out.
-
-    Making unfounded accusations against Privacy Guides community members of harassment towards GrapheneOS simply because they presented their criticism of the project is not a good faith argument. Similarly, presenting unverified statements from the GrapheneOS community as factual has led to misinformation being spread in the past. It is critical to always differentiate between opinions/beliefs and factual information.
-
-    **Privacy Guides community spaces are not GrapheneOS discussion forums, and the drama from their community is not automatically on-topic in ours.** Please do not make new topics in our forum that simply link to drama posts from the GrapheneOS community. A good rule of thumb is that unless a post from GrapheneOS is specifically talking about GrapheneOS-specific, privacy-related functionality and not about other projects/software/etc., it is probably off-topic here.
diff --git a/content/blog/posts/biometrics-explained.md b/content/blog/posts/biometrics-explained.md
deleted file mode 100644
index 07774b490..000000000
--- a/content/blog/posts/biometrics-explained.md
+++ /dev/null
@@ -1,224 +0,0 @@
----
-date:
-    created: 2025-02-13T19:00:00Z
-categories:
-    - Explainers
-authors:
-    - fria
-tags:
-    - Biometrics
-license: BY-SA
-schema_type: BackgroundNewsArticle
-description: |
-  Biometrics are a convenient and secure way to authenticate our devices. Many of us use and trust the biometrics of our devices without much thought, but are they really secure? With so many options, which ones are the best?
-preview:
-  cover: blog/assets/images/biometrics-explained/biometrics.webp
----
-# Biometrics Explained
-
-![Glowing fingerprint on glass](../assets/images/biometrics-explained/biometrics.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Jair Lázaro / Unsplash</small>
-
-Biometrics are a convenient and secure way to authenticate our devices. Many of us use and trust the biometrics of our devices without much thought, but are they really secure? With so many [options](https://www.biometricsinstitute.org/what-is-biometrics/types-of-biometrics/), which ones are the best?<!-- more -->
-
-## Fingerprint sensors
-
-One of the most recognizable types of biometric authentication has to be the fingerprint reader. The idea is that everyone has a fairly unique fingerprint, so we should be able to distinguish between your fingerprint and someone else's reliably.
-
-There are three main types of fingerprint: loops, whorls, and arches. Fingerprint sensors categorize your finger into these groups before using other details to uniquely identify your fingerprint. You might think that you could count the number of arches/whorls/loops, but there can be many people with the same configuration and number of these. Also fingerprint sensors won't be able to see your entire fingerprint most of the time, they are designed to work at weird angles and with a partial scan, so it's not viable to use the whole fingerprint for authentication.
-
-![Examples of loop, whorl, and arch fingerprints](../assets/images/biometrics-explained/types-of-fingerprint.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://engines.egr.uh.edu/episode/2529">University of Houston</a></small>
-
-[Finger minutiae](https://sites.rutgers.edu/fingerprinting/no-two-finger-prints-are-alike/) data is used to identify a fingerprint as unique. This data consists of the points on your fingerprint where lines split, abruptly end, individual dots, etc. Two people can have the same number of arches, loops, and whorls, but they won't have the exact same configurations of minutiae. (1)
-{ .annotate }
-
-1. It's theorized that the reason humans have fingerprints in the first place is to [enhance our sense of touch](https://www.science.org/doi/10.1126/science.1166467).
-
-![Example of finger minutiae including forks (where one line splits into multiple lines), ends (where a line ends), islands (isolated dots), and inclosures (lines that split into two and then reconnect)](../assets/images/biometrics-explained/finger-minutiae.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://sites.rutgers.edu/fingerprinting/no-two-finger-prints-are-alike/">Rutgers University</a></small>
-
-Using these details for identification gives several advantages over trying to read the whole fingerprint. It allows the device to use less processing power, as well as providing some flexibility in case your finger is smudged or at a strange angle. The sensor doesn't even need to see your whole fingerprint. You might notice some fingerprint readers are very thin and might be located in a convenient place like a power button; finger minutiae is what allows them to still operate securely.
-
-There are [three](https://www.androidauthority.com/how-fingerprint-scanners-work-670934/) main ways we accomplish this in consumer devices: optical sensors, capacitive sensors, and ultrasonic sensors.
-
-### Optical
-
-An optical sensor works by taking a picture of your fingerprint and turning it into data. They are the cheapest and least secure option. Since optical sensors capture two-dimensional images, an attacker may gain access by simply taking a picture of your fingerprint.
-
-![Diagram showing a closeup of how an optical fingerprint sensor works by reflecting light off the skin](../assets/images/biometrics-explained/optical-diagram.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://clockit.io/fingerprint-scanner/">clockit.io</a></small>
-
-Many devices implement one of these sensors under the display.
-
-Optical sensors can struggle in the presence of bright sunlight, which is an issue on a mobile device that you take around with you and use wherever you are.
-
-### Capacitive
-
-Capacitive sensors measure the electrical conductivity of your finger. These are much more secure than optical sensors since they can't be fooled with an image. They're also tough to fool with prosthetics as different materials will have different electrical properties.
-
-![Diagram showing a closeup of how a capacitive fingerprint sensor works by detecting the electrical difference in the ridges and valleys of a finger](../assets/images/biometrics-explained/capacitve-diagram.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://www.bayometric.com/capacitive-vs-optical/">Bayometric</a></small>
-
-Capacitive sensors won't work if the [tissue is dead](https://www.livescience.com/62393-dead-fingerprint-unlock-phone.html), since dead tissue loses all electrical charge. So morbid worries about someone using your dead body to unlock your phone can be assuaged.
-
-Conveniently they also don't require a light source under them to work, although they will struggle in the presence of moisture.
-
-### Ultrasonic
-
-Ultrasonic fingerprint sensors use sound to create a detailed 3D representation of your fingerprint using ultrasound waves (sound waves with a frequency greater than 20khz). It's a similar concept to what's used to map the ocean floor: sound is emitted from transducers and bounces off your skin. By measuring the time it takes for the sound to reach the microphones, your phone can create a detailed map of the ridges and valleys in your finger.
-
-![Diagram showing the transducers emitting ultrasound waves and reflecting off the finger tissue bouncing back and then being picked up by microphones](../assets/images/biometrics-explained/ultrasonic-diagram.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://www.researchgate.net/publication/285770473_Piezoelectric_Micromachined_Ultrasonic_Transducers_for_Fingerprint_Sensing">Yipeng Lu</a></small>
-
-This is the most expensive type of sensor, but it produces the most accurate readings with the highest reliability. It doesn't matter if your finger is a bit dirty or wet, it will still work unlike optical or capacitive sensors.
-
-Ultrasonic sensors can't be fooled by 2D images.
-
-One downside is that you lose the protection against dead tissue that capacitive sensors offer, but this is not relevant for most people.
-
-### Additional considerations
-
-Fingerprint unlock will inherently be vulnerable to someone forcing you to put your finger on the sensor to unlock your device, so keep this in mind when threat modeling.
-
-They also won't work with gloves and sometimes screen protectors can interfere, so make sure that the sensor is uncovered and making direct contact with your actual finger, or otherwise using an OEM-approved covering.
-
-Fingerprint authentication will protect you against someone filming you surreptitiously while typing in your password or shoulder surfing. This is an especially relevant attack if your threat model includes thieves as a common attack is watching you type your passcode in and then stealing your phone.
-
-## Face unlock
-
-Many devices come with the capability to unlock them using your face. The [implementations](https://www.androidauthority.com/face-unlock-smartphones-3043993/) of this technology can vary wildly between manufacturers since a secure implementation requires a lot of special hardware, so many OEMs choose to cheap out. All forms of face unlock are more likely to allow a twin or sibling into your device since their face is more similar to yours than a random person off the street, so keep that in mind in your threat model.
-
-### 2D camera-based
-
-Every phone already has a camera, so why not use it for face unlock?
-
-If you're relying on a plain 2D image, then there's always the possibility that it could be fooled by a [regular photo](https://www.theregister.com/2023/05/19/2d_photograph_facial_recog/). Someone getting in to your phone because they have a picture of your face is a security nightmare scenario and the only thing stopping it is the whims of whatever algorithm was programmed into your phone.
-
-This form of face unlock is also less likely to work in low-light conditions than infrared variants.
-
-### 2D infrared-based
-
-The next step up in security is an infrared sensor. This requires dedicated hardware to be built into the device, which eats up space and adds cost. But what you get in return is a form of face unlock that's more reliable in low-light conditions and more resistant to photographs.
-
-### 3D mapping
-
-The potential of this technology truly shines when 2D face unlock is combined with an infrared flood illuminator. These are able to shine thousands of invisible infrared dots on your face and record the distance of each one, creating a 3D map of your face. As you can probably imagine, this tech takes up quite a bit of space and adds yet more cost to the device, as well as likely being the main reason for the "notch" on iPhones. This drawback is well worth it though. According to [Apple](https://support.apple.com/en-us/102381):
-
->The probability that a random person in the population could look at your iPhone or iPad Pro and unlock it using Face ID is less than 1 in 1,000,000 with a single enrolled appearance whether or not you're wearing a mask.
-
-They put the odds for Touch ID around [1 in 50,000](https://support.apple.com/en-us/105095) for comparison.
-
-3D face unlock is immune to 2D images and requires a 3D reconstruction of a face before it has a chance of being fooled.
-
-### Additional considerations
-
-You'll likely want an implementation with some protection against another person pointing your phone at your face to unlock it. iOS allows you to enable a setting where you need to be looking at the phone before it will unlock (called "Require Attention for Face ID"), look for a similar feature when shopping for a device.
-
-Some devices allow for unlocking with a facemask. This is less secure than without a facemask, so keep that in mind when enabling this setting.
-
-## Iris sensors
-
-A spy movie classic but newcomer in the consumer electronics field, iris sensors offer authentication via the unique properties of your eyes. The Apple Vision Pro is the most notable example with its [Optic ID](https://support.apple.com/en-us/118483).
-
-It uses near-infrared light to reveal highly unique patterns independent of the pigmentation of your eyes. Apple estimates the likelihood of a random person being able to unlock your Optic ID at less than 1 in 1,000,000, similar to Face ID.
-
-The extremely short distance this technology operates at makes it very difficult for someone to unlock your device without you noticing, and you can simply close your eyes to prevent someone from forcing you to unlock it.
-
-## Algorithm
-
-Because biometric systems need to translate the physical properties of your body to data, they rely on an algorithm to determine if their reading matches closely enough.
-
-[Android](https://source.android.com/docs/security/features/biometric) has guidelines on how OEMs should implement biometrics and how they can [test](https://source.android.com/docs/security/features/biometric/measure) them for security. If you're performing your own security research, you should look here for guidance on testing methodology.
-
-There is also independent research into the security of biometric systems. This combination of external and internal rigor helps ensure the security of these systems, although more well known brands like Apple and Google will receive more scrutiny than lesser-known ones.
-
-## Typing biometrics
-
-Companies like [TypingDNA](https://www.typingdna.com) claim to be able to identify users by how they type.
-
-The stated use case is 2FA and continuous authentication for employee devices. Likely you'll only encounter this technology on work devices, especially since this type of biometrics will be affected by the type of keyboard you're using. It only really makes sense to authenticate on a specific device that you'll be using continuously and typing on a lot, such as a work laptop.
-
-It could also be used on websites to uniquely identify you, so type in a text editor program then copy/paste into the browser window to avoid this specific type of fingerprinting.
-
-## Gait biometrics
-
-Possibly the most insidious of the biometric systems in widespread use is gait recognition. Yes, you can be uniquely identified just by how you walk.
-
-### Camera
-
-This technology can work using only 2D footage and doesn't even require close proximity or high resolution sensors like other forms of biometrics. Combined with the huge network of cameras deployed in most cities, you can potentially be identified and tracked around even with a fully covered face.
-
-This type of biometric can work without your consent and when other identifiable features such as face and fingerprints are hidden. It's also very difficult to impersonate someone else's gait.
-
-There are two approaches for extracting biometric data from video.
-
-#### Model-based
-
-This approach attempts to model the human body in order to track the different parts of it. A well-known example of this approach is the Microsoft Kinect, which only consists of a fairly low-resolution camera. It simplifies the human body into a stick figure, which you can see in footage of the [Kinect](https://www.youtube.com/watch?v=33AsuE-WP64) in action. It then uses the distances and joint angles of the model for gait recognition.
-
-![Diagram showing the Kinect's model of the human body, a 2D skeleton made up of various parts](../assets/images/biometrics-explained/kinect-skeleton.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://www.researchgate.net/publication/334049964_Markerless_Human_Motion_Tracking_Using_Microsoft_Kinect_SDK_and_Inverse_Kinematics">Alireza Bilesan, Saeed Behzadipour, Teppei Tsujita, Shunsuke Komizunai, and Atsushi Konno</a></small>
-
-#### Model-free
-
-Model-free approaches don't try to model the human body but instead use the whole motion of human silhouettes. This gives a few advantages: it works regardless of camera quality, and it takes significantly fewer resources.
-
-![Diagram showing the process of turning raw camera input into a silhouette useful for gait recognition](../assets/images/biometrics-explained/model-free-gait.webp)
-
-<small aria-hidden="true">Image Credit: <a href="https://doi.org/10.1007/s11227-023-05156-9">Yousef, R.N., Khalil, A.T., Samra, A.S. et al.</a></small>
-
-### Accelerometer
-
-Accelerometers such as those found in your smartphone can also be used for gait recognition. These need to be worn on a person's body, so they can't be used from long distance like camera-based approaches.
-
-Accelerometers work by measuring the accelerations in 3D space in X, Y, and Z coordinates. They tend to also utilize gyroscopes, which measure the orientation of a device.
-
-### Floor sensor
-
-It's possible to identify individuals using [sensors](https://www.amti.biz/product/bms464508/) in the floor that measure the pressure of your steps as you take them. There are already companies offering software/hardware [installations](https://www.scanalyticsinc.com/how-it-works) for tracking customers within a store using this technology.
-
->Scanalytics floor sensors capture up to 100% of foot traffic through your buildings and spaces. Capturing individual footsteps and the paths they form, we are able to monitor and analyze complete space movements and usage.
-
-Floor sensors are especially concerning since they're completely invisible to you.
-
-### Radar
-
-Radar works by transmitting a signal and measuring how long it takes for that signal to return, allowing you to measure how far an object is from you. In addition, if an object is moving relative to the sensor, the reflected waves will be a different frequency than when they were transmitted due to the [Doppler effect](https://www.noaa.gov/jetstream/doppler/how-radar-works). This can be used to determine the speed of an object and whether it's moving toward or away from you.
-
-Using a continuous wave (CW) radar that's constantly emitting a signal, it's possible to measure the movements of all the different parts of your body during your gait to identify you uniquely. This is called a [micro-Doppler](https://books.google.com/books?hl=en&lr=&id=SVCQDwAAQBAJ&oi=fnd&pg=PA1&ots=cqJxAh_rPv&sig=bBz1w4h-C4nDrzNwiRvZUexKbnc#v=onepage&q&f=false) signature. These sensors can even be sensitive enough that they can pick up breathing and heartbeats of humans trapped in rubble during rescue operations.
-
-[GaitMetrics](https://gaitmetrics.com/applications/) is a company claiming to offer mmWave gait recognition technology.
-
->It is also possible to identify the intruder’s unique radio gait IDs and capture them in a database. Any intruder with an unknown radio gait ID detected within the premises will trigger an alarm, and the intruder’s location will be tracked down.
-
-They claim it can uniquely identify individuals as well as penetrate walls, a worrying combination.
-
-## What makes biometrics private?
-
-### Local Storage
-
-As with most things, keeping everything on your device is the key to private biometrics. A secure and private biometric authentication system should store any biometric data fully on-device and further, shouldn't make it accessible at all, even to the user. Biometric data is so incredibly sensitive and uniquely identifying that it needs to be treated with the utmost care. For example, apps on your phone don't have direct access to your fingerprint or face data, they must use an [API](https://developer.apple.com/documentation/localauthentication) to use biometric authentication.
-
-On the other end of the spectrum we have companies like [IDEMIA](https://www.idemia.com) which boast about their [Augmented Vision](https://www.idemia.com/wp-content/uploads/2021/01/augmented-vision-platform-idemia-brochure-202102.pdf), designed to take video data from the myriad surveillance cameras littering every US city and track you around everywhere you go. It combines facial recognition, object recognition, plate reading, and much more to create an Orwellian surveillance apparatus that stores all your data in some server somewhere, fully accessible to their customers (or any hackers that want a treasure trove of surveillance data). They also have a product called [Mobile Biometric Check](https://www.idemia.com/wp-content/uploads/2021/02/mobile-biometric-check-idemia-brochure-202007.pdf) that allows cops to use their phone camera to take a picture of your fingerprints and compare them to a database. This is the exact opposite of responsible biometrics.
-
-### Secure Element
-
-All forms of biometric authentication rely on proper hardware such as a secure element in order to be secure. The secure element provides a secure and tamper-resistant place to store your biometric data separate from the rest of the system, so it can't be easily extracted. Examples include Apple's [Secure Enclave](https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web) and Google's [Titan M](https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html) series of chips. You should avoid devices that lack a secure element; they won't be able to properly implement secure biometrics without one.
-
-### Final thoughts
-
-Like all technology, biometrics aren't inherently good or bad. They're used to secure our devices and make authentication smooth and easy, but they're also used for [mass surveillance](https://therecord.media/europe-gait-recognition-study-pilot-program). Especially now with the rise of AI, we've started to leave the realm of scientifically rigorous usages and into the realm of digital snake oil, with companies like Cursor Insight launching their [MotionScore](https://www.motionscore.ai) product.
-
->Our patent-pending AI technology identifies hidden patterns in signatures and online or mobile user interactions. These patterns can reflect behaviors and personal characteristics relevant to creditworthiness and reliability.
-
-It should go without saying that making decisions about whom to give a loan to based on... how they sign their name or some other mystery movement data is ludicrous, laughable if it wasn't affecting real people's lives. Now more than ever we need to be educated about the biometric technology that we use and that's used against us. The [EFF](https://sls.eff.org/technologies/biometric-surveillance) is a great resource that documents and fights against abuses of biometric technology.
-
-Many of the same technologies used for mass surveillance are also used for [helpful](https://www.amti.biz/2024/08/28/amti-technology-featured-in-triple-crown-power-5-fastpitch-tournament/) purposes. It's up to us to ensure responsible use of technology going forward.
diff --git a/content/blog/posts/chat-control-must-be-stopped.md b/content/blog/posts/chat-control-must-be-stopped.md
deleted file mode 100644
index 12f619363..000000000
--- a/content/blog/posts/chat-control-must-be-stopped.md
+++ /dev/null
@@ -1,313 +0,0 @@
----
-date:
-    created: 2025-09-08T18:00:00Z
-    updated: 2025-09-15T16:30:00Z
-categories:
-    - News
-authors:
-    - em
-description:
-    Chat Control is back to undermine everyone's privacy. There's an important deadline on October 14th, 2025. We must act now to stop it!
-schema_type: ReportageNewsArticle
-preview:
-  cover: blog/assets/images/chat-control-must-be-stopped/chatcontrol-cover.webp
----
-
-# Chat Control Must Be Stopped, Act Now!
-
-![Filtered photo of a protest with a protestor holding a sign in first plan. The background is a red monochrome and the sign is in turquoise. The sign says "You won't make me live this 1984 sh*t".](../assets/images/chat-control-must-be-stopped/chatcontrol-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Ramaz Bluashvili / Pexels</small>
-
-If you've heard of [Chat Control](the-future-of-privacy.md) already, bad news: **it's back**. If you haven't, this is a pressing issue you should urgently learn more about if you value privacy, democracy, and human rights. This is happening **right now**, and **we must act to stop it right now**.<!-- more -->
-
-Take a minute to visualize this: Every morning you wake up with a police officer entering your home to inspect it, and staying with you all day long.
-
-The agent checks your bathroom, your medicine cabinet, your bedroom, your closets, your drawers, your fridge, and takes photos and notes to document everything. Then, this report is uploaded to the police's cloud. It's "[for a good cause](encryption-is-not-a-crime.md)" you know, it's to make sure you aren't hiding any child sexual abuse material under your bed.
-
-Every morning. Even if you're naked in bed. Even while you're having a call with your doctor or your lover. Even when you're on a date. Even while you're working and discussing your client's confidential information with their attorney. This police officer is there, listening to you and reporting on everything you do.
-
-This is the in-person equivalent of Chat Control, a piece of legislation that would mandate **all** services to scan **all** private digital communications of **everyone** residing in the European Union.
-
-This is an Orwellian nightmare.
-
-## Act now!
-
-This is happening **right now**. European governments will be finalizing their positions on the regulation proposal on September 12th, and there will be a final vote on **October 14th, 2025**.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Important: If you are reading this article after September 12th</p>
-
-Regardless of the outcome on September 12th, the fight isn't over. The next deadline will be the **final vote on October 14th, 2025**.
-
-If you've missed September 12th, make sure to contact your representatives **right now** to tell them to **oppose Chat Control** on October 14th.
-
-</div>
-
-- ==If you are not located in Europe==: Keep reading, this will affect you too.
-
-- If you are still unconvinced: Keep reading, we discuss Chat Control in [more details](#why-is-this-bad) below.
-
-- If you are located in Europe: You must **act now** to stop it.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">How to stop this? Contact your MEPs today</p>
-
-Use this [**website**](https://fightchatcontrol.eu/) to easily contact your government representatives, and tell them they should **oppose Chat Control**. Even if your country already opposes Chat Control, contact your representatives to tell them you are relieved they oppose, and support them in this decision to protect human rights. This will help reinforce their position.
-
-But if your country *supports* Chat Control, or is *undecided*, **it is vital that you contact your representatives as soon as possible**. To support your point, you can share this article with them or one of the many great [resources](#resources-to-learn-more-and-fight-for-human-rights) listed at the end.
-
-At the time of this writing, the list of countries to contact is:
-
-| **Supporting (15)**                |                                     | **Undecided (6)**    |
-| ---------------------------------- | ----------------------------------- | -------------------- |
-| :triangular_flag_on_post: Bulgaria | :triangular_flag_on_post: Latvia    | :warning: Estonia    |
-| :triangular_flag_on_post: Croatia  | :triangular_flag_on_post: Lithuania | :warning: Germany    |
-| :triangular_flag_on_post: Cyprus   | :triangular_flag_on_post: Malta     | :warning: Greece     |
-| :triangular_flag_on_post: Denmark  | :triangular_flag_on_post: Portugal  | :warning: Luxembourg |
-| :triangular_flag_on_post: France   | :triangular_flag_on_post: Slovakia  | :warning: Romania    |
-| :triangular_flag_on_post: Hungary  | :triangular_flag_on_post: Spain     | :warning: Slovenia   |
-| :triangular_flag_on_post: Ireland  | :triangular_flag_on_post: Sweden    |                      |
-| :triangular_flag_on_post: Italy    |                                     |                      |
-
-</div>
-
-![A map of countries part of the European Union. Countries opposing Chat Control are represented in green, countries undecided in blue, and countries in favor are in red. Below there is text saying "Act now! www.chatcontrol.eu".](../assets/images/chat-control-must-be-stopped/chatcontrol-map-chatcontroleu-20250903.webp)
-<small aria-hidden="true">Image: Patrick Breyer / [chatcontrol.eu](https://www.chatcontrol.eu)</small>
-
-## What is Chat Control?
-
-"Chat Control" refers to a series of legislative proposals that would make it mandatory for *all* service providers (text messaging, email, social media, cloud storage, hosting services, etc.) to scan *all* communications and *all* files (including end-to-end encrypted ones), in order to supposedly detect whatever the government deems "abusive material."
-
-The push for Chat Control started in 2021 with the approval of a [derogation](https://www.patrick-breyer.de/en/chatcontrol-european-parliament-approves-mass-surveillance-of-private-communications/) to the ePrivacy Directive by the European Parliament. This derogation escalated to a second proposal for *mandatory* scanning a year later, which was [rejected](https://fortune.com/europe/2023/10/26/eu-chat-control-csam-encryption-privacy-european-commission-parliament-johansson-breyer-zarzalejos-ernst/) in 2023. Nevertheless, lawmakers and lobbyists determined to undermine our safety and civil liberties are bringing it back again two years later, **literally trying to wear you down**.
-
-We cannot let authoritarians wear us down until we lose all our privacy rights. Our privacy rights are fundamental to so many other human rights, to civil liberties, to public safety, and to functioning democracies.
-
-Chat Control undermines all of this.
-
-Cryptography professor and cybersecurity expert Matthew Green described the 2022 proposal document for Chat Control as "[**the most terrifying thing I've ever seen**](https://fortune.com/2022/05/12/europe-phone-surveillance-crackdown-child-sexual-abuse-material-sparks-outrage-among-cybersecurity-experts-privacy-activists/)".
-
-And terrifying, it is.
-
-The [most recent proposal for Chat Control](https://tuta.com/blog/chat-control-criticism) comes from the EU Council Danish presidency pushing for regulation misleadingly called the **Child Sexual Abuse Regulation** (CSAR). Despite its seemingly caring name, this regulation will **not** help fight child abuse, and will even likely worsen it, impacting negatively what is already being done to fight child abuse (more on this in the [next section](#would-this-protect-the-children)).
-
-The CSAR proposal (which *is* the latest iteration of Chat Control) could be implemented as early as *next month*, if we do not stop it.
-
-**The problem is this: Chat Control will not work, it is unreliable, it will escalate in scope, and it will endanger everyone (including the children).**
-
-Even if you are not in Europe, know that Chat Control will affect everyone inside *and* outside of Europe one way or another. Regardless of where you are, you should be concerned and pay attention, and there are things you can do to fight back. This is important.
-
-![Still image from a video showing an illustration of three cellphones being scanned by a red light, with lines leading to a law enforcement icon.](../assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-video.webp)
-<small aria-hidden="true">Still image from [video](https://stopscanningme.eu/video/csar-explainer.mp4): Stop Scanning Me / EDRi</small>
-
-## Why is this bad?
-
-The idea that it's possible to somehow [magically protect](encryption-is-not-a-crime.md/#magical-backdoor-only-for-the-good-guys-is-a-complete-fantasy) information properly while giving access to unquestionably well-intended law enforcement comes from either extreme naivety, lack of information, and plain dishonesty.
-
-This proposal would effectively break any end-to-end encryption protections, and potentially expose all your files and communications to not only law enforcement, but eventually also to criminals of all sorts (with the data breaches, data leaks, and corruption that will inevitably follow).
-
-Here's a summary of some dangers this regulation would create if approved:
-
-- **Breaking end-to-end encryption**: Removing crucial protections for all sensitive files and communications of vulnerable populations, victims, whistleblowers, journalists, activists, and everyone else.
-
-- **Mission creep**: Once this mass surveillance system is in place, authorities can decide to add more criteria such as searching all communications for references to drug use, protest attendances, political dissidence, or even [negative comments](https://www.lemonde.fr/en/international/article/2025/03/22/how-a-french-researcher-being-refused-entry-to-the-us-turned-into-a-diplomatic-mess_6739415_4.html) about a leader. Europol (the EU law enforcement agency) has already called for [expanding the program](https://www.youtube.com/watch?v=L933xDcSS3o&t=2016s).
-
-![A cartoon illustration explaining that chat control is planning to monitor all chats, emails, and messenger conversations, and use artificial intelligence to automatically report flagged content to the police.](../assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-1.webp)
-<small aria-hidden="true">Image: Lorna Schütte / [chatcontrol.eu](https://www.chatcontrol.eu)</small>
-
-- **Criminal attacks**: Each time a backdoor exists, it doesn't take long for criminals to find access and steal our information. This could include criminals finding access to each service independently or to the entire database authorities would keep. A database that would be filled with material tagged as sexually explicit text or photos of children. This could even *create* new Child Sexual Abuse Material (CSAM) for criminals. For example, consenting teenagers innocently sexting together could have their photos collected in this database, after being wrongly flagged by the automated system. Then, criminals could steal their intimate photos from the governments.
-
-- **False positives**: With a mass surveillance system this large, moreover a system with no transparency and little oversight, false positives are inevitable. Despite marketing promises from the [organizations lobbying government officials](https://www.patrick-breyer.de/en/chat-control-eu-ombudsman-criticises-revolving-door-between-europol-and-chat-control-tech-lobbyist-thorn/), we all know AI technologies regularly misfire and cannot be reliable for anything of such importance. Loving parents could get flagged as pedophiles just for innocently uploading a photo of their child in the bathtub on their *private* cloud. Teenagers exploring their sexuality consensually with each other could get tagged as sexual predators (a label that might stick on them decades later). The police could receive reports for breastfeeding mothers. The list is infinite.
-
-![A cartoon illustration summarizing why chat control is dangerous.](../assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-3.webp)
-<small aria-hidden="true">Image: Lorna Schütte / [chatcontrol.eu](https://www.chatcontrol.eu)</small>
-
-- **Overwhelming resources**: The inevitable false positives will completely overwhelm the agencies responsible for investigating flagged material. This will cost them precious time they will not have to investigate *actual* abuse cases. Organizations fighting child sexual abuse are already overwhelmed and lack resources to prosecute real criminals.
-
-- **Hurting victims**: Such system of mass surveillance could prevent victims of child sexual abuse (and other crimes) to reach out for help. Knowing that all their communications would be scanned, they would lose all confidentiality while reporting crimes. The evidences they share could even be tagged by Chat Control, as if they were the perpetrator rather than the victim. Sadly, many will likely decide it's safer not to report at all.
-
-- **Self-censorship**: With Chat Control in place, not only victims might censor themselves and stop reaching out for help, but everyone else as well. When people know they are being observed, they feel less free to be themselves and to share openly. This is doubly true for anyone who is part of a marginalized group, such as [LGBTQ+ people](importance-of-privacy-for-the-queer-community.md), or anyone who is being victimized or at risk of victimization.
-
-![A cartoon illustration explaining how chat control does not protect the victims and might silence them due to loss of confidentiality.](../assets/images/chat-control-must-be-stopped/chatcontrol-LornaSchutte-chatcontroleu-2.webp)
-<small aria-hidden="true">Image: Lorna Schütte / [chatcontrol.eu](https://www.chatcontrol.eu)</small>
-
-- **Undermining democracy**: This surveillance system would allow governments to spy on opposition. Chat logs from opposing candidates, activists, and journalists could all be accessed by authorities in order to silence opponents or blackmail candidates. Even if you trust your government to not do this now, this doesn't mean it could not be used in this way by the next government. We have all seen how fast the political landscape can change.
-
-- **Violating the GDPR (and other laws)**: The General Data Protection Regulation (GDPR) offers wonderful protections to Europeans. Sadly, Chat Control would make a complete farce of it. The Right to Erasure (right to delete) could be reduced to ashes by Chat Control, including for any highly sensitive information wrongly caught in the CSAR net. Moreover, it would [violate Article 7 and Article 8](https://tuta.com/blog/chat-control-criticism) of the EU Charter of Fundamental Rights.
-
-Protecting the children is only the excuse used in hope of convincing a misinformed public. **Chat Control is authoritarian mass surveillance.**
-
-Authorities understand well how important protecting communication and information is. This is why they included an exemption to protect *their own* communications, but not yours.
-
-## Would this protect the children?
-
-No.
-
-This cannot be stressed enough: **This regulation would not protect the children, it would *harm* the children**, and everyone else too, worldwide. Claiming otherwise is either naivety, or misinformation.
-
-Last year, the civil and human rights association European Digital Rights (EDRi) put together a [joint statement from 48 organizations](https://edri.org/our-work/joint-statement-on-the-future-of-the-csa-regulation/) for children's protection, digital rights, and human rights, demanding that the European Parliament invest instead in proven strategies to fight child abuse. This appeal to reason does not seem to have been heard by most EU Member States.
-
-There are many things we can do as a society to increase protections for children and fight abusers and criminals, but Chat Control is far from it all. Protection of the children is clearly only an excuse here, and a very misleading one.
-
-![A popular No Yes meme, with the face replaced with the European Commission logo. In the No-part is: "Invest in: social workers, help for victims, support hotlines, prevention, education, targeted police work, IT-security", and in the Yes-part below is: "Buy Chat Control filter technology that doesn't solve the problem".](../assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-4.webp)
-<small aria-hidden="true">[Image](https://stopscanningme.eu/en/organise-now.html): Stop Scanning Me / EDRi</small>
-
-### Mislabelling children as criminals
-
-First, this automated system is flawed in many ways, and the false-positive rate would likely be high. But let's imagine that, magically, the system could flag CSAM at an accuracy rate of 99%. This still means 1% of reports would be false. Expanded to the size of European Union's population of approximately 450 million people, exchanging likely billions of messages and files every day, this still means millions could be falsely tagged as sexual predators, with all the [consequences](https://www.republik.ch/2022/12/08/die-dunklen-schatten-der-chatkontrolle) this implies.
-
-Worse, the Swiss federal police reported that currently about 80% of all automated reports received were [false-positives](https://www.patrick-breyer.de/en/posts/chat-control/#WhatYouCanDo). This means in reality, the error rate is likely far higher than 1%, and actually closer to an **80% error rate**. Of the approximate 20% of positive reports, in Germany, over 40% of investigations initiated [targeted children](https://www.polizei-beratung.de/aktuelles/detailansicht/straftat-verbreitung-kinderpornografie-pks-2022/) themselves.
-
-Sometimes, flagged content is simply teenagers innocently sexting each other consensually. Not only would they be wrongly tagged as criminals under Chat Control, but they'd be triggering an investigation that would expose their intimate photos to some faceless officers or tech employees working on the system.
-
-Even in a magical world where Chat Control AI is 99% accurate, it would still wrongly tag and **expose sensitive data from millions of children**. In reality, no AI system is even remotely close to this accuracy level, and proprietary algorithms are usually opaque black boxes impossible to audit transparently. The number of children Chat Control would harm, and likely traumatize for life, would be disastrous.
-
-### Exposing children's sensitive and sexual information
-
-Any content that could be deemed suspicious or explicit by the system, accurately or not, would be flagged and reported.
-
-When this content is reported, it will likely be uploaded to a database for human review. This means that if a teenager was sending an intimate photo of themselves to another consenting teenager, they could be flagged as sharing CSAM, even if it's their own photo. Then, their photo would be sent to the police for review. Information that should very much have stayed protected and private between these two teenagers is now exposed to strangers. This is wrong, and dangerous.
-
-Even innocuous communications such as daily conversations, teenagers chatting with each other, parents reporting information about their child to a [doctor](https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html), and therapists talking with their patients, could all inadvertently expose children sensitive information. This is information that should have remained *private*, and would now be uploaded to a police database, likely [stored there forever](https://www.iccl.ie/news/an-garda-siochana-unlawfully-retains-files-on-innocent-people-who-it-has-already-cleared-of-producing-or-sharing-of-child-sex-abuse-material/) with few recourses to remove it.
-
-The more we collect sensitive information about children (photos, faces, locations, identifications, medical information, private chats, experiences, etc.), the more we risk exposing children to harm. This includes systems used by authorities and governments. Even if everyone with legitimate access to this data is miraculously 100% exemplary and incorruptible citizens, the databases and scanning systems will still be vulnerable to attacks from criminals and hostile governments alike.
-
-The only way to protect children's information properly is to **1) not collect it**, and **2) use end-to-end encryption to protect it** when we cannot avoid collecting it. Spying on everyone and every child is the opposite of that.
-
-### Authorities' databases will be attacked
-
-It's impossible to perfectly secure information online. There is a lot we can do to improve security (much more than is done now), but data breaches will happen.
-
-If governments mandate a backdoor to have access to all our online communication and stored files, it's inevitable that at least some criminals will eventually get access to it as well. This is even truer if this system is closed-source, [privatized](https://fortune.com/europe/2023/09/26/thorn-ashton-kutcher-ylva-johansson-csam-csa-regulation-european-commission-encryption-privacy-surveillance/), and isn't subjected to frequent independent audits with strong accountability.
-
-Once a vulnerability is found by criminals, they will have the same access as authorities have to our data. With Chat Control, this means pretty much all our data.
-
-In addition, Chat Control could facilitate the proliferation of even more spyware and [stalkerware](https://stopstalkerware.org/) on the market, thriving on the vulnerabilities found in the powerful system. This would allow *anyone* to purchase access to spy on *anyone*, including databases of identified children. It could give a direct backdoor-access to pedophiles. How could *this* be helping to protect the children?
-
-### The danger is inside
-
-Even if the idea of online strangers accessing children's sensitive data is terrifying, the worse danger in often much closer.
-
-Sadly, we already know that the [vast majority](https://content.c3p.ca/pdfs/C3P_SurvivorsSurveyFullReport2017.pdf) of child sexual abuse is perpetrated by adults close to the child, not strangers, and that two-thirds of CSAM images appear to have been [produced at home](https://theconversation.com/new-research-shows-parents-are-major-producers-of-child-sexual-abuse-material-153722). Chat Control would do nothing to fight this. In fact, it could facilitate it.
-
-Child abuse is an incredibly important topic to discuss and to fight against as a society. Utilizing this issue as an excuse to pass a surveillance law that would endanger everyone, including the victims, is despicable.
-
-When children are living with the abuser, the only escape is outside the home, and sometimes this means *online*. Abusers often use spying technologies to control and restrict access to help for their victims. If we make mass surveillance mandatory and normalized, this risks aggravating the stalkerware problem by obligating providers to implement backdoors in their systems. We would effectively be helping abusers at home to restrict access to help for their victims, including victims of CSAM. This is completely unacceptable.
-
-### How to actually help the children
-
-Despite the politicization of this issue to manipulate the public opinion in accepting mass surveillance, there are actually *proven* solutions to help to protect the children, online and offline.
-
-First, governments should [listen](https://mogis.info/static/media/uploads/eu-libe-mogis-hahne-07032023_en.pdf) to [organizations already doing the work](https://edri.org/our-work/most-criticised-eu-law-of-all-time/). Most are understaffed and under-resourced to properly support the victims and prosecute the criminals. Thousands of more reports every day would not help them do any effective work. More capacity to conduct *targeted* investigation and arrest criminals, and more capacity to create safe spaces to support the victims and witnesses will help.
-
-Privacy should be the default, for everyone.
-
-If all our services were using end-to-end encryption when possible, and implemented proper security and privacy features and practices, this would effectively help to protect the children as well. Abusers and criminals are looking for leaked and stolen data all the time. When a cloud photo storage gets hacked, your photos are up for grabs online, including the photos of your children. When parents upload photos of their children and their address online, and this data gets exposed (leaked, breached, AI-scraped, etc.), this data then becomes accessible to criminals.
-
-**Better privacy protections also means better protections for the children.**
-
-Children themselves should receive better education on how their data is used online and how to protect it. Additionally, it is vital to provide better education on what behaviors aren't normal coming from an adult, and how to reach out for help when it happens. Children should have access to safe and confidential resources to report abuse, whether it's happening outside or inside their home.
-
-Parents should be careful when sharing information about their children. And when they have to, they should benefit from complete confidentiality, knowing their communication is fully end-to-end encrypted and not shared with anyone else.
-
-There is so much we can do to help to protect better the children online, surveillance is the opposite of it all.
-
-## How would this affect me?
-
-If this regulation is approved on **October 14th, 2025** (the date for the final vote), the consequences would be devastating for everyone, even outside the European Union.
-
-We have seen how platforms implemented better privacy practices and features after the GDPR became effective in 2018, features that often benefited people worldwide. This could have the same effect in reverse.
-
-Every platform potentially handling data of people located in the EU would be subjected to the law. Platforms would be obligated to scan all communications and all files of (at least) data subjects located in the EU, even data currently protected with end-to-end encryption. This would affect popular apps and services like Signal, Tuta, Proton, WhatsApp, Telegram, and much more.
-
-### Outside of Europe
-
-This would not only affect Europeans' data, but also the data of anyone outside communicating with someone located in the European Union. Because end-to-end encryption can only work if **both** ends are protected.
-
-If Chat Control gets approved and applied, it will become very difficult to communicate with anyone located in the EU while keeping strong protections for your data. Many people might just accept the surveillance passively, and as a result lose their rights, their protections, and compromise their democratic processes. Overtime, this will likely lead to a slippery slope towards dystopian authoritarianism.
-
-Outside of Europe, you could expect to see services removing some privacy-protective features, downgrading encryption, blocking European countries that are subjected to the law, or moving outside of Europe entirely. If localization-based scanning is too complicated to handle for an application, some companies might just decide it's simpler to scan communications for all users, worldwide.
-
-Additionally, Five Eyes countries (Australia, Canada, New Zealand, the United Kingdom, and the United States) have already [expressed support](https://www.youtube.com/watch?v=L933xDcSS3o&t=2163s) for Chat Control, and might be keen to try the same at home, if this gets approved and tested in Europe first.
-
-### Inside of Europe
-
-Without using tools that would be now deemed illegal, you would lose any protections currently granted by end-to-end encryption. It would become impossible for you to send an email, a text message, or a photo without being observed by your government, and potentially also by criminals and foreign governments, following the inevitable data breaches.
-
-You would have to constantly self-censor to avoid triggering the system and getting reported to the authorities. At first, you would probably just have to stop sending nudes, sexting, or sending photos of naked children in the bathtub or playing at the beach. Then, this would escalate to never mentioning drug or anything that could sound like drug, even as a joke. Later, you might have to stop texting about going to a protest, and stop organizing protests online. Further down the line, you might even have to self-censor to make sure you are not saying anything negative about a leader, or a [foreign politician](https://www.reuters.com/world/us/trump-administration-resuming-student-visa-appointments-state-dept-official-says-2025-06-18/) even. This isn't that hypothetical, this sort of [oppressive surveillance](https://www.hrw.org/news/2017/11/19/china-police-big-data-systems-violate-privacy-target-dissent) already exists in some countries.
-
-Many services you currently rely on right now would simply shut down, or move away from Europe entirely. Businesses might also move outside of Europe if they worry about protecting their proprietary information. This could cause massive layoffs, while organizations move to jurisdictions where they are allowed to keep their data protected and unobserved.
-
-Finally, even if this doesn't affect you personally, or you don't believe it will, [**this isn't just about you**](the-privacy-of-others.md).
-
-The data of vulnerable people would be exposed and their safety put at risk. Victims might decide to stop reaching out for help or reporting crimes. Sources requiring anonymity might decide the risk isn't worth reporting valuable information to journalists. Opponents of governments in power could be silenced. Every democracy in the European Union would suffer greatly from it.
-
-Chat Control is completely antithetical to the values the European Union has been presenting to the world in recent years.
-
-![The popular Red Dress meme, with the offended woman overlaid with the words "Fundamental Rights", the whistling man the words "European Commission", and woman wearing the red dress the words "Scanning private messages and controlling how citizens use the internet".](../assets/images/chat-control-must-be-stopped/chatcontrol-stopscanningme-meme-2.webp)
-<small aria-hidden="true">[Image](https://stopscanningme.eu/en/organise-now.html): Stop Scanning Me / EDRi</small>
-
-## What can I do about it?
-
-Even if the landscape seems dismal, **the battle isn't over**. There are many things you can do, right now, to fight against this authoritarian dystopia.
-
-### For Europeans, specifically
-
-- Contact your country representatives **TODAY**. The group Fight Chat Control has put together an [**easy tool**](https://fightchatcontrol.eu/#contact-tool) making this quick with only a few clicks.
-
-- After September 12th, the battle isn't over. Although governments will finalize their positions on that day, the final vote happens on **October 14th, 2025**. If you missed the September 12th deadline, keep contacting your representatives anyway.
-
-- Tell your family and friends to contact their representatives as well, talk about it, make noise.
-
-### For Everyone, including Europeans
-
-- Talk about Chat Control on social media often, especially this month. Make noise online. Use the hashtags #ChatControl and #StopScanningMe to help others learn more about the opposition movement.
-
-- Share informative [videos and memes](#resources-to-learn-more-and-fight-for-human-rights) about Chat Control. Spread the word in various forms.
-
-- Contact your European friends in impacted countries and tell them to contact their representatives NOW.
-
-- Even outside the EU, you can contact your own representatives as well, to let them know regulations like Chat Control are horrible for human rights, and you hope your country will never fall for such repressive laws. Tell your political representatives that privacy rights are important to you. **Your voice matters.**
-
-We need your help to fight this. For democracy, for privacy, and for all other human rights, we cannot afford to lose this battle.
-
-![Screenshot of the Fight Chat Control website in a browser.](../assets/images/chat-control-must-be-stopped/chatcontrol-fightchatcontrol-website.webp)
-<small aria-hidden="true">Screenshot: [fightchatcontrol.eu](https://fightchatcontrol.eu/)</small>
-
-## Resources to learn more, and fight for human rights
-
-### Videos about Chat Control
-
-- [**Stop Scanning Me**: Short video that summarizes perfectly the issues with Chat Control](https://stopscanningme.eu/video/csar-explainer.mp4)
-
-- [**Stop Scanning Me**: German-language version of the same short video](https://www.patrick-breyer.de/posts/chat-control/)
-
-- [**Louis Rossmann**: Video discussing why privacy matters, and the impact of Chat Control from a perspective outside of Europe](https://www.youtube.com/watch?v=3NyUgv6dpJc)
-
-- [**Shaping Opinion**: Excellent interview with Chat Control expert Patrick Breyer (recommended)](https://www.youtube.com/watch?v=L933xDcSS3o)
-
-- [**Patrick Breyer**: PeerTube channel with numerous videos related to Chat Control (German & English)](https://peertube.european-pirates.eu/c/patrick_breyer_mep_channel)
-
-### Memes about Chat Control
-
-- [**Stop Scanning Me**: Memes, banners, and other graphics](https://stopscanningme.eu/en/organise-now.html)
-
-- [**Patrick Breyer**: Memes, explainers, maps, and other graphics](https://www.patrick-breyer.de/posts/chat-control/#WhatYouCanDo)
-
-### Websites with more information
-
-- [**Fight Chat Control** (Contact your representatives here **TODAY**!)](https://fightchatcontrol.eu/)
-
-- [**Stop Scanning Me** (from EDRi)](https://stopscanningme.eu)
-
-- [**Patrick Breyer** (expert and former Member of the European Parliament)](https://www.patrick-breyer.de/posts/chat-control/)
-
-- [**European Crypto Initiative**](https://eu.ci/eu-chat-control-regulation/)
-
-- [Follow **Fight Chat Control** on Mastodon for updates](https://mastodon.social/@chatcontrol)
-
----
-
-**Update (9/15):** Added modifications related to the second important deadline for action, on October 14th.
-
-**Update (9/8):** Added clarification about what Chat Control is for readers unfamiliar with it.
diff --git a/content/blog/posts/choosing-the-right-messenger.md b/content/blog/posts/choosing-the-right-messenger.md
deleted file mode 100644
index 01bb566e0..000000000
--- a/content/blog/posts/choosing-the-right-messenger.md
+++ /dev/null
@@ -1,121 +0,0 @@
----
-date:
-    created: 2019-11-27T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - danarel
-links:
-    - Real Time Communication: https://www.privacyguides.org/real-time-communication/
-    - Types of Communication Networks: https://www.privacyguides.org/real-time-communication/communication-network-types/
-tags:
-    - Instant Messengers
-license: BY-SA
-description: Choosing an instant messenger is a challenge. How can you be sure you’re using the most secure, privacy respecting platform?
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/choosing-the-right-messenger/cover.webp
----
-# Choosing the Right Messenger
-
-!["Choosing The Right Messenger" cover image](../assets/images/choosing-the-right-messenger/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash</small>
-
-One of the most common questions users have when it comes to privacy is about messaging services. It seems almost all of them mention some level of privacy or encryption to entice the user to sign up for their service, but how can you be sure you’re using the most secure, privacy respecting platform?<!-- more -->
-
-The answer actually lies in one’s [threat model](https://www.privacyguides.org/basics/threat-modeling/), which is often an ignored step in choosing all privacy related apps and services, meaning a lot of users limit their internet and communication experience because they believe they need Edward Snowden level privacy settings.
-
-The truth is, each user needs to decide what their privacy goals are. Is your goal to stop corporations from tracking you, targeting you, and profiting from your data? Or, are you are trying to hide communications from the government or law enforcement, which is common for journalists and activists who want to protect their sources or communications from government eyes?
-
-Once you understand your goals you can start to look at messengers and their upsides and downsides, and it’s important to remember, there is no perfect solution. Each service, no matter how secure can be compromised, because at the end of the day, you’re dealing with other humans who can screenshot, copy, or forward your messages to parties you did not intend to see them. So, it’s also important to know who you are messaging, verifying their keys, and ensuring that you place the utmost trust in them with the content you are sending.
-
-If your goal is to simply avoid corporate tracking and the harvesting of your data from your communications, you can eliminate apps such as Facebook Messenger and WhatsApp, both services owned by Facebook and while offering encrypted messaging (optional in Messenger), Facebook [reads your non-encrypted messages](https://web.archive.org/web/20210729190737/https://www.digitaltrends.com/social-media/facebook-reads-messenger-messages/), and WhatsApp has [fallen victim](https://web.archive.org/web/20210729190737/https://www.forbes.com/sites/zakdoffman/2019/05/14/whatsapps-cybersecurity-breach-phones-hit-with-israeli-spyware-over-voice-calls/#734cec155549) to security breaches.
-
-For this type of user, your options are much more wide as you may be more willing to share your email address or phone number at signup and can be less concerned with metadata (we will get to that shortly), and you want to look for a messenger that simply isn’t scanning your content or behavior to sell it.
-
-If your goal is to evade more massive state-sponsored surveillance programs, the aforementioned apps are out of the question, but so are many others.
-
-This is because when it comes to these apps, and other like it, you don’t own the encryption keys, the service does, so they are able to decrypt your messages, for their own use, or for the use of government officials who request it. This is something important you’ll want to remember as you choose the messenger that is right for you.
-
-Even Apple’s iMessage, which is encrypted, while more secure than Facebook’s offerings, still control the keys and can access your messages if necessary. Apple does also collect data based on your behavior, so while using iMessage isn’t the same as handing your data over to Facebook, you’re still messaging with a variety of privacy vulnerabilities. On Android, you’re using SMS messages which are even less secure and can be [easily hijacked](https://web.archive.org/web/20210729190737/https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin) by someone with just enough know-how.
-
-## Metadata
-
-One important aspect of messaging apps you need to be sure of is what kind of [metadata](https://ssd.eff.org/en/glossary/metadata) it exposes, what is encrypted and what isn’t.
-
-Wire, a popular encrypted messenger app has always been criticized for its decision not to encrypt user metadata, such as the date and time of registration, IP geographical coordinates, and the date and time of creation, creator, name, and list of participants in a conversation.
-
-Metadata can be used to place you in a certain location, speaking to a certain person and can be used against you by law enforcement, even if they have no idea and no access to what the conversation was about.
-
-Apps such as Signal, or Wickr encrypt metadata, making the conversations between two or more parties more secure and harder to track individual users with.
-
-When it comes to avoiding corporate data mining, your metadata won’t be as useful, especially if you’re using a service that is not profiting from your data to begin with. For those avoiding state-sponsored surveillance, [metadata can be a killer](https://web.archive.org/web/20210729190737/https://theintercept.com/2019/08/04/whistleblowers-surveillance-fbi-trump/).
-
-## Encryption
-
-This article will not get into the complexities of the best kinds of end-to-end encryption (E2EE), but ensuring your messenger has it, that must be discussed.
-
-The popular messaging app Telegram has come under fire the most for this. Telegram says on their homepage that, “Telegram messages are heavily encrypted and can self-destruct.” Yet, this statement is only partially true. Yes, you can set your messages to self-destruct, a great privacy feature for some, and yes, they do offer encryption, but what they don’t tell users is that encryption isn’t turned on by default.
-
-In an [interview](https://web.archive.org/web/20210729190737/https://gizmodo.com/why-you-should-stop-using-telegram-right-now-1782557415) with Gizmodo, Christopher Soghoian, Principal Technologist and Senior Policy Analyst at the American Civil Liberties Union said that, "There are many Telegram users who think they are communicating in an [end-to-end] encrypted way, when they’re not because they don’t realize that they have to turn on an additional setting," he continued to say that while he’s happy they offer the encryption, it’s not useful if it’s turned off.
-
-Apps such as Signal, Keybase, and Wickr offer E2EE by default. Less popular but quickly growing apps such as Element, offer E2EE but like Telegram, have not made it a default setting, though the Matrix.org team has [said](https://web.archive.org/web/20210729190737/https://github.com/vector-im/element-web/issues/6779) that default encryption is on their road map.
-
-Ensuring your conversations and metadata are E2EE is one of the best practices you can have when choosing a messenger.
-
-## Registration Process
-
-When it comes to your goals and threat model, you will need to decide how much, if any, information you’re willing to give this company on signup. Do they require a phone number and or SIM card? Do they require an email address, or do they allow completely anonymous signups, and how anonymous is anonymous? Are they storing that info (remember the metadata) unencrypted?
-
-Giving up your phone number or email won’t be a big deal for many, as any good privacy policy will state they won’t use it for any purpose other than those you’ve granted permission for. Yet, for those avoiding state-sponsored surveillance, you may have a regularly changing number, no number, or would rather not risk giving that information up. The same goes for email.
-
-So, you will want to find a service that fits this need. While Signal is currently testing signup without a phone number, currently you’re unable to do so. Element, Wickr, many XMPP services, don’t require anything but choosing a username.
-
-## Source Code
-
-Open source may be the most used phrase in all of privacy and security, and for good reason. It’s really helpful to be able to review the source code of the product you’re trusting. Experts can look for backdoors, leaks, and other bugs. Organizations that opt to open source their code are showing good faith effort to increase trust between them and the user.
-
-Yet, open source can also limit your options, again, depending on your threat model and goals. Signal, Wire, and Keybase all offer open source repositories of their applications, and sometimes even the server software itself.
-
-Open source also doesn’t mean secure. This is often misunderstood, and people hear open source and assume it must be good. Look at the apps code you want to use, you don’t need to be able to check it, but are others? An open source app that no one follows, or contributes to is no more or less secure than a closed source app.
-
-Wickr, Threema, and others are closed source. They don’t offer the ability to check the source, but that doesn’t immediately rule them out either. When the Electronic Frontier Foundation (EFF) had a comparison chart for messenger apps, it gave Wickr 5-stars. This doesn’t mean it’s perfect for someone like Snowden, but for those avoiding Facebook and Google, it could be a usable option.
-
-It’s also important to remember there’s no way to check that someone is always using the source code in their repository in the app or server you’re downloading from the Apple Store or Google Play. When it comes to this, reputation becomes a key player in your decision, as does trust, which we will get to next.
-
-If you’re unsure what to do here, it’s always a safe bet to stick with open source that has a large contributor base and strong reputation. It’s always best to use open source options when they are available and only recommend closed source when there isn’t a usable open source option. This is generally a good way to pick a messenger app as well.
-
-## Ownership & Trust
-
-An often overlooked, but increasingly important part of choosing a secure messenger is, who owns the company that’s providing your service? What would the gain or lose from selling your data, and who does the company answer to?
-
-Wire [recently lost](https://web.archive.org/web/20210729190737/https://blog.privacytools.io/delisting-wire/) a great deal of trust and standing in the privacy world because they quietly sold their company and moved it to the US. They also changed parts of their privacy policy, making it harder for users to tell when Wire would share customer data. They did all of this while never updating their current users of such changes, either to the change of the privacy policy, or the move to the US.
-
-Wire also took in more than $8 million in venture capital funding. So now, users wanted to know more about who owned their data and what jurisdictional rights were changing with the move from Europe to the United States?
-
-These are questions we must ask of all services. Wire now has investors to answer to who will want a return on their millions of dollars.
-
-Signal on the other hand is a [non-profit](https://signal.org/blog/signal-foundation/) which does not rely on investors and instead relies on donations, sponsorships, and grants. Because of their non-profit status in the US, they must also be highly transparent about not only where the money comes from, but how they spend it. So, users can see where this money goes, and who it’s going to.
-
-Matrix.org (the service Element uses) runs a similar business model as Signal, located in the UK instead of the US, they reply on donations, partnerships, and grants. Matrix.org is heavily supported by New Vector, a venture capital backed company, however, Matrix.org as a non-profit is transparent about its spending, income, and influences.
-
-Not all services are non-profit, and that should not rule them out immediately. You can also follow their funding goals. Wire lost credibility because instead of simply relying on user signups, they wanted to be the next Skype for Business and wanted to build a larger enough user base to get the attention of investors. Meanwhile, apps such as Wickr, while for-profit, is transparent about taking limited investors to become sustainable on subscriptions.
-
-This can take some time, because it’s important to know who the investors are, and what the organizational goals are. Will they eventually need to resort to data harvesting to sustain itself, if they do, and you decide to leave the platform, will you leave behind data you don’t want them to get their hands on?
-
-## Making Your Choice
-
-Now it’s time to choose a messenger and no one can do that for you. Popularity will need to play a role here, there’s no point in joining the new up and coming messenger service if you don’t have a single contact using it as well. One reason Telegram has been so popular is they have managed to convince more than 100 million people to sign up. If you sign in today, you’ll likely see a group of your friends in there. Signal isn’t as far behind, and others are catching up.
-
-You’ll need to decide who you trust, and who your other contacts trust, and then compare all of that with your goals and your threat model. How much information are you willing to give on signup, does metadata matter to your threat model, and is the service you’re choosing likely to sell itself to the highest bidder once enough people sign up?
-
-The important thing to remember is there is no one size fits all for messengers, and that each user must decide what is best for them. If someone is an avid WhatsApp or Facebook Messenger user, even Telegram is a step in the right direction. Yet, if that user is concerned with more than just giving data over to Facebook, they may need to look at more secure options.
-
-Ensure you keep your messenger apps up to date. You don’t want to discover you’ve been compromised because a bug found in version 1 was fixed in version 2, but you didn’t bother upgrading your apps.
-
-One last piece of advice is that users need to be diligent and never become complacent in their decision. You must be willing to change services if the goals and values of your messenger of choice change in a way that no longer match yours. Look for news of sales, mergers, or acquisitions that could compromise the organization.
-
----
-
-*Dan Arel is a journalist, author, and privacy advocate. This article was originally published to [Hacker Noon](https://hackernoon.com/choosing-the-right-messenger-mm3x2z47) on November 27th, 2019.*
diff --git a/content/blog/posts/clearing-browsing-data.md b/content/blog/posts/clearing-browsing-data.md
deleted file mode 100644
index f3b20a5d8..000000000
--- a/content/blog/posts/clearing-browsing-data.md
+++ /dev/null
@@ -1,145 +0,0 @@
----
-date:
-    created: 2025-02-13T21:00:00Z
-categories:
-    - Tutorials
-authors:
-    - kevpham
-tags:
-    - Browsers
-    - Chrome
-    - Firefox
-    - Safari
-license: BY-SA
-description: A beginner's guide to clearing browsing data — such as cookies, website cache, and browsing history — on Chrome, Firefox, Safari, Edge, and Brave.
-schema_type: BackgroundNewsArticle
-preview:
-  cover: blog/assets/images/clearing-your-browsing-data/dimmis-vart-JPu345g_OYM-unsplash.webp
----
-# How to Clear Your Browser History on Chrome, Firefox, and Other Browsers
-
-![Article cover photo showing baked cookies](../assets/images/clearing-your-browsing-data/dimmis-vart-JPu345g_OYM-unsplash.webp)
-
-<small aria-hidden="true">Photo: Dimmis Vart / Unsplash</small>
-
-Your browsing data — such as cache, cookies, and browsing history — can accumulate over time, potentially damaging your privacy. Whether you trying to free up storage, limit tracking, or protect yourself from digital forensics, clearing browsing data is an important first step on your privacy journey. In this guide, we will explain how to clear your browsing data on five popular web browsers: Chrome, Firefox, Safari, Brave, and Edge.<!-- more -->
-
-## Understanding Browsing Data
-
-Cookies are [small files that a website generates and sends to a browser](https://www.cloudflare.com/learning/privacy/what-are-cookies/). They associate browsing activity to a given user session, allowing people to visit websites without logging in repeatedly. Cookies also facilitate [**personalization**](https://www.forbes.com/councils/forbestechcouncil/2023/04/11/the-internet-of-you-how-web-personalization-is-shaping-the-future/), where websites "remember" your preferences and actions. Websites utilize personalization cookies to send targeted advertisements and track your location.
-
-Website cache data [refers to offline website data that your browser stores](https://learn.g2.com/what-is-cached-data). By preloading content like webpages and images, subsequent visits to a website becomes faster. Unlike cookies, a cache does not expire and must be manually cleared. If you are concerned about [digital forensics](https://hawkeyeforensic.com/2024/03/30/browser-forensics-examining-browser-artifacts/), consider clearing it.
-
-Similarly, your browsing history must be deleted. As its name suggest, your web browser keeps a record of all visited websites offline. Your [internet service provider could still view your history](https://www.androidauthority.com/isp-tracking-1167088/); however, you might want to prevent access from someone living with you.
-
-## Clearing Browsing Data on Google Chrome
-
-To start, **launch** Google Chrome. On the upper right-hand corner, click on the **three-dots icon** to see a list of options. Then, click on **Settings**
-
-![Screenshot: Google Home Page](../assets/images/clearing-your-browsing-data/chrome1.webp)
-
-You should see the following menu.
-
-![Screenshot: Google Chrome Settings](../assets/images/clearing-your-browsing-data/chrome2.webp)
-
-On the left, navigate to **Privacy and Security**. You should see the following screen.
-
-![Screenshot: Google Chrome Privacy and Security Settings](../assets/images/clearing-your-browsing-data/chrome3.webp)
-
-Click **Delete browsing data.** Here, you can check whether to clear your **browsing history**, **cookies**, and **cached images & files**. Chrome also allows you select the **time range** of the data marked for deletion.
-
-![Screenshot: Google Chrome browser data options](../assets/images/clearing-your-browsing-data/chrome4.webp)
-
-After making any necessary changes, click **Delete data**.
-
-## Clearing Browsing Data on Firefox
-
-Start by launching **Firefox**. On the upper right-hand corner, click on the **three-dot icon** to see a list of options. There, click on **Settings**.
-
-![Screenshot: Firefox browser with Privacy Guides Homepage](../assets/images/clearing-your-browsing-data/firefox1.webp)
-
-On the left, navigate to **Privacy and Security**. You should see the following screen.
-
-![Screenshot: Firefox Settings](../assets/images/clearing-your-browsing-data/firefox2.webp)
-
-Scroll down to **Cookies and Site Data**.
-
-![Screenshot: Firefox Settings](../assets/images/clearing-your-browsing-data/firefox3.webp)
-
-You have the option of either clearing your browsing data within a time range or in selected websites. Note that the latter deletes the website's cookies and cache, not history.
-
-![Screenshot: Firefox Settings prompt displaying browser data](../assets/images/clearing-your-browsing-data/firefox5.webp)
-
-Click on **Clear data** if you prefer the former. Like Google Chrome, you can chose what types of data to delete and its time range. After making your selection, click **Clear** to finalize the process.
-
-## Clearing Browsing Data on Safari
-
-Unlike Chrome and Firefox, Safari separates history settings from its privacy settings. For the purposes of this guide, we will delete browsing history first.
-
-After opening Safari, move your cursor to the upper left-hand corner. Click **History** once the title bar appears.
-
-![Screenshot: Safari with Privacy Guides Homepage](../assets/images/clearing-your-browsing-data/history1.webp)
-
-If you want to clear browsing history in a specified time range, select **Clear History** at the bottom and follow the prompt. Otherwise, click **Show All History**.
-
-![Screenshot: History Panel in Safari](../assets/images/clearing-your-browsing-data/history2.webp)
-
-In this menu, you can choose websites to delete from your history. Use the search bar to find the exact name of the website. You can also navigate to a specific data and time.
-
-![Screenshot: History Panel in Safari](../assets/images/clearing-your-browsing-data/history3.webp)
-
-Now, lets delete the cookies and cache data. Move your cursor to the title bar again and click **Safari** to see a drop down menu.
-
-![Screenshot: Safari title bar](../assets/images/clearing-your-browsing-data/safari.webp)
-
-Then, click **Settings** and then navigate to **Privacy**. You will see this screen.
-
-![Screenshot: Safari Privacy Settings](../assets/images/clearing-your-browsing-data/safariprivacy1.webp)
-
-Click **Manage Website Data...**
-
-![Screenshot: Prompt displaying website browser data](../assets/images/clearing-your-browsing-data/safariprivacy2.webp)
-
-Another menu will appear with a list of websites and their corresponding browsing data types. As always, you can mark specified websites for deletion. Once you are done, click **Remove**.
-
-## Clearing Browsing Data on Brave Browser
-
-As a Chromium-based browser, Brave is quite similar to Chrome. To start, **launch** Brave. On the upper right-hand corner, click on the **three-bars icon** to see a list of options. Then, click on **Settings**
-
-![Screenshot: Brave Home Page](../assets/images/clearing-your-browsing-data/brave2.webp)
-
-You should see the following menu.
-
-![Screenshot: Brave Settings](../assets/images/clearing-your-browsing-data/brave3.webp)
-
-On the left, select **Privacy and Security**. You should see the following screen.
-
-![Screenshot: Brave Privacy and Security Settings](../assets/images/clearing-your-browsing-data/brave4.webp)
-
-Click **Delete browsing data.** Here, you can check whether to clear your **browsing history**, **cookies**, and **cached images & files**.
-
-![Screenshot: Brave browser data options](../assets/images/clearing-your-browsing-data/brave5.webp)
-
-Under **Advanced**, Brave also allows you select the **time range** of the data marked for deletion.
-
-![Screenshot: Brave Browser data options](../assets/images/clearing-your-browsing-data/brave6.webp)
-
-After making any necessary changes, click **Delete data**.
-
-## Clearing Browsing Data on Microsoft Edge
-
-Finally, we will finish this tutorial with Microsoft Edge. Start by launching the browser. On the upper right-hand corner, click on the **three-dots icon**. Next, click  **Settings**.
-
-![Screenshot: Edge Home Page](../assets/images/clearing-your-browsing-data/edge2.webp)
-
-In the settings page, navigate to **Privacy, Search, and Services**
-
-![Screenshot: Edge Settings](../assets/images/clearing-your-browsing-data/edge3.webp)
-
-Under **Delete Browsing Data**, click on **Choose What to Clear**.
-
-![Screenshot: Edge Settings](../assets/images/clearing-your-browsing-data/edge4.webp)
-
-Modify the time range and data to be deleted. Afterwards, click **Clear Now**.
-
-![Screenshot: Edge data options](../assets/images/clearing-your-browsing-data/edge5.webp)
diff --git a/content/blog/posts/cryptpad-review.md b/content/blog/posts/cryptpad-review.md
deleted file mode 100644
index f1392d2d4..000000000
--- a/content/blog/posts/cryptpad-review.md
+++ /dev/null
@@ -1,394 +0,0 @@
----
-title: "CryptPad Review: Replacing Google Docs"
-template: review-article.html
-schema_type: ReviewNewsArticle
-date:
-    created: 2025-02-07T19:00:00Z
-    updated: 2025-02-12T17:45:00Z
-categories:
-    - Reviews
-authors:
-    - em
-description: If you've been looking for a privacy-respectful replacement to Google Docs, now is the time to switch to the end-to-end encrypted office suite CryptPad.
-preview:
-  logo: theme/assets/img/document-collaboration/cryptpad.svg
-review:
-  type: WebApplication
-  category: BusinessApplication
-  subcategory: Office Suite
-  name: CryptPad
-  price: 0
-  website: https://cryptpad.org/
-  rating: 4.5
-  pros:
-    - End-to-end encryption.
-    - No account required.
-    - No personal information required to create an account.
-    - Cloud-hosted and self-hosted options.
-    - Actively maintained and open source.
-  cons:
-    - Can be slow.
-    - No local offline application.
----
-![Article cover photo showing a phone icon over a protest](../assets/images/cryptpad-review/cryptpad-cover.webp)
-
-<small aria-hidden="true">Illustration: Jordan Warne / Privacy Guides | Photo: Christin Hume / Unsplash</small>
-
-If you have been thinking about migrating to a privacy-focused replacement to Google Docs, **now is the time**. Google products, as convenient and popular as they might be, are *atrocious* for data privacy (not to mention [ethics](https://www.theverge.com/google/607012/google-dei-hiring-goals-internal-memo)).<!-- more -->
-
-Google's own Privacy Policy [clearly explains](https://policies.google.com/privacy#infocollect):
-
-> We also collect the content you create, upload, or receive from others when using our services. This includes things like email you write and receive, photos and videos you save, docs and spreadsheets you create, and comments you make on YouTube videos.
-
-Firstly, no matter what Google claims to do (or not do) with your data now, there isn't much preventing Google from using it for a different purpose later on. Secondly, there isn't much preventing Google from doing what it pleases regardless of laws or their promises, and asking for forgiveness later, as demonstrated by the many [lawsuits](https://www.reuters.com/legal/google-reaches-93-million-privacy-settlement-with-california-2023-09-14/) Google has already been subjected to. [We cannot trust Google](https://arstechnica.com/tech-policy/2025/01/google-loses-in-court-faces-trial-for-collecting-data-on-users-who-opted-out/) with *any* sensitive or personal information.
-
-But you shouldn't trust anyone else either.
-
-**The real solution to this is end-to-end encryption.** This is what CryptPad offers.
-
-## Why use CryptPad instead?
-
-![CryptPad logo](../assets/img/document-collaboration/cryptpad.svg){ align=right itemprop="image" }
-
-[CryptPad](https://cryptpad.org/) is an open-source collaborative office suite that offers everything that Google Docs offers, but better. And most importantly, in private.
-
-It was built from the ground up respecting the principles of [Privacy by Design](https://en.wikipedia.org/wiki/Privacy_by_design). All content kept in CryptPad is secured using solid end-to-end encryption, meaning that only the intended recipients can access the content. CryptPad itself cannot read, scan, or utilize your content in any way.
-
-[Website](https://cryptpad.org/)
-[Privacy Policy](https://cryptpad.fr/pad/#/2/pad/view/GcNjAWmK6YDB3EO2IipRZ0fUe89j43Ryqeb4fjkjehE/)
-{ .pg:buttons }
-
-CryptPad is developed by a team from the French software company [XWiki](https://www.xwiki.com). Because [CryptPad is open-source](https://github.com/cryptpad), anyone can add contributions to it, inspect its code, or submit feature recommendations.
-
-There are many reasons that CryptPad is a great tool and a perfect replacement to Google Docs. Let's dig into its pros and cons, why you should use it, why you can trust it, and how you can keep it secure.
-
-## What makes CryptPad trustworthy
-
-Why trust CryptPad more than Google? First, the end-to-end encryption the CryptPad software utilizes uses [strong and modern algorithms](#privacy-and-encryption). When encryption like this is well implemented, it means the content of your data can never be accessed by the CryptPad instance (server) operators. In contrast, services like Google hold the decryption keys to your data at all times, placing it at risk of being misused or compromised in a data breach. With CryptPad, if a CryptPad instance that has well implemented the software experienced a data breach and your encrypted content was stolen, your content would still be protected as long as you've used a unique, complex, and long password and protected it well.
-
-Second, because CryptPad's code is open, what it promises can be verified. Making source code open doesn't magically make it secure, but the CryptPad software is a project that had many eyes on in GitHub, has been around for over 10 years, and is actively maintained by a team experienced with open-source software.
-
-Additionally, if you decide to use CryptPad's flagship instance, your data will be hosted in France. This isn't magical either, but because European Union countries are all subjected to the GDPR most have adopted stronger data privacy practices by default. While these other factors are not technical guarantees, they all serve to increase the level of trust we feel comfortable giving CryptPad's software and flagship instance.
-
-Finally, if you do not trust CryptPad at all, the good news is you don't have to. If you prefer to use an instance that is not run by the CryptPad team, you can look for [other organizations](https://cryptpad.org/instances/) hosting instances of CryptPad open to the public. Of course make sure to pick an instance worthy of your trust. If you decide you do not trust anyone else, you can [download the code for yourself](https://github.com/cryptpad/cryptpad) and create your own CryptPad instance only controlled by you.
-
-## Starting with CryptPad
-
-Using CryptPad is very easy. CryptPad can be self-hosted if you prefer, but if this is not something you want to think about you can simply use CryptPad's [flagship instance](https://cryptpad.fr/) hosted in France. You can even start using it without an account. If you prefer to have an account to keep all your documents together you can create one for free, or you can have a look at CryptPad's [paid plans](https://cryptpad.org/pricing/) for users with greater needs.
-
-### Without an account
-
-Without an account, you can go to [https://cryptpad.fr/](https://cryptpad.fr/) and just click on a type of "New document" to start right away. Your username will be "Guest" and you will automatically be attributed a cute emoji for your Guest profile.
-
-You can create a new document, modify it, copy the URL link, then close the web page. To return to it, simply paste the same URL in a browser. To share this document, simply share the URL with someone else.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">File security warning</p>
-
-Anyone with the link will be able to see your file. Additionally, if this link includes "Edit" access, anyone with this link will be able to edit the file. Consider this when using this method.
-
-</div>
-
-Whether you create an account or not, the only information that could identify you when using CryptPad on a trustworthy instance is your IP address and your browser and device information. Depending on your threat model, to mitigate this you might want to use a trustworthy [VPN service](https://www.privacyguides.org/en/vpn/) and/or the [Tor network](https://www.privacyguides.org/en/tor/), coupled with a [browser](https://www.privacyguides.org/en/desktop-browsers/) hardened to reduce [fingerprinting](https://coveryourtracks.eff.org/).
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">If you are at risk of targeted attacks</p>
-
-If you would be at risk if your CryptPad usage was discovered later, and you do not want to leave any traces on your local computer that you have visited a CryptPad instance, you might want to use [Tails](https://www.privacyguides.org/articles/2025/01/29/installing-and-using-tails/).
-
-</div>
-
-### Creating an account
-
-You will see that *Privacy by Design* starts at the account creation level with CryptPad. You do not even have to provide an email address to start. All that you need to create an account is a cool username and a [secure and unique password](https://www.privacyguides.org/en/basics/passwords-overview/) (like all passwords should be).
-
-![Screenshot from the CryptPad login page showing several application choices.](../assets/images/cryptpad-review/cryptpad-login.webp)
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Password security</p>
-
-Make sure you note your unique, long, and complex password and username in a safe place. Due to the nature of end-to-end encryption, if you lose your username or password, there will be **no account recovery possible** and all your files will be lost.
-
-</div>
-
-### Basic security
-
-Once you've created an account, the first thing you should do is secure it with a [second factor of authentication](https://www.privacyguides.org/en/basics/multi-factor-authentication/). To do this, click on your username on the upper-right, then select "Settings" > "Security & Privacy" and follow the instructions for "Two-Factor Authentication".
-
-On the same "Settings" page, depending on your [threat model](https://www.privacyguides.org/en/basics/threat-modeling/), you might also want to enable "Safe Links", disable "Feedback" (disabled by default), and disable "Cache". Disabling the cache can hinder performance though, so if your local device isn't at risk it may be unnecessary.
-
-### Destroying data
-
-Another option that CryptPad offers on the "Settings" page is a quick way to "Destroy all owned documents" at once. This can be a lifesaver feature for people at particularly high risk. Take good note of where this feature is in the menu.
-
-You can also delete files individually. To do this, once you have created a document you can click on the "Access" button on the top menu, and you will see an option to "Destroy this document or folder permanently". After you've clicked on "Destroy" once, you will see the button change to "Are you sure?" and you'll have to click it again to confirm. This is a well-designed safeguard because this action is irrevocable. Test it with an empty document just to see how it works first.
-
-![Screenshot from a CryptPad document page showing the "destroy document" option.](../assets/images/cryptpad-review/cryptpad-deletingfiles.webp)
-
-### Backing up data
-
-There are several options to back up and export your data. From a document page, you can click on the "File" button on the upper-left, then select "Export". To back up all your documents at once, you can click on your username on the upper-right, then select "Settings" > "CryptDrive" > "Backup". This will create a zip file containing all your documents in plain text (unencrypted). Be careful where you store this file if it contains sensitive information.
-
-### Additional settings
-
-Another setting you should pay attention to is your Display name. You can change it in the "Account" section. This will be shown to your contacts in CryptPad if you add any.
-
-Additionally, you can change the theme to either Light or Dark in "Appearance", you can change the color associated with your account and file modifications in "Cursor", you can adjust the code editor indentation spaces in "Code", and you can make many other adjustments following your preferences.
-
-## CryptPad's instances & hosting
-
-The CryptPad team offers a flagship instance at [CryptPad.fr](https://cryptpad.fr/) that makes it easy to start using CryptPad quickly. Depending on your preference and circumstances, you might choose a different instance or even choose to host an instance yourself.
-
-### Different instances
-
-For a list of third-party instances that have passed a series of checks from the CryptPad team to ensure they are up-to-date and use recommended settings, you can visit this page: [https://cryptpad.org/instances/](https://cryptpad.org/instances/)
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">When using third-party instances</p>
-
-Always consider your threat model when selecting an instance. Although the content of your files will be end-to-end encrypted, the instance's owner could have access to some metadata about you, such as your IP address or other activities. Additionally, an instance administrator could technically modify the CryptPad software they run to introduce malicious code. You should trust the instance you use as much as the code.
-
-</div>
-
-### Self-hosting
-
-To learn how to host your own CryptPad instance, you should consult [CryptPad's documentation](https://docs.cryptpad.org/en/admin_guide/index.html#admin-guide).
-
-## User Experience
-
-The user experience will likely feel pretty familiar to people who are already using Google Docs, Microsoft Office, OnlyOffice, or other similar office suites.
-
-### User interface
-
-For document creation, CryptPad's user interface is rather straightforward. However, there are a few details in the interface that might be confusing at first. For example, clicking on your username (or Display name) on the upper-right will show an important dropdown menu, so you should remember to look there as it is not always obvious. This is the menu where you will find options for your "Profile", "Calendar", "Contacts", "Settings", "Log out", and more.
-
-Once inside a document, click on the "File" button on the upper-left to see the file's "History", "Export", or "Print" features, and more.
-
-To destroy a document, you will need to click on the "Access" button at the top of a document page.
-
-### Export and import documents
-
-You can export or import documents to CryptPad in HTML format, but keep in mind there might be some formatting issues with certain document types.
-
-## Document Options
-
-Each time you create a new document, no matter which type, you will have the following options: to make it an "Owned document", which means having full control over it (you need to be the owner of a document to delete it); to pick a "Destruction date", to **make the document self-destroy** after a certain number of months, days, or even hours; and to "**Add a password"** to password-lock the document.
-
-### Self-destruction
-
-For any sensitive document, it's a great idea to enable the auto-destruction feature, even if it's far in the future. This adds a layer of security in case you lose your password, forget about an important file that shouldn't be lingering around, or for any other sensitive situations.
-
-### Password lock
-
-Because sharing the link to a document without a password makes it accessible to anyone with this link, you should add a password to any sensitive document and share this password on a secure channel only. Make sure you select a password that is different from your account password and is also unique from other passwords you use. Ideally, always prefer a *passphrase*.
-
-![Screenshot from a CryptPad document creation popup showing the option to add a password.](../assets/images/cryptpad-review/cryptpad-creatingfile.webp)
-
-### Access control
-
-For any document you can control how it is accessed by clicking on the "Access" button at the top. There, you can change the document's password, delete the document, see the list of accesses and ownership.
-
-When you share a document by clicking on the "Share" button at the top, you can select different types of access rights, such as "View", "Edit", and "View once and self-destruct". The latter can be a particularly useful feature for people in highly sensitive situations.
-
-## Applications Available
-
-CryptPad offers a wide variety of applications, or document types, making CryptPad a complete office suite. To create a new file from your *CryptDrive* page, click on the large "+ New" button. You will see a popup menu where you can select: "Folder", "Shared folder", Upload files", "Upload folder", "New Link", "Sheet", "Document", "Presentation", "Rich text", "Kanban", "Code", "Form", "Whiteboard", "Markdown slides", and "Diagram".
-
-That's a lot of choice!
-
-![Screenshot from the CryptPad new document popup showing all the types of document that can be created.](../assets/images/cryptpad-review/cryptpad-filetypes.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">New from this week!</p>
-
-==*Document* and *Presentation* applications have just been unlocked to all users on CryptPad.fr this week!==
-
-This is fantastic for collaborative work because the new *Document* type allows tracking changes within a document. These two new types of document are still in testing phase however, so make sure to back up your data regularly. Improvements will likely be added slowly in the coming weeks, until the final release planned for the end of March 2025.
-
-</div>
-
-Here are screenshots of each application included in CryptPad to give you a better idea of what possibilities are in there:
-
-### Sheet
-
-The usual classic spreadsheet for all your calculation needs. If you are familiar with Google Docs' spreadsheet, you will likely find this one easy to use:
-
-![Screenshot from a CryptPad spreadsheet document.](../assets/images/cryptpad-review/cryptpad-sheet.webp)
-
-### Document
-
-The classic text document with advanced formatting features:
-
-![Screenshot from a CryptPad doc-type document.](../assets/images/cryptpad-review/cryptpad-document.webp)
-
-#### Tracking changes
-
-If you want to enable change tracking in this application, click on the "Collaboration" tab, then click on the "Track Changes" button, and select your preferred tracking option:
-
-![Screenshot from a CryptPad doc-type document showing the menu option to track changes.](../assets/images/cryptpad-review/cryptpad-trackingchanges.webp)
-
-### Presentation
-
-Another classic application to help you create slideshows:
-
-![Screenshot from a CryptPad presentation document.](../assets/images/cryptpad-review/cryptpad-presentation.webp)
-
-### Rich text
-
-A basic text document type for simpler text files:
-
-![Screenshot from a CryptPad rich text document.](../assets/images/cryptpad-review/cryptpad-richtext.webp)
-
-### Kanban
-
-A useful kanban organization tool to plan your projects:
-
-![Screenshot from a CryptPad kanban document.](../assets/images/cryptpad-review/cryptpad-kanban.webp)
-
-### Code
-
-A light code editor with previewing feature. This is especially useful for HTML files:
-
-![Screenshot from a CryptPad code document.](../assets/images/cryptpad-review/cryptpad-code.webp)
-
-### Form
-
-A form tool to create and share surveys, without sharing your survey data with unwanted third-parties:
-
-![Screenshot from a CryptPad form document.](../assets/images/cryptpad-review/cryptpad-form.webp)
-
-### Whiteboard
-
-A fun whiteboard tool if you feel creative, need to draw to explain, need to write and collaborate on complex math equations, and much more:
-
-![Screenshot from a CryptPad whiteboard document.](../assets/images/cryptpad-review/cryptpad-whiteboard.webp)
-
-### Markdown slides
-
-A simple application to quickly create and preview slides in Markdown format:
-
-![Screenshot from a CryptPad markdown slide document.](../assets/images/cryptpad-review/cryptpad-markdown.webp)
-
-### Diagram
-
-A flexible tool to create diagrams, for all your visual explanatory needs:
-
-![Screenshot from a CryptPad diagram document.](../assets/images/cryptpad-review/cryptpad-diagram.webp)
-
-### Calendar
-
-And finally, this isn't a document type per se, but you might be happy to hear CryptPad also integrates a Calendar application. This can be a fantastic tool to organize with your team and events. You can access it by clicking on your username on the upper-right, then selecting "Calendar":
-
-![Screenshot from the CryptPad calendar application.](../assets/images/cryptpad-review/cryptpad-calendar.webp)
-
-## Privacy and Encryption
-
-Everything in CryptPad is designed to minimize data collection. It's also designed to minimize the data visible to the instance's operators as much as feasible. This is great for privacy and significantly improves data security. If the data isn't accessible to even the instance's operators, then it also isn't accessible to thieves or abusive authorities.
-
-### What encryption does CryptPad use?
-
-With CryptPad, all your data is encrypted on your device before it is sent to the remote server. You never have to worry about data being readable in-transit or at-rest on the server. Only authorized users, senders and intended recipients, can access the decrypted data.
-
-To lock your account, CryptPad creates cryptographic keys derived from your username and password together. This means CryptPad servers never even see your username or password. In fact, a normal CryptPad server cannot even know if you are using the software with an account or not. Additionally, this makes it so that multiple people could use the same username, as long as they register with a different password.
-
-To secure documents, CryptPad uses [symmetric encryption](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) with a [secret key unique to each document](https://blog.cryptpad.org/2024/03/14/Most-Secure-CryptPad-Usage/). This ensures your document is unreadable to anyone who doesn't have the corresponding key.
-
-Keep in mind however than when you share a link to a document, this link contains the symmetric key to encrypt and decrypt the document, and to verify and issue the signatures. This access is irrevocable. Which means that if you want to stop someone who received the link to a document from accessing it later on, you will need to make a copy of this document and destroy the original you have shared.
-
-### Your public key
-
-If you want to access your own CryptPad public key, you can click on your username on the upper-right, then select "Profile" and click on "View my profile". There you can click on "Copy public key" and this will copy your key to your device's clipboard.
-
-![Screenshot from a CryptPad profile page showing the copy public key button.](../assets/images/cryptpad-review/cryptpad-profile.webp)
-
-### Encryption algorithms
-
-CryptPad uses a variety of reputable algorithms for its encryption needs. Here's a summary of what type of encryption CryptPad implements:
-
-- For login authentication: The [scrypt](https://en.wikipedia.org/wiki/Scrypt) key derivation function (KDF).
-- For symmetric encryption: The [XSalsa20](https://en.wikipedia.org/wiki/Salsa20)-[Poly1305](https://en.wikipedia.org/wiki/Poly1305) algorithms.
-- For public-key encryption: The [x25519](https://en.wikipedia.org/wiki/Curve25519)-[XSalsa20](https://en.wikipedia.org/wiki/Salsa20)-[Poly1305](https://en.wikipedia.org/wiki/Poly1305) algorithms.
-- For signatures: The [Ed25519](https://en.wikipedia.org/wiki/EdDSA#Ed25519) signature scheme.
-- For hashes: The [SHA-512](https://en.wikipedia.org/wiki/SHA-2) algorithm.
-- For all other cryptographic operations: The [TweetNaCl.js](https://tweetnacl.js.org/#/) library.
-
-You can read more details about how CryptPad implements encryption in [CryptPad's white paper](https://blog.cryptpad.org/2023/02/02/Whitepaper/).
-
-You can read more on a comparison of cryptography libraries CryptPad uses in [CryptPad's Blueprints](https://blueprints.cryptpad.org/review/libraries/).
-
-### Post-quantum encryption
-
-Like many other applications using encryption, CryptPad is preparing for the [post-quantum age](https://en.wikipedia.org/wiki/Post-quantum_cryptography) evaluating how quantum-resistant its current algorithms are, and following closely recommendations for standards improvement.
-
-This is all very new as the [National Institute of Standards and Technology](https://www.nist.gov/) (NIST) just selected newly proposed post-quantum resistant algorithms [last summer](https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards) to establish new encryption standards and recommendations.
-
-Preparing now to harden encryption standards against future quantum computers possibly capable of breaking currently used cryptographic algorithms is very important. The CryptPad development team is already preparing for this and [plans to transition](https://blueprints.cryptpad.org/review/agility/) towards NIST's post-quantum new standards.
-
-### Perfect forward secrecy
-
-CryptPad's team is also [planning](https://xwiki.com/en/Blog/CryptPad-overview-2024/) on implementing [perfect forward secrecy](https://www.geeksforgeeks.org/perfect-forward-secrecy/) for its next generation. This will be a great improvement to secure communication within CryptPad, because it makes each session key unique. This means that if a session key was to be compromised, this would not affect any other sessions, significantly reducing the scope and damage of an attack.
-
-### Keeping CryptPad secure
-
-Like any privacy-focused product, CryptPad isn't magical. While CryptPad offers some of the very best protections for your privacy, you still have to take certain measures to secure your CryptPad data properly. CryptPad cannot control this part.
-
-Here's a few things you should remember to keep your CryptPad data secure and private:
-
-**Trustworthy server:** It's important to select a CryptPad instance that is trustworthy. Keep in mind that the instance operators could have access to your IP address or could theoretically maliciously modify the CryptPad's code they use to make it insecure.
-
-**Safe device:** Your device also needs to be safe and secure. There isn't much that *any* external service can do to protect your data if your device is compromised.
-
-**IP address:** Don't forget that whenever you connect to a server, website, or any service online, you are sharing your IP address, which can be used to identify and locate you, more or less accurately. If this is a threat to you, consider using a trustworthy VPN or the Tor network to protect your IP address.
-
-**HTTPS:** Make sure the CryptPad instance's address you use starts with "HTTPS".
-
-**Document links:** Because CryptPad includes the keys to decrypt your document in the links you use and share, anyone who can access your browsing history could potentially read your decrypted document. This is also true for anything in your browser or device that can access your browser's history (extensions, synced accounts, screen-sharing, Windows Recall, etc.). To mitigate this, you should [enable](https://docs.cryptpad.org/en/user_guide/user_account.html#security-privacy) the option "Safe links" in "Settings" > "Security & Privacy".
-
-**Password:** It's important to safeguard your password properly and *choose a password that is unique, complex, and long*. No matter how good the encryption is, if someone guesses your password, it's game over.
-
-**Multifactor authentication:** As soon as you create an account, you should enable a second factor of authentication. This will help protect your data against account takeover, in case your password were to be guessed or leaked. This is true for any account you have.
-
-**Document accesses:** Be careful to reduce the document's access to the minimum access required for functionality. For example, if you share a document link publicly, make sure it's a read-only link that doesn't allow anyone to edit it.
-
-**File history:** By default, files keep history of document changes and who viewed or modified a document. You can see this in "File" > "History". If you need to erase this history for safety but keep the document, you can go to "File" > "Make a copy", then go back to the original document with the history you need to erase, click on "Access", then "Destroy", then click again on "Are you sure?". This will permanently destroy your original document. Be careful, there is no recovery after this.
-
-**Static keys:** CryptPad uses static keys to encrypt your documents. This means that once you have shared a document, and therefore its static keys, you cannot revoke this access. By default, anyone you have shared a link to your document with will retain this access indefinitely. If you wish to revoke access, you can make a copy of the document then destroy the original. This will also erase the document's history.
-
-To learn more about the CryptPad team's recommendations on the most secure way to use CryptPad, you can read [this article](https://blog.cryptpad.org/2024/03/14/Most-Secure-CryptPad-Usage/).
-
-## Downsides
-
-There are a few downsides in using CryptPad as your office suite.
-
-First, due to the nature of end-to-end encryption, it is slower. Naturally, each file needing to get decrypted before each use can slow down your workflow. The CryptPad instance you have chosen to use, your internet connection's speed, and your device's speed are all factors that can contribute in making this operation slower or faster. But remember, you are trading speed for security and privacy.
-
-Second, there is no mobile or desktop app available at this time. CryptPad only runs in the browser (for now). Depending on your type of usage, this can be inconvenient. Additionally, this means there is no way to access your data locally unless you create a copy of it in plain text on your device. Other end-to-end document applications such as [Standard Notes](https://standardnotes.com/) or [Anytype](https://anytype.io/) allow users to access documents offline, but they do not offer collaborative and office suite features like CryptPad does.
-
-## Conclusion
-
-Finally, if you are looking for a replacement to Google Docs, switching to CryptPad is an obvious choice.
-
-With solid end-to-end encryption for all your document content and minimal data collection at all steps of the registration process, CryptPad is an excellent option for your data privacy *and* your data security.
-
-If data privacy is important to you, **there is no reason to keep your sensitive information in the Google ecosystem**, especially with everything that we know about it now.
-
-Switching to CryptPad, you will benefit from the same type of applications (and more), still be able to share links with external parties without requiring them to create an account, and store information remotely in a secure way.
-
-But *in addition* to Google Docs, you will benefit from strong end-to-end encryption on everything you wish to keep private, true document destruction for everything that you want gone, and a complete office suite that only you and your team can access, away from intrusive Google scans or even CryptPad's knowledge.
-
-If you need a remote collaborative office suite that is secure and respects your privacy, there is no reason not to switch to CryptPad.
-
-## Support CryptPad
-
-If you wish to support this free and open-source project, you can help CryptPad by:
-
-- [Following CryptPad on Mastodon](https://fosstodon.org/@cryptpad)
-- [Donating on Open Collective](https://opencollective.com/cryptpad/contribute/)
-- [Contributing on GitHub](https://github.com/cryptpad)
-- [Watching CryptPad's videos on PeerTube](https://peertube.xwiki.com/c/cryptpad_channel/videos)
-
----
-
-***Editor's Note (Feb. 12):** This article was updated to clarify the difference between CryptPad (the open source software) and instances of CryptPad like CryptPad.fr (the hosted cloud instance of CryptPad operated by CryptPad's creators) in certain contexts.*
diff --git a/content/blog/posts/delisting-startpage.md b/content/blog/posts/delisting-startpage.md
deleted file mode 100644
index 57e651885..000000000
--- a/content/blog/posts/delisting-startpage.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-date:
-    created: 2019-11-12T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - niek-de-wilde
-links:
-    - posts/relisting-startpage.md
-    - Search Engines: https://www.privacyguides.org/en/search-engines/
-tags:
-    - Search Engines
-description: Startpage has been removed from Privacy Guides' recommendations following their acquisition by System1.
-schema_type: NewsArticle
-preview:
-  cover: blog/assets/images/delisting-startpage/cover.webp
----
-# Delisting Startpage From Privacy Guides
-
-!["Delisting Startpage" cover image](../assets/images/delisting-startpage/cover.webp)
-
-<small aria-hidden="true">Illustration: Privacy Guides | Photo: Unsplash</small>
-
-Dear *Privacy Guides* Community,
-
-On the 15th of October, it was [brought to our attention](https://web.archive.org/web/20201127034309/https://www.reddit.com/r/privacy/comments/di5rn3/startpage_is_now_owned_by_an_advertising_company/) that Startpage.com was reportedly (partially?) taken over by a company called the Privacy One Group, which is in turn owned by a company called System1. We found this quite remarkable as the two companies seem to have conflicting business models.<!-- more --> Startpage has been known for basing their advertisements on what their users enter in their search bar. System1 on the other hand, is a pay-per-click advertising company that "[has developed a pre-targeting platform that identifies and unlocks consumer intent across channels including social, native, email, search, market research and lead generation rather than relying solely on what consumers enter into search boxes.](https://web.archive.org/web/20201127034309/https://www.bizjournals.com/losangeles/news/2017/09/20/system1-raises-270-million-for-consumer-intent.html)"
-
-We reached out to System1 CEO [Ian Weingarten](https://web.archive.org/web/20201127034309/https://finance.yahoo.com/news/system1-appoints-ian-weingarten-ceo-185700741.html) for an explanation. We received a very general response that did not address key questions.
-
-Seemingly prompted by our ongoing concerns, Startpage released a public letter addressed to us from their CEO, and hosted a [Q&A](https://web.archive.org/web/20201127034309/https://www.reddit.com/r/StartpageSearch/comments/djshn3/hello_reddit_startpage_mod_team/) on their Subreddit to try and explain the situation. While some of our questions were answered, we noted that the company seemed to be evasive, essentially restating information from a previously published [blog post](https://web.archive.org/web/20201127034309/https://www.startpage.com/blog/company-updates/startpage-and-privacy-one-group/) or posting the same response to different questions. People had to really dig to get answers and puzzle all information together, instead of getting a clearly explained and comprehensive answer from the start. Requests for clarification to some important questions went ignored.
-
-Because of the conflicting business model and the unusual way the company reacted, claiming to be fully transparent but being evasive at the same time, we have no choice but to delist Startpage from our recommendations until it is fully transparent about its new ownership and data processing. Remaining questions include:
-
-- The % of Startpage and Surfboard Holding B.V. (the Startpage holding company) System1 acquired in December 2018.
-- The current % ownership by System1 at the time of the audit (and any other major owners).
-- Information about Privacy One Group Ltd. Where is it registered and in what city, state and country does it operate? (We have not been able to verify registration information.)
-- A diagram of data flows, including flows to outside organizations, like System1, Privacy One etc.
-
-This delisting does not necessarily mean Startpage is violating its privacy policy. We have no evidence of that. But because there are still so many unanswered questions, we can no longer recommend the service with good confidence. If Startpage aims to be re-considered, they will have to answer the questions above, preferably along with an explanation of why it took them so long to get proper answers out to the public.
-
-Sincerely,
-Blacklight447
-*Privacy Guides*
-
----
-
-**2020-05-03:** Startpage has answered all of our questions for them and has clarified their policies. We have decided to recommend their service again, and you can read our latest [announcement](relisting-startpage.md) for more details.
-
-**2023-10-23:** This post has been edited to reflect the team's move from [PrivacyTools](https://www.privacyguides.org/en/about/privacytools/) to Privacy Guides.
diff --git a/content/blog/posts/delisting-wire.md b/content/blog/posts/delisting-wire.md
deleted file mode 100644
index 0fc1a5d3c..000000000
--- a/content/blog/posts/delisting-wire.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-date:
-    created: 2019-11-19T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - danarel
-links:
-    - Real Time Communication: https://www.privacyguides.org/en/real-time-communication/
-    - Types of Communication Networks: https://www.privacyguides.org/en/advanced/communication-network-types/
-tags:
-    - Instant Messengers
-description: Wire has been removed from Privacy Guides' recommendations following their acquisition by a US holding company and VC investments.
-schema_type: NewsArticle
----
-# Delisting Wire From Privacy Guides
-
-!["Delisting Wire" cover image](../assets/images/delisting-wire/cover.avif)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash</small>
-
-It has recently come to the attention of the *Privacy Guides* team that **Wire**, the popular end-to-end encryption messaging platform [has been sold or moved to a US company](https://web.archive.org/web/20201128215737/https://forum.privacytools.io/t/wire-swiss-gmbh-is-now-owned-by-a-usa-holding-company/1932). After a week of questioning, Wire finally confirmed they had changed holding companies and would now be a US based company in a move they called “simple and pragmatic,” as they worked to expand their foothold in the enterprise market. This also came alongside the news that Wire had accepted more than $8 million in Venture Capital (VC) funding from Morpheus Ventures, as well as other investors.<!-- more -->
-
-Morpheus Ventures holds a [portfolio](https://web.archive.org/web/20201128215737/https://morpheus.com/portfolio/) including companies in healthcare, voice AI, life insurance, and retail customer data analytics: All sectors that have historically used invasive data collection methods to survive. Why would a VC with a portfolio centered on consumer data want to invest in a company whose mission claims to protect that very same information?
-
-Earlier this year, Wire announced they had entered a partnership with [FedResults](https://web.archive.org/web/20201128215737/https://www.globenewswire.com/news-release/2019/07/10/1880912/0/en/Wire-and-FedResults-Partner-to-Offer-End-to-End-Encrypted-Collaboration-Platform-to-Government-Agencies.html), in a move that would bring Wire's secure messaging platform to US federal agencies. This raised a few eyebrows, but did not alarm the privacy community as Wire remained Swiss based and beholden to Switzerland's strict privacy laws. Today however, while much of Wire's business will continue to be run out of their Swiss offices, with new US-based ownership it is not entirely clear how much jurisdiction the United States will have over Wire data.
-
-This is alarming because it is well known that Wire [stores unencrypted metadata](https://web.archive.org/web/20201128215737/https://www.vice.com/en_us/article/gvzw5x/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text) for every user.
-
-In an interview with [TechCrunch](https://web.archive.org/web/20201128215737/https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/), Wire CEO Morten Brøgger said of privacy laws: “We are in Switzerland, which has the best privacy laws in the world” — it’s subject to Europe’s General Data Protection Regulation framework (GDPR) on top of its own local laws — “and Wire now belongs to a new group holding, but there no change in control.” [sic]
-
-Even if he is correct, the move and statement do bring up further questions. With Wire now being a US company with contracts partnering it with US federal authorities, will those authorities now have leverage to compel Wire to give up metadata on users? Wire has investors to answer to and will not be able to risk losing large deals with clients like the US federal government. This is of course a hypothetical situation, but one to be considered nonetheless as we decide which services to recommend on [*Privacy Guides*](https://www.privacyguides.org/en/tools/).
-
-Wire also quietly made an adjustment to its own privacy policy. A [previous version](https://web.archive.org/web/20180324221043/https://wire.com/en/legal/#privacy-7) of the policy (July 18, 2017) stated it would only share user data when required by law. Now (Updated September 1, 2018), it reads they will share user data when "necessary." What does necessary mean, and necessary to whom? Necessary to law enforcement, shareholders, or advertisers? The word "necessary" is an alarming change because "necessary" is purposefully vague terminology that could conceivably be used as a tool to justify any action. This change doesn't leave the user with much confidence as to when the company may share your data.
-
-Yet another red flag, and one of the more important ones to us, was that Wire decided not to disclose this policy change to its users, and when asked why, Brøgger was flippant in his response, stating: “Our evaluation was that this was not necessary. Was it right or wrong? I don’t know.”
-
-We feel we do know, and the answer was that it was wrong. Privacy and security are not built solely on strong technology, but on trust. Yes, we can review Wire's open source code on GitHub, but we can't ever be sure that code is the same exact code that runs on their servers in practice. Yet, we have trusted them in the past because Wire had built a trustworthy reputation for themselves. We now feel that Wire has lost this reputation. By deciding to withhold information regarding its ownership and policies from its users, Wire has broken the trust our community has placed in it, and worse yet sounds almost dismissive of the worries voiced by the privacy community that had long held them in high regard.
-
-Because of these ongoing concerns, and this break in trust in Wire's organization, *Privacy Guides* has made the decision to remove Wire from its recommendations. It is worth noting that does not necessarily mean Wire is unsafe, but we believe it is our duty to recommend products that we as a team feel comfortable standing behind. We need to believe in the security, privacy, and integrity of our recommendations, and we no longer feel we can do that with Wire at this time.
-
----
-
-**2023-10-23:** This post has been edited to reflect the team's move from [PrivacyTools](https://www.privacyguides.org/en/about/privacytools/) to Privacy Guides.
diff --git a/content/blog/posts/differential-privacy.md b/content/blog/posts/differential-privacy.md
deleted file mode 100644
index e74bff960..000000000
--- a/content/blog/posts/differential-privacy.md
+++ /dev/null
@@ -1,250 +0,0 @@
----
-date:
-    created: 2025-09-30T16:30:00Z
-categories:
-    - Explainers
-authors:
-    - fria
-tags:
-    - Privacy Enhancing Technologies
-schema_type: BackgroundNewsArticle
-description: Differential privacy is a mathematically rigorous framework for adding a controlled amount of noise to a dataset so that no individual can be reidentified. Learn how this technology is being implemented to protect you.
-preview:
-  cover: blog/assets/images/differential-privacy/cover.webp
----
-# What is Differential Privacy?
-
-!["Differential Privacy" text with a series of ones and zeros being obscured with a blur filter](../assets/images/differential-privacy/cover.webp)
-<small aria-hidden="true">Image: Privacy Guides / Jordan Warne</small>
-
-Is it possible to collect data from a large group of people but protect each individual's privacy? In this entry of my series on [privacy-enhancing technologies](../tags.md/#tag:privacy-enhancing-technologies), we'll discuss differential privacy and how it can do just that.<!-- more -->
-
-## Problem
-
-It's useful to collect data from a large group of people. You can see trends in a population. But it requires a lot of individual people to give up personally identifiable information. Even things that seem innocuous like your gender can help identify you.
-
-Latanya Sweeney in a [paper](https://dataprivacylab.org/projects/identifiability/paper1.pdf) from 2000 used U.S. Census data to try and re-identify people solely based on the metrics available to her. She found that 87% of Americans could be identified based on only 3 metrics: ZIP code, date of birth, and sex.
-
-Obviously, being able to identify individuals based on publicly available data is a huge privacy issue.
-
-## History
-
-### Before Differential Privacy
-
-Being able to collect aggregate data is essential for research. It's what the U.S. Census does every 10 years.
-
-Usually we're more interested in the data as a whole and not data of individual people as it can show trends and overall patterns in groups of people. However, in order to get that data we must collect it from individuals.
-
-It was thought at first that simply [removing names and other obviously identifying details](https://simons.berkeley.edu/news/differential-privacy-issues-policymakers#:~:text=Prior%20to%20the%20line%20of%20research%20that%20led%20to%20differential%20privacy%2C%20it%20was%20widely%20believed%20that%20anonymizing%20data%20was%20a%20relatively%20straightforward%20and%20sufficient%20solution%20to%20the%20privacy%20challenge.%20Statistical%20aggregates%20could%20be%20released%2C%20many%20people%20thought%2C%20without%20revealing%20underlying%20personally%20identifiable%20data.%20Data%20sets%20could%20be%20released%20to%20researchers%20scrubbed%20of%20names%2C%20but%20otherwise%20with%20rich%20individual%20information%2C%20and%20were%20thought%20to%20have%20been%20anonymized.) from the data was enough to prevent re-identification, but [Latanya Sweeney](https://latanyasweeney.org/JLME.pdf) (a name that will pop up a few more times) proved in 1997 that even without names, a significant portion of individuals can be re-identified from a dataset by cross-referencing external data.
-
-Previous attempts at anonymizing data have relied on been highly vulnerable to re-identification attacks.
-
-#### AOL Search Log Release
-
-A famous example is the AOL search log release. AOL had been logging its users searches for research purposes. When they released the data, they only replaced the users' real names with an identifier. Researchers were able to identify [user 4417749](https://archive.nytimes.com/www.nytimes.com/learning/teachers/featured_articles/20060810thursday.html) as Thelma Arnold based on the identifying details of her searches.
-
-#### Strava Heatmap Incident
-
-In 2018, the fitness app Strava announced a major update to its heatmap, showing the workout patterns of users of fitness trackers like Fitbit.
-
-Analyst [Nathan Ruser](https://x.com/Nrg8000/status/957318498102865920) indicated that these patterns can reveal military bases and troop movement patterns. This is obviously a huge op-sec problem and can endanger the lives of troops.
-
-It was also possible to [deanonymize](https://steveloughran.blogspot.com/2018/01/advanced-denanonymization-through-strava.html) individual users in some circumstances.
-
-#### Randomized Response
-
-One of the earliest ideas for anonymizing data was [randomized response](https://uvammm.github.io/docs/randomizedresponse.pdf), first introduced all the way back in 1965 in a paper by Stanley L. Warner. The idea behind it is quite clever.
-
-For certain questions like "have you committed tax fraud?" respondents will likely be hesitant to answer truthfully. The solution? Have the respondent flip a coin. If the coin is tails, answer yes. If the coin lands on heads, answer truthfully.
-
-| Respondent | Answer | Coin Flip (not included in the actual dataset just here for illustration) |
-| --- | --- | --- |
-| 1 | Yes | Tails (Answer Yes) |
-| 2 | No | Heads (Answer Truthfully) |
-| 3 | Yes | Tails (Answer Yes) |
-| 4 | Yes | Tails (Answer Yes) |
-| 5| No | Heads (Answer Truthfully) |
-
-Because we know the exact probability that a "Yes" answer is fake, 50%, we can remove it and give a rough estimate of how many respondents answered "Yes" truthfully.
-
-Randomized Response would lay the groundwork for differential privacy, but it wouldn't truly be realized for many decades.
-
-#### Unrelated Question Randomized Response
-
-A variation used later in a [paper](https://www.jstor.org/stable/2283636) by Greenberg et al. called **unrelated question randomized response** would present each respondent with either a sensitive question or a banal question like "is your birthday in January?" to increase the likelihood of people answering honestly, since the researcher doesn't know which question was asked.
-
-| Respondent | Question (not visible to researcher) | Answer |
-| --- | --- | --- |
-| 1 | Have you ever committed tax evasion? | No |
-| 2 | Is your birthday in January? | Yes |
-| 3 | Is your birthday in January? | No |
-| 4 | Have you ever committed tax evasion? | Yes |
-| 5 | Have you ever committed tax evasion? | No |
-
-#### k-Anonymity
-
-Latanya Sweeney and Pierangela Samarati introduced [k-anonymity](https://dataprivacylab.org/dataprivacy/projects/kanonymity/paper3.pdf) to the world back in 1998.
-
-It's interesting that even all the way back in 1998 concerns constant data collection were already relevant.
-
-> Most actions in daily life are recorded on some computer somewhere. That information in turn is often shared, exchanged, and sold. Many people may not care that the local grocer keeps track of which items they purchase, but shared information can be quite sensitive or damaging to individuals and organizations. Improper disclosure of medical information, financial information or matters of national security can have alarming ramifications, and many abuses have been cited.
-
-In a dataset, you might have removed names and other obviously identifying information, but there might be other data such as birthday, ZIP code, etc., that might be unique to one person in the dataset. If someone were to cross-reference this data with outside data, it could be possible to deanonymize individuals.
-
-k-anonymity means that for each row, at least k-1 other rows are identical. So for a k of 2, at least one other row is identical to each row.
-
-##### Generalization
-
-This is achieved through a few techniques, one of which is generalization. Generalization is reducing the precision of data so that it's not as unique.
-
-For example, instead of recording an exact age, you might give a range like 20-30. You've probably noticed this on surveys you've taken before. Data like this that's not directly identifiable but could be used to re-identify someone is referred to as *quasi-identifiers*.
-
-##### Suppression
-
-Sometimes even with generalization, you might have outliers that don't satisfy the k-anonymity requirements.
-
-In these cases, you can simply remove the row entirely.
-
-##### Attacks on k-Anonymity
-
-k-anonymity has been [demonstrated](https://www.usenix.org/system/files/sec22-cohen.pdf) to not prevent re-identification of individuals despite the data in a dataset being properly k-anonymized by "statistical experts".
-
-Researchers were able to deanonymize 3 students from a k-anonymized dataset from Harvard and MIT's EdX platform by cross-referencing data from LinkedIn, putting potentially thousands of students at risk of re-identification.
-
-### Dawn of Differential Privacy
-
-Most of the concepts I write about seem to come from the 70s and 80s, but differential privacy is a relatively new concept. It was first introduced in a paper from 2006 called [*Calibrating Noise to Sensitivity in Private Data Analysis*](https://desfontain.es/PDFs/PhD/CalibratingNoiseToSensitivityInPrivateDataAnalysis.pdf).
-
-The paper introduces the idea of adding noise to data to achieve privacy, similar to randomized response. However, differential privacy is much more mathematically rigorous and provable.
-
-Of course, adding noise to the dataset reduces its accuracy. Ɛ defines the amount of noise added to the dataset, with a small Ɛ meaning more privacy but less accurate data and vice versa. It's also referred to as the "privacy loss parameter" or "privacy budget".
-
-#### Central Differential Privacy
-
-This early form of differential privacy relied on adding noise to the data *after* it was already collected, meaning you still have to trust a central authority with the raw data.
-
-## Google RAPPOR
-
-In 2014, Google introduced [Randomized Aggregatable Privacy-Preserving Ordinal Response](https://arxiv.org/pdf/1407.6981) (RAPPOR), their [open source](https://github.com/google/rappor) implementation of differential privacy.
-
-Google RAPPOR implements and builds on previous techniques such as randomized response and adds significant improvements on top.
-
-### Local Differential Privacy
-
-In Google's implementation, noise is added to data on-device before it's sent off to any server. This removes the need to trust the central authority to handle your raw data, an important step in achieving truly anonymous data collection.
-
-### Bloom Filters
-
-Google RAPPOR makes use of a clever technique called bloom filters that saves space and improves privacy.
-
-Bloom filters work by starting out with an array of all 0's
-
-`[0, 0, 0, 0, 0, 0, 0, 0, 0]`
-
-Then, you run data such as the word "apple" through a hashing algorithm, which will give 1's in specific positions, say position 1, 3, and 5.
-
-`[0, 1, 0, 1, 0, 1, 0, 0, 0]`
-
-When you want to check if data is present, you run the data through the hashing algorithm and check if the corresponding positions are 1's. If they are, the data *might* be present (other data might have flipped those same bits at some point). If any of the 1's are 0's, then you know for sure that the data is not in the set.
-
-### Permanent Randomized Response
-
-A randomization step is performed flipping some of the bits randomly. This response is then "memoized" so that the same random values are used for future reporting. This protects against an "averaging" attack where an attacker sees multiple responses from the same user and can eventually recover the real value by averaging them out over time.
-
-### Instantaneous Randomized Response
-
-On top of the permanent randomized data, another randomization step is performed. This time, different randomness is added on top of the permanent randomness so that every response sent is unique. This prevents an attacker from determining a user from seeing the same randomized pattern over and over again.
-
-Both the permanent and instantaneous randomized response steps can be fine-tuned to for the desired privacy.
-
-### Chrome
-
-Google first used differential privacy in their Chrome browser for detection of [malware](https://blog.chromium.org/2014/10/learning-statistics-with-privacy-aided.html).
-
-Differential privacy is also used in Google's [Privacy Sandbox](https://privacysandbox.google.com/private-advertising/aggregation-service/privacy-protection-report-strategy).
-
-### Maps
-
-Google Maps uses DP for its [place busyness](https://safety.google/privacy/data/#:~:text=To%20offer%20features%20like%20place%20busyness%20in%20Maps%2C%20we%20apply%20an%20advanced%20anonymization%20technology%20called%20differential%20privacy%20that%20adds%20noise%20to%20your%20information%20so%20it%20can%E2%80%99t%20be%20used%20to%20personally%20identify%20you.) feature, allowing Maps to show you how busy an area is without revealing the movements of individual people.
-
-### Google Fi
-
-[Google Fi](https://opensource.googleblog.com/2019/09/enabling-developers-and-organizations.html) uses differential privacy as well to improve the service.
-
-## OpenDP
-
-[OpenDP](https://opendp.org) is a community effort to build open source and trustworthy tools for differential privacy. Their members consist of academics from prestigious universities like Harvard and employees at companies like Microsoft.
-
-There's been an effort from everyone to make differential privacy implementations open source, which is a breath of fresh air from companies that typically stick to closed source for their products.
-
-## Apple
-
-[Apple](https://www.apple.com/privacy/docs/Differential_Privacy_Overview.pdf) uses local differential privacy for much of its services, similar to what Google does. They add noise before sending any data off device, enabling them to collect aggregate data without harming the privacy of any individual user.
-
-They limit the number of contributions any one user can make via a *privacy budget* (this is the same as Ɛ) so you won't have to worry about your own contributions being averaged out over time and revealing your own trends.
-
-This allows them to find new words that people use that aren't included by default in the dictionary, or find which emojis are the most popular.
-
-Some of the things they use differential privacy for include
-
-- QuickType suggestions
-- Emoji suggestions
-- Lookup Hints
-- Safari Energy Draining Domains
-- Safari Autoplay Intent Detection
-- Safari Crashing Domains
-- Health Type Usage
-
-That's just based on their initial white paper, they've likely increased their use of DP since then.
-
-### Sketch Matrix
-
-Apple uses a similar method to Google, with a matrix initialized with all zeros. The input for the matrix is encoded with the SHA-256 hashing algorithm, and then bits are flipped randomly at a probability dependent on the epsilon value.
-
-Apple only sends a random row from this matrix instead of the entire thing in order to stay within their privacy budget.
-
-### See What's Sent
-
-You can see data sent with differential privacy in iOS under Settings > Privacy > Analytics > Analytics Data, it will begin with `DifferentialPrivacy`. On macOS, you can see these logs in the Console.
-
-## U.S. Census
-
-Differential privacy isn't just used by big corporations, in 2020 famously the U.S. Census used DP to protect the data of U.S. citizens for the first time.
-
-As a massive collection of data from numerous U.S. citizens, it's important for the census bureau to protect the privacy of census participants while still preserving the overall aggregate data.
-
-### Impetus
-
-Since the 90s, the U.S. Census used a less formal injection of statistical noise into their data, which they did all the way through 2010.
-
-After the 2010 census, the bureau tried to [re-identify individuals](https://www2.census.gov/library/publications/decennial/2020/census-briefs/c2020br-03.pdf) in the census data.
-
->The experiment resulted in reconstruction of a dataset of more than 300 million individuals. The Census Bureau then used that dataset to match the reconstructed records to four commercially available data sources, to attempt to identify the age, sex, race, and Hispanic origin of people in more than six million blocks in the 2010 Census.
-
-Considering 309 million people lived in the U.S. in 2010, that's a devastating breach of personal privacy. Clearly more formal frameworks for protecting the privacy of individuals were needed.
-
->Nationwide, roughly 150 million individuals—almost one-half of the population, have a unique combination of sex and single year of age at the block level.
-
-They could keep adding noise until these attacks are impossible, but that would make the data nigh unusable. Instead, differential privacy offers a mathematically rigorous method to protect the data from future re-identification attacks without ruining the data by adding too much noise. They can be sure thanks to the mathematical guarantees of DP.
-
-## DPrio
-
-Mozilla has been constantly working to make their telemetry more private over the years. Firefox uses [Prio](https://blog.mozilla.org/security/2019/06/06/next-steps-in-privacy-preserving-telemetry-with-prio/), a [Distributed Aggregation Protocol](https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap)-based telemetry system. It uses Multi-Party Computation to split the processing of user data between multiple parties.
-
-To accomplish this, [Mozilla](https://blog.mozilla.org/en/firefox/partnership-ohttp-prio/) partnered with [Divvi Up](https://divviup.org/blog/divvi-up-in-firefox/) as their DAP provider, and [Fastly](https://www.fastly.com/blog/firefox-fastly-take-another-step-toward-security-upgrade) as their OHTTP provider. OHTTP acts as a multi-hop proxy to separate traffic between two parties when making a connection: neither Mozilla nor Fastly will know both who you are and what you're connecting to.
-
-In 2023 researchers from Mozilla also conducted research into making Prio differentially private. The so-named "[DPrio](https://petsymposium.org/popets/2023/popets-2023-0086.pdf)" would combine multi-party computation, OHTTP, and differential privacy in a very impressive display of privacy protection. Unfortunately I couldn't find any evidence to suggest that DPrio has been implemented, but something to keep a lookout for in the future.
-
-## Future of Differential Privacy
-
-Differential privacy unlocks the potential for data collection with minimal risk of data exposure for any individual. Already, DP has allowed for software developers to improve their software, for new possibilities in research in the health sector and in government organizations.
-
-Adoption of scientifically and mathematically rigorous methods of data collection allows for organizations to collect aggregate data will allow for increased public trust in organizations and subsequently greater potential for research that will result in improvements to our everyday lives.
-
-I think for there to be more public trust there needs to be a bigger public outreach. That's my goal with this series, I'm hoping to at least increase awareness of some of the technology being deployed to protect your data, especially since so much of the news we hear is negative. Armed with the knowledge of what's available, we can also demand companies and organizations use these tools if they aren't already.
-
-It's heartening to see the level of openness and collaboration in the research. You can see a clear improvement over time as each paper takes the previous research and builds on it. I wish we saw the same attitude with all software.
-
-## Further Research
-
-Any programmers interested in learning how to implement differential privacy can check out the book *[Programming Differential Privacy](https://programming-dp.com)* to see Python examples.
diff --git a/content/blog/posts/digital-provenance.md b/content/blog/posts/digital-provenance.md
deleted file mode 100644
index b9048f1c7..000000000
--- a/content/blog/posts/digital-provenance.md
+++ /dev/null
@@ -1,239 +0,0 @@
----
-date:
-    created: 2025-05-19T20:15:00Z
-categories:
-    - Opinion
-authors:
-    - fria
-tags:
-    - AI
-    - Content Credentials
-preview:
-  cover: blog/assets/images/digital-provenance/cover.jpg
----
-# The Power of Digital Provenance in the Age of AI
-
-![Article cover showing a painterly background with cool colors and the Content Credentials logo](../assets/images/digital-provenance/cover.jpg)
-<small aria-hidden="true">Photo: Kseniya Lapteva / Pexels | Logo: Content Credentials</small>
-
-With the popularity of generative AI, it's becoming more and more difficult to [distinguish](https://uwaterloo.ca/news/media/can-you-tell-ai-generated-people-real-ones) reality from fiction. Can this problem be solved using cryptography? What are the privacy implications of the currently proposed systems?<!-- more -->
-
-## The Problem
-
-Can you tell which of these images are AI generated?
-
-<div class="grid" markdown>
-
-![Group of geese by some water](../assets/images/digital-provenance/geese1.jpeg)
-
-![Group of geese by some water](../assets/images/digital-provenance/geese2.jpeg)
-
-![Group of geese by some water](../assets/images/digital-provenance/geese3.jpeg)
-
-![Group of geese by some water](../assets/images/digital-provenance/geese4.jpeg)
-
-</div>
-
-...Have a guess?
-
----
-
-Actually, they're all real. But the fact that you may have believed some of them were AI generated poses a problem: How can we tell where an image came from, if it was AI generated, and whether it was edited?
-
-## Provenance
-
-[Provenance](https://youtu.be/K56EhgfCDjs) is the history of ownership of an object, typically used when referring to antiques or art. Knowing the history of a piece of art can affect the value a lot, but you need a way to prove it's an original piece by the artist instead of a reproduction, or was owned by a famous person.
-
-Provenance can take many [forms](https://artbusiness.com/provwarn.html), from an original receipt or documentation from the artist themselves to stickers from a gallery attached to it. Typically, you want a signed [certificate](https://www.artcertificate.co.uk/?id_article=2267) from an expert on the artist in order to verify its authenticity.
-
-## Hoaxes
-
-It's important for historical preservation as well to know that an object is really from a certain time period. There's no shortage of [historical hoaxes](https://www.history.com/articles/7-historical-hoaxes). These can distort our view of history and make us all a bit dumber.
-
-### Cardiff Giant
-
-One of the most famous hoaxes was that of the [Cardiff Giant](https://www.history.com/articles/the-cardiff-giant-fools-the-nation-145-years-ago).
-
-An atheist named George Hull got into an argument with a preacher. Hull was frustrated with the preacher's literal interpretation of the bible, particularly his belief that giants were real.
-
-Hull devised a plan to trick the religious and make some money at the same time. He would have a statue of a giant man constructed and pass it off as a petrified human.
-
-After securing the materials needed, specifically a soft material called gypsum, he convinced a marble dealer to help him with his scheme. A pair of sculptors carved out the visage of a giant 10-foot man, with Hull posing as a model. They even poured sulfuric acid over it to give it an aged look.
-
-He settled on burying the giant in Cardiff, New York, where he cut a deal with a distant relative and farmer named William "Stub" Newell.
-
-On October 16, 1869, Newell hired an unsuspecting pair of workers to dig a well on his property. After they inevitably uncovered the giant, it wasn't long before the whole town was in a frenzy.
-
-![men surrounding a stone sculpture of a man in a hole in the ground doffing their hats](../assets/images/digital-provenance/cardiff-giant.jpg)
-
-<small aria-hidden="true">Photo: Wikimedia Commons (Public Domain)</small>
-
-Speculation that the sculpture was an ancient, petrified man quickly began to spread. Eventually, a syndicate of businessmen offered Newell $30,000 (worth $[705,438.97](https://www.in2013dollars.com/us/inflation/1869?amount=30000) in today's money) for a three-fourths stake, and he took them up on that offer.
-
-P.T. Barnum even tried to buy the sculpture, and after being turned down, he had a replica built and displayed it in a Manhattan museum. Several other copies were made afterward, and soon, there were petrified giants being exhibited all over the country.
-
-In a way that seems familiar to us now, you couldn't even be sure you were looking at the *real* hoax. Misinformation can so easily mutate and spread when left unchecked.
-
-A famed Yale paleontologist named Othniel Charles Marsh declared it "of very recent origin, and a most decided humbug." Unfortunately, as is so often the case, Hull had already cashed in on the fervor by the time experts had properly debunked his hoax.
-
-### AI Hoaxes
-
-Many modern hoaxes tend to make use of social media and focus on getting views and clicks over selling a physical object.
-
-[Miniminuteman](https://youtu.be/Pc2psN0PFTk) is a great YouTube channel covering misinformation on the internet, specifically about archaeology. Misinformation can spread quickly, especially now with the rise of generative AI that can make convincing fake images and videos.
-
-[Here](https://www.mediamatters.org/media/4016186/embed/embed) you can see an example of AI being used to make a fake Joe Rogan podcast clip. Now, whether or not you view Joe Rogan as a reliable source of information is another topic, but as one of the [most popular podcasts](https://podcastcharts.byspotify.com), his reach could be leveraged to spread dangerous misinformation like that a meteor is going to hit earth and kill everyone.
-
-The effort required is low, and the return is high. With TikTok's [Creator Rewards Program](https://www.tiktok.com/creator-academy/en/article/creator-rewards-program), content that's at least 60 seconds long and has high engagement will be rewarded. That means longer videos with alarming content like conspiracy theory videos will do very well since they will have lots of comments from people either fooled by the content posting about how scared they are or people debunking the claims. The insidious thing is the creators get rewarded either way.
-
-[Several](https://youtu.be/E4I6K8OEyho?si=wbWAUcLsjOA7yDnO) [history](https://youtu.be/cqrHmjGD1ds?si=k60RTO9MH177ASTS) [channels](https://youtu.be/HG1324unhcA?si=MuwglKd52FQ7iKU3) on YouTube have expressed their concerns about misinformation being spread about history through AI generated images and videos and how they can distort our view of the past. There's even the possibility that these AI generated images could end up polluting the historical record.
-
-## Content Authenticity Initiative
-
-In 2019, [Adobe announced](https://contentauthenticity.org/blog/test) that it was partnering with the New York Times and Twitter on a project to develop an industry standard for digital content attribution called the Content Authenticity Initiative.
-
-Twitter has since dropped out of the partnership.
-
-## Project Origin
-
-At the same time, [Project Origin](https://www.originproject.info) was designing their system for content transparency. This started as a partnership between Microsoft and the BBC.
-
-## C2PA
-
-The Coalition for Content Provenance and Authenticity, or [C2PA](https://c2pa.org), combines the efforts of Project Origin and the Content Authenticity Initiative. Together, they created the [C2PA standard](https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html) used to add verifiable provenance data to files, which they dub "Content Credentials."
-
-## Content Credentials
-
-[Content Credentials](https://contentcredentials.org) are the implementation of digital provenance by the C2PA, the culmination of years of research and development by major tech companies, from camera manufacturers to photo editing software and AI companies to social media sites.
-
-The way Content Credentials work draws on concepts both familiar and alien. The standard is designed to be flexible and cover the myriad ways media is used online.
-
-It's important to note that Content Credentials aren't attempting to determine "truth"; that's a much more complex and philosophical topic. Rather, they're trying to show where an image came from, edits made to it, its constituent parts, etc. so that you can decide for yourself if you trust the source. It's trying to show you that an image came from the BBC, rather than whether you should trust the BBC.
-
-### Manifest
-
-Content Credentials are contained in what's called the **manifest**. The manifest consists of the claim, claim signature, and assertions.
-
-![Example of a Manifest, with the Claim, Claim Signature, and Assertions inside](../assets/images/digital-provenance/manifest.svg)
-
-<small aria-hidden="true">Illustration: [C2PA](https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html)</small>
-
-The manifest is created by hardware or software called a "claim generator."
-
-Files can have multiple manifests, and the set of manifests comprise its provenance data.
-
-#### Assertions
-
-An assertion is labelled data such as the type of camera used, actions performed on the image such as color corrections, a thumbnail image, or other types of data.
-
-#### Claim
-
-The claim gathers together all the assertions and then hashes and cryptographically signs them. The claim is the part that backs up the assertions with cryptography; without it, there wouldn't be a way to verify the authenticity of the data.
-
-### Signatures
-
-The foundation is based around cryptographic signatures, similar to how you'd cryptographically sign software or text with a PGP signature.
-
-The parts of a file that are cryptographically verified are called "hard bindings." This allows programs to detect tampering.
-
-#### Certificate Authorities
-
-There are certificate authorities similar to how HTTPS works, which allow only signatures from trusted sources. Non-trusted signatures will give a warning in whatever C2PA-enabled software you're using.
-
-Content Credentials allow for each application to provide its own *trust lists*: lists of certificate authorities trusted by the application.
-
-The C2PA gives a few examples to illustrate. A news organization might rely on a non-profit organization that verifies the authenticity of sources through real-world due diligence. An insurance company might operate its own internal CA to verify only its own employees handled the images.
-
-### Ingredients
-
-However, what's interesting is Content Credentials can cover multiple assets being [combined](https://contentcredentials.org/verify?source=https%3A%2F%2Fcontentcredentials.org%2F_app%2Fimmutable%2Fassets%2Fhome2.91ab8f2d.jpg) and still be able to verify each element of the image. Each element is called an "ingredient." When the ingredients come together, the result is called a "composed asset," with "asset" referring to a digital media file or data stream.
-
-### Chain of Provenance
-
-It also supports a chain of provenance, showing all steps in the life cycle of the file that change its contents such as edits. These are referred to as "actions."
-
-The specification supports a list of pre-defined actions such as edits, changing the color, translating to a different language, etc. It's really quite flexible, but the flexibility of information that can be provided allows for more opportunities for errors and means you need to trust the entity providing the information more.
-
-An issue I noticed is when making edits using software that doesn't support Content Credentials, they will be corrupted and can't be read by verification programs. This poses a problem for the "unbroken chain of provenance" that the standard promises.
-
-These verification programs tend to offer a way to check against a database of images with Content Credentials, so you can find an image with unbroken provenance data. They use "soft bindings" or a type of fingerprinting of the image in order to find similar images in the database.
-
-I think this problem will be less and less of an issue when more software supports the standard. It will need to be so ubiquitous that image viewing programs don't trust images without provenance data, similar to how browsers don't trust websites without HTTPS. But for now with its very limited availability, that's not the case.
-
-### Privacy
-
-Since Content Credentials are all about attaching extra data to images, concerns about privacy are reasonable.
-
-However, it's important to remember that metadata has always existed in relation to digital files. Just like the metadata we've always had, Content Credentials are optional.
-
-Of course, it'll be up to programs we use to mediate what data is included. In order for the system to work as intended, certain things like "this photo was edited in Adobe Photoshop" will need to be automatically applied. Clear lines between personal data such as names, location, etc. need to be kept up to the user to add.
-
-Privacy was one of the stated goals when the C2PA was designing Content Credentials, and I think they've done a good job giving users control over their information.
-
-## Support
-
-There are several online verification tools you can use to try out Content Credentials. [ContentCredentials.org](https://contentcredentials.org) offers a [verification tool](https://contentcredentials.org/verify) that lets you upload a media file and check its Content Credentials. They have some example images on their site you can try, or you can upload images from elsewhere and see where Content Credentials are supported, for example you can upload any image generated in ChatGPT.
-
-Content Credentials also offers an official [command line tool](https://github.com/contentauth/c2pa-rs/releases?q=c2patool), so you can view exactly what data is being stored in the image. They provide some samples as well that you can play around with. To view the content credentials, just run
-
-```sh
-c2patool sample/C.jpg
-```
-
-for any image you want to inspect, replacing sample/C.jpg with a path to your image.
-
-### BBC
-
-The BBC is doing a limited trial run of Content Credentials with [BBC Verify](https://www.bbc.com/news/bbcverify). Not all media in these articles have Content Credentials attached. [This article](https://www.bbc.com/news/world-latin-america-68462851) has Content Credentials for the video at the bottom. They also ask for feedback, so feel free to provide some. I'd like to see more Content Credentials show up in news reporting, so please add your voice.
-
-### OpenAI
-
-OpenAI has embraced Content Credentials, with images generated using ChatGPT identifying themselves using Content Credentials. Try [generating an image](https://chatgpt.com) and upload it to the verification tool. You should see it identify the origin as OpenAI.
-
-### TikTok
-
-[TikTok](https://newsroom.tiktok.com/en-us/partnering-with-our-industry-to-advance-ai-transparency-and-literacy) became the first video sharing platform to support Content Credentials. For now, it's limited to being able to read Content Credentials from certain AI platforms. They say in the future they'll start labeling all content from TikTok with Content Credentials, but it seems they haven't enabled that yet, as if you download a video from TikTok, the C2PA verify tool will say it doesn't have any Content Credentials.
-
-### Leica
-
-Leica's [M11-P camera](https://leica-camera.com/en-US/photography/cameras/m/m11-p-black) is the first camera in the world to support Content Credentials. That's a huge step toward adoption; camera manufacturers need to support Content Credentials if they're going to be included from the creation of the image.
-
-### Nikon
-
-Nikon is planning to release a firmware update for their [Z6III](https://www.nikon.co.uk/en_GB/learn-and-explore/magazine/gear/nikon-z6iii-firmware-update-to-feature-content-verification) camera that will support Content Credentials.
-
-### Adobe
-
-Much of Adobe's [software](https://helpx.adobe.com/creative-cloud/help/content-credentials.html) supports Content Credentials, including Photoshop, Lightroom, and Adobe Camera Raw as well as Adobe's Firefly AI.
-
-### Qualcomm
-
-With the Snapdragon 8 Gen 3 chipset, Qualcomm is embedding Content Credential capabilities into the Trusted Execution Environment, allowing for Content Credentials to be added right as the photo is produced.
-
-## Limitations
-
-### Lack of Support
-
-Content Credentials will need widespread support at every level, from hardware OEMs to photo editing software vendors and AI generators to sites that host and display images. The rollout of Content Credentials will be slow, although more and more companies are starting to support them.
-
-There are still major players missing support like Apple and Android, which is a big problem considering how many images are taken, edited, and shared on smartphones. Once photos taken from your phone can be imbued with Content Credentials in the default camera app, we'll see much wider adoption I think.
-
-### Easy to Remove
-
-In my testing, any edits from a program that doesn't support Content Credentials will render them unreadable after that point. This problem won't be as bad if and when support for Content Credentials becomes widespread, since you can just decide not to trust images without them, sort of like not trusting a website without HTTPS. Platforms could even display a warning.
-
-But for now, removing Content Credentials won't be noticed.
-
-### Reliant on Certificate Authorities
-
-The system shares a flaw with HTTPS in that you need to rely on trusted Certificate Authorities to verify the validity of the information, except that Content Credentials are trying to verify a lot more information than just who originally made the image.
-
-Since anyone can add their own Content Credentials to an image, a warning is displayed similar to a certificate warning in your browser that the Content Credentials come from an untrusted entity.
-
-### Complexity
-
-One of the issues I ran into while researching was just how complex the standard is, since it needs to cover so many use cases and situations. This is pure speculation, but I can imagine the sheer complexity makes it unattractive for platforms to implement and maintain, which could be contributing to the very slow and partial rollout we're seeing on the platforms of even founding members of the project like the BBC.
-
-I think this will be less of an issue as it rolls out however, as platforms will likely be able to use each other's implementations, or at least reference them when implementing it on their platform.
-
-The standard is still in early stages and there's plenty of room to shape it and improve it in the future, so make your voice heard about how you want to see it implemented. I think with more awareness about Content Credentials, platforms will feel more pressure to support them, so if you want to see this feature on your favorite platform, speak up and gather support.
diff --git a/content/blog/posts/easyoptouts-review.md b/content/blog/posts/easyoptouts-review.md
deleted file mode 100644
index 0ca8c7144..000000000
--- a/content/blog/posts/easyoptouts-review.md
+++ /dev/null
@@ -1,611 +0,0 @@
----
-title: EasyOptOuts Review & Real-World Test
-description: "People-search sites represent an immense privacy risk to the majority of Americans. EasyOptOuts is a low-cost online service which automates opt-out requests on your behalf."
-date:
-    created: 2025-02-03T16:20:00Z
-categories:
-    - Reviews
-authors:
-    - jonah
-links:
-    - Data Removal Services: https://www.privacyguides.org/en/data-broker-removals/
-tags:
-    - People-Search Sites
-license: BY-SA
-template: review-article.html
-schema_type: ReviewNewsArticle
-review:
-  type: WebApplication
-  category: SecurityApplication
-  subcategory: People-Search Site Removal Tool
-  name: EasyOptOuts
-  alternateName: EasyOptOuts.com
-  price: 19.99
-  period: yr
-  website: https://easyoptouts.com/
-  rating: 4.5
-  pros:
-    - Saves enormous time compared to manual opt-outs.
-    - Exceptional value, priced an order of magnitude lower than much of its competition.
-    - Searches and opts-out of all supported sites extremely quickly.
-  cons:
-    - Fairly bare-boned interface.
-    - The 100+ supported websites is still not close to some of the more expensive alternatives.
-    - No manual/human interaction.
----
-![EasyOptOuts logo](../assets/img/data-broker-removals/easyoptouts.svg){ align=right itemprop="image" }
-
-**EasyOptOuts.com** is a $19.99/year [people-search site removal service](https://www.privacyguides.org/en/data-broker-removals/) which will search a number of different data broker sites and automatically submit opt-out requests on your behalf. They will perform the first search and removal process immediately, and then re-run the process every 4 months in case your data shows up on new sites over time.<!-- more -->
-
-[Homepage](https://easyoptouts.com)
-[Privacy Policy](https://easyoptouts.com/privacy)
-{ .pg:buttons }
-
-## Background
-
-People-search sites represent an immense privacy risk to the majority of Americans. For many, sensitive personal information such as your address, phone number, email, and age is a simple internet search away. While there is unfortunately no federal regulation in place to protect your data, many of these companies will remove your information from their public databases upon request. EasyOptOuts is a low-cost online service which automates these opt-out requests, saving you time and removing the need to constantly monitor new sites/databases for your personal information on a regular basis.
-
-*Privacy Guides* selected this service for review based on community reviews and various reporting from organizations including [Consumer Reports](https://discuss.privacyguides.net/t/consumer-reports-evaluating-people-search-site-removal-services/19948). In our best judgement, EasyOptOuts services consistently received the most positive feedback and results in terms of efficacy, so we prioritized its testing over other similar services due to our limited budget.
-
-The EasyOptOuts subscription was paid for by Privacy Guides. *Privacy Guides* did not contact EasyOptOuts regarding this review, or request free/discounted services before conducting this review.
-
-## Methodology
-
-*Privacy Guides* conducted this review with 2 volunteer subjects who agreed to allow us to use EasyOptOuts to attempt to remove their personal information from public people-search sites, then evaluate those results. Our subjects:
-
-- Are US citizens
-- Have never used a people-search removal service
-- Have never manually opted-out of people-search sites
-- Are homeowners
-- Do not live in a state with specific privacy regulations related to data brokers or people-search sites
-
-The information we provided to EasyOptOuts:
-
-- First and last name
-- Maiden name (if applicable)
-- Birth year
-- Current street address
-- Most recent previous address (if applicable)
-- Current phone number(s)
-- Current email address
-
-We did not provide the names of relatives as requested by EasyOptOuts, as they were not volunteers for this review. This is one potential limitation with our evaluation to keep in mind.
-
-!!! info "Disclaimer"
-
-    **Please note that this review is not intended to be a comprehensive evaluation of EasyOptOuts, as we are conducting this test with a very limited sample size.** We do not consider our results to be statistically significant. Rather, this review should be taken as an additional "real-world" data point for you to consider when evaluating this service. We encourage you to seek out other independent reporting to consider as well before making any purchase decision.
-
-## Initial Search
-
-*Privacy Guides* performed an initial search for personal information for each of our subjects on Google by searching for their first and last name in quotes, plus their current city and state (for example, `"Jane Doe" Chicago IL`). We then counted the number of unique results which contained their personal information in the title or description shown in Google.
-
-Using standard engine search results is one of the most common methods of discovering personal information, and typically represents the greatest risk to most people, so measuring the number of search engine results that are removed as a result of the opt-out process is one of our highest priority measurements.
-
-<div class="grid" markdown>
-
-<div markdown>
-
-**Person A (11 Google results):**
-
-    - 411.com
-    - thatsthem.com
-- blockshopper.com*
-    - fastpeoplesearch.com
-    - usphonebook.com
-    - spokeo.com
-    - truepeoplesearch.com
-    - information.com
-- peoplesearch.com*
-    - radaris.com
-    - peoplefinders.com
-
-</div>
-
-<div markdown>
-
-**Person B (10 Google results):**
-
-    - whitepages.com
-    - truepeoplesearch.com
-    - usphonebook.com
-    - fastpeoplesearch.com
-    - spokeo.com
-    - radaris.com
-    - information.com
-    - thatsthem.com
-- idcrawl.com*
-- peekyou.com*
-
-</div>
-
-</div>
-
-We also performed a manual search for their information on 15 different "high-priority" data brokers. These brokers represent either the most commonly used people-search sites, and/or cover numerous people-search sites with their databases, so having your data removed from these companies can have an outsized positive effect on your overall privacy.
-
-| Service | Person A | Person B |
-| ----- | ----- | ----- |
-| advancedbackgroundchecks.com | :warning: Found | :warning: Found |
-| beenverified.com | :warning: Found | :warning: Found |
-| checkpeople.com | :warning: Found | :warning: Found |
-| clustrmaps.com | :warning: Found | :warning: Found |
-| dataveria.com | :warning: Found | :warning: Found |
-| gladiknow.com | :warning: Found | :warning: Found |
-| infotracer.com | :warning: Found | :warning: Found |
-| intelius.com* | :warning: Found | :warning: Found |
-| peekyou.com* | :warning: Found | :warning: Found |
-| publicdatausa.com* | :warning: Found | :warning: Found |
-| radaris.com | :warning: Found | :warning: Found |
-| spokeo.com | :warning: Found | :warning: Found |
-| thatsthem.com | :warning: Found | :warning: Found |
-| usphonebook.com | :warning: Found | :warning: Found |
-| spyfly.com | :warning: Found | :warning: Found |
-| **Remaining Results** | **100%** | **100%** |
-
-It should be noted that EasyOptOuts does not claim or advertise that they have the ability to opt you out of some websites above, so we do not expect 100% coverage. However, the site compatibility of EasyOptOuts *is* a real-world limitation of the service we think you should consider before making a decision, so we intentionally did not limit our review to only the sites they advertise support for. The sites EasyOptOuts does *not* advertise support for are marked with an asterisk (*).
-
-## User Experience
-
-Registering a new account with EasyOptOuts was a very simple and easy-to-follow process. Their website does a great job explaining what is happening and why they need the data they're requesting at every step. Many of the fields are required, including your first and last name, year of birth, and precise street address. However, including your email addresses, phone numbers, and names of relatives in the search are optional. This is to be generally expected, as your precise data is needed to perform opt-out requests in the majority of cases. However, some competitors do allow you to provide a little less information, such as only your city/state instead of your exact current address, at the expense of potentially being less effective.
-
-The only payment processor in use by EasyOptOuts is PayPal, but they've enabled the option to accept credit card payments without an actual PayPal account. PayPal does default to creating a new account for you with this information, so if you want to avoid that you should uncheck the "Save info & create your PayPal account" option at checkout.
-
-We received a notification that the opt-out process had been completed approximately 1.5 hours after payment. This is much faster than many similar services will submit opt-out requests. However, as they note in the notification email: "Some sites remove data quickly, but some take weeks," so while the initial requests have been made, it will still take some time for them to actually go into effect.
-
-EasyOptOuts is able to provide its service at a much lower price point than competitors like Optery or DeleteMe because they have no manual/human intervention at any point in the opt-out process. This limits the amount of websites they are able to support, however. In fact, their emailed report explicitly recommends manually opting-out of PeopleConnect (Intelius) sites at <https://suppression.peopleconnect.us/login> because they are not able to do so with their automated systems.
-
-## 1 Week
-
-| Service | Person A | Person B |
-| ----- | ----- | ----- |
-| advancedbackgroundchecks.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| beenverified.com | :white_check_mark: Removed | :warning: Found |
-| checkpeople.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| clustrmaps.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| dataveria.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| gladiknow.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| infotracer.com | :white_check_mark: Removed | :warning: Found |
-| intelius.com* | :warning: Found | :warning: Found |
-| peekyou.com* | :warning: Found | :warning: Found |
-| publicdatausa.com* | :warning: Found | :warning: Found |
-| radaris.com | :warning: Found | :warning: Found |
-| spokeo.com | :warning: Found | :warning: Found |
-| thatsthem.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| usphonebook.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| spyfly.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| **Remaining Results** | **33%** | **46%** |
-
-It should be noted that some of these websites included "sponsored links" to *other* data-brokers in their search results. For example, while both people's data was removed from advancedbackgroundchecks.com's own internal database, the search results on advancedbackgroundchecks.com still included a sponsored link to their data on truthfinder.com, one of the websites operated separately by PeopleConnect which EasyOptOuts does not support. This means that manual intervention is still very important when using EasyOptOuts, to cover larger services like PeopleConnect which require more complex interaction.
-
-On Google we saw some reduction, but many results with sensitive information remained. This is something we'll monitor for future updates, as these results drop from Google's caches. Once again, the sites EasyOptOuts does not advertise support for are marked with an asterisk (*) in all of these tables.
-
-<div class="grid" markdown>
-
-<div markdown>
-
-**Person A (8 Google results):**
-
-    - thatsthem.com
-- blockshopper.com*
-    - fastpeoplesearch.com
-    - usphonebook.com
-    - information.com
-- peoplesearch.com*
-    - radaris.com
-    - fastpeoplesearch.com
-
-</div>
-
-<div markdown>
-
-**Person B (6 Google results):**
-
-    - truepeoplesearch.com
-    - usphonebook.com
-    - information.com
-    - fastpeoplesearch.com
-    - thatsthem.com
-- peekyou.com*
-
-</div>
-
-</div>
-
-## 1 Month
-
-| Service | Person A | Person B |
-| ----- | ----- | ----- |
-| advancedbackgroundchecks.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| beenverified.com | :white_check_mark: Removed | :warning: Found |
-| checkpeople.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| clustrmaps.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| dataveria.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| gladiknow.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| infotracer.com | :white_check_mark: Removed | :warning: Found |
-| intelius.com* | :warning: Found | :warning: Found |
-| peekyou.com* | :warning: Found | :warning: Found |
-| publicdatausa.com* | :warning: Found | :warning: Found |
-| radaris.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| spokeo.com | :white_check_mark: Removed | ::white_check_mark: Removed |
-| thatsthem.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| usphonebook.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| spyfly.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| **Remaining Results** | **20%** | **33%** |
-
-Once again, we also searched for their information on Google, and we noticed a reduction in exposure to basic search engines as we expected:
-
-<div class="grid" markdown>
-
-<div markdown>
-
-**Person A (4 Google results):**
-
-    - thatsthem.com
-- blockshopper.com*
-    - fastpeoplesearch.com
-- peoplesearch.com*
-
-</div>
-
-<div markdown>
-
-**Person B (2 Google results):**
-
-    - thatsthem.com
-- peekyou.com*
-
-</div>
-
-</div>
-
-## 3 Months
-
-| Service | Person A | Person B |
-| ----- | ----- | ----- |
-| advancedbackgroundchecks.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| beenverified.com | :white_check_mark: Removed | :warning: Found |
-| checkpeople.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| clustrmaps.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| dataveria.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| gladiknow.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| infotracer.com | :white_check_mark: Removed | :warning: Found |
-| intelius.com* | :warning: Found | :warning: Found |
-| peekyou.com* | :warning: Found | :warning: Found |
-| publicdatausa.com[^1] | :white_check_mark: Removed | :white_check_mark: Removed |
-| radaris.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| spokeo.com | :white_check_mark: Removed | ::white_check_mark: Removed |
-| thatsthem.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| usphonebook.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| spyfly.com | :white_check_mark: Removed | :white_check_mark: Removed |
-| **Remaining Results** | **13%** | **23%** |
-
-[^1]: While writing this article, EasyOptOuts added support for *publicdatausa.com*. This was first applicable during the "3 month" test, where we noticed the opt-out was successful.
-
-Once again, the sites EasyOptOuts does not advertise support for are marked with an asterisk (*). Finally, we searched for their information on Google, and there were no results from websites supported by EasyOptOuts remaining:
-
-<div class="grid" markdown>
-
-<div markdown>
-
-**Person A (1 Google result):**
-
-- blockshopper.com*
-
-</div>
-
-<div markdown>
-
-**Person B (2 Google results):**
-
-- idcrawl.com*
-- peekyou.com*
-
-</div>
-
-</div>
-
-## Additional Sites
-
-In addition to the websites we performed an [initial search](#initial-search) with, the EasyOptOuts report we received claimed to find and remove our participants' data from the following websites. While *Privacy Guides* did not search all of these sites in advance of the test to validate these results independently, searching tens or hundreds of smaller sites *is* one of the key advantages of using an automated service like EasyOptOuts.
-
-<div class="grid" markdown>
-
-<div markdown>
-
-**Person A:**
-
-??? warning "We found your information and performed opt-outs for the following 112 sites"
-
-    - 411.com
-    - advancedbackgroundchecks.com
-    - arrestwarrant.org
-    - backgroundcheck.run
-    - backgroundcheckers.net
-    - beenverified.com
-    - bumper.com, covered by beenverified.com
-    - centeda.com
-    - checkpeople.com
-    - checksecrets.com
-    - clubset.com
-    - clustrmaps.com
-    - councilon.com
-    - courtcasefinder.com
-    - curadvisor.com
-    - cyberbackgroundchecks.com
-    - dataveria.com
-    - familytreenow.com
-    - fastbackgroundcheck.com
-    - fastpeoplesearch.com
-    - findpeoplesearch.com
-    - freepeoplesearch.com
-    - gladiknow.com
-    - golookup.com
-    - goreversephone.com
-    - govwarrantsearch.org
-    - hudwayglass.com
-    - information.com
-    - infotracer.com
-    - inmatessearcher.com
-    - kidslivesafe.com
-    - kwold.com
-    - mugshotlook.com
-    - mylife.com
-    - neighbor.report
-    - neighborwho.com
-    - newenglandfacts.com
-    - numberguru.com
-    - nuwber.com
-    - officialusa.com
-    - ownerly.com
-    - people-background-check.com
-    - people-wizard.com
-    - peoplebyname.com
-    - peoplechk.com
-    - peoplefinders.com
-    - peoplelooker.com
-    - peoplesearch123.com
-    - peoplesearcher.com
-    - peoplesearchnow.com
-    - peoplesearchusa.org
-    - peoplesmart.com
-    - peopleswhizr.com
-    - peopleswiz.com
-    - peopleswizard.com
-    - peoplewhiz.com
-    - peoplewhiz.net
-    - peoplewhized.com
-    - peoplewhized.net
-    - peoplewhizr.com
-    - peoplewhizr.net
-    - peoplewiz.com
-    - peoplewizard.net
-    - peoplewizr.com
-    - personsearchers.com
-    - persontrust.com
-    - privaterecords.net
-    - privatereports.com
-    - pub360.com
-    - publicdatacheck.com
-    - publicinfoservices.com
-    - publicrecordreports.com
-    - publicsearcher.com
-    - quickpeopletrace.com
-    - radaris.com
-    - recordsfinder.com
-    - rehold.com
-    - reunion.com
-    - reverselookupaphonenumber.com
-    - reversephonecheck.com
-    - sealedrecords.net
-    - searchpeoplefree.com
-    - searchpublicrecords.com
-    - searchquarry.com
-    - secretinfo.org
-    - smartbackgroundchecks.com
-    - spydialer.com
-    - spyfly.com
-    - staterecords.org
-    - telephonedirectories.us
-    - texasarrests.org
-    - texasarrestwarrants.org
-    - thatsthem.com
-    - truepeoplesearch.com
-    - truthrecord.org
-    - unmask.com
-    - usa-people-search.com
-    - usatrace.com
-    - usphonebook.com
-    - usrecords.net
-    - uswarrants.org
-    - vehiclerelatedrecords.com
-    - verecor.com
-    - vericora.com
-    - veriforia.com
-    - verifyrecords.com
-    - veripages.com
-    - virtory.com
-    - weinform.org
-    - wellnut.com
-    - whitepages.com
-    - yellowbook.com
-
-??? info "We checked the following 10 sites, but didn't find any personal information, so we didn't perform opt-outs"
-
-    - americaphonebook.com
-    - floridaresidentsdirectory.com
-    - freepeopledirectory.com
-    - northcarolinaresidentdatabase.com
-    - ohioresidentdatabase.com
-    - peoplewin.com
-    - selfie.network
-    - selfie.systems
-    - spokeo.com
-    - unitedstatesphonebook.com
-
-</div>
-
-<div markdown>
-
-**Person B:**
-
-??? warning "We found your information and performed opt-outs for the following 107 sites"
-
-    - 411.com
-    - advancedbackgroundchecks.com
-    - arrestwarrant.org
-    - backgroundcheck.run
-    - backgroundcheckers.net
-    - beenverified.com
-    - bumper.com, covered by beenverified.com
-    - centeda.com
-    - checkpeople.com
-    - checksecrets.com
-    - clubset.com
-    - councilon.com
-    - courtcasefinder.com
-    - curadvisor.com
-    - cyberbackgroundchecks.com
-    - dataveria.com
-    - familytreenow.com
-    - fastbackgroundcheck.com
-    - fastpeoplesearch.com
-    - findpeoplesearch.com
-    - freepeoplesearch.com
-    - gladiknow.com
-    - golookup.com
-    - goreversephone.com
-    - govwarrantsearch.org
-    - hudwayglass.com
-    - information.com
-    - infotracer.com
-    - inmatessearcher.com
-    - kidslivesafe.com
-    - kwold.com
-    - mugshotlook.com
-    - neighborwho.com
-    - newenglandfacts.com
-    - numberguru.com
-    - nuwber.com
-    - ownerly.com
-    - people-background-check.com
-    - people-wizard.com
-    - peoplebyname.com
-    - peoplechk.com
-    - peoplefinders.com
-    - peoplelooker.com
-    - peoplesearch123.com
-    - peoplesearcher.com
-    - peoplesearchnow.com
-    - peoplesearchusa.org
-    - peoplesmart.com
-    - peopleswhizr.com
-    - peopleswiz.com
-    - peopleswizard.com
-    - peoplewhiz.com
-    - peoplewhiz.net
-    - peoplewhized.com
-    - peoplewhized.net
-    - peoplewhizr.com
-    - peoplewhizr.net
-    - peoplewiz.com
-    - peoplewizard.net
-    - peoplewizr.com
-    - personsearchers.com
-    - persontrust.com
-    - privaterecords.net
-    - privatereports.com
-    - pub360.com
-    - publicdatacheck.com
-    - publicinfoservices.com
-    - publicrecordreports.com
-    - publicsearcher.com
-    - quickpeopletrace.com
-    - radaris.com
-    - recordsfinder.com
-    - rehold.com
-    - reverselookupaphonenumber.com
-    - reversephonecheck.com
-    - sealedrecords.net
-    - searchpeoplefree.com
-    - searchpublicrecords.com
-    - searchquarry.com
-    - secretinfo.org
-    - smartbackgroundchecks.com
-    - spydialer.com
-    - spyfly.com
-    - staterecords.org
-    - telephonedirectories.us
-    - texasarrests.org
-    - texasarrestwarrants.org
-    - thatsthem.com
-    - truepeoplesearch.com
-    - truthrecord.org
-    - unmask.com
-    - usa-people-search.com
-    - usatrace.com
-    - usphonebook.com
-    - usrecords.net
-    - uswarrants.org
-    - vehiclerelatedrecords.com
-    - verecor.com
-    - vericora.com
-    - veriforia.com
-    - verifyrecords.com
-    - veripages.com
-    - virtory.com
-    - weinform.org
-    - wellnut.com
-    - whitepages.com
-    - yellowbook.com
-
-??? info "We checked the following 15 sites, but didn't find any personal information, so we didn't perform opt-outs"
-
-    - americaphonebook.com
-    - clustrmaps.com
-    - floridaresidentsdirectory.com
-    - freepeopledirectory.com
-    - mylife.com
-    - neighbor.report
-    - northcarolinaresidentdatabase.com
-    - officialusa.com
-    - ohioresidentdatabase.com
-    - peoplewin.com
-    - reunion.com
-    - selfie.network
-    - selfie.systems
-    - spokeo.com
-    - unitedstatesphonebook.com
-
-</div>
-
-</div>
-
-In addition, for all subscriptions EasyOptOuts says that "the following 10 sites aren't freely searchable. We always perform opt-outs for them:"
-
-- acxiom.com
-- adstradata.com
-- archives.com
-- backgroundalert.com (searchable, but covered by lexisnexis.com, which isn't searchable)
-- idtrue.com (searchable, but covered by lexisnexis.com, which isn't searchable)
-- lexisnexis.com
-- oracle.com
-- pipl.com
-- thomsonreuters.com
-- us.epsilon.com
-
-What this means is that EasyOptOuts will send the personal information you provide to these websites *regardless* of whether they have your information in the first place. While this is an unfortunate necessity if you want to ensure your data is removed from as many databases as possible, we would like to see this provided as an *option* during EasyOptOuts' registration process for people who would like to avoid this behavior.
-
-## Evaluation
-
-For our final evaluation, we will look at how many of the initial Google search engine results are no longer listed after 3 months, how many results from the 15 data brokers we initially measured were removed, and how many results from the subset of the 15 data brokers that EasyOptOuts advertises support for (13 total) were removed.
-
-The first two results are intended to benchmark the "real-world efficacy" of EasyOptOuts, i.e. how much of an impact you will immediately notice while using the service. The third result is intended to benchmark how well EasyOptOuts lives up to their own marketing claims.
-
-| | Person A | Person B |
-| ---- | ---- | ---- |
-| Percentage of Google search results removed | 90% | 80% |
-| Percentage of high-priority data brokers removed | 86% | 73% |
-| Percentage of *compatible* high-priority data brokers removed | 100% | 84% |
-
-Based on these results, I consider EasyOptOuts to be well worth the money. It made a substantial difference in the amount of real-world exposure for both subjects, with relatively little effort required. The amount of data remaining publicly accessible is a very manageable amount that can be manually dealt with afterward.
-
-It isn't a perfect service, and even our limited testing shows that your mileage may vary depending on your individual circumstances, but any reduction in the amount of data publicly available about you is a good thing, and if you're in the United States this is certainly an option worth considering.
diff --git a/content/blog/posts/email-security.md b/content/blog/posts/email-security.md
deleted file mode 100644
index ad7aa14c6..000000000
--- a/content/blog/posts/email-security.md
+++ /dev/null
@@ -1,285 +0,0 @@
----
-title: "Email Security: Where We Are and What the Future Holds"
-date:
-    created: 2025-11-15T22:45:00Z
-categories:
-    - Explainers
-authors:
-    - fria
-tags:
-    - Email
-license: BY-SA
-schema_type: BackgroundNewsArticle
-description: Email is ubiquitous. If you want to function in modern society, you pretty much have to have an email address. But is it really a good idea to still be relying on the same decades old techology? What can we do about replacing it?
-preview:
-  cover: blog/assets/images/email-security/cover.png
----
-![Email icon opening with an alert message inside](../assets/images/email-security/cover.png)
-
-<small aria-hidden="true">Illustration: fria / Privacy Guides</small>
-
-Email is ubiquitous. If you want to function in modern society, you pretty much have to have an email address. What was originally just a simple protocol to send messages between machines has morphed beyond what it was originally intended for into the *de facto* authentication, identity, and "secure" communication channel for almost all technology users today. It's been updated many times to fix security issues and there are more updates to come, but is it worth trying to fix a decades-old protocol, or should we scrap it all and start over?<!-- more -->
-
-## Current State of Email Security
-
-The [**Simple Mail Transport Protocol (SMTP)**](https://www.rfc-editor.org/rfc/rfc5321.html) is the standard used to send emails.
-
-Over the years, multiple protocols have been introduced to fix security issues and improve the usability of email, resulting in a complex mess that we're still feeling the consequences of to this day.
-
-### Encryption
-
-By default, there's no encryption in SMTP. Not transport encryption or end-to-end encryption, it's just a plaintext protocol.
-
-To remedy this, several solutions have been created.
-
-#### STARTTLS
-
-[STARTTLS](https://www.rfc-editor.org/rfc/rfc3207) is a command that allows email clients to negotiate TLS encryption. Importantly, the negotiation phase happens in plaintext which leaves it vulnerable to attackers.
-
-STARTTLS allows a bit more flexibility at the cost of some security. Since you don't really know if the recipient's email client supports TLS or not, it allows you to continue with the SMTP session anyway if you want to.
-
-Since it's just using TLS, STARTTLS can't provide E2EE, just transport encryption. The encryption looks something like:
-
-Encrypted between your email client and your SMTP server → decrypted at your SMTP server → Encrypted between your SMTP server and recipient's SMTP server → decrypted at recipient's SMTP server → encrypted between their SMTP server and their POP3/IMAP server → decrypted at their POP3/IMAP server → encrypted between their POP3/IMAP server and their email client → decrypted by their email client.
-
-``` mermaid
-flowchart LR
-    A[Email Client] -->|Optional TLS Encryption| B(SMTP Server)
-    B --> |Optional TLS Encryption| C(Other SMTP Server)
-    C -->|Optional TLS Encryption| D[POP3 or IMAP Server]
-    D -->|Optional TLS Encryption| F[Other Party's Email Client]
-```
-
-At each point in the process TLS encryption is not guaranteed. Now consider that you can have multiple recipients with their own SMTP servers as well, and you start to see how flimsy this protection can be. And since the initial negotiation is in plaintext, an attacker can simply strip away the STARTTLS command, preventing a secure connection from being established.
-
-Authentication is left to another protocol to solve, this just handles the transport encryption.
-
-#### SMTPS
-
-Also known as "Implicit TLS" (as opposed to the "Explicit TLS" of STARTTLS), SMTPS starts with an encrypted connection, similar to HTTPS, removing the potential for an adversary to downgrade the connection.
-
-The [current](https://datatracker.ietf.org/doc/html/rfc8314) recommendations are to use port 465 for SMTPS and port 587 for STARTTLS. Unfortunately, these ports aren't standardized and thus there is disagreement and confusion about what port should be used for SMTPS.
-
-In the past, ports 25, 465, 587, and 2525 have all been used for SMTP at various points. This lack of a standardized port means that you end up with services using different ports and being unable to establish a secure connection. Particularly, there is still confusion in some email providers whether to use port 465 or port 587 for SMTPS, although the current recommendation is port 465.
-
-#### POP3S
-
-[Post Office Protocol version 3](https://en.wikipedia.org/wiki/Post_Office_Protocol) or POP3 is a protocol for retrieving mail from a mail server. It's one of the ways your email client can show you your mail.
-
-POP3 also supports implicit TLS over port 995, so it can be encrypted by default as well.
-
-#### IMAPS
-
-[Internet Message Access Protocol](https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol) or IMAP is another protocol for retrieving mail from a mail server.
-
-Like SMTPS and POP3s, IMAP supports implicit TLS. The implicit TLS port is 993.
-
-#### OpenPGP
-
-The above features only protect the email in transit and don't protect against the email providers involved, which is a massive security issue if you don't trust your email provider. On top of that, you as a user have no control over which parts of the chain are encrypted. If you want to be sure that no party in between you and your recipient can read or alter your emails, you need to use end-to-end encryption. Unfortunately, by default, email doesn't support end-to-end encryption.
-
-[Pretty Good Privacy (PGP)](https://www.openpgp.org/about/) was originally created in 1997 by [Phil Zimmerman](https://www.privacyguides.org/videos/2025/05/08/when-code-became-a-weapon/). While originally proprietary software, an open source version of PGP called OpenPGP has been standardized by the [IETF](https://www.rfc-editor.org/rfc/rfc9580.html). As you can imagine from software originally conceived in the 90s, the user experience isn't the smoothest.
-
-Unlike modern messengers like [Signal](https://signal.org), OpenPGP requires you to [manually manage your keys](https://dev.to/adityabhuyan/how-to-generate-your-own-public-and-secret-keys-for-pgp-encryption-1joh). This is a problem not only because it's cumbersome, but the security of E2EE rests on protecting the private key. If the private key is compromised, your messages are compromised.
-
-PGP also lacks [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), meaning that if your private key is ever exposed, all previous messages you've ever sent using that key are also exposed. All it takes is a slight user error for a catastrophic compromise.
-
-PGP encryption also usually doesn't encrypt important metadata like `To`, `From`, `Cc`, `Date`, and `Subject`, stored in the [email header](https://en.wikipedia.org/wiki/Email#Message_header); usually, only the body of the email is encrypted, which can be a major privacy issue. What the email is about, who you are, and who you're messaging can all be revealed even with E2EE. Some email clients use their hidden headers that can reveal more data about you.
-
-#### S/MIME
-
-Another common option for email encryption is [S/MIME](https://www.digicert.com/faq/email-trust/what-is-smime-or-encrypted-email), or Secure/Multipurpose Internet Mail Extensions. S/MIME works a bit like HTTPS, using [X.509 digital certificates](https://www.ssl.com/faqs/what-is-an-x-509-certificate/) and [certificate authorities](https://www.digicert.com/blog/what-is-a-certificate-authority) to encrypt and verify the authenticity of emails.
-
-While a step up from the manual keys of PGP, S/MIME is still a pain to use, particularly because it usually requires purchasing and managing a certificate from a CA, which can be expensive and annoying. S/MIME also lacks forward secrecy just like PGP, so if there's ever a compromise of your private key, all previously sent messages are also compromised.
-
-These issues make S/MIME nonviable for most people outside business settings.
-
-#### Web Key Directory
-
-A problem with PGP is getting your public key out to people without manually exchanging keys. This problem can be solved with Web Key Directory (WKD), which allows you to upload your public PGP key to a server and clients that want to send E2EE emails to you can ask that server to send you their public key.
-
-You can read more on our [email security](https://www.privacyguides.org/en/basics/email-security/?h=email#what-is-the-web-key-directory-standard) page.
-
-### Authentication
-
-SMTP by default essentially has no authentication and allows spoofing the `MAIL FROM` header. Your email client will just blindly accept whoever the sender says they are without any authentication. Luckily, there are several solutions for this.
-
-There are multiple methods that email providers can implement to verify the authenticity of an email sender.
-
-#### SPF
-
-The first solution implemented was [Sender Policy Framework (SPF)](https://datatracker.ietf.org/doc/html/rfc7208). SPF uses [DNS TXT records](https://www.cloudflare.com/learning/dns/dns-records/dns-txt-record/).
-
-Just like the name sounds, a DNS TXT record allows you to store text in a [DNS record](https://www.cloudflare.com/learning/dns/dns-records/). Here's an example of what a DNS TXT record might look like:
-
-| example.com | record type | value | TTL |
-|-------------|--------------|--------|-----|
-| @           | TXT          | "color=blue" |99999|
-
-SPF lists all the servers that are authorized to send from a specific domain. When an email is received, it checks the sending server against the list of authorized servers for that domain. An SPF record might look like this:
-
-| example.com | record type | value | TTL |
-|-------------|--------------|--------|-----|
-| @ | TXT | "v=spf1 ip4:200.56.78.99 ip4:156.67.109.43 include:_spf.google.com -all" |99999|
-
-The IP addresses are the ones that are authorized to send email from this domain. The `include:` tag denotes what third-party domains are allowed to send email on behalf of `example.com`. The third-party SPF record will be checked and included in the allowed IP addresses.
-
-While a good start, SPF still has several glaring weaknesses. Since it relies on DNS, an attack on the DNS infrastructure could cause spoofed DNS data to be accepted.
-
-Since SPF doesn't authenticate individual users, it's still possible for a sender to impersonate another user. SPF does not authenticate the `MAIL FROM` header. If you try to send an email from a gmail.com domain, but the server doesn't match gmail.com, it will fail.
-
-SPF has a few different modes, allowing for a hard fail, soft fail, or completely ignoring it. `-all` means an email that fails will be rejected, `~all` will mark emails that fail as insecure or spam but still send them, and `+all` will specify that any server is allowed to send emails on behalf of your domain.
-
-This flexibility, while convenient, allows for the security benefits of SPF to be completely undermined.
-
-#### DKIM
-
-[DomainKeys Identified Mail (DKIM)](https://www.cloudflare.com/learning/dns/dns-records/dns-dkim-record/) relies on public key cryptography to verify the domain of an email.
-
-Example of a DKIM DNS TXT record:
-
-| name | record type | value | TTL |
-|-------------|--------------|--------|-----|
-| test-email._domainkey.example.com | TXT | "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY+7sGVwvyS8w+3HgJk7EviazH+C4L8gV4gOJzAq9oKJjZ5En7LDEw3FqAh8C0M59c9sBQcC+Kj8VxMBY9y+E0Pm1fPK9V7sI3Gm7yE7Y9yU4uVZr8R3N+5z+qZ+7V76RU4oZ0mtSvw8m3pX1hZyHd7NZfXaFfKfgd18W5T7YQIDAQAB" | 9999 |
-
-DKIM records are stored under a specific name following the format
-
-`[selector]_domainkey.[domain]`
-
-The public and private keys are generated by the email provider, such as gmail.com. The public key is stored in a publicly available DNS TXT record like the one seen above and is used by the receiver to verify messages. The private key is kept secret by the email provider.
-
-Emails sent from the email provider contain a DKIM header with a signature generated from the private key and the content of the message. If the email message is altered or signed with the wrong key, when the receiver verifies the signature using the public key it will be obvious it was altered.
-
-An example of a DKIM header:
-
-`v=1; a=rsa-sha256; d=example.com; s=test-email; h=from:to:subject bh=uMixy0BsCqhbru4fqPZQdeZY5Pq865sNAnOAxNgUS0s=;b=LiIvJeRyqMo0gngiCygwpiKphJjYezb5kXBKCNj8DqRVcCk7obK6OUg4o+EufEbBtRYQfQhgIkx5m70IqA6dP+DBZUcsJyS9C+vm2xRK7qyHi2hUFpYS5pkeiNVoQk/Wk4wZG4tu/g+OA49mS7VX+64FXr79MPwOMRRmJ3lNwJU=`
-
-`v=` shows the version of DKIM, currently version one is the latest (we'll come back to that later). `a=` shows the algorithm used. `d=` shows the domain of the sender. `s=` denotes the selector that is used in the TXT record. `h=` shows the headers that were used to create the signature. `bh=` shows a hash of the body of the email. `b=` is the signature computed from the listed headers and the hash of the body listed in `bh`.
-
-In this way, not only does DKIM provide assurance that the email was sent from the correct domain, it also protects the integrity of the message. However, since the keys are controlled by your email provider, it can't stop your email provider from tampering with your messages.
-
-Note also that this has nothing to do with encryption of the message, only verifying the authenticity and sender. The message is still sent in plaintext unless another component encrypts it.
-
-#### DMARC
-
-[Domain-based Message Authentication Reporting and Conformance (DMARC)](https://www.cloudflare.com/learning/dns/dns-records/dns-dmarc-record/) is an authentication method that builds on SPF and DKIM. DMARC tells a receiving email server what to do after checking the SPF and DKIM. If the email fails, the DMARC policy tells the receiver whether to mark it as spam, block it, or allow it through.
-
-DMARC also uses TXT records. An example DMARC policy might look like
-
-`v=DMARC1; p=quarantine; adkim=s; aspf=s;`
-
-The `v=` shows the version of DMARC to use. The `p=` shows what should be done with emails if they fail, in this case `quarantine` means the receiver should put the email in the user's spam folder. `reject` can be specified as well to show that emails that fail should be outright blocked. `adkim=` tells how DKIM should be enforced, with `s` meaning "strict"; for relaxed, `r` is listed instead. Ditto for `aspf=`.
-
-#### DNSSEC
-
-You may have noticed that all of these authentication methods rely on DNS. Unfortunately, DNS wasn't designed to be secure when it was invented in the 1980s. Ironically, there's no authentication built into DNS by default, so by attacking DNS, a malicious actor can [poison](https://www.cloudflare.com/learning/dns/dns-cache-poisoning/) your DNS cache with false information.
-
-[Researchers at CMU in 2014](https://www.sei.cmu.edu/blog/probable-cache-poisoning-of-mail-handling-domains/) found that emails that were supposedly to be sent by Gmail, Yahoo!, and Outlook.com were actually being sent by a rogue email server. This is disastrous for security and breaks the entire email authentication system. There are many such cases of attacks on DNS infrastructure and many more [possible attacks](https://www.akamai.com/glossary/what-are-dns-attack-vectors) on DNS.
-
-The solution? [DNSSEC](https://www.cloudflare.com/learning/dns/dnssec/how-dnssec-works/). DNSSEC uses digital signatures to verify the authenticity of the DNS response. Unfortunately, DNSSEC isn't as widely used as it could be so DNS attacks are still a real threat.
-
-DNSSEC forms a [chain of trust](https://en.wikipedia.org/wiki/Chain_of_trust), with each zone forming a parent/child relationship all the way up to the [root zone](https://www.cloudflare.com/learning/dns/glossary/dns-root-server/).
-
-The public key infrastructure (PKI) that we rely on for things like HTTPS in browsers similarly relies on a chain of trust, but web PKI relies on many trusted entities whereas DNSSEC effectively reduces it to one: the IANA which signs the root zone key in a [root signing ceremony](https://www.cloudflare.com/learning/dns/dnssec/root-signing-ceremony/).
-
-Effectively, DNSSEC is designed so that you can be sure the results of a DNS query are accurate.
-
-#### DANE
-
-DNS-Based Authentication of Named Entities or DANE applies the security of DNSSEC to email. It forces TLS to be used and binds the TLS certificate to DNS names directly using TLSA, thus allowing email providers to bypass the certificate authority system relied on by HTTPS.
-
-#### MTA-STS
-
-[MTA-STS](https://www.mailhardener.com/kb/mta-sts) or Mail Transfer Agent Strict Transport Security is a way to force TLS connections for email and validate that the DNS is correct. Instead of DNSSEC, MTA-STS relies on HTTPS and the web PKI to validate DNS. It's not stored as a DNS record but instead an HTTPS server that serves the file.
-
-You can think of MTA-STS like HSTS, HTML Strict Transport Security, which forces the use of TLS for websites. It's the same principal, just applied to email.
-
-The extra reliance on web PKI introduces more trust than with DNSSEC, but it's easier to implement and relies on the already-established infrastructure of the internet.
-
-Both DANE and MTA-STS can be used together for a multilayered approach to email security.
-
-### General Security
-
-#### Email as a Backdoor into Your Accounts
-
-Something seldom discussed is the fact that email is the default 2FA method for most accounts and also can be used to bypass your password through the password reset function on the login screen of most services. This essentially means the security of all of your accounts rests on the security of your email, which can be very shaky and lacks E2EE usually. It's most comparable to SMS 2FA which is also used a lot of the time as a method for getting into accounts when you forgot your password.
-
-I touched on this a bit in my [passkey article](toward-a-passwordless-future.md), but we need to stop relying on email for security critical applications and start using proper recovery methods like recovery codes. Email should be used for what it's intended for: sending messages and updates to people, announcements, etc.
-
-#### Third-Party Clients
-
-Many email providers such as Gmail provide their own clients for you to view your inbox, send messages, etc. But many people choose to use third-party clients for their email needs.
-
-While it's great that email can support that, it does mean you need to trust another party with your sensitive email and essentially the security of all of your accounts. Not to mention that email clients can have [vulnerabilities](https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/), so you need to be very careful about which one you trust.
-
-#### Email Attack Surface
-
-A big part of the reason email clients can be so vulnerable to exploits is the vast attack surface afforded by things like JavaScript support in emails. This puts email clients dangerously close to the same territory as browsers in terms of attack surface but without the same level of scrutiny or hardening effort that goes into browsers.
-
-Since almost anyone can email you at any time, you have to trust that your email client vendor is able to protect you against [vulnerabilities](https://www.csoonline.com/article/1308164/microsoft-outlook-flaw-opens-door-to-1-click-remote-code-execution-attacks.html) and also has timely patches when they're found.
-
-Luckily, lots of email clients let you disable JavaScript and HTML if you want, but not all do, and email clients can have lots of other vulnerabilities as well not related to JavaScript.
-
-## Future of Email Security
-
-It's been a multi-decade cross-industry effort to bring email up to snuff as a modern communication system, and we still have a long way to go. There's still efforts to improve the state of email security, so look out for these in the future.
-
-### Improvements to OpenPGP
-
-The IETF has a [working group](https://datatracker.ietf.org/wg/openpgp/about/) for OpenPGP that wants to add many improvements to OpenPGP, including post-quantum encryption, forward secrecy, and usability improvements.
-
-Key transparency is also a planned feature, similar to what apps like [WhatsApp](https://scontent.xx.fbcdn.net/v/t39.8562-6/379264560_846690136905658_6336040801441930900_n.pdf?_nc_cat=108&ccb=1-7&_nc_sid=e280be&_nc_ohc=gNmDlLkE0DMQ7kNvwEyKONi&_nc_oc=AdmucQjSjoTw2nXUszYeZNStyUHGqvM2pj3oRVV7qI4xmLEJMmY2pUV29WcOnKC1KpA&_nc_zt=14&_nc_ht=scontent.xx&_nc_gid=5lSqV7L5iCqeiMSQDCwN0w&oh=00_AfXoxrF8ukQtSVZM_BCBDbveIDviQPfn0kDEV8pSbxX1SQ&oe=68AB9400) have implemented. Key transparency systems use an append-only, auditable and tamper-evident log of keys that allows you to automatically verify the authenticity of whoever you're messaging with.
-
-There's even a plan to add the ability to verify keys manually using QR codes, similar to how some messengers let you manually verify keys.
-
-### Improvements to S/MIME
-
-The [LAMPS](https://datatracker.ietf.org/wg/lamps/about/) working group is looking at adding post-quantum encryption to S/MIME to protect against future quantum computer threats. This would include "dual-signature" schemes combining traditional encryption with PG encryption, similar to how some messengers handle it.
-
-### DKIM2
-
-[DKIM2](https://www.ietf.org/archive/id/draft-gondwana-dkim2-motivation-00.html) is the planned next version of DKIM.
-
-An issue with the current version of DKIM is a malicious actor taking emails signed with DKIM from a different domain and replaying them, spamming them out to thousands of people and eroding trust in the original domain. The new DKIM2 specification would force each hop the email takes along its path to sign it, so any issues will be the fault of the previous hop.
-
-DKIM2 aims to simplify the protocol and make it more standardized. For example, in practice, the vast majority of DKIM is singed using relaxed methods, so DKIM2 will only support relaxed.
-
-The fact that DKIM relies on an explicit list of headers as part of the signature, there is inconsistent signing of headers and some security-critical headers might not be signed. In order to prevent attackers from adding headers that weren't originally part of the email, providers would sign headers with no information in them. DKIM2 would specify a fixed set of headers in alignment with best practices, so there won't be a need to specify headers.
-
-### DMARCbis
-
-[DMARCbis](https://datatracker.ietf.org/doc/draft-ietf-dmarc-dmarcbis/) is a proposed updated version of DMARC.
-
-The `pct` tag is going away, which was a tag that would only allow a specified percentage of emails, say 50%, to be sent if they failed. Apparently, this wasn't implemented properly so now it's being replaced with the `t` mode that is a binary pass or fail.
-
-The new `np` tag adds the ability to define what to do with a non-existent subdomain of a real domain. This will prevent cybercriminals from subverting DMARC by using a fake subdomain.
-
-They are also adding [requirements](https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-41#name-conformance-requirements-fo) that mail providers must meet to fully conform to the specification, which should eliminate questions about best practices and how DMARC should be implemented.
-
-### Deprecation of Cleartext Email
-
-Since there are now protocols in place to at least allow for transport encryption at every stage of the email process, providers should work on [removing support](https://datatracker.ietf.org/doc/html/rfc8314#section-4.1) for unencrypted email entirely.
-
-Transport encryption between servers now should be the minimum expected for email services going into the future.
-
-### Passkeys
-
-The adoption of [passkeys](https://fidoalliance.org/passkeys/) will eliminate the need for email as a recovery method, since users won't have to remember passwords. Email can be used for what it was originally intended for: a method of communication and sending updates and announcements, nothing more. This will take a concerted effort from service providers though, and it seems for now most services that support passkeys still require and email for some reason. Here's hoping this changes in the future.
-
-The adoption of passkeys will also make email services themselves more secure, since at the moment they act as a sort of de facto recovery method for all of our accounts. They should focus on deprecating passwords for improved security.
-
-### Wider Adoption of DNSSEC
-
-DNSSEC should be universally adopted to prevent DNS poisoning attacks. This would drastically improve the security of email.
-
-### Guidance for E2EE
-
-The usability of E2EE in email is significantly lacking compared to other methods of communication, especially modern messengers like Signal that make the E2EE very seamless and simple. The handling of E2EE by email clients can also vary a lot and leave email users [vulnerable to bypasses](https://efail.de) for the E2EE.
-
-An [RFC](https://www.ietf.org/archive/id/draft-ietf-lamps-e2e-mail-guidance-17.html) to address usability issues and best practices for email clients exists, hopefully it can lead to a future of improved user experience and security in email.
-
-### SMTP End-to-End Encryption
-
-The biggest obstacle in the way of email privacy is it's not E2EE by default like most modern messengers we use daily. Some providers like Proton Mail will automatically encrypt emails between [Proton Mail](https://proton.me/support/manage-encryption#:~:text=Proton%20Mail%20encrypts%20all%20emails%20sent%20between%20Proton%20accounts%20with%20end%2Dto%2Dend%20encryption%20(E2EE)) users. The obvious next step is to build E2EE into SMTP itself.
-
-An [RFC proposal](https://dcrubro.com/files/smtp-ee2esign-latest.txt) exists for just such an idea. I'm hopeful something like this can be standardized and widely adopted, and finally bring email into the 21st century.
diff --git a/content/blog/posts/encryption-is-not-a-crime.md b/content/blog/posts/encryption-is-not-a-crime.md
deleted file mode 100644
index 5f73d7e0c..000000000
--- a/content/blog/posts/encryption-is-not-a-crime.md
+++ /dev/null
@@ -1,183 +0,0 @@
----
-date:
-    created: 2025-04-11T16:00:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: Encryption is not a crime, encryption protects us all. Encryption, and especially end-to-end encryption, is an essential tool to protect everyone online. Attempts to undermine encryption are an attack to our fundamental right to privacy and an attack to our inherent right to security and safety.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/encryption-is-not-a-crime/encryption-is-not-a-crime-cover.webp
----
-# Encryption Is Not a Crime
-
-![Photo of a red key on an all black background.](../assets/images/encryption-is-not-a-crime/encryption-is-not-a-crime-cover.webp)
-
-<small aria-hidden="true">Photo: Matt Artz / Unsplash</small>
-
-Contrary to what some policymakers seem to believe, whether naively or maliciously, encryption is not a crime. Anyone asserting encryption is a tool for crime is either painfully misinformed or is attempting to manipulate legislators to gain oppressive power over the people.<!-- more -->
-
-Encryption is not a crime, encryption is a shield.
-
-Encryption is the digital tool that protects us against all sorts of attacks. It is the lock on your digital door preventing harmful intruders from entering your home. Encryption is also the door itself, protecting your privacy and intimacy from creepy eavesdroppers while you go about your life.
-
-It's not a crime to lock your home's door for protection, **why would it be a crime to lock your digital door?**
-
-[Encryption protects you](privacy-means-safety.md) from cyberattack, identity theft, discrimination, doxxing, stalking, sexual violence, physical harm, and much more.
-
-## Who says encryption is a crime
-
-Anyone who is well-informed will find it hard to believe someone could want to sabotage such fantastic protection.
-
-Yet, [year](https://www.wired.com/1993/02/crypto-rebels/) after [year](https://www.wired.com/story/a-new-era-of-attacks-on-encryption-is-starting-to-heat-up/), oppressive regimes and lazy or greedy [law enforcement](https://www.techradar.com/computing/cyber-security/anonymity-is-not-a-fundamental-right-experts-disagree-with-europol-chiefs-request-for-encryption-back-door) entities around the world have attempted to [undermine encryption](https://www.howtogeek.com/544727/what-is-an-encryption-backdoor/) using the pretext this is needed to "solve crime", despite all the experts *repeatedly* warning on how [unnecessary](https://arstechnica.com/tech-policy/2019/08/post-snowden-tech-became-more-secure-but-is-govt-really-at-risk-of-going-dark/) and [dangerous](https://www.globalencryption.org/2020/11/breaking-encryption-myths/) this would be. And this is without accounting for all the countries where encryption is *already* [severely restricted](https://www.gp-digital.org/world-map-of-encryption/), such as Russia, China, India, Iran, Egypt, Cuba, and others.
-
-Whether breaking encryption is brought up naively by misinformed authorities, or as a disguised excuse for mass surveillance is up for debate.
-
-Nevertheless, the result is the same: An attempt to destroy **a tool we all need to stay safe**.
-
-## Encryption is a protective shield
-
-Encryption, moreover end-to-end encryption, is a tool we all use in our digital life to stay safe.
-
-In today's world, the boundary between online and offline life is largely dissolved. Almost everything we do "offline" has a record of it "online". Online life is regular life now. It's not just your browsing history.
-
-Your medical record from a visit at the clinic, your purchase transaction from a trip to the store, your travel photos saved in the cloud, your text conversations with your friends, family, and children, are all likely protected with encryption, perhaps even with *end-to-end* encryption.
-
-Such a large trove of personal data needs to be protected against eavesdropping and malicious attacks for everyone to stay safe.
-
-Encryption offers this protection. End-to-end encryption all the more.
-
-## What is end-to-end encryption, and what is the war against it
-
-End-to-end encryption is a type of encryption where only the intended recipient(s) have the ability to decrypt (read) the encrypted data.
-
-This means that if you send a message through [Signal](https://signal.org/) for example, only the participants to this conversation will be able to read the content of this conversation. Even Signal cannot know what is being discussed on Signal.
-
-This greatly annoys some over-controlling authorities who would like to be granted unlimited power to spy on anyone anytime they wish, for vaguely defined purposes that could change at any moment.
-
-End-to-end encryption can also mean a situation where you are "both ends" of the communication.
-
-For example, when enabling Apple's [Advanced Data Protection for iCloud](https://support.apple.com/en-ca/guide/security/sec973254c5f/web) (ADP), it activates end-to-end encryption protection for almost all of iCloud data, including photos. This means that even Apple could not see your photos, or be forced to share your photos with a governmental entity.
-
-Without ADP, Apple can read or share your photos (or other data) if they are legally compelled to, or if they feel like it. The same is true for Google's services, Microsoft's services, and any other online services that aren't end-to-end encrypted.
-
-This is at the root of the latest attack on encryption:
-
-In February this year, it was reported that [Apple was served with a notice](uk-forced-apple-to-remove-adp.md) from the UK's Home Office to force it to break ADP's end-to-end encryption. In response, Apple removed access to ADP from the UK entirely, making this protection unavailable to UK residents.
-
-Do not mistakenly think this attack is limited to the UK and Apple users, however. If this regulation notice or a similar one gets enforced, it would **impact the whole world.** Other countries would likely soon follow, and other services would likely soon get under attack as well.
-
-Moreover, do not feel unaffected just because you use end-to-end encryption with [Signal](https://www-svt-se.translate.goog/nyheter/inrikes/signal-lamnar-sverige-om-regeringens-forslag-pa-datalagring-klubbas?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp) or [Proton](https://www.techradar.com/vpn/vpn-privacy-security/secure-encryption-and-online-anonymity-are-now-at-risk-in-switzerland-heres-what-you-need-to-know) services instead of Apple, they are both **under attack** as well in this war.
-
-Just in recent years, the war against encryption has affected the [US](https://www.eff.org/deeplinks/2023/04/earn-it-bill-back-again-seeking-scan-our-messages-and-photos), the [UK](https://www.bbc.co.uk/news/articles/cgj54eq4vejo), [Sweden](https://www.globalencryption.org/2025/04/joint-letter-on-swedish-data-storage-and-access-to-electronic-information-legislation/), [France](https://www.laquadrature.net/en/warondrugslaw/), [Australia, New Zealand, Canada, India, Japan](https://www.theverge.com/2020/10/12/21513212/backdoor-encryption-access-us-canada-australia-new-zealand-uk-india-japan), and all the European Union countries with proposals such as [Chat Control](the-future-of-privacy.md/#chat-control-wants-to-break-end-to-end-encryption).
-
-## The arguments given to break encryption make no sense
-
-Authoritarian entities generally use the same populist excuses to justify their senseless demands. "Protecting the children" is always a fashionable disingenuous argument.
-
-Because no one would disagree that protecting the children is important, it is often used as an attempt to deceitfully make an irrefutable argument to justify breaking encryption.
-
-The problem is, **breaking encryption doesn't protect the children**, it [endangers](https://www.theguardian.com/technology/2022/jan/21/end-to-end-encryption-protects-children-says-uk-information-watchdog) them.
-
-When law enforcement officials claim they need to be able to read everyone's messages and see everyone's personal photos to be able to fight child predators, they seem to neglect that:
-
-- This means they will expose the children's messages, contact information, locations, and photos in the process, potentially *endangering the children further*.
-
-- Exposing everyone's data will make this data much more likely to be found and exploited by criminals, making *everyone* more vulnerable to attacks.
-
-- Predators will simply move to underground channels, [unbothered](https://www.schneier.com/blog/archives/2015/07/back_doors_wont.html).
-
-They use the same kind of deceptive argument trying to justify weakening the protections we have to supposedly catch "criminals" and "terrorists".
-
-Of course the exact definition of what is a "criminal" or a "terrorist" is always vague and subject to change. In the past, human rights activists and authoritarian regime dissidents have been labeled as such, climate change activists as well, LGBTQ+ people even in some countries. Maybe next year this label will include "DEI advocates", who knows where they draw the line and what can be considered a "criminal" worth spying on.
-
-You *cannot* remove everyone's right to privacy and protection from harm while pretending it is to protect them. No one who is well-informed and well-intended could possibly consider this a smart thing to do.
-
-**An attack on end-to-end encryption isn't an attack on criminals, it's an attack on all of us.**
-
-## Magical backdoor only for "the good guys" is a complete fantasy
-
-Let's say the strategy is akin to creating a MagicalKey that unlocks every door (a magical key because thinking encryption backdoors would only be used by "the good guys" is a great example of [magical thinking](https://www.britannica.com/science/magical-thinking)).
-
-Imagine, for the sake of this exercise, the MagicalLock for this MagicalKey is impossible to pick, and imagine only police officers have MagicalKeys. Let's say one thousand police officers each have a MagicalKey.
-
-They argue they need to be able to unlock anyone's door if they suspect a crime is happening inside. "It's for safety!"
-
-Overtime, let's say only 1% of the police officers accidentally lose their MagicalKey. This kind of things happen. Now 10 MagicalKeys are lost in the wild and could be used by anyone else, for any purposes, including crime.
-
-Then, let's say only 0.1% of police officers get corrupted by a crime gang. That's just one right? This corrupted "good guy" lets the gang create a double of the MagicalKey. Which crime gang wouldn't want a key that can magically open any door? They pay the police officer good money for this. It's an investment.
-
-Now, the gang creates doubles of the MagicalKey they have. They obfuscate its serial number, so it cannot be traced back to them. They use it subtly at first to avoid detection. They make sure they never leave traces behind, so victims have no idea their door got unlocked.
-
-During this time, they steal your data, they sell it, they use it to impersonate you, they use it to harm you and your loved ones.
-
-Then, another criminal figures out on their own how to emulate a MagicalKey without even having access to one. The criminal creates a reproducible mold for this Emulated-MagicalKey and sells it to other criminals on the criminal market. Now, the MagicalKey™️ is available to any criminals looking for it. Restrictions on the backdoor are off. **Your personal data is up for grabs.**
-
-This is what is going to happen if backdoors are implemented in end-to-end encryption. But don't worry they say, "it's only for the good guys!".
-
-At least, the criminals' data will also be up for grabs, right?
-
-Nope! The criminals knew about this, so they just started using different channels that weren't impacted. Criminals will have their privacy intact, they don't care about using illegal tools, but **your legal privacy protections will be gone**.
-
-*Backdoored* end-to-end encryption isn't end-to-end anymore, it's just open-ended encryption. This offers pretty much no protection at all.
-
-## Ignoring experts doesn't make facts disappear
-
-Where is the opposition to this? Where are the experts pushing against this nightmare? Everywhere.
-
-Thankfully, opposition has been strong, despite the relentless ignorance or malevolence from authoritarian authorities repeatedly pushing against encryption.
-
-Many people and groups have been fighting valiantly to defend our collective right to privacy and security. Countless experts have patiently taken the time to explain [again](https://signal.org/blog/uk-online-safety-bill/) and [again](https://www.globalencryption.org/2020/10/cdt-gpd-and-internet-society-reject-time-worn-argument-for-encryption-backdoors/) and [again](https://www.schneier.com/wp-content/uploads/2016/09/paper-keys-under-doormats-CSAIL.pdf) how an encryption backdoor only for "the good guys" is simply impossible.
-
-Weakening encryption to let "the good guys" enter, lets *anyone* enter, including criminals. There is no way around this.
-
-Seemingly ignoring warnings and advice from the most respected specialists in the field, authoritarian officials continue to push against encryption. So much so that it has become difficult to assume good intent misguided by ignorance at this point.
-
-Unfortunately, ignoring the experts or silencing the debate will not make the facts magically disappear.
-
-In an encouraging development this week, Apple [won a case](https://www.bbc.co.uk/news/articles/cvgn1lz3v4no) fighting an attempt from the UK Home Office to hide from the public details of their latest attack on encryption.
-
-This battle and all battles to protect our privacy rights, *must* be fought is broad daylight, for all to see and to support.
-
-## Fight for encryption rights everywhere you can
-
-The war against encryption isn't anything new, it has been happening for decades. However, the quantity of data, personal and sensitive data, that is collected, stored, and shared about us is much larger today. It is essential we use the proper tools to secure this information.
-
-This is what have changed, and what is making encryption and end-to-end encryption even more indispensable today.
-
-Mass surveillance will not keep us safe, it will endanger us further and damage our democracies and freedoms in irreparable ways.
-
-We must fight to keep our right to privacy, and use of strong end-to-end encryption to protect ourselves, our friends, our family, and yes also to protect the children.
-
-### How can you support the right to encryption?
-
-- [x] Use end-to-end encryption everywhere you can.
-
-- [x] Talk about the benefits of end-to-end encryption to everyone around you, especially your loved ones less knowledgeable about technology. Talk about how it is essential to protect everyone's data, including the children's.
-
-- [x] Use social media to promote the benefits of end-to-end encryption and post about how it protects us all.
-
-- [x] Write or call your government representatives to let them know you care about end-to-end encryption and are worried about dangerous backdoors or chat control proposals.
-
-- [x] Support organizations fighting for encryption, such as:
-
-    - [Global Encryption Coalition](https://www.globalencryption.org/)
-
-    - [Open Rights Group](https://www.openrightsgroup.org/campaign/save-encryption/)
-
-    - [Fight For The Future](https://www.makedmssafe.com/)
-
-    - [Signal app](https://signal.org/donate/)
-
-    - [Internet Society](https://www.internetsociety.org/open-letters/fix-the-take-it-down-act-to-protect-encryption/)
-
-    - [Electronic Frontier Foundation](https://www.eff.org/issues/end-end-encryption)
-
-    - [Privacy Guides](https://www.privacyguides.org/en/about/donate/) 💛
-
-Finally, have a look at our [recommendations](https://www.privacyguides.org/en/tools/) if you want to start using more tools protecting your privacy using end-to-end encryption.
-
-This is a long war, but the importance of it doesn't allow us to give up.
-
-We must continue fighting for the right to protect our data with end-to-end encryption, **we owe it to ourselves, our loved ones, and the future generations.**
diff --git a/content/blog/posts/firefox-privacy-2021-update.md b/content/blog/posts/firefox-privacy-2021-update.md
deleted file mode 100644
index 9d42d393d..000000000
--- a/content/blog/posts/firefox-privacy-2021-update.md
+++ /dev/null
@@ -1,76 +0,0 @@
----
-date:
-    created: 2021-12-01T19:00:00Z
-categories:
-    - Reviews
-authors:
-    - dngray
-links:
-    - 'Desktop Browsers<br><small>Firefox</small>': https://www.privacyguides.org/desktop-browsers/#firefox
-tags:
-    - Browsers
-    - Firefox
-license: CC0
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/firefox-privacy/cover.webp
----
-# Firefox Privacy: 2021 Update
-
-![Firefox Privacy cover](../assets/images/firefox-privacy/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash</small>
-
-A lot changed between 2019 and now, not least with regard to Firefox. Since our last post, Mozilla has [improved](https://blog.mozilla.org/en/products/firefox/latest-firefox-rolls-out-enhanced-tracking-protection-2-0-blocking-redirect-trackers-by-default/) privacy with [Enhanced Tracking Protection (ETP)](https://blog.mozilla.org/en/products/firefox/firefox-now-available-with-enhanced-tracking-protection-by-default/). Earlier this year Mozilla introduced [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/) (Dynamic First Party Isolation dFPI). This was then further tightened with [Enhanced Cookie Clearing](https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/). We’re also looking very forward to [Site Isolation](https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/) (code named Fission) being enabled by default in the coming releases.<!-- more -->
-
-Now that so many privacy features are built into the browser, there is little need for extensions made by third-party developers. Accordingly, we have updated our very outdated [browser](https://www.privacyguides.org/desktop-browsers/) section. If you’ve got an old browser profile we suggest **creating a new one**. Some of the old advice may make your browser *more* unique.
-
-## Privacy Tweaks “about:config”
-
-We’re no longer recommending that users set `about:config` switches manually. Those switches need to be up-to-date and continuously maintained. They should be studied before blindly making modifications. Sometimes their behavior changes in between Firefox releases, is superseded by other keys, or gets removed entirely. We do not see any point in duplicating the efforts of the community [Arkenfox](https://github.com/arkenfox/user.js) project. Arkenfox has very good documentation in their [wiki](https://github.com/arkenfox/user.js/wiki), and we use it ourselves.
-
-## LocalCDN and Decentraleyes
-
-These extensions aren’t required with Total Cookie Protection (TCP), which is enabled if you’ve set Enhanced Tracking Protection (ETP) to **Strict**.
-
-Replacing scripts on CDNs with local versions is not a comprehensive solution and is a form of [enumeration of badness](https://www.ranum.com/security/computer_security/editorials/dumb/). While it may work with some scripts that are included it doesn’t help with most other third-party connections.
-
-CDN extensions never really improved privacy as far as sharing your IP address was concerned and their usage is fingerprintable as this Tor Project developer [points out](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22089#note_2639603). They are the wrong tool for the job and are not a substitute for a good VPN or Tor. Its worth noting the [resources](https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources) for Decentraleyes are hugely out of date and would not be likely used anyway.
-
-## NeatURLs and ClearURLs
-
-Previously we recommended ClearURLs to remove tracking parameters from URLs you might visit. These extensions are no longer needed with uBlock Origin’s [`removeparam`](https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam) feature.
-
-## HTTPS Everywhere
-
-The EFF announced back in September they were [deprecating HTTPS-Everywhere](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) as most browsers now have an HTTPS-Only feature. We are pleased to see privacy features built into the browser and Firefox 91 introduced [HTTPS by Default in Private Browsing](https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-https-by-default-in-private-browsing/).
-
-## Multi Account Containers and Temporary Containers
-
-Container extensions aren’t as important as they used to be for privacy now that we have [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/).
-
-Multi Account Container will still have some use if you use [Mozilla VPN](https://en.wikipedia.org/wiki/Mozilla_VPN) as it is going to be [integrated](https://github.com/mozilla/multi-account-containers/issues/2210) allowing you to configure specified containers to use a particular VPN server. Another use might be if you want to log in to multiple accounts on the same domain.
-
-## Just-In-Time Compilation (JIT)
-
-What is “Disable JIT” in Bromite? This option disables the JavaScript performance feature [JIT](https://en.wikipedia.org/wiki/Just-in-time_compilation). It can increase security but at the cost of performance. Those trade-offs vary wildly and are explored in [this](https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/) publication by Johnathan Norman from the Microsoft Edge team. This option is very much a security vs performance option.
-
-## Mozilla browsers on Android
-
-We don’t recommend any Mozilla based browsers on Android. This is because we don’t feel that [GeckoView](https://mozilla.github.io/geckoview) is quite as secure as it could be as it doesn’t support [site isolation](https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture), soon to be coming in desktop browsers or [isolated processes](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196).
-
-We also noticed that there isn’t an option for [HTTPS-Only mode](https://github.com/mozilla-mobile/fenix/issues/16952#issuecomment-907960218). The only way to get something similar is to install the [deprecated](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) extension [HTTPS Everywhere](https://www.eff.org/https-everywhere).
-
-There are places which Firefox on Android shines for example browsing news websites where you may want to *partially* load some JavaScript (but not all) using medium or hard [blocking mode](https://github.com/gorhill/uBlock/wiki/Blocking-mode). The [reader view](https://support.mozilla.org/en-US/kb/view-articles-reader-view-firefox-android) is also pretty cool. We expect things will change in the future, so we’re keeping a close eye on this.
-
-## Fingerprinting
-
-Firefox has the ability to block known third party [fingerprinting resources](https://blog.mozilla.org/security/2020/01/07/firefox-72-fingerprinting/). Mozilla has [advanced protection](https://support.mozilla.org/kb/firefox-protection-against-fingerprinting) against fingerprinting (RFP is enabled with Arkenfox).
-
-We do not recommend extensions that promise to change your [browser fingerprint](https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/). Some of those extensions [are detectable](https://www.cse.chalmers.se/~andrei/codaspy17.pdf) by websites through JavaScript and [CSS](https://hal.archives-ouvertes.fr/hal-03152176/file/style-fingerprinting-usenix.pdf) methods, particularly those which inject anything into the web content.
-
-This includes **all** extensions that try to change the user agent or other browser behavior to prevent fingerprinting. We see these often recommended on Reddit and would like to say that they will likely make you more unique and can be circumvented. Arkenfox has [a good list](https://github.com/arkenfox/user.js/wiki/4.1-Extensions) of extensions you could use, and a list of ones you [needn't bother with](https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-dont-bother). We also like to say testing sites which show you how unique you are in a set of users are often using hugely tainted results that are not indicative of real-world usage.
-
-----------
-
-*Special thanks to [Thorin-Oakenpants](https://github.com/Thorin-Oakenpants) and [Tommy](https://tommytran.io) for their help with providing advice and further documentation during the research phase.*
diff --git a/content/blog/posts/firefox-privacy.md b/content/blog/posts/firefox-privacy.md
deleted file mode 100644
index f12cc29a1..000000000
--- a/content/blog/posts/firefox-privacy.md
+++ /dev/null
@@ -1,158 +0,0 @@
----
-date:
-    created: 2019-11-09T19:00:00Z
-categories:
-    - Reviews
-authors:
-    - jonah
-links:
-    - posts/firefox-privacy-2021-update.md
-tags:
-    - Browsers
-    - Firefox
-license: BY-SA
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/firefox-privacy/cover.webp
----
-# Firefox Privacy: Tips and Tricks for Better Browsing
-
-!["Firefox Privacy" cover image](../assets/images/firefox-privacy/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash</small>
-
-Mozilla Firefox is one of the most popular web browsers around, and for good reason. It's fast, secure, open-source, and it's backed by an organization that actually respects your privacy. Unlike many other Chrome alternatives and forks, it has a massive development team behind it that publishes new updates on a constant, regular basis. Regular updates don't only mean shiny new features, it means you'll also receive security updates that will keep you protected as you browse the web.<!-- more -->
-
-Because of all of this, [we recommend Firefox](https://www.privacyguides.org/desktop-browsers/#firefox) as our general-purpose browser for most users. It's the best alternative to Chrome and Edge for privacy conscious individuals.
-
-Firefox is fantastic out of the box, but where it really shines is customizability. By adjusting Firefox privacy settings and using helpful add-ons, you can increase your privacy and security even further. Making those changes is what we're going to go over in this Firefox privacy guide.
-
-Before we get started, there's a couple of things that should be noted that are not only applicable to this guide, but privacy in general:
-
-## Considerations
-
-Protecting your privacy online is a tricky proposition, there are so many factors to take into consideration on an individual basis for any one guide or site to cover comprehensively. You will need to take into account things like threat modeling and your general preferences before making any changes or following any recommendations.
-
-### Threat Modeling
-
-What is [threat modeling](https://www.privacyguides.org/basics/threat-modeling/)? Consider who you're trying to keep your data hidden from. Do you need to keep your information hidden from the government, or just the average stranger? Maybe you are just looking to alternatives to Big Tech like Google and Facebook. You'll also want to consider how much time and resources you want to spend hiding your data from those "threats". Some solutions might not be feasible from a financial or time standpoint, and you'll have to make compromises. Taking all those questions into account creates a basic threat model for you to work with.
-
-We want to publish a more complete guide on threat modeling in the future, so stay tuned to this blog for further updates. But for now, just keep those thoughts in the back of your mind as we go through this article. Not every solution might be for you, or conversely you may need to pay more attention to certain areas we aren't able to cover completely.
-
-### Browser Fingerprinting
-
-Another consideration is your browser's fingerprint. When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using more common tracking tools, like cookies.
-
-That's right, add-ons contribute to your fingerprint. Another thing a lot of people miss when they are setting up their browser is that more is not always the best solution to their problems. You don't need to use every add-on and tweak we recommend installed, and the more you configure, the greater chance there is that your browser will appear more unique to websites. Think about your specific situation and pick and choose the add-ons and tweaks we recommend only if you think they will help you.
-
-## Firefox Privacy Settings
-
-We'll start off with the easy solutions. Firefox has a number of privacy settings built in, no add-ons necessary! Open your Options page (Preferences on macOS) and we'll go through them one at a time.
-
-### DNS over HTTPS
-
-DNS (or the Domain Name System) is what your browser uses to turn domain names like `privacyguides.org` into IP addresses like `65.109.20.157`. Because computers can only make connections to IP addresses, it's necessary to use DNS every time you visit a new domain. But DNS is unencrypted by default, that means everyone on your network (including your ISP) can view what domains you're looking up, and in some situations even change the IP answers to redirect you to their own websites! Encrypting your DNS traffic can shield your queries and add some additional protection to your browsing.
-
-Encrypted DNS takes many forms: DNS over HTTPS (DoH), DNS over TLS, DNSCrypt, etc., but they all accomplish the same thing. They keep your DNS queries private from your ISP, and they make sure they aren't tampered with in transit between your DNS provider. Fortunately, Firefox recently added native DoH support to the browser. On the **General** page of your preferences, scroll down to and open **Network Settings**. At the bottom of the window you will be able to select "Enable DNS over HTTPS" and choose a provider.
-
-Keep in mind that by using DoH you're sending all your queries to a single provider, probably Cloudflare unless you choose [another provider](https://www.privacyguides.org/dns/) that supports DNS over HTTPS. While it may add some privacy protection from your ISP, you're only shifting that trust to the DoH provider. Make sure that's something you want to do.
-
-It should also be noted that even with DoH, your ISP will still be able to see what domain you're connecting to because of a technology called Server Name Indication (SNI). Until SNI is encrypted as well, there's no getting around it. Encrypted SNI (eSNI) is in the works — and can actually be [enabled on Firefox](https://blog.cloudflare.com/encrypt-that-sni-firefox-edition/) today — but it only works with a few servers, mainly ones operated by Cloudflare, so its use is limited currently. Therefore, while DoH provides some additional privacy and integrity protections, its use as a privacy tool is limited until other supplemental tools like eSNI and [DNSSEC](https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en) are finalized and implemented.
-
-### Change Your Search Engine
-
-This is an easy one. In the **Search** tab, change your **Default Search Engine** to something other than Google. Out of the built-in options, DuckDuckGo is the most privacy respecting service, but there's a number of [search engines we would recommend](https://www.privacyguides.org/search-engines/) that can be easily installed as well.
-
-### Enhanced Tracking Protection
-
-Now we'll delve into the biggest set of options for people like us, Firefox's **Privacy & Security** tab. First up is their **Enhanced Tracking Protection**. This set of filters is set to Standard by default, but we'll want to change it to Strict for more comprehensive coverage.
-
-In rare occasions, Strict browsing protections might cause some of the websites you visit to not function properly. But there's no need to worry! If you suspect the Strict browsing protection is breaking a website you visit frequently, you can disable it on a site by site basis with the shield icon in the address bar.
-
-Disabling Enhanced Tracking Protection will of course decrease your privacy on that site, so you will have to consider whether that's something you are willing to compromise on, on a site-by-site basis.
-
-Another benefit of Firefox's Enhanced Tracking Protection is that it can actually speed up your browsing! Advertising networks and social media embeds can sometimes make your browser download huge files just to show an ad or a like button, and blocking those out trims the fat, in a sense.
-
-### Disabling Telemetry
-
-When you use Firefox, Mozilla collects information about what you do, what kind of extensions you have installed, and various other aspects of your browser. While they claim to do this in a privacy-respecting way, sending as little data as possible is always preferred from a privacy standpoint, so we would go ahead and uncheck all the boxes under **Firefox Data Collection and Use** just to be safe.
-
-### Clearing Cookies and Site Data
-
-This one is for more advanced users, so if you don't understand what this is doing you can skip this section. Firefox provides the option to delete all your cookies and site data every time Firefox is closed. Cookies and site data are little pieces of information sites store in your browser, and they have a myriad of uses. They are used for things like keeping you logged in and saving your website preferences, but they also can be used to track you across different websites. By deleting your cookies regularly, your browser will appear clean to websites, making you harder to track.
-
-This will likely log you out of websites quite often, so make sure that's an inconvenience you're willing to put up with for enhanced privacy.
-
-## Firefox Privacy Add-ons
-
-Of course, just the browser settings alone won't go quite far enough to protect your privacy. Mozilla has made a lot of compromises in order to provide a more functional browsing experience for the average user, which is completely understandable. But, we can take it even further with some browser add-ons that prevent tracking and make your experience more private and secure.
-
-[We recommend a number of fantastic add-ons](https://www.privacyguides.org/desktop-browsers/#ublock-origin) for Firefox, nine at the time of writing, but they aren't all necessary for everyone. Some of them provide redundant functionality to each other, and some of them accomplish similar tasks to the settings we've enabled above.
-
-When you are installing add-ons for Firefox, consider whether you actually need them for your personal browsing. Remember that fingerprinting warning from earlier? Adding as many extensions as possible might make you stand out more, which is not the goal.
-
-Keeping all that in mind, there are three add-ons I would consider necessary for virtually every user:
-
-- uBlock Origin
-- HTTPS Everywhere
-- Decentraleyes
-
-Out of the box, these add-ons only complement the settings we've described in this article already, and they have sane defaults that won't break the sites you visit.
-
-### uBlock Origin
-
-[**uBlock Origin**](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) is an efficient ad- and tracker-blocker that is easy on memory, and yet can load and enforce thousands more filters than competing blockers. We trust it because it is completely open-source. Additionally, unlike its competitors it has no monetization strategy: There's no "Acceptable" ads program or a similar whitelist like many other ad blockers feature.
-
-### HTTPS Everywhere
-
-HTTPS is the secure, encrypted version of HTTP. When you see an address starting with `https://` along with the padlock in your browser's address bar, you know that your connection to the website is completely secure. This is of course important when you're logging into websites and sending your passwords and emails in a form. But it also prevents people on your network and your ISP from snooping in on what you're reading, or changing the contents of an unencrypted webpage to whatever they want.
-
-Therefore, [**HTTPS Everywhere**](https://www.eff.org/https-everywhere) is a must-have extension, all it does is upgrade your HTTP connections to HTTPS wherever possible. And because it works silently in the background, you probably will never notice it! We trust HTTPS Everywhere because it is completely open-source, and is developed by the Electronic Frontier Foundation, a non-profit dedicated to private and secure technologies.
-
-Of course, it only works with sites that support HTTPS on the server's side, so you'll still need to keep an eye on your address bar to make sure you're securely connected. But fortunately more and more websites have implemented HTTPS thanks to the advent of free certificates from organizations like Let's Encrypt.
-
-### Decentraleyes
-
-When you connect to many websites, your browser is most likely making connections to a myriad of "Content Delivery Networks" like Google Fonts, Akamai, and Cloudflare, to download fonts and JavaScript that make the website run. This generally makes websites look and feel better, but it means you're constantly making connections to these servers, allowing them to build a fairly accurate tracking profile of you.
-
-[**Decentraleyes**](https://addons.mozilla.org/en-US/firefox/addon/decentraleyes) works by impersonating those CDNs locally in your browser. When a website wants to download a program like jQuery, instead of connecting to a remote CDN Decentraleyes will serve the file from its own cache of files. This means that you'll won't have to make remote CDN connections for the files that Decentraleyes supports, and therefore the remote CDNs can't track your browser. Because everything is stored locally instead of on a far away server, Decentraleyes has the added benefit of speeding up your browsing as well. Everything happens instantly, and you won't see a difference in the websites you visit.
-
-### Additional Privacy Add-ons
-
-There is of course more functionality that can be achieved at the expense of more time spent configuring your browser and reduced website functionality. If you're looking for the most privacy options possible however, they may be for you. Check out our [desktop browsers recommendations page](https://www.privacyguides.org/desktop-browsers/) for further information and additional resources.
-
-## More Privacy Functionality
-
-Firefox has developed a number of other privacy tools that can be used to enhance your privacy or security. They may be worth looking into, but they have some drawbacks that would prevent me from recommending them outright.
-
-### Firefox Private Network
-
-Firefox Private Network is a new extension developed by Mozilla that serves as a [Virtual Private Network](https://www.privacyguides.org/basics/vpn-overview/) (VPN), securing you on public Wi-Fi networks and other situations where you might trust Mozilla more than the ISP or network administrator. It is free in beta, but will likely be available at some subscription pricing once the test pilot ends.
-
-Firefox Private Network is still just a VPN, and there are a number of drawbacks you would want to consider before using it. We wrote an entire article on [choosing a VPN provider](https://www.jonaharagon.com/posts/choosing-a-vpn/) that is worth a read, but it boils down to the fact that your VPN provider will be able to see your web traffic. All you are accomplishing is shifting the trust from your network to the VPN provider, in this case *Cloudflare*, the operators behind this service.
-
-Additionally, unlike a traditional VPN, only data through the Firefox browser is protected, not every app on your machine. This means that it won't adequately protect you from many of the threats people typically want to protect against when they use a VPN, like IP leaks.
-
-And finally, Cloudflare and Mozilla are both US companies. There are a number of concerns with entrusting internet traffic to the US and other fourteen eyes countries that should not be overlooked.
-
-If you require a Virtual Private Network, we would look elsewhere. There are a number of [recommended providers](https://www.privacyguides.org/vpn/) like Mullvad that will provide a better experience at a low cost.
-
-### Multi-Account Containers
-
-Mozilla has an in-house add-on called [Multi-Account Containers](https://support.mozilla.org/en-US/kb/containers) that allows you to isolate websites from each other. For example, you could have Facebook in a container separate from your other browsing. In this situation, Facebook would only be able to set cookies with your profile on sites within the container, keeping your other browsing protected.
-
-A containers setup may be a good alternative to techniques like regularly deleting cookies, but requires a lot of manual intervention to set up and maintain. If you want complete control of what websites can do in your browser, it's definitely worth looking into, but we wouldn't call it a necessary addition by any means.
-
-## Additional Resources
-
-[Desktop Browsers (Privacy Guides)](https://www.privacyguides.org/desktop-browsers/) — Our comprehensive set of recommendations for browsers and tweaks you can make to enhance your privacy is a great next step for more advanced users looking to protect their privacy online.
-
-[Arkenfox user.js](https://github.com/arkenfox/user.js) — For more advanced users, the Arkenfox user.js is a "configuration file that can control hundreds of Firefox settings [...] which aims to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage".
-
-[Mozilla's Privacy Policy](https://www.mozilla.org/en-US/privacy/) — Of course, we always recommend reading through the privacy statement of any organization you deal with, and Mozilla is no exception.
-
-## Firefox Privacy Summary
-
-In conclusion, we believe that Firefox is the most promising browser for privacy-conscious individuals. The non-profit behind it seems truly dedicated to promoting user control and privacy, and the good defaults coupled with the sheer customizability of the browser allow you to truly protect your information when you browse the web.
-
-For more Firefox privacy-related information, or for recommendations for non-desktop platforms, give our full page on [web browsers](https://www.privacyguides.org/desktop-browsers/) a read.
diff --git a/content/blog/posts/grapheneos-or-calyxos.md b/content/blog/posts/grapheneos-or-calyxos.md
deleted file mode 100644
index 7c0f3ad75..000000000
--- a/content/blog/posts/grapheneos-or-calyxos.md
+++ /dev/null
@@ -1,81 +0,0 @@
----
-date:
-    created: 2022-04-21T19:00:00Z
-authors:
-    - contributors
-categories:
-    - Opinion
-tags:
-    - GrapheneOS
-    - CalyxOS
-links:
-    - General Android Overview: https://www.privacyguides.org/android/overview/
-    - Android Recommendations: https://www.privacyguides.org/android/
-license: BY-SA
-robots: nofollow, max-snippet:-1, max-image-preview:large
-schema_type: OpinionNewsArticle
----
-# Should You Use GrapheneOS or CalyxOS?
-
-GrapheneOS and CalyxOS are often compared as similar options for people looking for an alternative Android OS for their Pixel devices. Below are some of the reasons why we recommend GrapheneOS over CalyxOS.<!-- more -->
-
-## Update Frequency
-
-CalyxOS has a track record of being slower to apply security and feature updates to its OS and core applications than other custom Android operating systems. Timely security updates are one of the most important factors to consider when determining whether an OS is secure enough for regular use, which is a requirement for privacy.
-
-In contrast to that, GrapheneOS manages to stay close to upstream and in some cases even [deliver updates before the stock OS does](https://grapheneos.org/features#more-complete-patching).
-
-As an example, [GrapheneOS's first Android 12 release](https://grapheneos.org/releases#2021102020) was in October 2021, whereas [CalyxOS moved to Android 12](https://calyxos.org/news/2022/01/19/android-12-changelog/) in January 2022.
-
-## Sandboxed Google Play vs Privileged microG
-
-When Google Play Services are used on GrapheneOS, they are confined using the highly restrictive, default [`untrusted_app`](https://source.android.com/security/selinux/concepts) [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) domain. As a result, you have full control as to what these apps can access via permissions, just like any other app you install. Additionally, you can selectively choose which profile(s) to install the Sandboxed Google Play in.
-
-microG is a partially open-source re-implementation of Google Play Services.[^1] On CalyxOS, it runs in the highly privileged [`system_app`](https://source.android.com/security/selinux/concepts) SELinux domain like regular Google Play Services, and it uses [signature spoofing](https://github.com/microg/GmsCore/wiki/Signature-Spoofing) to masquerade as Google Play Services. This is less secure than Sandboxed Google Play's approach, which does not need access to sensitive system APIs.
-
-When using Sandboxed Google Play, you have the option to reroute location requests to the Play Services API back to the OS location API, which uses satellite based location services. With microG, you have the option to choose between different backend location providers, including *shifting trust* to another location backend, like Mozilla; using [DejaVu](https://github.com/n76/DejaVu), a location backend that locally collects and saves RF-based location data to an offline database which can be used when GPS is not available; or to simply not use a network location backend at all.
-
-Network location providers like Play Services or Mozilla rely the on the MAC addresses of surrounding Wi-Fi access points and Bluetooth devices being submitted for location approximation. Choosing a network location like Mozilla to use with microG provides little to no privacy benefit over Google because you are still submitting the same data and trusting them to not profile you.
-
-Local RF location backends like DejaVu require that the phone has a working GPS first for the local RF data collected to be useful. This makes them less effective as location providers, as the job of a location provider is to assist location approximation when satellite based services are not working.
-
-If your [threat model](https://www.privacyguides.org/basics/threat-modeling/) requires protecting your location or the MAC addresses of nearby devices, rerouting location requests to the OS location API is probably the best option. The benefit brought by microG's custom location backend is minimal at best when compared to Sandboxed Google Play.
-
-In terms of application compatibility, ==Sandboxed Google Play on GrapheneOS is always going to be more compatible== as it is the same code as what is released by Google. microG is a reimplementation of these services. As a result, it only supports the various parts that have been reimplemented, meaning some things such as [Google Play Games](https://play.google.com/googleplaygames) and [In-app Billing API](https://developer.android.com/google/play/billing) are not yet supported.
-
-Larger apps, especially games, require [Play Asset Delivery](https://android-developers.googleblog.com/2020/06/introducing-google-play-asset-delivery.html) to be installed, which is currently not implemented in microG. Authentication using [FIDO](https://www.privacyguides.org/basics/multi-factor-authentication#fido-fast-identity-online) with online services on Android also relies on Play Services, and does not currently work with microG.
-
-[^1]: It should be noted that microG still uses proprietary Google binaries for some of its components such as DroidGuard. Push notifications, if enabled, still go through Google's servers just like with Play Services. Outside of default microG setups like on CalyxOS, it is possible to run microG in the unprivileged [`untrusted app`](https://source.android.com/security/selinux/concepts) SELinux domain and without the signature spoofing patch. However, microG's functionality and compatibility, which is already not nearly as broad as Sandboxed Google Play, will greatly diminish.
-
-## Privileged eSIM Activation Application
-
-Currently, eSIM activation is tied to a privileged proprietary application by Google. The app has the `READ_PRIVILEGED_PHONE_STATE` permission, giving Google access to your hardware identifiers such as the IMEI.
-
-On GrapheneOS, the app comes disabled, and you can *optionally* enable it after installing Sandboxed Google Play.
-
-On CalyxOS, the app comes installed by default (regardless of whether you choose to have microG or not) and you cannot opt out. This means that Google still has access to your hardware identifiers regardless of whether you need eSIM activation, and they can be accessed persistently.
-
-## Privileged App Extensions
-
-Android 12 comes with special support for seamless app updates with [third-party app stores](https://android-developers.googleblog.com/2020/09/listening-to-developer-feedback-to.html). The popular Free and Open-Source Software (FOSS) repository [F-Droid](https://f-droid.org) doesn't implement this feature and requires a [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged) to be included with the Android distribution in order to have unattended app updates.
-
-CalyxOS includes the [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged), which may lower device security.
-
-On the other hand, GrapheneOS officially recommends [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play) instead. Many FOSS Android apps are also in Google's Play Store, but sometimes they are not (like [NewPipe](https://www.privacyguides.org/frontends#newpipe-android)). In those cases, you can [keep up with updates using RSS](https://www.privacyguides.org/android/#manually-with-rss-notifications).
-
-## Profiles
-
-GrapheneOS significantly improves [user profiles](https://www.privacyguides.org/android/overview#user-profiles) in [multiple ways](https://grapheneos.org/features#improved-user-profiles), such as increasing the limit of how many profiles you can create (32 instead of the standard 4), allowing you to log out of user profiles, disabling app installation, and notification forwarding. All of these improvements make it so that user profiles can be daily driven without sacrificing too much usability.
-
-CalyxOS doesn't feature any improvements to user profiles over AOSP, and instead includes a device controller app so that the [work profile](https://www.privacyguides.org/android/overview#work-profile) can be used without needing to download a third party app such as [Shelter](https://www.privacyguides.org/android/#shelter). However, work profiles are not nearly as flexible (as you're limited to only one) and don't provide the same amount of isolation and security.
-
-## Additional Hardening
-
-GrapheneOS improves upon [AOSP](https://source.android.com/) security with:
-
-- **Hardened WebView:** Vanadium WebView requires [64-bit](https://en.wikipedia.org/wiki/64-bit_computing) processes on the [WebView](https://developer.android.com/reference/android/webkit/WebView) process and disables legacy [32-bit](https://en.wikipedia.org/wiki/32-bit_computing) processes. It uses hardened compiler options such as [`-fwrapv`](https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html) and [`-fstack-protector-strong`](https://gcc.gnu.org/onlinedocs/gcc-4.9.3/gcc/Optimize-Options.html), which can help protect against [stack buffer overflows](https://en.wikipedia.org/wiki/Stack_buffer_overflow). [API](https://en.wikipedia.org/wiki/API)s such as the [battery status API](https://chromestatus.com/feature/4537134732017664) are disabled for privacy reasons. All system apps on GrapheneOS use the Vanadium WebView which means that apps which use WebView will also benefit from Vanadium's hardening. The [Vanadium patch set](https://github.com/GrapheneOS/Vanadium) is a lot more comprehensive than CalyxOS's [Chromium patch set](https://gitlab.com/CalyxOS/chromium-patches) which is derived from it.
-- **Hardened Kernel:** GrapheneOS kernel includes some hardening from the [linux-hardened](https://github.com/GrapheneOS/linux-hardened) project and the [Kernel Self Protection Project (KSPP)](https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project). CalyxOS uses the [same kernel](https://calyxos.org/docs/development/build/kernel/) as regular Android with some minor modifications.
-- **Hardened Memory Allocator:** GrapheneOS uses the [hardened malloc](https://github.com/GrapheneOS/hardened_malloc) subproject as its memory allocator. This focuses on hardening against [memory heap corruption](https://en.wikipedia.org/wiki/Memory_corruption). CalyxOS uses the default AOSP [Scudo Malloc](https://source.android.com/devices/tech/debug/scudo), which is generally [less effective](https://twitter.com/danielmicay/status/1033671709197398016). Hardened Malloc has uncovered vulnerabilities in AOSP which have been [fixed](https://github.com/GrapheneOS/platform_system_core/commit/be11b59725aa6118b0e1f0712572e835c3d50746) by GrapheneOS such as [CVE-2021-0703](https://nvd.nist.gov/vuln/detail/CVE-2021-0703).
-- **Secure Exec Spawning:** GrapheneOS [spawns](https://en.wikipedia.org/wiki/Spawn_(computing)) fresh processes as opposed to using the [Zygote model](https://ayusch.com/android-internals-the-android-os-boot-process) used by AOSP and CalyxOS. The Zygote model weakens [Address Space Layout Randomization](https://en.wikipedia.org/wiki/Address_space_layout_randomization) (ASLR) and is considered [less secure](https://wenke.gtisc.gatech.edu/papers/morula.pdf). Creating [fresh processes](https://grapheneos.org/usage#exec-spawning) is safer but will have some performance penalty when launching a new application. These penalties are not really noticeable unless you have an [old device](https://support.google.com/nexus/answer/4457705) with slow storage such as the Pixel 3a/3a XL as it has [eMMC](https://en.wikipedia.org/wiki/MultiMediaCard#eMMC).
-
-**Please note that these are just a few examples and are not an extensive list of GrapheneOS's hardening**. For a more complete list, please read GrapheneOS' [official documentation](https://grapheneos.org/features).
diff --git a/content/blog/posts/hide-nothing.md b/content/blog/posts/hide-nothing.md
deleted file mode 100644
index e297377b2..000000000
--- a/content/blog/posts/hide-nothing.md
+++ /dev/null
@@ -1,53 +0,0 @@
----
-date:
-    created: 2022-06-09T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - danarel
-links:
-    - posts/move-fast-and-break-things.md
-    - posts/choosing-the-right-messenger.md
-tags:
-    - Government
-license: BY-SA
-description: In the wake of the September 11, 2001, attack on the United States, the US government enacted laws that weakened citizen privacy in the name of national emergency.
-schema_type: OpinionNewsArticle
----
-# Hide Nothing
-
-In the wake of the September 11, 2001, attack on the United States, the US government enacted laws that weakened citizen privacy in the name of national emergency. This sent up many red flags for human rights and privacy advocates.<!-- more -->
-
-These concerns were met with “if you have nothing to hide, you have nothing to fear.” The argument goes that if you're not doing anything illegal, then these violations of your privacy shouldn't bother you. If you care about privacy, you clearly can't be up to anything good.
-
-On the surface, this seems true to many people – but the reality is very different. We may not have had anything to hide in the immediate aftermath of 9/11, but that was not the only information being sought after by governments. Indeed, following the passage of the Patriot Act in the US, the FBI issued 192,499 [National Security Letters](https://www.aclu.org/other/national-security-letters), meaning they collected the records and online activity of nearly 200,000 people.
-
-In the end it only convicted one person.
-
-Now, many have argued that stopping one terrorist might be worth giving up some security for, but [according](https://web.archive.org/web/20230318132243/https://www.aclu.org/issues/national-security/privacy-and-surveillance/surveillance-under-patriot-act) to the ACLU, the conviction would have occurred without the Patriot Act.
-
-Many legal actions you take today could be deemed illegal by future laws or future government. In the US today there is discussion around the possibility of Roe v. Wade being overturned, allowing states to outlaw abortions. You may not currently feel the need to hide internet searches, menstrual cycle apps, or donations to women's health clinics today because it's not illegal, but tomorrow that information could be used against you.
-
-In countries were organizing around political dissent is legal, that doesn't mean the government is tracking those taking part and using that information to create informants or infiltrate such groups. Or worse, when or if laws change, using that surveillance to punish those involved.
-
-And even if you break away from the legal aspects, we all have something to hide. You may not be ready to reveal your sexual or gender identity, but your internet usage could potentially do that for you. You don't want to make your bank account public; you have that information to hide. And you can continue to list things about your life you'd just rather not make public, regardless of potential legality.
-
-In July 2021, a Catholic priest by the name of Jeffrey Burrill lost his job and was forced to resign after data collected through his cell phone showed that he was active on the gay dating app Grindr, and that he had visited multiple gay bars in the area. [According](https://www.washingtonpost.com/religion/2021/07/20/bishop-misconduct-resign-burrill/) to the *Washington Post*:
-
-> “A mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 —– at both his USCCB office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities,” the Pillar reported.
->
-> “The data obtained and analyzed by The Pillar conveys mobile app date signals during two 26-week periods, the first in 2018 and the second in 2019 and 2020. The data was obtained from a data vendor and authenticated by an independent data consulting firm contracted by The Pillar,” the site reported. It did not identify who the vendor was or if the site bought the information or got it from a third party.
->
-> The Pillar story says app data “correlated” to Burrill's phone shows the priest visited gay bars, including while traveling for the USCCB.
-
-While it was not clear who was tracking Burrill's device, the Post went on to say that:
-
-> Privacy experts have long raised concerns about “anonymized” data collected by apps and sold to or shared with aggregators and marketing companies. While the information is typically stripped of obviously identifying fields, like a user's name or phone number, it can contain everything from age and gender to a device ID. It's possible for experts to de-anonymize some of this data and connect it to real people.
-
-While Burrill was without a doubt in violation of his work's own code of conduct, he did decide on his own to be a priest. However, his personal life was not harming others and was just that, his personal life. While the question looms about who was tracking him to begin with and why, the fact it was so easy to do is alarming.
-
-What if Burrill wasn't a priest, but just happened to work for someone who held anti-homosexual views who used this data to out him, humiliate him, and fire him under false pretenses? This data, which should be private could (and likely did in the real-life circumstance) ruin his life.
-
-That is what makes internet privacy so important. It's not hiding nefarious activity, it's that we all have an innate right to our privacy.
-
-You might not feel today that you have anything to hide, but you might not feel that way tomorrow and once something is public, it cannot be made private again.
diff --git a/content/blog/posts/i18n-announcement.md b/content/blog/posts/i18n-announcement.md
deleted file mode 100644
index 321f2bfb6..000000000
--- a/content/blog/posts/i18n-announcement.md
+++ /dev/null
@@ -1,81 +0,0 @@
----
-date:
-    created: 2023-02-26T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - freddy
-    - dngray
-    - niek-de-wilde
-tags:
-    - Privacy Guides
-license: BY-SA
-description: It's finally here. After countless requests, Privacy Guides now has translations.
-schema_type: NewsArticle
----
-# Privacy Guides Is Now Multilingual
-
-It's finally here. After countless requests, Privacy Guides now has translations.
-
-People have always asked us for translations to other languages because our team and community produces high quality, reliable, honest, and researched content. Our [previous site](https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides) never had a system for this. All translations were done manually, and translators would quickly lose interest. Translated sites would be outdated and lay unmaintained on domains that we didn't own. Privacy Guides now has a proper system.<!-- more -->
-
-Our site runs [Material for MkDocs](https://squidfunk.github.io/mkdocs-material/), which supports [internationalization](https://squidfunk.github.io/mkdocs-material/setup/changing-the-language/). This allows us to provide language specific content without the mammoth effort previously required.
-
-## What we're planning
-
-You can expect translations of this blog – and lots more content. We will add languages to the site when they near completion. That way they can be checked to make sure they maintain the high quality that people have come to expect from the rest of Privacy Guides.
-
-### Translators
-
-We'd also like to remind everyone you can stay up to date with the main site by looking at [our release page](https://github.com/privacyguides/privacyguides.org/releases), this will show major changes to the main content. You can subscribe with a [News Aggregator](https://www.privacyguides.org/news-aggregators):
-
-- [privacyguides.org (Releases)](https://github.com/privacyguides/privacyguides.org/releases.atom).
-- [privacyguides.org (Commit log)](https://github.com/privacyguides/privacyguides.org/commits/main.atom)
-- [blog.privacyguides.org](https://blog.privacyguides.org/feed_rss_created.xml)
-- [blog.privacyguides.org (Commit log)](https://github.com/privacyguides/blog.privacyguides.org/commits/main.atom)
-
-The blog doesn't have releases, but articles are generally published in a complete state and only updated with minor changes.
-
-Feel free to check out our localization room on Matrix [#pg-i18n:aragon.sh](https://matrix.to/#/%23pg-i18n:aragon.sh) if you have any questions on getting started. You can [find us on Crowdin](https://crowdin.com/project/privacyguides).
-
-Please note that the English version of the site is the primary version, meaning changes occur there first. This means it is still possible that specific languages may be behind. If you notice such an instance please help out. We cannot guarantee the accuracy of all our translations. If you have a suggestion about content specific to your region, please open an issue or pull request to our [main repository](https://github.com/privacyguides/privacyguides.org).
-
-#### Some tips for translators
-
-Crowdin has good documentation, and we suggest looking at their [Getting Started](https://support.crowdin.com/crowdin-intro/) guide. Our site is in [Markdown](https://en.wikipedia.org/wiki/Markdown), so it should be easy to chip in.
-
-#### Admonitions
-
-Throughout the site we use MkDocs's [admonitions](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#usage), to show information to readers about the products such as `example`, `warning`, `tip`, etc.
-
-By default, when admonitions are used they will have an English string on the site. This can be [customized](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#changing-the-title), without too much effort. For example if you were translating and admonition of type [warning](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#type:warning) to Dutch, this is how you would write it:
-
-```text
-!!! warning "Waarschuwing"
-```
-
-Downloads are a [custom admonition](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#custom-admonitions) that we use, and you would write that like:
-
-```text
-??? downloads "Downloaden"
-```
-
-The same goes for other types, such as `tip`, `example` etc. Recommendations are also admonitions, but they do not need overriding, because the default has no text, so they are always:
-
-```text
-!!! recommendation
-```
-
-#### Translation software
-
-Translation software gets the translation quite reliable. We've found [DeepL](https://www.deepl.com/en/translator) works well however, attention does need to be given that the translated string is correct.
-
-For example:
-
-```text
-![Software logo](assets/img/path/to/image.svg){ align=right }
-```
-
-We have sometimes found that the syntax for inserting an image like above was missing the `![` or an extra space was placed between the text and the path, e.g. `] (` with no space between those characters. If a translation string is clearly not correct, we encourage you to **delete** it by pressing the trash icon [or vote](https://support.crowdin.com/enterprise/getting-started-for-volunteers/#voting-view) which one you think sounds best. When invalid strings are deleted they are removed from the organization's [translation memory](https://support.crowdin.com/enterprise/translation-memory), meaning that when the source string is seen again, it won't suggest the incorrect translation.
-
-We'd like to thank the [translation team](https://crowdin.com/project/privacyguides/reports/top-members) who spent many hours on translating the content, that we now have. We're going to launch in Dutch, French and Hebrew.
diff --git a/content/blog/posts/importance-of-privacy-for-the-queer-community.md b/content/blog/posts/importance-of-privacy-for-the-queer-community.md
deleted file mode 100644
index 6f551c811..000000000
--- a/content/blog/posts/importance-of-privacy-for-the-queer-community.md
+++ /dev/null
@@ -1,353 +0,0 @@
----
-date:
-    created: 2025-06-03T17:00:00Z
-categories:
-    - News
-tags:
-    - Pride Month
-authors:
-    - em
-description: Data privacy is important for everyone. But for some marginalized populations, data privacy is indispensable for social connection, access to information, and physical safety. For Pride month, we discuss topics at the intersection of data privacy and experiences specific to the LGBTQ+ community.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp
----
-# The Importance of Data Privacy For The Queer Community
-
-![Photo of a Progress Pride Flag with a semi-transparent padlock icon over it.](../assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Chris Robert / Unsplash</small>
-
-Data privacy is important for everyone. But for some marginalized populations, data privacy is indispensable for social connection, access to information, and physical safety. For [Pride month](../tags.md#tag:pride-month) this year, we will discuss topics at the intersection of data privacy and experiences specific to the LGBTQ+ community.<!-- more -->
-
-While it's difficult to get a complete estimate on this, due to fear of discrimination and other factors, a 2021 [survey](https://www.ipsos.com/sites/default/files/ct/news/documents/2021-06/LGBT%20Pride%202021%20Global%20Survey%20Report_3.pdf) conducted by Ipsos in 27 countries revealed that only 80% of the population surveyed identified as heterosexual. Additionally, about 1% of adults identified as a gender different from the one they were assigned at birth. This percentage is even higher for Gen Z and Millennials.
-
-In the United States alone, it's [estimated](https://www.lgbttech.org/_files/ugd/d77b01_0e1e02c938e94ae3aad4ce21312bdde4.pdf) there are 20 million adults who are part of the LGBTQ+ community. That's a lot of people!
-
-Despite the progress of the past decades, the queer population still faces many challenges to being free and safe from discrimination.
-
-Discrimination online, at work, at school, at the national or even the familial level, can put LGBTQ+ individuals in dangerous situations, where data privacy may be the only shield available for protection.
-
-In this context, it's essential for the queer community to be well-informed on the tools and practices that can help mitigate the risks, so that information, services, and support can still be accessed safely.
-
-## Higher risk when data gets exposed
-
-Unfortunately, LGBTQ+ people are still at a higher risk when their personal data gets exposed.
-
-First, for people living in environments hostile to their sexual orientation or gender identity, keeping personal information private can literally mean life or death. Tragically, even today many countries still criminalize homosexuality and gender identities different from cisgender. When this personal information gets exposed, people might lose support from their family, lose their job, get arrested, or even be [executed](https://en.wikipedia.org/wiki/Capital_punishment_for_homosexuality) in some countries.
-
-People in these very vulnerable situations have to be *extremely* careful about protecting their data in order to stay safe, online and offline.
-
-Moreover, organizations collecting data that could put anyone at risk of getting accidentally or maliciously outed should feel a *strong responsibility* to protect this data fiercely, and be held legally accountable when they fail.
-
-### Being outed against one's will
-
-For a queer person, deciding when, how, and to whom to reveal their sexuality or gender identity is a very important and intimate moment. It *must* be a personal choice, and only on the person's own terms.
-
-Even in countries where queer identities and sexualities are legal and accepted, [being outed against one's will can have devastating consequences](https://www.pridecorner.org/post/how-to-support-someone-who-has-been-outed-against-their-will).
-
-If someone lives with family members who do not accept who they are, getting outed against their will could mean losing their home and familial support. In other situations, perhaps their family is supportive, but their employer isn't, or maybe some of their friends or co-workers are hostile. They might want to keep this information from them in order to avoid conflicts at work, or avoid losing friendships. Further, there is of course the risk for discrimination, online harassment, and worse.
-
-No matter the situation, coming out as queer should always be an individual and intentional choice.
-
-It is an act of violence to out someone against their consent, even when performed by the intermediary of an algorithm or a neglectful data leak.
-
-Each time there is a data breach that includes information about gender identity, sexuality, browsing history, location history, installed applications, or legal names, this data leak risks outing people against their will.
-
-For all these reasons, it is vital that information be safeguarded so that a queer person is empowered to choose when, how, and to whom to come out on their own terms.
-
-In today's political climate, this is unfortunately even truer for trans people, who are at a greater risk of getting outed against their will when data about their gender, sex, or legal name leaks. Sadly, there are still too many online forms and software that needlessly collect gender data when it's completely unnecessary. Similarly, requiring full *legal* name is completely irrelevant in many situations where it is currently asked.
-
-Developers must take responsibility and design software and forms considering these risks. As data scientist and civic technologist Soren Spicknall explains brilliantly, gender data [should never be collected](https://medium.com/@SorenSpicknall/protecting-queer-communities-through-data-4707ae0cb562) unless *absolutely* necessary and *absolutely* protected, which in most instances it really isn't:
-
-> "Is the danger to your LGBT+ users worth the ability to roughly guess whether somebody is buying a purse for themselves or as a gift, or to assume you know what kind of movie they want to watch?"
-
-Algorithms shouldn't be able to target sexuality and gender identity as markers for advertising purposes. Unfortunately, there have already been reported incidents where [people were outed against their will by Facebook](https://www.dailydot.com/irl/facebook-ads-lgbtq/) spitting around rainbow ads everywhere, because of Facebook secretly tying someone's browsing activity back to their profile.
-
-Facebook (and most other commercial platforms) uses cookies and other tracking technologies to follow users online and [build an advertising profile](https://www.makeuseof.com/tag/facebook-tracking-stop/) based on their online activity, even outside of Facebook. Then, it shows ads on Facebook related to that activity, no matter if this information was shared or not on the platform.
-
-This kind of non-consensual outing can have devastating consequences, and should be forbidden by law. Everyone should be able to come out when and how they see fit, and not be aggressively outed by some Facebook or Google ad algorithm, or by some negligent data leak.
-
-### Online harassment and extortion
-
-The risk of having data about one's sexuality or gender identity revealed against one's will can be very dangerous for some people.
-
-With online harassment on the rise, this intimate information can be weaponized by bigots and extortionists to cause severe harm. Unfortunately, this isn't a rare occurrence, even in countries where the LGBTQ+ community is well accepted. Regrettably, some platforms have even started to [roll back previous protections against hate speech](https://apnews.com/article/social-media-lgbtq-tiktok-x-facebook-instagram-glaad-f790bda1bc3f169ef28ca3f441ea8447) and harassment. This will have a severely detrimental impact on the safety of the queer community online.
-
-This year, the LGBTQ advocacy organization GLAAD produced a [Social Media Safety Index](https://glaad.org/smsi/2025/platform-scorecard/) rating six major platforms: TikTok, Facebook, Instagram, YouTube, Threads, and X. X (formerly Twitter) received the worst safety score of them all.
-
-### Seeking health information
-
-People questioning their gender identity or sexuality might seek information online about the health procedures or treatments they need.
-
-This sensitive search history can reveal a lot of personal details that should never be exposed against one's will. Sadly, browsing the internet without any tracking is a task that becomes harder every year, and many people aren't aware of the protections they can use against this tracking.
-
-People can suffer from severe harm when sensitive data related to their gender-affirming care or sexual health is exposed, ranging from non-consensual outing to imprisonment. Discrimination related to this type of health information is still rampant in every country in the world.
-
-### Seeking community online
-
-Seeking the support of online communities is common for queer people who can more easily feel isolated. This is especially true for youth living in hostile or rural environments, where smaller population density often means less supportive local resources and venues.
-
-For people in these situations, finding community online can be essential to survival.
-
-Despite all its flaws, the internet still offers a wonderful way to connect with others regardless of physical distances, and this is doubly true for the queer community.
-
-The need for social connection and support from peers is a fundamental human need. No matter how dangerous this can be, not sharing information online is simply not a viable option for many queer people.
-
-## Privacy-invasive practices that are exponentially worse for queer people
-
-### Real-name policies
-
-Many privacy-invasive practices and policies are significantly more dangerous for LGBTQ+ people. For example, [the "real-name" policies](https://en.wikipedia.org/wiki/Real-name_system) on Facebook and other platforms are absolutely horrendous for transgender people.
-
-If a trans person uses an older account, or has not changed their name on official documentation, a real-name policy could either out them against their will, force them to keep their [deadname](https://en.wikipedia.org/wiki/Deadnaming) online, or even lock them out of their account if official ID is requested for account recovery and doesn't match the name they used for the account.
-
-For many people around the world, the use of pseudonyms or chosen names online means safety, and this is even truer for trans people and other queer people.
-
-### Single-account policies
-
-Thankfully, most platforms aren't using such policies yet. But unfortunately, it does seem there could be a push to implement single-account policies in the near future.
-
-With the multiplication of age verification laws and the proliferation of unregulated AI systems, there has been some talk of using unique identifiers to prevent the creation of multiple accounts. This is **a horrible idea for everyone**, and should never be allowed, but it's even worse for LGBTQ+ people.
-
-Creating multiple accounts for different purposes, for example to separate work life from personal life, is a great privacy practice for anyone.
-
-Multiple accounts on a same platform, or "alt accounts", are regularly used by queer people in order to be their full selves online, when they aren't fully out in their public or personal life, or just because they prefer to keep their queer identity and activities separated.
-
-Sadly, if single-account policies begin to be implemented on platforms, this great privacy protection could soon disappear.
-
-### Facial recognition
-
-Facial recognition is an especially problematic technology for transgender people. Many times, these algorithms will not only create a faceprint from the data, but will also try to infer gender from it.
-
-These systems are deeply flawed and have discrimination biases built-in. They can't even reliably identify the correct gender of cisgender people. Because of the way these algorithms were developed, the use of this technology is [worse for transgender people](https://www.theswaddle.com/how-facial-recognition-ai-reinforces-discrimination-against-trans-people), and [exponentially worse](https://sciencepolicy.hsites.harvard.edu/blog/racial-discrimination-face-recognition-technology) for transgender people of color.
-
-Tragically, privacy legislation is lagging behind at protecting us by regulating this biased, invasive, and inaccurate technology that is spreading faster and further every year.
-
-### Public photos during events
-
-These days, it's pretty much impossible to attend many events without having our photo intrusively taken by a stranger and posted on Instagram without our consent.
-
-This is a generally bad behavior that we should all work on improving culturally. Posting photos of strangers online without their consent can be much more harmful for queer people.
-
-For example, taking photos at a Pride event and posting it online can out people against their will. While it's perhaps fair to assume most people *performing* in a Pride parade or on a stage might implicitly be comfortable with it, this isn't necessarily the case for people in the *audience*.
-
-This non-consensual practice, coupled with the corporate social media tendency to use facial recognition to tag everyone's faces, can cause harm in all sorts of ways.
-
-We should all [develop more respectful practices](the-privacy-of-others.md) when taking photos at events, and be mindful not to post anything online which could identify anyone in the audience who did not give their explicit consent.
-
-### Background checks and algorithmic biases
-
-Even for people who are publicly out and live in regions that are supportive, discrimination and biases are still there. Despite new legislations and a more progressive culture, data remnants of previous oppressive times can still have a severe negative impact on someone's life. Too few efforts are made by institutions to correct records properly after legislation has passed.
-
-This is especially problematic with opaque systems where embedded discrimination might not be obvious. Algorithmic decision-making is a growing danger for this, considering there is often no way to trace back the reasons a decision was made, and no accountability for whomever fed biased data to the black-box algorithm, whether negligently or maliciously.
-
-There are also older systems of decision-making, such as background checks. Last year, a 78-year-old woman from West Sussex [learned](https://www.bbc.co.uk/news/articles/c3v5pwnpnvko) that she had a criminal record for 56 years for being a lesbian in the military (at a time when it was illegal). Completely unaware of this outdated data trail, this woman spent her whole life with this discriminatory tag attached to her records. This likely cost her countless opportunities throughout the decades, without her ever knowing the cause.
-
-Unfortunately, this kind of incident is likely to multiply by millions with the increased use of algorithmic decision-making using closed systems, often impossible to audit.
-
-### Dating apps data
-
-Last but not least, data collected by dating apps is an especially sensitive issue for the queer population.
-
-Regrettably, there have already been numerous data breaches showing this risk is very real. Intimate photos have been leaked, location data has been leaked, health data has been leaked, and even private messages have been [leaked](https://www.pride.com/think-your-privacy-is-safe-on-the-gay-dating-apps-this-data-leak-could-change-your-mind).
-
-The harm caused by these leaks and breaches have consequences ranging from accidental outing, to loss of employment, extortion by criminals, imprisonment, and even *death*.
-
-In countries where homosexuality is criminalized, cruel state authorities and homophobic bigots are [weaponizing dating apps to entrap](https://www.article19.org/resources/apps-traps-dating-apps-must-protect-communities-middle-east-north-africa/) LGBTQ+ people to attack or arrest them. Weighing the need for support, love, and affection, with the very real risk of physical aggression is a dreadful challenge many queer people face.
-
-## Things to keep in mind to stay safe
-
-Despite the increased risks the queer community is exposed to, staying offline and disconnected from the world isn't a viable option.
-
-Indeed, disconnection and isolation can be a *worse* risk for many LGBTQ+ people, especially younger people. Tragically, queer youth are more than four times as likely to attempt suicide. Disconnecting from the internet communities that accept them isn't an option, and would pose dangers of its own.
-
-Thankfully, there are many tools and practices that can be adopted to improve privacy online, and reduce the risk of sensitive data getting exposed. Here are a few ideas that might help yourself or your loved ones to stay safer online:
-
-### Using better social media
-
-Social media usage leaves *a lot* of digital footprints online, and some platforms are worse than others for this. Staying mindful about which platform to choose, and how to use it, can greatly improve one's experience and security.
-
-Favoring alternative social media platforms that do not have a commercial incentive to monetize data can really help.
-
-For example, platforms that are developed and managed by a community of volunteers, rather than a for-profit corporation, tend to keep their users' benefits and safety in mind much more.
-
-If you are ready to make a change, [Mastodon](https://joinmastodon.org/) is a non-profit platform that [we recommend](https://www.privacyguides.org/en/social-networks/#mastodon).
-
-Mastodon is a social media platform that somewhat resembles Twitter prior to its rebranding. It is composed of multiple servers you can choose from, which makes it easier to move your account if you aren't satisfied with the moderation on one particular server.
-
-To get started, you can choose the server administrated by the team who develops the Mastodon software ([mastodon.social](https://mastodon.social/about)), or you can choose a smaller server run by volunteers (you can also self-host, but that's a longer story).
-
-Don't let this choice intimidate you too much though, these servers connect with each other, and you can always move later on. Just pick one you like. Some servers will have a focus on a region, a topic, a hobby, and there are even servers focused on LGBTQ+ communities, such as [tech.lgbt](https://tech.lgbt/about), [lgbtqia.space](https://lgbtqia.space/about), and [more](https://joinmastodon.org/servers).
-
-All the servers listed on the Mastodon website have [committed](https://joinmastodon.org/covenant) to hold active moderation against racism, sexism, homophobia, and transphobia.
-
-Additionally, Mastodon connects with other social media platforms that are also part of the larger [Fediverse](https://fediverse.info/) network.
-
-If you prefer something similar to Instagram, you can replace it with [Pixelfed](https://pixelfed.org/). For something similar to Facebook, look for [Friendica](https://friendi.ca/). For something more like TikTok, try [Loops](https://loops.video/). For a replacement to YouTube, check videos on [PeerTube](https://joinpeertube.org/), and [more](https://fediverse.info/explore/projects)!
-
-These alternative platforms often benefit from stronger moderation and better respect for their users' data. Because they aren't for-profit corporations, they have no interest in collecting your data, tracking you, or imposing invasive "real-name" policies. Additionally, they run **no ads**!
-
-#### Secure any social media you use
-
-No matter what social media platform(s) you choose to use, the first step should always be to make sure you go through all the settings to secure your account ([enable multifactor authentication](https://www.privacyguides.org/en/basics/multi-factor-authentication/)!), and adjust the available privacy options to your needs and preferences (consider [locking](https://www.privacyguides.org/en/social-networks/#public-profile) your account if you wish to restrict visibility to your followers).
-
-This is true for Mastodon as well, but you should make adjusting all the privacy and security options an *absolute priority* for *any* corporate social media, especially [if you stay on Facebook](https://www.digitaltrends.com/social-media/how-to-opt-out-of-targeted-ads-on-facebook/).
-
-Additionally, keep in mind that many platforms, including X, Facebook, and Reddit, will now use all your posted content to train their AI systems, making this information and embedded biases likely impossible to delete in the future.
-
-Developing an awareness of what data is shared, who can access it, how it is secured, and how it is used is very important for staying safe online.
-
-### Securing data when communicating
-
-Outside of social media platforms, many tools are available to help you secure your intimate and private communications.
-
-While chatting on dating apps may be the first step to meeting new people, moving early to end-to-end encrypted channels is likely a good idea for data security and privacy.
-
-That being said, also take into account that because your communications there will be fully end-to-end encrypted (only visible by its intended sender and recipient), there will be no moderation with it. Make sure you trust a person enough before moving the discussion to an end-to-end encrypted, more personal channel.
-
-#### Instant messaging communication
-
-[Signal](https://www.privacyguides.org/en/real-time-communication/#signal) is a wonderful end-to-end encrypted and free-to-use instant messaging app. Signal will collect your phone number to create the account, but nothing else.
-
-When using Signal, you should [enable the username feature](https://support.signal.org/hc/en-us/articles/6712070553754-Phone-Number-Privacy-and-Usernames). That way, you can (and should) share your *username* only, instead of sharing your phone number to connect with others.
-
-Additionally, you should [enable the disappearing messages](https://support.signal.org/hc/en-us/articles/360007320771-Set-and-manage-disappearing-messages) feature from Signal, to help clean up the data you no longer need as time goes, and reduce the risk of leaks.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Only send sensitive information to people you genuinely trust!</p>
-
-Keep in mind that even when using end-to-end encrypted apps and a disappearing message features, this will not prevent a malicious person from downloading this data on their device or taking a screenshot of it.
-
-Be especially careful when sending very sensitive information, such as intimate photos for example. No matter how secure the application is, you should only send sensitive information and pictures to people you know and sincerely trust.
-
-</div>
-
-#### Email communication
-
-For email communication, migrating to an end-to-end encrypted alternative can make a big difference for your privacy.
-
-For example, services like Gmail (Google) and Hotmail (Microsoft) could access the content of all your communications, and often use this information in various ways to build advertising profiles. Because email content isn't end-to-end encrypted, this data could get requested by authorities as well, and handed to them in plain text (unencrypted).
-
-For secure and more private end-to-end encrypted email services, we recommend [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) or [Tuta](https://www.privacyguides.org/en/email/#tuta). These services will not make you anonymous when you email someone (email address, IP address, and subject line, could still identify you), but the content of your communication will be encrypted end-to-end (if used with a compatible service), and only visible to its intended recipient(s).
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Encrypted email service limitations</p>
-
-Stay aware that if you email someone who is not using the same end-to-end encrypted email service as you, and you aren't using any additional measures to encrypt the message, this email will likely be accessible to the service you sent it to.
-
-For example, if you send an email from a Proton Mail address, to someone using a Gmail address, without asking the recipient to use your encryption key or use any additional services, then the email you sent will be stored on Google's servers, and could get accessed by Google.
-
-If you send a Proton Mail email to another Proton Mail user, the *content* of the message will be fully end-to-end encrypted and Proton could not access it.
-
-The same is true for any other email providers. Make sure to verify compatibility fully before sending any sensitive information that way.
-
-</div>
-
-### Securing data when traveling
-
-When traveling, keep in mind that different countries or regions might have different laws related to LGBTQ+ people.
-
-Your marriage might not be recognized in the location you are visiting. Your new legal name might also not get the same recognition, sadly. The first step to take when planning a trip should always be to gather information on the legal and cultural differences between your own region and the one you are visiting.
-
-If you are visiting a country hostile to your sexuality or gender identity, make sure to take the proper precautions to secure your data *before* you cross the border.
-
-This could mean leaving your phone at home and only bringing a burner phone with you. It could also mean bringing additional (or different) types of official ID that are less likely to get you in trouble, and more likely to get accepted by the authorities of your visiting country.
-
-Be extremely careful when connecting to Wi-Fi services from a foreign country. If you were to connect to a service or website that is illegal there, and could accidentally out yourself as queer, you could get in trouble with few recourses. Using a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) can help mitigate some of this risk.
-
-### Securing data when protesting
-
-For this month of Pride, you might feel the need to join a protest more than a parade.
-
-If you decide to join the action, make sure to secure your data properly to stay safe. Prepare your devices adequately to be ready and resist surveillance targeted at protesters. Consult our [Protesters' Guide to Smartphone Security](activists-guide-securing-your-smartphone.md), and make sure you understand well the level of risk of this particular protest. **Different protests in different regions require different levels of data protection.**
-
-If you are organizing actions, try to stay away from corporate platforms who will willingly and quickly share your data with authorities (even private messages). If you must use corporate platforms, then make sure to limit the personal data you share there, and ensure attendees have alternative ways to contact you that do not require them to create an account, to register, or to use their legal name.
-
-Having an independent website, or using a Fediverse-connected platform that will be accessible to everyone even without an account, are better ways to organize.
-
-For example, if you create a Mastodon account for your organization, people will not need to create a Mastodon account to read your posts and event announcements. All your posts will be accessible just like any independent website would be (if you leave your posts' visibility public).
-
-Setting up an end-to-end encrypted email address and using an [alias email address](https://www.privacyguides.org/en/email-aliasing/) are also good ways to stay accessible without requiring attendees to use a Facebook account.
-
-Additionally, there are federated platforms, such as [Mobilizon](https://mobilizon.org/), that can be a great non-commercial way to organize in a safer and more accessible space.
-
-Data shared on federated platforms isn't necessarily end-to-end encrypted, and could also get shared with authorities if requested. But by using non-commercial platforms, this data will not be compiled and attached to an account the same way this would happen on a for-profit corporate platform such as Facebook. Using alternative not-for-profit platforms isn't perfect nor anonymous, but it's still a great improvement from the corporate default.
-
-### Protections for extreme situations
-
-Finally, if you are living in an extreme situation where being yourself is dangerous to your physical safety, caution must be a priority.
-
-There isn't a single solution that can protect all your data at once, and anyone telling you there is one is lying to sell you something. Remain skeptical of such claims.
-
-However, there are a *multitude* of practices and tools that can help *reduce* your data trails, and improve your privacy greatly. The tools and practices you need to adopt will depend on the [threat model](https://www.privacyguides.org/en/basics/threat-modeling/) specific to your situation.
-
-Take the time to evaluate well which data could put you in danger, and focus on protecting this first.
-
-If you are in a situation where someone hostile to you has access to your device, for example because you are living with an unsupportive family and need to browse the internet on a family device, Tails may be a tool that can help you. If you can use this computer unobserved, by [using the live system Tails](installing-and-using-tails.md) installed on a USB stick, you can keep your browsing activity hidden from this device. Your Internet Service Provider (ISP) could still know you have been visiting a special network, however. Make sure to read our tutorial thoroughly if you decide to use Tails.
-
-If the information stored on your computer isn't a risk to you, but visiting LGBTQ+ websites from your country could be dangerous, perhaps [using Tor](in-praise-of-tor.md) with a Bridge or through a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) could be another solution to allow you to access this information in a safer way.
-
-It's impossible to cover every specific situation, but know that there are [many solutions](https://www.privacyguides.org/en/tools/) to reduce the risks greatly, and improve data protection to allow you to **stay connected, stay yourself, and stay safe** 💛
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Caution: This isn't an exhaustive list!</p>
-
-This is only a short introduction to some practices and tools that *can* improve your privacy online. Not one solution will be enough to be anonymous online.
-
-It's important to stay aware of what data will still be shared and which will be better protected, but nothing will make you 100% anonymous.
-
-For more information on how to improve further your data protection online, you can consult our various guides. If you are just starting in your privacy-improving journey, be patient. Adopt one small improvement at the time, then add another one. Each additional step you take will slowly but surely reduce your data trails, and improve your privacy overtime.
-
-</div>
-
-## Improving data privacy is vital for everyone, but critical for the queer community
-
-Every situation is different and requires different protections. While data privacy is important for everyone, it's also essential to acknowledge that marginalized populations are often at a heightened risk when their data gets exposed.
-
-Protection *cannot* be only an individual responsibility. **Protecting vulnerable and marginalized populations is a societal responsibility that concerns everyone.**
-
-We *all* have a **duty of care** to protect the data of others. Whether it's from the photos we take at public events, or the discussions we have about others on Facebook or X-Twitter's direct messages, *everyone* must improve their practices on this.
-
-Moreover, anyone in a position to improve how data is collected from users *must* be held accountable, and must feel morally liable on the decisions taken that could endanger anyone, but especially marginalized groups like the queer community.
-
-In an ideal world, laws and cultures would protect everyone and particularly the most vulnerable *by default*.
-
-But until we get there, we have to empowered ourselves to bring change and stop predatory data collection, prevent negligent data security, and educate everyone on the tools we can use to help ourselves and the most vulnerable to stay safe.
-
-## Additional resources
-
-### Helplines
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): A confidential emotional, mental health support helpline for people who identify as Trans, Agender, Gender Fluid or Non-Binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support over the phone.
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 phone number 988.
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### Supportive organizations
-
-- [Egale (Canada, International)](https://egale.ca/asylum/): Resources for LGBTQ+ asylum and immigration requests from outside and inside Canada.
-
-- [SOS Homophobie (France)](https://www.sos-homophobie.org/international-content): Non-profit, volunteer-run organization committed to combatting hate-motivated violence and discrimination against LGBTI people.
-
-- [The Trevor Project (US)](https://www.thetrevorproject.org/): Suicide prevention and crisis intervention non-profit organization for LGBTQ+ young people.
-
-- [Trans Rescue (International)](https://transrescue.org/): Organization assisting trans and queer individuals in relocating from dangerous areas to safer places.
-
-- [Twenty10 (Australia)](https://twenty10.org.au/): Sydney-based organization providing a broad range of free support programs to the LGBTIQA+ community.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Stay aware of your data trail</p>
-
-If the traces of this article in your browsing history could put you at risk, visit [our guide](clearing-browsing-data.md) to properly delete this data from your device.
-
-</div>
diff --git a/content/blog/posts/in-praise-of-tor.md b/content/blog/posts/in-praise-of-tor.md
deleted file mode 100644
index a7ddc0341..000000000
--- a/content/blog/posts/in-praise-of-tor.md
+++ /dev/null
@@ -1,420 +0,0 @@
----
-date:
-    created: 2025-04-30T20:30:00Z
-    updated: 2025-05-06T18:00:00Z
-categories:
-    - Explainers
-tags:
-    - Tor
-authors:
-    - em
-description: You might have heard of Tor already, yet never dared to try it yourself. Despite being around for decades, too few people know about Tor. It isn't only a tool for journalists and activists, but for anyone seeking greater privacy online. What is Tor exactly? And how can Tor help you?
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/in-praise-of-tor/tor-cover.webp
----
-
-# In Praise of Tor: Why You Should Support and Use Tor
-
-![The Tor Project logo over a series of Tor icons on a purple background.](../assets/images/in-praise-of-tor/tor-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Logo and icons: The Tor Project</small>
-
-You might have heard of Tor in the news a few times, yet never dared to try it yourself. Despite being around for decades, Tor is still a tool too few people know about.
-
-Today, Tor is easy to use for anyone. It helps not only journalists and activists, but anybody who seeks greater privacy online or access to information regardless of location. But what is Tor exactly? How can Tor help you? And why is it such an important tool?<!-- more -->
-
-## What is Tor
-
-Tor is an overlay network that was specifically designed to protect the privacy of its users. The Tor Network uses multiple layers of encryption and relays in order to protect a person's location and other potential identifiers, such as an IP address.
-
-Its name comes from the acronym for **The Onion Router**, a [routing system](https://en.wikipedia.org/wiki/Onion_routing) using multiple layers that can get peeled off at each step, like an onion 🧅
-
-This special network can be easily accessed by anyone, for free, through the Tor Browser. The Tor Browser is as easy to use as any other browser you are familiar with already.
-
-Both the tools for the Tor Network and the Tor Browser are maintained by a nonprofit organization called the Tor Project.
-
-### The Tor Network
-
-The [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)) was deployed in 2002, although its core principle was developed in the mid 1990s. It was first created at the United States Naval Research Laboratory in order to protect intelligence communication online.
-
-In 2004, the laboratory released the project's code under a free and open source license, and the Electronic Frontier Foundation (EFF) began funding its development. A few years later, the onion routing project officially became the Tor Project.
-
-Today, Tor is one of the [largest](https://metrics.torproject.org/) anonymity networks, with thousands of relays and millions of users worldwide.
-
-#### How does it work
-
-The Tor Network is run by a community of volunteers who operate the relays required for the network to function.
-
-Each time someone uses the Tor Network, the communication passes through at least 3 relays: A Guard Relay, a Middle Relay, and an Exit Relay. Each relay has a different function to protect the communication.
-
-**The Guard Relay** knows where the communication is from (IP address), but doesn't know where it's going (which website is visited, for example). This relay only knows that you want to access the Tor Network. Its task is to send your encrypted communication to a Middle Relay, but it cannot read it.
-
-**The Middle Relay** doesn't really know anything. It doesn't know who you are nor where you are going. It only knows a Guard Relay wants to send encrypted data to an Exit Relay. The Middle Relay transfers this communication from one relay to another, and it cannot read it either.
-
-**The Exit Relay** has no idea who you are. It only knows someone, somewhere, wants to access this website (or other content). The Exit Relay will get the information from the website, then send it back to the Middle Relay, so that you can receive it from the Guard Relay. If you only visit pages using HTTPS, the Exit Relay can know someone is visiting this website, but cannot know what they are doing on it. Visiting *non-onion* websites using HTTPS instead of just HTTP is **[very important](https://support.torproject.org/https/https-1/)** for security and privacy.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Onion service websites</p>
-
-Onion service websites are special websites that can only be accessed using the Tor Network.
-
-They are easy to recognize because they use the .onion domain at the end, and are often composed of a long string of seemingly random characters. Onion websites offer protections equivalent to HTTPS.
-
-You can see this represented by the [onion padlock icon](https://support.torproject.org/onionservices/onionservices-5/) in the Tor Browser.
-
-</div>
-
-#### How Tor works using a letter and envelopes analogy
-
-Tor works a bit as if you put a letter (request) into an envelope with someone's address. Then, you put this envelope in another envelope addressed to someone else, with instructions. Finally, you put this second envelope in yet another one.
-
-Each envelope protects the content of the other, and can only be opened one at the time by each recipient. In this analogy, each recipient (relay) has a key that can only open the envelope addressed to them, and not the others.
-
-![Graphic representation of a Tor Circuit composed of a Guard Relay, a Middle Relay, and an Exit Relay using a letter and envelopes analogy.](../assets/images/in-praise-of-tor/tor-diagram.webp)
-<small aria-hidden="true">Illustration: Em / Privacy Guides</small>
-
-#### What is a Tor Circuit
-
-The network of randomly selected relays to complete a request on the Tor Network is called a Tor Circuit. This circuit changes each time a new connection is established.
-
-From the Tor Browser, you can see each relay that was selected for a circuit, and even change it manually. To generate a new circuit, click on the "Tor Circuit" button on the upper-left of the browser, then on "New Tor circuit for this site" at the bottom.
-
-![Screenshot from the Tor Browser showing a popup window from the Tor Circuit button.](../assets/images/in-praise-of-tor/tor-torcircuit.webp)
-
-### The Tor Browser
-
-The [Tor Browser](https://www.torproject.org/download/) was created in 2008 to facilitate access to the Tor Network. It is a modified version of Mozilla's Firefox browser, and can be installed on Linux, macOS, Windows, and Android systems.
-
-The Tor Browser start configuration is private by default. No additional extensions are required to make it more secure or more private. Actually, it's even discouraged to install any additional extensions, as this would weaken its [fingerprinting resistance](https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/).
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Highest security settings</p>
-
-Even if the Tor Browser is configured to be private by default, if you are in an especially sensitive situation, for example if you are using Tor as a whistleblower or a dissident activist, you might want to adjust the Tor Browser security level to "Safest".
-
-For this, click on the shield icon on the upper-right, then on the "Settings" button in blue, and select "Safest" instead of the default "Standard".
-
-**Important:** Each time you change the security level, you **must** make sure to restart the browser to ensure all changes have taken effect. Otherwise, [some changes](tor-security-slider-flaw.md) might not have been applied yet.
-
-</div>
-
-![Screenshot from the Tor Browser showing a warning from the SecureDrop website to adjust Tor security level to Safest.](../assets/images/in-praise-of-tor/tor-safestsetting.webp)
-
-The default search engine is the privacy-focused [DuckDuckGo](https://www.privacyguides.org/en/search-engines/#duckduckgo). You will not even find Google in the options for the default search engine. More browsers should follow this good practice.
-
-The first page opening with the Tor Browser will give the option to Connect to Tor. From there, you can click on "Connect" to start browsing through Tor, or on "Configure Connection" if you need additional settings. For example, if you need to set up a [Bridge](https://bridges.torproject.org/) because Tor is blocked from your country.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Only connect to Tor if it is safe for you</p>
-
-Be careful when using Tor from a country where Tor might be blocked or perceived as suspicious. Similarly, be careful if you connect from a location where revealing you have been using Tor [could](#depending-on-where-you-are-using-tor-is-likely-safe) be dangerous to you.
-
-</div>
-
-![Screenshot from the Tor Browser showing the "Connect to Tor" welcome page.](../assets/images/in-praise-of-tor/tor-torbrowser.webp)
-
-Once connected to the Tor Network, you will be directed to the DuckDuckGo welcome page, and you can search or type any URLs in the address bar, like you would with any other browser.
-
-If you know an organization has an onion site (a website that is only accessible through Tor), you can type this onion address directly in the address bar.
-
-If you don't know if an organization has an onion site, you might find it from its regular URL. For example, if you visit privacyguides.org from the Tor Browser, you will notice a purple button on the right informing you that an onion version of this website is available, click on it to get redirected to it.
-
-![Screenshot from the Tor Browser showing the Privacy Guides website with an onion available purple button right to the address bar.](../assets/images/in-praise-of-tor/tor-privacyguides.webp)
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Mullvad Browser and the Tor Project</p>
-
-If you are familiar with the Mullvad Browser, know that the Mullvad Browser was developed by the Tor Project team!
-
-The Mullvad Browser was born of a [collaboration](https://blog.torproject.org/releasing-mullvad-browser/) between Mullvad VPN and the Tor Project, to build a browser that offers similar privacy features to the Tor Browser, but while using it through a VPN instead of through the Tor Network (both offering different benefits).
-
-The Mullvad Browser can also be used without a VPN, and will still provide better privacy protections than most other browsers. It cannot be used to access the Tor Network, however.
-
-</div>
-
-### The Tor Project
-
-The [Tor Project](https://www.torproject.org/) is the US-based nonprofit organization maintaining the software and community for the Tor Network, and developing and maintaining the Tor Browser. It's also a privacy advocacy organization, with a mission to advance human rights and freedoms around the world through the free technology it creates.
-
-The nonprofit was founded in 2006 and gets its funding from [various sources](https://www.torproject.org/about/supporters/) including government grants, independent contributors, and individual [donations](https://donate.torproject.org/).
-
-## What Tor can do
-
-### Improve Privacy
-
-Tor is not magical, but it's by far one of the best privacy tool we have. Using Tor will not make you perfectly anonymous online, but it will greatly reduce the traces your leave online.
-
-Here are a few benefits Tor can provide for your privacy:
-
-- Tor can prevent the websites you are visiting from collecting your IP address (and your IP address can indeed lead to identifying *you*).
-
-- Tor can prevent your Internet Service Provider (ISP), Virtual Private Network (VPN) provider, or authorities requesting information from them to collect a list of the websites you have visited. They will know however that you have been using Tor.
-
-- The Tor Browser isolates each website you visit. This prevents ads and trackers from following you around, potentially popping up later in your [Facebook ads and accidentally outing you](https://www.intomore.com/culture/you/facebook-ads-outed-me/).
-
-- The Tor Browser is fingerprinting resistant. This reduces the ways you can be tracked and identified online, even without your IP address.
-
-- When keeping the default settings, the Tor Browser only uses private windows and will not keep any traces of your browsing history. It will also delete all cookies and site data when closing.
-
-### Circumvent censorship
-
-Because of how the Tor Network redirects traffic, it's a perfect tool to resist censorship. Using Tor can give access to websites or services that aren't accessible from a country blocking them.
-
-Even from a region where Tor itself is actively blocked, the network can still be accessed using [pluggable transports](https://tb-manual.torproject.org/circumvention/).
-
-Using this type of measures to circumvent government censorship will make Tor accessible even from countries with heavily censored internet, such as [China](https://support.torproject.org/censorship/connecting-from-china/), [Russia](https://blog.torproject.org/call-for-webtunnel-bridges/), [Iran](https://forum.torproject.org/t/iran-circumventing-censorship-with-tor/4590), and many others.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">If you can't download the Tor Browser from your country</p>
-
-If you cannot download the Tor Browser because of your country's censorship, and **if it is safe for you to do**, you can try downloading the browser from a proxy website such as the [EFF website](https://tor.eff.org/), the [Calyx Institute website](https://tor.calyxinstitute.org/).
-
-You can even directly email **<gettor@torproject.org>** and send the name of your operating system (Linux, macOS, Windows) to get a direct link to download the Tor Browser.
-
-</div>
-
-If you want to help people around the world access the internet freely, you can volunteer to run a [Tor Snowflake](https://snowflake.torproject.org/) proxy. For more tech-savvy volunteers, you can also help by running a [Tor Bridge](https://community.torproject.org/relay/setup/bridge/), or even a [WebTunnel Bridge](https://community.torproject.org/relay/setup/webtunnel/).
-
-## Why Tor is so important
-
-### Tor is vital for human rights and democracy
-
-Tor is an essential tool for journalists, activists, whistleblowers, dissidents, and people in vulnerable situations everywhere. It is one of the best tool we have to increase privacy online, and to resist censorship from oppressive regimes.
-
-Thanks to Tor, activists have a safe way to continue fighting for human rights.
-
-Some of the most respected human rights organizations use Tor to offer safe access to their services and information. This includes organizations such as [Amnesty International](https://www.amnesty.org/en/latest/news/2023/12/global-amnesty-international-website-launches-on-tor-network-to-help-universal-access/), [Electronic Frontier Foundation](https://www.eff.org/deeplinks/2023/04/eff-now-has-tor-onions), Freedom of The Press Foundation, and of course the Tor Project.
-
-Without Tor, journalists would lose invaluable sources of information provided by courageous whistleblowers reporting in the public interest.
-
-Without Tor, brave citizens fighting against authoritarian governments would be at much greater risk when organizing and bringing vital information to the public's attention.
-
-Without Tor, victims of domestic violence and LGBTQ+ people living in hostile environments could be in much greater danger when researching life-saving information online.
-
-Without Tor, people living in oppressive regimes would not have access to the crucial information they need to fight for freedom, democracy, and peace.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Add an onion service for your organization's website</p>
-
-If you would like to add this service for your website to help more people access it safely, you can [read more](https://blog.torproject.org/more-onions-porfavor/) about onion services on the Tor Project Blog. As of 2021, you can even [get](https://blog.torproject.org/tls-certificate-for-onion-site/) domain-validated certificates for your onion site using HARICA, an operator founded by a nonprofit civil society from Greece.
-
-</div>
-
-### Tor is for everyone to use
-
-Tor is a tool that can help so many people. But Tor isn't *only* for people in highly sensitive situations like whistleblowers and journalists, Tor is for everyone!
-
-Of course, people in more dangerous situations will *need* Tor to stay safe, but everyone can benefit from Tor's privacy protections in their daily lives. I personally use Tor when I am forced to visit Google Map. Not because it's dangerous to me, but just because I greatly dislike the idea of Google tracking my location activities.
-
-Tor can also help fighting surveillance capitalism!
-
-Moreover, you can considerably help people in dangerous situations by using Tor for trivial reasons like I do.
-
-By using Tor for banal activities, when you aren't in any danger worse than a nasty ad-attack, you help to normalize the use of Tor and add more noise to the traffic. The more people do this, the more using Tor becomes just something people do when they care about privacy online, and nothing more.
-
-### Who uses Tor?
-
-- Anyone who cares about privacy!
-- Journalists who need to conduct research and protect their sources.
-- Whistleblowers using special websites to communication information to newspapers anonymously.
-- Democracy activists fighting against authoritarian governments who require anonymity online to stay safe from persecution.
-- People living under oppressive regimes who need to circumvent their country's censorship to access information freely.
-- Victims of domestic violence who need to research safe shelters and supportive resources without raising suspicion from their aggressor.
-- LGBTQ+ people living in hostile environments who need to access information online and stay connected with their community.
-- Generous people who want to [help and support](https://blog.torproject.org/support-tor-project-share-your-story/) all the above 💜
-
-The Tor community has gathered this [wonderful collection of anonymous user stories](https://community.torproject.org/outreach/stories/) from people describing why they use Tor.
-
-### Tor is critical public infrastructure
-
-To keep Tor strong for everyone, it's essential to support and grow the network of volunteer-operated relays forming the Tor Network.
-
-Thousands of journalists and activists rely on the Tor Network every day to stay safe and to continue their important work.
-
-Furthermore, **countless privacy-oriented projects depend on the Tor Network**.
-
-To name only a few, the messaging applications [Briar](https://briarproject.org/), [Cwtch](https://docs.cwtch.im/), and [SimpleX](https://simplex.chat/) all use Tor to harden some of their privacy-preserving features.
-
-For whistleblowers to stay safe, both [SecureDrop](https://securedrop.org/) and [Hush Line](https://hushline.app/) use the Tor Network. Many [newsrooms around the world](https://securedrop.org/directory/) host onion services to protect sources, such as The Guardian in the UK, CBC in Canada, ProPublica in the US, and many more.
-
-There's also all the applications protecting people with the highest needs such as [Tails](https://tails.net/), [OnionShare](https://onionshare.org/), and [more](https://github.com/Polycarbohydrate/awesome-tor).
-
-**Losing the Tor Network would mean losing all the applications and features relying on it.**
-
-This would be disastrous for the privacy community, journalists, activists, dissidents, victims of domestic violence, LGBTQ+ population, and so many worldwide.
-
-From a human rights perspective, **we simply cannot afford to lose Tor**.
-
-## Things to consider when using Tor
-
-### Tor compared to VPN protections
-
-When using a VPN, your ISP will not know which websites you visit online (or other activities). Your ISP will see that you are connecting to a VPN, but will not know what you do from there. Your VPN however *could* know which websites you visit. Using a VPN is a transfer of trust from your ISP. When using a VPN, you should always trust your VPN provider more than your ISP.
-
-The websites you visit will see the IP address of your VPN provider instead of yours. This can help protect your identity and location, but they will know this connection uses a VPN.
-
-VPNs can offer great benefits for your privacy. However, if your VPN provider was compelled by law to provide the logs of the websites you visited (or will visit), it is *technically* possible to do for them.
-
-When using the Tor Network correctly, no one knows which websites *you visited*, or other services you accessed. Your ISP or VPN provider will only know you have accessed Tor, but will not know which websites you have visited from there. Even if compelled by law, they could only share that you have accessed Tor, at this specific time.
-
-The websites you have visited also won't know who you are (unless you tell them). They will only know someone accessed their websites through Tor, at this specific time.
-
-The relays used for a Tor Circuit cannot alone re-recreate the link between your IP address and the websites you visit either. This offers much stronger protection for your privacy than a VPN does.
-
-### Who knows you are using Tor
-
-When using the Tor Network, your ISP and the Guard Relay will both know you (the IP address you are using) are using Tor.
-
-To prevent this, you [could](https://www.privacyguides.org/en/advanced/tor-overview/#safely-connecting-to-tor) use Tor from a [trustworthy VPN](https://www.privacyguides.org/en/vpn/).
-
-If you do so, your VPN provider will know you are using Tor, but your ISP will not. Your ISP will only see you are accessing your VPN, and the Tor Guard Relay will see your VPN's IP address instead of yours.
-
-### HTTPS for non-onion websites
-
-The Exit Relay from the Tor Circuit will see someone is accessing this website (or other service).
-
-If you were to use Tor to visit a non-onion website that isn't protected with HTTPS, and log in with your credentials, this Exit Relay *could* technically read this information. Using HTTPS with non-onion websites is *very* important when using Tor. Onion sites offer protections that are equivalent to HTTPS.
-
-### Be careful with files when using Tor
-
-While it's safe to visit secured websites through Tor, be careful when downloading files or opening documents.
-
-Depending on what kind of files it is, there are a number of problems that could arise. For example, it's a [bad idea](https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea) to download torrent files over Tor. Additionally, Tor will not protect you from downloading malware or exposing metadata with shared files.
-
-If you need to share files through Tor with a *trusted* contact, [OnionShare](https://www.privacyguides.org/en/file-sharing/#onionshare) is a good option.
-
-## Addressing misconceptions
-
-There has been misconceptions floating around about Tor. Most of them repeat similar misinformation attributed to many other privacy tools: Why using this if you have nothing to hide? But this argument is incredibly flawed and comes from a naive understanding of privacy rights and needs.
-
-Most people use privacy tools for protection, and everyone needs protection. Moreover, [privacy is a fundamental right](https://www.privacyguides.org/videos/2025/04/17/is-privacy-dead/) intrinsically connected to democracy and civil liberties.
-
-### The dark web, the deep web, and the surface web
-
-Some misconceptions have spread from confusion on what the *deep* web and the *dark* web are. Because yes, Tor is part of the dark web.
-
-While using the term "dark web" might make for great sensationalist news title, the dark web isn't anything to fear.
-
-It's not "dark" as in "dark intent" or the "dark side of the Force". It's really just dark as in "it's so dark on this road, I can't read the addresses around".
-
-This dark web needs special software, configuration, or authorization to access it. For example, **the Tor Browser is the streetlight you need to navigate on the Onion roads**.
-
-If you use Tor to visit the Privacy Guides onion site, you will be using the dark web. It's a website (or website version) that can only be accessed using a specialized tool. That's it!
-
-The dark web is part of the deep web, which is simply all the online information that isn't indexed by any standard web search engines. Aren't you happy your bank account is on the deep web?
-
-![Illustration of an iceberg where the tip above water represents the surface web, the part underwater represents the deep web, and the part under the iceberg represents the dark web.](../assets/images/in-praise-of-tor/tor-darkweb.webp)
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Inspired by: [Ranjithsiji](https://commons.wikimedia.org/wiki/File:Iceberg_of_Webs.svg)</small>
-
-### Criminals use envelopes, doors, and clothing too
-
-Some fear that Tor is used by criminals. While that might be true some criminals use Tor, a lot of people who aren't criminals at all also use Tor.
-
-This kind of argument really leads nowhere. Criminals also use Google, Facebook, and Twitter (a lot actually). Criminals use envelopes to hide their ransom letters, closed doors to hide their crimes, and clothing to conceal weapons! Are we going to forbid clothing because some (all?) criminals use clothing to hide their weapons?
-
-**We shouldn't ban clothing, and we shouldn't ban Tor either.** There are other better ways to catch criminals than removing a tool millions use to stay safe online.
-
-### Tor receives government funding
-
-Yes, Tor does receive government funding, and that's a good thing. A lot of nonprofit organizations receive government funding as a stable ([usually](https://www.privacyguides.org/articles/2025/02/03/the-future-of-privacy/#the-tools-you-use-might-depend-on-government-funding)) source of income. Our governments *should* be contributing financially to the tools we all use to improve our security and privacy for free, moreover if they are using it themselves.
-
-While any organization should thrive to diversify its sources of income to reduce its dependency on large contributors, it's not always easy to do.
-
-If you feel uneasy about a privacy tool you use receiving government funding, the best thing you can do to fight this is to [donate](https://donate.torproject.org/) directly to reduce its dependence to it.
-
-### Depending on where you are, using Tor is likely safe
-
-If you are not living under an oppressive regime with heavy censorship, it's likely that using Tor is safe for you, and will not put you on "a list". Even if it was putting you on "a list", it likely is a list full of great people working to defend human rights and privacy rights online.
-
-That being said, **if you are living in a region where using Tor is dangerous**, and could put you on a list of anti-regime dissidents, you *should absolutely* be careful and take special measures to hide your usage of Tor.
-
-Additionally, **if you are in a vulnerable situation** where an aggressor has access to your device or ISP information, and could hurt you if they knew you have used Tor, you should use a Tor Bridge and only [access Tor through Tails](https://www.privacyguides.org/articles/2025/01/29/installing-and-using-tails/).
-
-### Tor is fantastic for your privacy, but is not magical
-
-Tor is a great tool to improve your privacy online and make it much harder to identify you, your location, and the content you access online. However, it will not make you magically anonymous.
-
-If you use Tor with files containing metadata about you, this metadata can still identify you.
-
-If you use Tor to log in your Facebook account, then of course Facebook still knows it's you, and now also knows you are using Tor.
-
-If you use Tor to create a new account, but use an email address, phone number, username, or profile picture you used elsewhere when not connected through Tor, then your Tor activity can get linked to your previous activity.
-
-If you use Tor to reveal information so specific that only you, or only someone at your company, or only someone in this small government department could know, then of course authorities can identify you this way.
-
-You should also consider correlation in time when using Tor. If your activity is so specific that it can be narrowed down to only a few people, and your ISP or VPN knows you have accessed Tor at this specific time (and shares this information with authorities), a correlation in time could be enough to de-anonymize you.
-
-### Misconceptions are very detrimental to Tor, and other privacy tools
-
-We need to be extremely careful when spreading information that could be inaccurate or hasn't been verified when talking about Tor (or any other privacy tools).
-
-Misinformation can create mistaken fears and stop people from using a tool they would greatly benefit from.
-
-If someone is so scared of Tor because of some rumor they heard, that they continue their activism from the surface web instead, they could needlessly put themselves at risk.
-
-Furthermore, unjustified bad reputations can severely hurt funding for tools like Tor. This leads to less resources to continue developing the browser, the network, and to advocate for privacy everywhere.
-
-We all have a responsibility to verify which information we share with others, make sure we stop misinformation at its root, and correct harmful misconceptions everywhere we hear them.
-
-## Tor needs our support
-
-**Tor is at risk, and needs our help.** Despite its strength and history, Tor isn't safe from the same attacks oppressive regimes and misinformed legislators direct at encryption and many other privacy-enhancing technologies.
-
-Moreover, due to its US government funding, Tor has already been on the destruction path of the recent hectic government cuts. Thankfully, the US Agency for Global Media finally [rescinded the grant termination](https://www.theregister.com/2025/03/25/otf_tor_lets_encrypt_funding_lawsuit/?td=rt-3a) it had announced on March 15th to the Open Technology Fund, which the Tor Project benefits from. Sadly, considering the unpredictability of the current US administration, this doesn't mean the Tor Project is safe from cuts later on.
-
-As much as the Tor Network relies on generous volunteers to run it, the nonprofit Tor Project relies on grants and donations to survive.
-
-The good news is, we can help with both!
-
-The more individuals donate to the Tor Project, the less it depends on government funding, and the more stable its donation income becomes.
-
-Similarly, the more people volunteer to run a Tor relay, the more stable and reliable the Tor Network becomes.
-
-Tor is a privacy tool so many people, organizations, and applications need to stay safe and secure. It is **our collective responsibility to contribute what we can** to keep Tor strong and thriving for all of us.
-
-### How to support Tor
-
-There are many ways to help Tor survive and thrive! You can help by:
-
-- [Donating to the Tor Project (includes really neat merch!)](https://donate.torproject.org/)
-
-- [Spreading the word about Tor](https://community.torproject.org/outreach/)
-
-- [Joining the Tor community](https://community.torproject.org/)
-
-- [Making your website accessible as an onion service](https://community.torproject.org/onion-services/setup/)
-
-- [Asking your university to run a Tor relay](https://toruniversity.eff.org/)
-
-- [Running a Tor relay yourself](https://community.torproject.org/relay/)
-
-- [Running a Snowflake proxy to help fight censorship](https://community.torproject.org/relay/setup/snowflake/)
-
-- Using Tor for anything from important to trivial
-
-- Sharing this article 💜
-
-## Onion sites you can visit using the Tor Browser
-
-- [Privacy Guides website](http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion/en/) 💛
-- [Privacy Guides forum](http://discuss.6xotdxvg7pexnean3xu6b7ivs7g52zcwsdbnz4mdm4byivc3yfv65aid.onion/)
-- [Amnesty International](https://www.amnestyl337aduwuvpf57irfl54ggtnuera45ygcxzuftwxjvvmpuzqd.onion)
-- [Electronic Frontier Foundation](https://www.iykpqm7jiradoeezzkhj7c4b33g4hbgfwelht2evxxeicbpjy44c7ead.onion/)
-- [Freedom of the Press Foundation](http://fpfjxcrmw437h6z2xl3w4czl55kvkmxpapg37bbopsafdu7q454byxid.onion/)
-- [Secure Drop directory (for whistleblowers)](http://sdolvtfhatvsysc6l34d65ymdwxcujausv7k5jk4cy5ttzhjoi6fzvyd.onion/directory/)
-- [ProPublica](http://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion/)
-- [Internet Archive](https://archivep75mbjunhxc6x4j5mwjmomyxb573v42baldlqu56ruil2oiad.onion/)
-- [OnionShare (file sharing)](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/)
-- [Proton Mail](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/)
-- [Tor Project](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion)
-
-***
-
-For more in-depth information about Tor, you can consult our [Tor Overview](https://www.privacyguides.org/en/advanced/tor-overview/).
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
-
----
-
-**Update (5/6):** This article was updated to note [the importance of restarting Tor Browser](tor-security-slider-flaw.md) when changing security level settings.
diff --git a/content/blog/posts/installing-and-using-tails.md b/content/blog/posts/installing-and-using-tails.md
deleted file mode 100644
index 9a5daa8ba..000000000
--- a/content/blog/posts/installing-and-using-tails.md
+++ /dev/null
@@ -1,503 +0,0 @@
----
-date:
-    created: 2025-01-29T22:00:00Z
-categories:
-    - Tutorials
-authors:
-    - em
-description: When browsing the web at home becomes dangerous to your safety, there are tools that can help minimizing your digital traces to stay safe. Tails is one of these tools. Here's why, when, and how you can install and use Tails.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/installing-and-using-tails/cover.webp
----
-# Using Tails When Your World Doesn't Feel Safe Anymore
-
-![Photo of a hand plugging a USB stick into a laptop and the Tails logo under it.](../assets/images/installing-and-using-tails/cover.webp)
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Aleksander Dumała / Pexels</small>
-
-There is a growing number of people who no longer feel safe in their own home or country. Whatever the reason, many people might not feel safe to browse certain topics online. With all the information getting collected for each internet search, it is difficult to access sometime vital information without leaving a trace. These digital footprints might not threaten your personal safety if you are living with a supportive family, and in a democratic and free country. However, there are situations where someone might be put in great danger simply for looking at a website.<!-- more -->
-
-While this guide will be applicable to many, I am writing this article with these groups in mind:
-
-1. Victims of domestic violence,
-2. Trans and queer individuals living in a hostile environment, and
-3. Democracy and human rights activists located in regions adverse to their cause.
-
-This article will help people in such situations learn how to browse the internet and use a computer in a more protected and anonymous way, in order to stay safe from harm.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">A warning for those at very high risk</p>
-
-If you feel at very high risk in your home or country, and the device you are currently using to read this article could be accessed by a person or group meaning you harm, I recommend you ask a *trusted ally* who does not experience the same level of threat to complete this tutorial for you on their device instead. This will help with minimizing any digital traces left on your device that could endanger you.
-
-Then, I recommend that you [**erase your browsing history**](clearing-browsing-data.md) (ideally, delete this and related websites only) and clear your browser's cache and cookies. If you have a Google account and used Google to find this article, also make sure to [**delete your Google search history**](https://support.google.com/websearch/answer/6096136).
-
-Once you have securely reached out to a trusted ally to request their help, and erased your browser's data for this site, do not consult this article again *if the digital traces of it might put you in danger*.
-
-</div>
-
-If you are completing this installation for someone else, or if the device you are currently using cannot put you at risk, here's why, when, and how you can install and use the portable system Tails:
-
-## What is Tails?
-
-![Illustration of the Tails logo.](../assets/images/installing-and-using-tails/tails-logo-flat-inverted.svg)
-
-<small aria-hidden="true">Illustration: Tails / Tor Project</small>
-
-Tails is a portable *operating system* (a type of software like Windows and macOS) that is especially designed to minimize your digital footprints while using it.
-
-The name is an acronym for "The Amnesic Incognito Live System". It is kept on a USB stick and resets itself entirely after each use (except if you enable its encrypted password-protected [Persistent Storage](https://tails.net/doc/persistent_storage/index.en.html)). What is done on Tails does not leave any digital traces on the computer it is plugged into, hence "amnesic."
-
-Additionally, Tails comes with pre-installed applications that will help increase your security and privacy online. When accessing the internet from Tails, your traffic will be automatically rerouted through the [Tor network](https://www.privacyguides.org/en/advanced/tor-overview/). This is a special network that makes it very difficult to identify your location or the websites you access, even from your Internet Service Provider (ISP).
-
-However, unless you configure the [Tor bridge](https://tails.net/doc/anonymous_internet/tor/index.en.html#hiding) option to hide this, your ISP will know you have been using Tor, although they will not know which websites in particular you have visited through Tor. It could have been anything. I personally use Tor when I have to visit Google Maps, just to protect my data from Google's advertising.
-
-## Why you might want to use Tails
-
-There are many good and legitimate reasons for using Tails. Here are a few examples from the scenarios I am considering in this article:
-
-1. A victim of domestic violence who needs a secure way to research and communicate with shelters or other supportive resources to plan a safe escape, without leaving traces of their activities on a device accessible to the perpetrator.
-
-2. A trans or queer individual who lives with an unsupportive or hostile family and wishes to research trans or queer-related topics online, find communities, or access supportive resources without leaving any digital traces of their activities on a family device.
-
-3. A democracy or human rights activist who organizes protests, communicate information online, or carry on any other activities that might have been declared unauthorized by an oppressive regime.
-
-4. Any other situations where browsing the web or using a device anonymously might be necessary to protect someone's safety.
-
-## When to use Tails, and when not to use Tails
-
-Tails protects some data very well, but it will not magically protect everything. Before using it, read carefully what it can help you with and what it cannot do.
-
-### When using Tails might help you
-
-- Browsing the web without leaving traces on your main computer.
-
-- Using a computer without leaving traces of your activities on your main computer.
-
-- Storing information and processing files in an encrypted way, away from your main computer.
-
-- Hiding which websites you visit from your ISP by using Tor, without leaving traces on your main computer.
-
-### What you should be careful about
-
-- Remember that unless you enable the Tor bridge, your ISP will know you have accessed the Tor network. Your government could request this information from your ISP. Be careful if this can put you in danger in your country. If you are not using Tails from a public Wi-Fi network, and if revealing to your ISP that you are using Tor could be dangerous to you, you should [enable the Tor bridge option](https://tails.net/doc/anonymous_internet/tor/index.en.html#hiding).
-
-- Tails cannot protect your anonymity if while using Tails you log into an account that you have already been identified with, or have used outside of Tails. While using Tails, **do not log into anything that you have logged in outside of Tails**.
-
-- If you communicate with others or create an account within Tails, be mindful not to share any personal details that could identify you while using Tails.
-
-- If you share any files, be careful to **remove thoroughly any metadata** that could identify you from the file.
-
-- If you share any pictures or videos, be extremely cautious with removing metadata and examining the picture or video to make sure no reflections or other details could inadvertently identify you.
-
-- Do not to reuse any usernames, pseudonyms, email addresses, phone numbers, profile pictures, passwords, or any other information that you have used outside of Tails.
-
-- Do not do anything that could identify you while using Tails. Assume that everything you do while using Tails could be linked together.
-
-- Be careful with using any mobile data network to connect to the internet. Information related to [your mobile device could identify you](https://tails.net/doc/anonymous_internet/no-wifi/index.en.html).
-
-- A very powerful adversary, such as a government, could potentially identify some information despite you using Tails. Read more about Tails' limitations here: [https://tails.net/doc/about/warnings/index.en.html](https://tails.net/doc/about/warnings/index.en.html)
-
-### When you should **not** use Tails
-
-- If someone finding your Tails USB stick could put you in worse danger than not using it at all.
-
-- If you have not enabled the Tor bridge option, and your ISP or government finding out you have accessed Tor could put you in worse danger than not using it at all.
-
-- When the computer you are using Tails with might be [compromised at the firmware or hardware level](https://tails.net/doc/about/warnings/computer/index.en.html).
-
-- When there are cameras in your environment recording your activity on this computer.
-
-- If your computer cannot securely boot from an external USB stick.
-
-## Installing Tails
-
-Before you start, make sure that:
-
-1. The device you use for the installation is free from malware or spyware.
-
-2. There is no recording software such as [Windows Recall](https://allthings.how/how-to-turn-off-windows-recall-ai-feature-in-windows-11-copilot-plus-pcs/) running. If there is, disable or pause it and delete your visit of this website from it.
-
-3. You have a USB stick with a storage capacity of at least 8 GB. Ideally, I recommend using a fresh and new USB stick, but if this is not accessible to you, make sure you can erase this USB stick entirely and that the files on it were not sensitive or revealing information. Assume your USB stick could get seized later on and these deleted files could potentially get restored.
-
-4. If you complete this installation for someone else, or if it is safe for you to do so (ordering online leaves a lot of digital footprints!), you may be interested in using a USB stick that looks more like a banal object. You can easily find cheap USB sticks on popular online stores that look like innocuous cartoon keychain charms, for example.
-
-### What you'll need
-
-- [x] USB stick with a storage capacity of at least 8 GB.
-
-- [x] A computer with a port compatible with your USB stick (both for installation and usage).
-
-- [x] A computer running one of these operating systems: Apple computer with *Intel* processor (not M1-M2-M3) running macOS version 10.10 or later, PC with at least 2 GB of RAM running Windows 7 or later, PC with at least 2 GB of RAM running Linux.
-
-- [x] Capacity to install new software on the computer you are using for the installation.
-
-- [x] At least 1-2 hours of free time when you are safe and free from threats.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Hardware incompatibility</p>
-
-You might experience some hardware incompatibilities while running Tails (this is common for Linux-based software on Mac devices). If this happens, you will need to use **a wired (or dongle) mouse, a wired (or dongle) keyboard, and a Wi-Fi adapter or an internet access you can plug in directly from an [Ethernet cable](https://simple.wikipedia.org/wiki/Ethernet)**.
-
-If you need a Wi-Fi adapter, you will find a list of adapters compatible with Tails at the bottom of this page: [https://tails.net/doc/anonymous_internet/no-wifi/index.en.html](https://tails.net/doc/anonymous_internet/no-wifi/index.en.html)
-
-Be very careful if you decide to use mobile phone connectivity, however. The data linked to your mobile device could de-anonymize you, even while using Tails. More information on this here: [https://tails.net/doc/anonymous_internet/no-wifi/index.en.html](https://tails.net/doc/anonymous_internet/no-wifi/index.en.html)
-
-</div>
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Delete your traces afterward</p>
-
-Depending on your situation, you might want to delete the traces of this installation after. See [a to-do list](#final-notes) for this at the end of this article.
-
-</div>
-
-<div class="admonition info" markdown>
-<p class="admonition-title">About this tutorial</p>
-I am going to walk you through a **step-by-step through the process for an installation from macOS**. If you are using a computer running Windows or Linux, the steps will be similar, but the windows appearances and warnings will vary. The steps to boot from an external USB stick will also vary.
-
-You might decide to reference the [guides from the Tails website](https://tails.net/install/index.en.html) instead. Tails' installation guides are excellent.
-
-</div>
-
-If you encounter any issues during the installation or running processes, you can try to find support specific to your issue here: [https://tails.net/support/index.en.html](https://tails.net/support/index.en.html)
-
-### Step 1: Download Tails
-
-Visit this website and select your installation computer's operating system: [https://tails.net/install/](https://tails.net/install/)
-
-![Screenshot of a browser window showing Tails' installation page.](../assets/images/installing-and-using-tails/tails-installation-mac-1.webp)
-
-Scroll down to the "**Download Tails**" section and click on the green download button. Make sure to save the installation file in a folder where you can find it back easily and not forget to **delete it afterwards**.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Warning</p>
-
-Do not save this file on your USB stick!
-
-</div>
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Always install the latest version of Tails</p>
-
-The download link is not shared directly here because you should always make sure to download and install [the most recent version of Tails](https://tails.net/doc/upgrade/). If you read this article at a later date, the version number you will be installing will likely be higher than the number shown here.
-
-</div>
-
-![Screenshot of a browser window showing Tails' download step.](../assets/images/installing-and-using-tails/tails-installation-mac-2.webp)
-
-### Step 2: Verify the file you just downloaded
-
-Scroll down to "**Verify your download**" and click on "**Select your download to verify...**"
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Do not skip this step!</p>
-
-This step is important to ensure the file you just downloaded has not been tampered with or corrupted during the process.
-
-</div>
-
-![Screenshot of a browser window showing Tails' verification step.](../assets/images/installing-and-using-tails/tails-installation-mac-3.webp)
-
-Once the verification is completed (this might take a few minutes), you should see a green checkmark with "**Verification successful!**" followed by the file name. If you do not see this, delete the file and repeat [Step 1](#step-1-download-tails) and [Step 2](#step-2-verify-the-file-you-just-downloaded).
-
-![Screenshot of a browser window showing Tails' successful verification with file name.](../assets/images/installing-and-using-tails/tails-installation-mac-4.webp)
-
-### Step 3: Download and install balenaEtcher
-
-You will need this free software in order to install Tails on your USB stick.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Reminder</p>
-
-Make sure the USB stick you have has a storage capacity of at least 8 GB, and does not store any files you wish to keep. Ideally, use a fresh never-used-before USB stick.
-
-</div>
-
-You can download *balenaEtcher* from this link: [https://tails.net/etcher/balenaEtcher.dmg](https://tails.net/etcher/balenaEtcher.dmg)
-
-Open the folder where you downloaded the *balenaEtcher* installation file (keep it open to delete this file after the installation is completed), and double-click on the "**balenaEtcher.dmg**" file. Drag the "**balenaEtcher.app**" icon over the "**Applications**" folder icon when prompted from the window below:
-
-![Screenshot of a macOS application installation window for balenaEtcher.](../assets/images/installing-and-using-tails/tails-installation-mac-5.webp)
-
-Once the file is copied to you "**Applications**" folder, go on your computer's desktop and right-click on the "**balenaEtcher**" icon. Select '**Eject "balenaEtcher"**'
-
-![Screenshot of a desktop showing the balenaEtcher installation icon and a macOS menu with the option to Eject balenaEtcher.](../assets/images/installing-and-using-tails/tails-installation-mac-6.webp)
-
-### Step 4: Install Tails on your USB stick using balenaEtcher
-
-4.1. Open your Mac's "**Applications**" folder and double-click on "**balenaEtcher.app**".
-
-Depending on your macOS version, your Mac might open a popup window saying '**Verifying "balenaEtcher.app"...**'. This is normal, let it complete its verification. Next, you will likely see another popup window with '**"balenaEtcher.app” is an app downloaded from the Internet. Are you sure you want to open it?**'. Click "**Open**".
-
-![Screenshot of a macOS popup with a verifying loading bar.](../assets/images/installing-and-using-tails/tails-installation-mac-7.webp)
-
-![Screenshot of a macOS popup with a warning message with the options to Cancel or Open.](../assets/images/installing-and-using-tails/tails-installation-mac-8.png)
-
-4.2. Open *balenaEtcher* and click on the settings gear button on the upper-right. Disable the option "**Anonymously report errors and usage statistics to balena.io**", then click "**OK**".
-
-![Screenshot of a balenaEtcher window showing a gear icon on the upper-right, and a disabled option to share anonymous error reports.](../assets/images/installing-and-using-tails/tails-installation-mac-9.webp)
-
-4.3. Eject and unplug any other external USB stick(s) or external USB drive(s) that might be plugged into your computer if possible, and plug in the USB stick you wish to erase and install Tails on.
-
-4.4. Once it is plugged in, return to *balenaEtcher* and click on the "**Flash from file**" blue button on the left. You will be prompted to select a file. Select the Tails "**.img**" file you have downloaded and verified earlier.
-
-![Screenshot of a balenaEtcher window showing 3 buttons. The button on the left is blue and labeled Flash from file.](../assets/images/installing-and-using-tails/tails-installation-mac-10.webp)
-
-4.5. Click on the "**Select target**" blue button in the middle, and select your USB stick.
-
-![Screenshot of a balenaEtcher window showing 3 buttons. The button in the middle is blue and labeled "Select target".](../assets/images/installing-and-using-tails/tails-installation-mac-11.webp)
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Caution! Select the correct USB stick!</p>
-
-Make sure you are not selecting a USB stick or drive different from the one you wish to erase for Tails. **All data on the USB stick or drive you select will be permanently lost. Be careful!**
-
-</div>
-
-![Screenshot of a balenaEtcher window inside a menu with one or more checkboxes. One checkbox is selected next to a USB stick name and description.](../assets/images/installing-and-using-tails/tails-installation-mac-12.webp)
-
-4.6. Once you have verified that all the information is correct, click on the "**Flash!**" blue button on the right.
-
-![Screenshot of a balenaEtcher window showing 3 buttons. The button on the right is blue and labeled "Flash!".](../assets/images/installing-and-using-tails/tails-installation-mac-13.webp)
-
-You will see a *balenaEtcher* popup window saying: "**balenaEtcher needs privileged access in order to flash disks. Type your password to allow this.**". Type your computer's password and click "**Ok**".
-
-![Screenshot of a macOS popup warning with a password field.](../assets/images/installing-and-using-tails/tails-installation-mac-14.webp)
-
-Depending on the version of macOS you use, you might see another popup window saying '**"balenaEtcher.app" would like to access files on a removable volume.**'. Click "**OK**" and wait for the installation to start.
-
-![Screenshot of a macOS popup warning with the options to "Don't Allow" or "OK".](../assets/images/installing-and-using-tails/tails-installation-mac-15.webp)
-
-While Tails is getting installed, you should see a window that looks like this with "**Flashing...**". The operation might take a few minutes. Do not interrupt this process!
-
-![Screenshot of a balenaEtcher window showing on the left a Flashing progression bar.](../assets/images/installing-and-using-tails/tails-installation-mac-16.png)
-
-4.7. Once Flashing is completed, you will see *balenaEtcher* validating the installation with "**Validating...**". This process should be quick.
-
-<div class="admonition failure" markdown>
-<p class="admonition-title">Failed validation</p>
-
-If the validation fails, close *balenaEtcher*, eject your USB stick, and try the installation process again from [Step 4](#step-4-install-tails-on-your-usb-stick-using-balenaetcher). You may also want to try with a different USB port or a different USB stick.
-
-</div>
-
-![Screenshot of a balenaEtcher window showing on the left a Validating progression bar.](../assets/images/installing-and-using-tails/tails-installation-mac-17.png)
-
-Once the installation is completed successfully, you should see a window like this with "**Flash Completed!**" on the left. You can now close *balenaEtcher* and unplug your USB stick.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Unreadable USB</p>
-
-If you see a notification about a USB stick that appears to be unreadable, click "**Eject**" and unplug your USB stick.
-
-</div>
-
-![Screenshot of a balenaEtcher window showing on the left a green checkmark with "Flash Completed!".](../assets/images/installing-and-using-tails/tails-installation-mac-18.png)
-
-### Step 5: Continue this tutorial from paper or from another device (if you can do so safely)
-
-For the rest of this tutorial, you will have to shut down the computer you will be using or testing Tails with. If this is the same computer you are currently using, you will need an alternative way to keep following along with the instructions. Make sure you either:
-
-- Note the rest of the instructions in advance on something that will be easy to delete/erase/destroy after.
-
-- Open this article on a mobile device where it is not dangerous for you to visit this page.
-
-### Step 6: Boot your computer from your Tails USB stick
-
-<details class="warning" markdown>
-<summary>Warning: If the computer running Tails is a Mac with a T2 Security Chip (2018-2020):</summary>
-
-If the computer you will be using Tails with is a [Mac with a T2 Security Chip](https://support.apple.com/en-us/103265), and you receive the following message (or similar) when trying to boot your Mac from your Tails USB stick:
-
-`Security settings do not allow this Mac to use an external startup disk.`
-
-Here's how to modify options in your Mac's [Startup Security Utility](https://support.apple.com/en-us/102522) to make this works:
-
-1. Turn off your Mac, then turn it on again and right away press and hold **Command(⌘)+R**, this will enter your Mac's recovery mode. The startup process will take longer than usual, and you will see the screen flashing a few times, this is normal.
-
-2. You will see a "**Language**" menu appear, select a language then click on the arrow at the bottom-right.
-
-3. If your computer has multiple volumes (disks), you will be required to select one, then click "**Next**".
-
-4. You will need to select a user you know the password for and enter it, then click "**Next**".
-
-5. Once you see a window with 4 options, select none of these and instead go to the upper-left menu to select the "**Utilities**" drop-menu, then select "**Startup Security Utility**".
-
-6. You will see an "**Authentication Needed**" window appear, and you will need to enter your macOS user password again.
-
-7. Once you see the "**Startup Security Utility**" window with 5 options, in the "**Secure Boot**" section select "**No Security**" and in the "**External Boot**" or "**Allowed Boot Media**" section select "**Allow booting from external or removable media**".
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Security warning!</p>
-
-This reduces the security of your device because your computer could boot from anything else as well. You could "Turn On Firmware Password" at the top to mitigate this, however, if others use this device, I would recommend that you do not do this. Enabling a firmware password would require this new password to be entered [each time this device starts from a different disk](https://support.apple.com/en-us/102384). This could raise a lot of suspicions if there was no password before.
-
-Moreover, if you ever lose this password, you would be entirely locked out of this device and require an in-person service at the Apple Store to be able to keep using it.
-
-If you want to hide that you are using Tails from the people near you, I would recommend you do **not** turn on firmware password. However, do know this could increase some security risks for this device.
-
-</div>
-
-![Screenshot of a macOS "Startup Security Utility" window from the recovery mode. In the "Secure Boot" section the option "No Security" is selected. In the "External Boot" section the option "Allow booting from external media" is selected.](../assets/images/installing-and-using-tails/mac-startup-security-utility.png)
-
-<small aria-hidden="true">Screenshot: Tails / Tor Project</small>
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Quit Recovery Mode</p>
-
-Once you have modified your "**Startup Security Utility**" options, click on the drop-down Apple menu (apple icon) of the upper-left, then select "**Shut Down**".
-
-</div>
-
-</details>
-
-To boot from your Tails USB stick:
-
-**From macOS:**
-
-1. Shut down your computer.
-2. Plug in your Tails USB stick.
-3. Turn on your Mac, then right away press and hold the "**Option**" key (⌥ or Alt key) until you see a loading bar or a disks menu.
-4. When you see a disks menu, select the yellow disk called "**EFI Boot**" or "**Windows**".
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">No disks menu?</p>
-
-If you do not see this disks menu, wait 2-3 minutes, shut down your computer, unplug your USB stick, plug it in another port if you can, and start the boot process over.
-
-</div>
-
-**From Windows 8 or 10:**
-
-1. From Windows or the sign-in screen, click on the "**Start**" button.
-2. While you choose "**Power**" > "**Restart**", press and hold the "**Shift**" key.
-3. Once you get to the "**Choose and option**" screen, select "**Use a device**"
-4. In "**Use a device**", select "**Boot Menu**" and plug in your Tails USB stick while Windows is shutting down.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Boot Step 3: No device selection menu?</p>
-
-If you do not see this, follow these instructions from Tails: [https://tails.net/doc/first_steps/start/pc/index.en.html#boot-menu-key](https://tails.net/doc/first_steps/start/pc/index.en.html#boot-menu-key)
-
-</div>
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Boot Step 4: No boot menu?</p>
-
-If Windows does not display a "**Boot Menu**", plug in your Tails USB stick then select it directly from the list of devices. Press "**Enter**".
-
-</div>
-
-**From Linux:**
-
-1. Shut down your computer.
-2. Plug in your Tails USB stick.
-3. Identify the Boot Menu key for your specific computer manufacturer. You can see a list of the most common ones here: [https://tails.net/doc/first_steps/start/pc/index.en.html#boot-menu-key](https://tails.net/doc/first_steps/start/pc/index.en.html#boot-menu-key)
-4. Turn on your computer and immediately press and hold this identified Boot Menu key.
-
-## Starting and using Tails
-
-If the installation was successful and the process of booting from the USB stick went well, you will see Tails starting. You will see some gray screens, you will see some flashes, you will see some black screen with lots of white text rolling down very quickly!
-
-Don't panic! This is normal :thumbsup:
-
-Once Tails has started, you will see a top menu bar with a blue wallpaper. It might take a few minutes before you see a window popping up there, this is also normal. Be patient.
-
-The first window you should see is a window saying "**Welcome to Tails!**"
-
-There, you will see language options, the [Persistent Storage](https://tails.net/doc/persistent_storage/index.en.html) option, and Additional Settings options.
-
-<div class="admonition bug" markdown>
-<p class="admonition-title">No keyboard! No mouse!</p>
-
-At this point you might realize your mouse and/or keyboard are not working. If this happens, you can use a wired (or dongle) mouse and a wired (or dongle) keyboard to fix this problem quickly. If it is still not working after plugging one in, leave all peripherals plugged in and restart Tails (see [Step 6](#step-6-boot-your-computer-from-your-tails-usb-stick)).
-
-</div>
-
-### Using Persistent Storage
-
-Make sure to test this feature works well multiple times before storing anything of value there. If you forget the Persistent Storage's password or if a bug occurs, you might not be able to access these files anymore. Know that you also have the option to plug in a separate (ideally encrypted) USB stick to store files on it, even while using Tails. If you encounter a problem when using Tails' Persistent Storage feature, you can troubleshoot it here: [https://tails.net/doc/persistent_storage/fsck/index.en.html](https://tails.net/doc/persistent_storage/fsck/index.en.html)
-
-If you decide to set up Persistent Storage:
-
-1. Choose a long passphrase that is **not** something known like music lyrics or movie quotes. Choose something you do not usually say/write and that you could not Google. Choose **something long and unique**, that nobody else has used before, and that you will be able to remember well. Practice this passphrase in your head regularly.
-
-2. After setting up Persistent Storage, you will see a window like this with additional options:
-
-![Screenshot of a window within Tails titled "Persistent Storage" and showing various options.](../assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp)
-
-### Connecting to the internet
-
-Make sure that your Wi-Fi card, Wi-Fi adapter, or Ethernet cable is plugged in and working. On the upper-right menu bar, click on the onion icon and select "**Open Tor Connection Assistant**". You will see a "**Tor Connection**" window appear with a few options. If it is not dangerous for you to have your ISP or government know you are using the Tor network, choose "**Connect to Tor automatically**" then click on "**Connect to Tor**".
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Danger!</p>
-
-If using Tor is dangerous for you, read more about the other options before deciding anything.
-
-</div>
-
-![Screenshot of a window within Tails titled "Tor Connection" and showing various options.](../assets/images/installing-and-using-tails/tails-usage-torconnection.webp)
-
-If the connection is successful, you should see this window, and you will be ready to browse the internet anonymously:
-
-![Screenshot of a window within Tails titled "Tor Connection" indicating the connection to Tor was successful. There is a button at the bottom labeled "Start Tor Browser".](../assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp)
-
-![Screenshot within Tails showing the Tor Browser application displaying the onion version of the Privacy Guides website.](../assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp)
-
-### Sharing files with others
-
-There is a lot of great applications already installed on Tails to help you! You will find them listed in the "**Applications**" drop-menu on the upper-left top bar. One of these applications is [OnionShare](https://onionshare.org/), which you can use to share files with others anonymously.
-
-![Screenshot within Tails showing the application OnionShare open.](../assets/images/installing-and-using-tails/tails-usage-onionshare.webp)
-
-### Storing passwords
-
-If you are using the Persistent Storage with Tails, and need to store passwords, you can use the pre-installed [KeePassXC](https://keepassxc.org/) application. This application will store your passwords encrypted, locally-only, and protected by a main password (ideally, a **passphrase**). Be careful however if you store important passwords in there. Remember that if a bug occurs or if you forget your Persistent Storage's password, you could lose access to all of it.
-
-![Screenshot within Tails showing the application KeePassXC open.](../assets/images/installing-and-using-tails/tails-usage-keepassxc.webp)
-
-### Shutting down Tails
-
-When you are done using Tails, you should always **shut it down and unplug the USB stick** after.
-
-To shut Tails down, click on the upper-right menu on the top bar, the one with the battery icon. Then click on "**Power Off**" at the bottom-right of the drop-menu box. Wait for the screen to turn black, then unplug your Tails USB stick.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">In Case of Emergency!</p>
-
-In case of emergency, you can shut down Tails quickly by directly unplugging the USB stick while it is still running. This will effectively reset Tails like a normal shut down **IF** it was not in "Suspend" state. More on this here: [https://tails.net/contribute/design/memory_erasure/](https://tails.net/contribute/design/memory_erasure/)
-
-</div>
-
-Shutting down Tails by physically unplugging it while it is still running [could potentially damage your Persistent Storage](https://tails.net/doc/first_steps/shutdown/index.en.html). Only use this feature in case of emergency, and shut down Tails using the "**Power Off**" menu option whenever possible.
-
-## Final notes
-
-Remember to delete the traces of this installation from the computer you used, once you have verified that everything works properly.
-
-**You should also remember to:**
-
-- [x] Delete the browsing history for these websites (this article, the Tails web pages, and any other related pages you have visited).
-- [x] Delete cookies for these websites (or all cookies).
-- [x] Delete the site data and cache for these websites (or all sites data).
-- [x] If logged into your Google account, [delete your Google search history](https://support.google.com/websearch/answer/6096136) for these websites.
-- [x] Delete *balenaEtcher*, both the software and the installation files (after verifying your Tails is operational).
-- [x] Delete *balenaEtcher* from the recently used applications list.
-- [x] Empty your computer's trash bin.
-- [x] Once you have completed this list and verified your installation, reboot your computer.
-
-### Consider supporting Tails and the Tor Project
-
-Finally, if you are not personally at risk of harm by reading this article or by getting associated with Tails, I strongly encourage you to support this incredible project by donating to Tails or to the Tor Project. Tools like Tails and Tor help a lot of people in very vulnerable situations. Your support means a lot to non-profit organizations like the Tor Project to improve and maintain these tools.
-
-Thank you for helping yourself and others to stay safe :purple_heart:
-
-Support Tails (if it is safe for you to do so): [https://tails.net/donate/](https://tails.net/donate/)
-
-Support the Tor Project (if it is safe for you to do so): [https://donate.torproject.org/](https://donate.torproject.org/)
-
-![Screenshot within Tails showing the Tor Browser application displaying the Tails website welcome page.](../assets/images/installing-and-using-tails/tails-usage-tailswebsite.png)
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
diff --git a/content/blog/posts/installing-keepassxc-and-yubikey.md b/content/blog/posts/installing-keepassxc-and-yubikey.md
deleted file mode 100644
index 85c91a5c5..000000000
--- a/content/blog/posts/installing-keepassxc-and-yubikey.md
+++ /dev/null
@@ -1,424 +0,0 @@
----
-date:
-    created: 2025-03-18T17:00:00Z
-categories:
-    - Tutorials
-authors:
-    - em
-description: This tutorial demonstrates how to install the local-only password manager KeePassXC and secure a password database with YubiKey.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/installing-keepassxc-and-yubikey/keepassxc-cover.webp
----
-# KeePassXC + YubiKey: How to set up a local-only password manager
-
-![Illustration showing a laptop computer with the KeePassXC logo on it. On the right is a green plus sign and a photo of a YubiKey.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-cover.webp)
-<small aria-hidden="true">Illustration: Privacy Guides | Graphics: Yubico | Logo: KeePassXC</small>
-
-If you are looking for a good remote password manager you can use from anywhere, there are plenty of excellent [options](https://www.privacyguides.org/en/passwords/) to choose from. However, if you prefer to only store your passwords locally, [KeePassXC](https://www.privacyguides.org/en/passwords/#keepassxc) is what you need. In this tutorial, we will set up KeePassXC to work with [YubiKey](https://www.privacyguides.org/en/security-keys/#yubikey) as an additional factor to secure your local-only password database.<!-- more -->
-
-## KeePassXC summary
-
-KeePassXC is a free, open-source, and desktop-only password manager. The community-driven project was first released in 2012 and is a fork of both the *KeePass Password Safe* application and *KeePassX*, which is no longer actively maintained.
-
-In addition to having its [code](https://github.com/keepassxreboot/keepassxc) available for all to see, KeePassXC also went through an independent [security review](https://keepassxc.org/blog/2023-04-15-audit-report/) in 2023.
-
-Because it does not automatically sync with any remote cloud service, KeePassXC works offline by default. This offers additional protections for your privacy, and potentially for your security as well, depending on your specific situation.
-
-### Platforms
-
-KeePassXC can run on Linux, macOS, and Windows computers. There is no direct option for a KeePassXC application on mobile. The KeePassXC team [suggests](https://keepassxc.org/docs/#faq-platform-mobile) using [KeePassDX](https://www.keepassdx.com/) or [KeePass2Android](https://play.google.com/store/apps/details?id=keepass2android.keepass2android) on Android phones, and [Strongbox](https://strongboxsafe.com/) or [KeePassium](https://keepassium.com/) on iPhones.
-
-### Database cloud backup
-
-KeePassXC is local-first and will not automatically back up your password database in the cloud. This can be both an advantage for security and privacy, and a disadvantage if something were to happen to your device.
-
-To prevent losing access to your passwords, it is recommended to regularly back up your encrypted database `.kdbx` file in a remote [cloud storage](https://www.privacyguides.org/en/cloud/) of your choice, or on an encrypted external drive or USB stick.
-
-When copying this file to a third-party cloud service, it will [remain fully encrypted](https://keepassxc.org/docs/KeePassXC_UserGuide#_storing_your_database) and only get decrypted locally on your device. That being said, it's still always best to select an end-to-end encrypted cloud storage whenever possible.
-
-### Feature overview
-
-This tutorial only covers the basic installation to get you ready using KeePassXC locally, with a main password secured with a YubiKey. However, KeePassXC offers a lot of features you might also want to have a look at.
-
-In addition to the features we will set up here, KeePassXC offers the following:
-
-- [Passkey support](https://keepassxc.org/docs/KeePassXC_UserGuide#_passkeys)
-
-- [Password generator](https://keepassxc.org/docs/KeePassXC_UserGuide#_password_generator)
-
-- [Command line tool](https://keepassxc.org/docs/KeePassXC_UserGuide#_command_line_tool)
-
-- [SSH agent integration](https://keepassxc.org/docs/KeePassXC_UserGuide#_ssh_agent_integration)
-
-- [KeeShare and groups](https://keepassxc.org/docs/KeePassXC_UserGuide#_database_sharing_with_keeshare)
-
-- [Import password databases from 1Password, Bitwarden, Proton Pass, KeePass, CSV files](https://keepassxc.org/docs/KeePassXC_UserGuide#_importing_databases)
-
-- [Export databases to CSV, HTML, or XML files](https://keepassxc.org/docs/KeePassXC_UserGuide#_exporting_databases)
-
-- [And more](https://keepassxc.org/docs/KeePassXC_GettingStarted#_features)
-
-### What's new with KeePassXC 2.7.10
-
-On March 4th, KeePassXC released its most recent update. This update includes the capacity to import Proton Pass databases, to generate passphrases using *mixed* case (a mix of uppercase and lowercase), and many other [useful features](https://keepassxc.org/blog/2025-03-04-2.7.10-released/).
-
-## Requirements and preparation
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Operating systems</p>
-
-This tutorial was completed using macOS, but your experience shouldn't be much different if you are using Linux or Windows.
-
-</div>
-
-For this tutorial you will need:
-
-- [x] Computer running Linux, macOS, or Windows
-- [x] Internet connection
-- [x] Ability to install software on this computer
-- [x] One or two YubiKeys (ideally two)
-
-## Setting up KeePassXC
-
-### Step 1: Download and Install KeePassXC
-
-Go to KeePassXC's download page and download the application version for your operating system. If the website doesn't detect your system automatically, you can change it on the top menu, or click on the "See more options" yellow button for previous versions.
-
-![Screenshot of the KeePassXC website download page.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-1-download.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Verifying signatures</p>
-
-For ideal security, you can verify the authenticity and integrity of the file you just downloaded by verifying the file's signatures. To do this, [follow the instructions](https://keepassxc.org/verifying-signatures/) from the website to guarantee the file you downloaded was created by the KeePassXC Team and has not been tampered with.
-
-</div>
-
-Complete the process for your respective OS to install and open the application once verified.
-
-![Screenshot of the application installation window for KeePassXC on macOS.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-2-install.webp)
-
-On macOS, you will be prompted with a warning message saying "**“KeePassXC.app” is an app downloaded from the Internet. Are you sure you want to open it?**", click "Open".
-
-![Screenshot of a macOS warning popup before opening an application that was downloaded from the Internet.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-3-installwarning.webp)
-
-<div class="admonition info" markdown>
-<p class="admonition-title">KeePassXC blocks screenshots by default</p>
-
-Interestingly, KeePassXC has a security feature that [blocks](https://keepassxc.org/docs/KeePassXC_UserGuide#_screenshot_security) screenshots and recordings of the application window on macOS and Windows.
-
-This is a great feature to prevent accidentally sharing your decrypted password database information during a meeting presentation, for example.
-
-Thankfully for writing this tutorial, there is a way to disable it temporarily, but **you** should definitely keep it on.
-
-</div>
-
-### Step 2: Adjust the settings
-
-Once you have installed and opened KeePassXC, before creating a database for your passwords, click on the "Settings" gear button on the upper-right, on the *toolbar*.
-
-![Screenshot of the KeePassXC application showing the Settings section.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-4-settings.webp)
-
-From there, you will see many options you can adjust to your preferences. The default settings are already good, but you might want to tweak a few things to your specific usage.
-
-#### Keep a previous version backup (recommended)
-
-Scrolling down to the "File Management" section, you might want to enable the option to "Backup database file before saving". This will ensure you always have a backup of the previous version of your database, in case you accidentally delete important information for example.
-
-You can store this backup in the same or a different directory. You can change this backup's name or keep the default that will append `.old` to your database filename.
-
-![Screenshot of the KeePassXC application showing the Settings General section with the Backup database file before saving checkbox checked.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-5-backupprevious.webp)
-
-#### Add icons specific to each service (optional)
-
-If you want to use icons specific to each service for your password entries, you can go to the "Security" subsection on the left-side menu, then in "Privacy" at the bottom *enable* "Use DuckDuckGo service to download website icons". This isn't enabled by default. Then click "OK" on the lower-right.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Offline only?</p>
-
-Do not enable this if you wish to use KeePassXC offline only. You will still be able to use different default icons for you entries instead of downloading specific icons from the internet.
-
-</div>
-
-![Screenshot of the KeePassXC application showing the Settings Security section with the checkbox for DuckDuckGo checked.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-6-duckduckgo.webp)
-
-### Step 3: Create a database
-
-A database in KeePassXC is an encrypted file that will contain all the passwords you register.
-
-You can use multiple separate databases with KeePassXC. For example, you could have a database for work, a database for your family, and a database for your personal accounts. All stored in separate files with separate main passwords. In the application, each database can be opened in its own tab.
-
-To create a new database, from the Welcome section click on the "Create Database" button on the lower-left.
-
-If you want to create a secondary database, you can also click on the dropdown Database menu on the application menu bar, then select "New Database".
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Importing an existing database</p>
-
-If you already have a password database file in the format `.kdbx`, you can import it from the Welcome page by clicking on "Import File" on the lower-right.
-
-</div>
-
-You will see a window pop up with "General Database Information". Pick a name and description for your database and click on "Continue" at the bottom.
-
-![Screenshot of the KeePassXC application showing the popup to Create a new KeePassXC database.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-7-databasecreation.webp)
-
-For the second step, an "Encryption Settings" section will pop up. From there, you will be able to change the settings to your preferences. If you are not familiar with encryption algorithms, simply keep the defaults on and click "Continue" again.
-
-![Screenshot of the KeePassXC application showing the popup to Create a new KeePassXC database in the Encryption Settings.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-8-databaseencryption.webp)
-
-For the next step, a "Database Credentials" section will pop up. From there, you will be able to choose a main password to lock your entire password database.
-
-At this step, it is very important to [choose a password](https://www.privacyguides.org/en/basics/passwords-overview/#best-practices) that is **unique, complex, and long**. This is the password that will protect all your other passwords. It should be easy to remember for you, but it must be *unique* and *long*. Ideally, pick a **passphrase**.
-
-#### Generate a main password (optional)
-
-If you do not feel inspired, you can use the "Generate password" dice button on the right to help you pick a strong password.
-
-![Screenshot of the KeePassXC application showing the popup to Generate Password.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-9-passwordgenerate.webp)
-
-No matter if you invent or generate your main password/passphrase, **make sure to remember this main password well**. You cannot rely on your password manager for this one.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">This step isn't over yet!</p>
-
-This is where you will be adding your YubiKey to further secure your database. Keep the "Database Credentials" application window open and **continue with the step below** </div>
-
-## Securing your database with a YubiKey
-
-To add a YubiKey to secure your KeePassXC database, you will first need to prepare your YubiKey(s) for it, if it's not already ready to use with a [Challenge-Response](https://docs.yubico.com/yesdk/users-manual/application-otp/challenge-response.html) application.
-
-<details class="note" markdown>
-<summary>Using a YubiKey will not add authentication per se (read more)</summary>
-
-Technically speaking, adding a YubiKey to your KeePassXC database isn't a second factor of authentication because KeePassXC isn't a service, therefore it cannot "authenticate" you.
-
-However, adding a YubiKey to secure your KeePassXC database will make decryption of your database more secure by enhancing the encryption key of your database.
-
-The Challenge-Response will remain the same each time you decrypt your database, *however*, it will change each time the database is updated (each time there is a change to it, such as adding an entry, removing an entry, adding a note, etc.). Note that the previous versions of your database could get unlocked with your main password + your key's previous Challenge-Response, however.
-
-If your key's Challenge-Response were to become compromised, you could update your database (by adding or changing an entry for example), then fully delete all previous versions of your database. This would effectively make all previous Challenge-Response obsolete to unlock your current database.
-
-You can read more on this in KeePassXC's [documentation](https://keepassxc.org/docs/).
-
-</details>
-
-### Step 4: Prepare your YubiKey(s)
-
-Because you cannot register two YubiKeys for this type of application, you should first make sure that you either have a secure backup for this Challenge-Response, or that you have cloned it to two YubiKeys, or more. This is important in case you were to lose your YubiKey.
-
-If you do have two YubiKeys, we have a [guide on how to reset your YubiKeys entirely and set up multiple keys as a backup](yubikey-reset-and-backup.md) which you may be interested in.
-
-If you only need to learn more about the Challenge-Response YubiKey application, jump to [this section](yubikey-reset-and-backup.md#step-9-create-and-clone-your-keys-challenge-response) of the tutorial directly.
-
-### Step 5: Add your YubiKey
-
-Once your YubiKey's Challenge-Response slot has been properly configured and backed up, return to the KeePassXC's "Database Credentials" window, and click on the "Add additional protection" button in the middle.
-
-This will open a new section with "Key File" and "Challenge-Response" options. Scroll down to "Challenge-Response". Plug in your YubiKey in your computer's port (only plug one key at the time), then click on the "Add Challenge-Response" button.
-
-![Screenshot of the KeePassXC application showing the popup to Create a new KeePassXC database in the Database Credentials section and highlighting the Add Challenge-Response button.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-10-challengeresponse.webp)
-
-<div class="admonition question" markdown>
-<p class="admonition-title">YubiKey or OnlyKey</p>
-
-You can also use an OnlyKey to secure your KeePassXC database in the same way.
-
-</div>
-
-You should see your YubiKey's model and serial number listed, and also which YubiKey slot you have stored your Challenge-Response in. Once the correct key is selected, click on "Done" at the bottom.
-
-![Screenshot of the KeePassXC application showing the popup to Create a new KeePassXC database in the Database Credentials section when a YubiKey is plugged in.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-11-selectyubikey.webp)
-
-A window will pop up to ask where you want to save your password database. Name your database file and save it in a secure directory on your computer. You will then be asked to touch your YubiKey.
-
-Touch the gold part of your YubiKey to save your database file. You will have to touch your YubiKey each time you save this database, and the file will be saved each time you make changes to it.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Important! Unlocking your database</p>
-
-Each time you unlock your KeePassXC database, make sure to first plug in your YubiKey and verify that the "Use hardware key" checkbox is checked. Then, enter your main password and touch the gold part of your YubiKey when prompted.
-
-If you do not plug in your YubiKey first, an error will be triggered, and you will be unable to unlock your database.
-
-</div>
-
-## Using KeePassXC
-
-Using KeePassXC is quite simple and resembles most other password manager applications. The biggest difference is that your passwords will remain stored locally, unless you decide to back up your password database to a cloud service of your choice.
-
-All the options to manage and use your entries credentials will be located on the *toolbar* at the top.
-
-![Screenshot of the KeePassXC application showing an empty database section.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-12-databasenew.webp)
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Locking the database</p>
-
-At all time when the application is open, you can click in the "Lock Database" padlock button on the toolbar to lock your database. You can also adjust the settings to lock your database each time you minimize the application window (this is disabled by default).
-
-Your database will already lock itself automatically when your laptop lid is closed, the session is locked, or if your switch user (unless you disabled these options manually in settings).
-
-</div>
-
-### Step 6: Create a password entry
-
-To create a [new entry](https://keepassxc.org/docs/KeePassXC_GettingStarted#_entry_handling) for a password, click on the "Add a new entry" plus-shaped button on the toolbar.
-
-From this section, you will be able to register a "Title", "Username", "Password" (or generate one), "URL" (this is important if you use the browser extension), "Tags", "Expires" date, "Notes", and more.
-
-![Screenshot of the KeePassXC application showing the Add entry section filled with information.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-13-newentry.webp)
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Keep your YubiKey plugged in when changing your database</p>
-
-When adding/removing entries or changing your database in any other way, make sure your YubiKey is plugged in. You will have to touch it each time you save changes to your database.
-
-</div>
-
-Before saving your entry by clicking "OK" on the lower-right, explore the options on the left-side menu.
-
-For example, in the "Advanced" section you can add additional attributes and store attachments, in the "Icon" section you can select an icon to represent your password entry (or download one from the web), in the "Auto-type" section you can enable/disable Auto-type, and in the "Properties" section you will see additional metadata for this entry.
-
-![Screenshot of the KeePassXC application showing the Add entry section in the Icon subsection.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-14-entryicons.webp)
-
-Once you have set up all the information you need for this password entry, click "OK" to save it to your database. You will be prompted to touch the gold part of your YubiKey to complete the operation. You should now see your entry listed in your database.
-
-![Screenshot of the KeePassXC application showing the database section with one password entry filled.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-15-entrycreated.webp)
-
-Each time you need this information, you can select an entry and click on the "Copy username to clipboard" character-shaped button, or the "Copy password to clipboard" key-shaped button, or the "Copy URL to clipboard" earth-shaped button on the toolbar.
-
-The data will stay in your computer's clipboard for 10 seconds then will get cleared (unless you changed this from the default setting). Once copied, paste this information in the appropriate field for your service.
-
-![Screenshot of the KeePassXC application showing the database section with all three buttons Username, Password, and URL for entry pointed at with arrows.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-16-useentry.webp)
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Accidental deletion danger!</p>
-
-Be careful not to mistakenly click on the dangerous "Delete Entry" trash-shaped button left to the "Copy username to clipboard" button on the toolbar!
-
-You would have to touch your YubiKey to confirm deletion, but remain careful. If you click on it accidentally, do NOT touch your YubiKey to confirm!
-
-If this accident happened to you, you might see your entry has been moved to a "Recycle Bin" directory on the left. Right-click on your entry and select "Restore Entry" at the top of the entry menu. Touch your YubiKey when prompted. You should now see your entry back in the "Root" directory on the left-side menu.
-
-</div>
-
-### Step 7: Back up your database
-
-There are many ways to [back up](https://keepassxc.org/docs/KeePassXC_UserGuide#_database_backup_options) your KeePassXC database:
-
-#### Automatic local backup
-
-If you enabled this setting on [Step 2](#step-2-adjust-the-settings), you will see a second file getting saved in the same directory with the same name but with an appended `.old` to it when you make a change to your password database.
-
-This is the previous version of your database. If you delete a password entry by mistake for example, you can easily restore it with this secondary database backup file.
-
-#### Manual backup from the application menu
-
-When your database is unlocked, you can click on the dropdown "Database" menu in the application menu bar (not the toolbar), then select "Save Database Backup".
-
-You will have the option to rename this file and choose a different location. Then, you will be prompted to touch your YubiKey to confirm.
-
-![Screenshot of the KeePassXC application showing the application menu with the Database dropdown menu rolled down and the Save Database Backup option selected.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-17-savedatabase.webp)
-
-#### Manual backup from copying the database file
-
-Another way to keep a backup of your password database is to simply copy the database `.kdbx` file somewhere else.
-
-You can copy this file to another local directory, an external drive (ideally encrypted), or a secure [cloud service](https://www.privacyguides.org/en/cloud/) of your choice (ideally an end-to-end encrypted one). Even if your database will be encrypted, it's always better to choose secure cloud services that offer solid end-to-end encryption.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Entry history</p>
-
-Within your database, KeePassXC also maintains a history of changes made to each of your entries. You can read more about this feature from KeePassXC's [documentation](https://keepassxc.org/docs/KeePassXC_UserGuide#_history).
-
-</div>
-
-### Step 8: Install the browser extension (optional)
-
-When you need to use KeePassXC to fill credentials in a browser or an app, you can always copy the entry field you need manually, as explained on [Step 6](#step-6-create-a-password-entry). But if you prefer, to facilitate filling credentials for web-based services, you can take advantage of KeePassXC's [browser extension](https://keepassxc.org/docs/KeePassXC_UserGuide#_browser_integration).
-
-To install the extension, go to [this page](https://keepassxc.org/download/#browser) from the KeePassXC website and click on your browser's *category*.
-
-This means that for any Firefox-based browser, you can click on the Firefox logo, and for any Chromium-based browser, you can click on the Chrome logo. Some browsers might not be supported, however.
-
-![Screenshot of the KeePassXC website page to download the browser extension.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-18-downloadextension.webp)
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Privacy warning</p>
-
-Keep in mind that although browser extensions can be very convenient, they can also introduce some risk to your privacy.
-
-Even if the KeePassXC browser extension only [runs locally](https://keepassxc.org/privacy/), it does need to collect some information for its functionalities, and any additional extension installed has the potential to [introduce](https://www.privacyguides.org/en/browser-extensions/) a new attack surface.
-
-Additionally, the more unique your combination of hardware, software, and browser extensions is, the more you are vulnerable to [browser fingerprinting](https://neat.tube/w/fdszTYBKzeoE3ySQUGTzmo). Always be mindful to consider your specific threat model when installing new browser extensions.
-
-</div>
-
-Once you have installed the extension for your browser, go back to the KeePassXC application and click on the "Settings" gear button on toolbar. Click on "Browser Integration" on the left-side menu and check the box for "Enable browser integration" at the top of the section.
-
-![Screenshot of the KeePassXC application showing the Settings section in the Browser Integration subsection with the checkbox for Enable browser integration checked.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-19-browserintegration.webp)
-
-From this [section](https://keepassxc.org/docs/KeePassXC_UserGuide#_configure_keepassxc_browser), check the box for the browser(s) or browser type(s) you have installed the extension on. You can also enable the option "Search in all opened databases for matching credentials" if you are using multiple databases. Then click "OK" on the lower-right to save these options.
-
-Make sure your KeePassXC database is *unlocked*, then **restart your browser**.
-
-#### If you encounter an error while running the extension
-
-<div class="admonition info" markdown>
-<p class="admonition-title">You don't have to use the extension</p>
-
-If you are not able to make the KeePassXC extension work with the browser you use, you can still use KeePassXC by manually copy-pasting your entries' credentials. It can even be a more secure and more private way to use it.
-
-</div>
-
-After installing the extension and enabling it from the KeePassXC settings, you might encounter an error where the KeePassXC icon in a credential field is [marked](https://keepassxc.org/docs/KeePassXC_GettingStarted#_using_the_browser_extension) with a red "**X**", a red "**!**", or a padlock icon.
-
-If this happens, try the following:
-
-1. Make sure your KeePassXC application is open, and your database is *unlocked*.
-
-2. Check if your YubiKey is *plugged* in your computer's port.
-
-3. Verify that your browser is *compatible* and does not use protections that could block the extension from working.
-
-4. Follow KeePassXC's [instructions](https://keepassxc.org/docs/KeePassXC_UserGuide#_using_the_browser_extension) to connect your KeePassXC database to your KeePassXC browser extension.
-
-5. Look for possible solutions from KeePassXC's [troubleshooting guide](https://github.com/keepassxreboot/keepassxc-browser/wiki/Troubleshooting-guide).
-
-![Screenshot of the CryptPad website login page showing in the Username field the KeePassXC logo greyed out and marked with a red "X".](../assets/images/installing-keepassxc-and-yubikey/keepassxc-20-errorconnection.webp)
-
-#### Filling credentials using the extension
-
-<div class="admonition note" markdown>
-<p class="admonition-title">The database is connected but the logo is greyed out</p>
-
-If you do not have an entry for this website, or if you have not registered a URL (or the correct one) for this entry, your will see the KeePassXC logo greyed out. This simply means your database could not find any credentials matching this website's URL.
-
-</div>
-
-Once configured and connected properly, you should see a green KeePassXC logo in the credential fields, when you have a corresponding entry in your database.
-
-Click on the green KeePassXC logo to populate all credential fields automatically.
-
-![Screenshot of the CryptPad website login page showing in the Username field the KeePassXC logo in green and both the credentials for Username and Password are filled.](../assets/images/installing-keepassxc-and-yubikey/keepassxc-21-credentialsextension.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Congratulation! You're in!</p>
-
-You are now logged in, thanks to KeePassXC!
-
-</div>
-
-## Consider supporting KeePassXC
-
-KeePassXC is a free and open-source project built by the community. If you use and love this application, it's always a great idea to support the project if you can.
-
-Here are a few ways you can help keep KeePassXC thriving:
-
-- [Contributing on GitHub](https://github.com/keepassxreboot/keepassxc/blob/develop/.github/CONTRIBUTING.md)
-- [Following KeePassXC on Mastodon](https://fosstodon.org/@keepassxc)
-- [Donating to KeePassXC to help with the development and maintenance of the application](https://keepassxc.org/donate/)
-
-For more information on KeePassXC and its many features, you can consult the official [Documentation and FAQ](https://keepassxc.org/docs/) or even have a look at KeePassXC's [code](https://github.com/keepassxreboot/keepassxc) on GitHub.
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
diff --git a/content/blog/posts/integrating-metadata-removal.md b/content/blog/posts/integrating-metadata-removal.md
deleted file mode 100644
index f4c35057f..000000000
--- a/content/blog/posts/integrating-metadata-removal.md
+++ /dev/null
@@ -1,174 +0,0 @@
----
-date:
-    created: 2022-04-09T19:00:00Z
-categories:
-    - Tutorials
-authors:
-    - contributors
-links:
-    - Metadata Removal Tools: https://www.privacyguides.org/data-redaction/
-tags:
-    - macOS
-    - iOS
-    - Windows
-license: BY-SA
-description: When sharing files, it's important to remove associated metadata. Image files commonly include Exif data, and sometimes photos even include GPS coordinates within its metadata.
-schema_type: AnalysisNewsArticle
----
-# Removing Metadata From Your Photos, Videos, and Other Files
-
-When sharing files, it's important to remove associated metadata. Image files commonly include [Exif](https://en.wikipedia.org/wiki/Exif) data, and sometimes photos even include GPS coordinates within its metadata.<!-- more -->
-
-While there are plenty of metadata removal tools, they typically aren't convenient to use. The guides featured here aim to detail how to integrate metadata removal tools in a simple fashion by utilizing easy-to-access system features.
-
-## macOS
-
-This guide uses the [Shortcuts](https://support.apple.com/guide/shortcuts-mac/intro-to-shortcuts-apdf22b0444c/mac) app to add an [ExifTool](https://www.privacyguides.org/data-redaction#exiftool) script to the *Quick Actions* context menu within Finder. Shortcuts is developed by Apple and bundled in with macOS by default.
-
-Shortcuts is quite intuitive to work with, so if you don't like the behavior demoed here then experiment with your own solution. For example, you could set the shortcut to take a clipboard input instead. The sky's the limit.
-
-![ExifTool Quick Action](../assets/images/metadata-removal/preview-macos.webp)
-
-### Prerequisites
-
-1. [Homebrew](https://brew.sh): a package manager.
-
-    ```bash
-    /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
-    ```
-
-2. ExifTool is a tool for viewing and manipulating image, audio, video, and PDF metadata.
-
-    ```bash
-    brew install exiftool
-    ```
-
-    !!! note
-    You can check if ExifTool is installed by running `exiftool -ver`. You should see a version number.
-
-### Creating the Shortcut
-
-1. Open **Shortcuts.app** and create a new shortcut
-
-2. In the shortcut's options, check **Use as Quick Action** and **Finder**
-
-3. Set up the retrieval options:
-
-    - Receive **Images, Media, and PDFs** input from **Quick Actions**
-    - If there is no input select **Continue**
-
-4. Add the **Run Shell Script** action to the shortcut. You may need to enable **Allow Running Scripts** in Shortcut.app's settings
-
-5. Set up the shell script action:
-     - Select **zsh** from the shell list
-     - Set the input to **Shortcut Input**
-     - Select **as arguments** for the pass input
-     - Leave **Run as administrator** unchecked
-
-6. Use the following as the body of the script:
-
-    ```bash
-    for f in "$@"
-    do
-        exiftool -all= "$f";
-    done
-    ```
-
-![macOS metadata removal shortcut](../assets/images/metadata-removal/shortcut-macos.webp)
-
-!!! tip "Worth Mentioning"
-    The open-source [ImageOptim](https://imageoptim.com/mac) app integrates into Finder's *Services* context menu by default. While it is primarily an image optimization app, it also removes metadata.
-
-### Enabling & using the Shortcut
-
-1. The shortcut will be accessible through **Quick Actions** context menu within Finder.
-
-2. If you want to reposition the shortcut within the context menu, go to:<br>
-   **System Preferences** → **Extensions** → **Finder and drag the shortcut's position**.
-
-## iOS and iPadOS
-
-[Shortcuts](https://support.apple.com/guide/shortcuts/welcome/ios) can be made accessible through the system Share Sheet, making accessing those shortcuts very convenient. This guide will show you how to build a metadata removal shortcut and integrate it into the system *Share Sheet*.
-
-!!! warning
-    This method of metadata removal is not as comprehensive at removing metadata as utilities like [ExifTool](https://www.privacyguides.org/data-redaction#exiftool) and [mat2](https://www.privacyguides.org/data-redaction#mat2) are.
-
-The lack of *good* metadata removal apps on the App Store is what makes this solution worthwhile.
-
-![Don't preserve metadata shortcut](../assets/images/metadata-removal/preview-ios.webp)
-
-### Prerequisites
-
-1. [Shortcuts](https://apps.apple.com/us/app/shortcuts/id915249334) via the App Store.
-
-### Creating the Shortcut
-
-1. Create a new Shortcut
-
-2. Enter the Shortcut's settings and check **Show in Share Sheet**
-
-3. Add a **Receive** action and set it to receive **Images** from **Share Sheet**
-
-4. Add an **If** action
-
-5. Set the **If** action to **Shortcut Input** and **has any value**
-
-6. Add an **Otherwise** action
-
-7. Add an **End If** action
-
-8. Add a **Convert** action and set it to **If Result** and **Match Input**
-
-9. Finally, add a **Share** action and set that to **Converted Image**
-
-10. Make sure that you uncheck **preserve metadata**
-
-![iOS/iPadOS metadata removal shortcut](../assets/images/metadata-removal/shortcut-ios.webp)
-
-### Enabling & using the Shortcut
-
-1. The shortcut should be available through the system Share Sheet. If it is not, then a device restart may be required.
-2. Optionally, you can add the shortcut to your home screen.
-
-## Windows
-
-Windows allows you to place files in a **SendTo** folder which then appear in the *Send to* context menu. This guide will show you how to add an [ExifTool](https://www.privacyguides.org/data-redaction#exiftool) batch script to this menu.
-
-![Send to metadata removal shortcut](../assets/images/metadata-removal/preview-windows.jpg)
-
-### Prerequisites
-
-1. ExifTool is a tool for viewing and manipulating image, audio, video, and PDF metadata. We suggest you read the [Installation instructions](https://exiftool.org/install.html#Windows) on the official website.
-
-    !!! note
-    You can check if ExifTool is present in your [PATH](https://www.computerhope.com/issues/ch000549.htm) by running `exiftool -ver` in Command Prompt. You should see a version number.
-
-### Creating the shortcut
-
-1. Navigate to `%appdata%\Microsoft\Windows\SendTo`
-
-2. Right click in the **SendTo** folder and create a new **Text Document**
-
-3. Name the file `ExifTool.bat` (any name works, however it must end in `.bat`)
-
-    !!! note
-        You may need to check if [file name extensions](https://support.microsoft.com/en-us/windows/common-file-name-extensions-in-windows-da4a4430-8e76-89c5-59f7-1cdbbc75cb01) are enabled.
-
-4. Open **ExifTool.bat** in Notepad
-
-5. Copy the following into the document:
-
-    ```bat
-    exiftool -fast4 -if "$filepermissions =~ /^.w/" %*
-    if not errorlevel 0 (
-        echo Some files are write protected
-        exit /b %errorlevel%
-    )
-    exiftool -all= %*
-    ```
-
-6. Save
-
-### Using the shortcut
-
-1. Right-click a supported file and choose **ExifTool.bat** within the *Send to* context menu.
diff --git a/content/blog/posts/interview-with-micah-lee.md b/content/blog/posts/interview-with-micah-lee.md
deleted file mode 100644
index a00859285..000000000
--- a/content/blog/posts/interview-with-micah-lee.md
+++ /dev/null
@@ -1,165 +0,0 @@
----
-date:
-    created: 2025-03-28T17:00:00Z
-categories:
-    - News
-authors:
-    - em
-description: 'This article is an interview with Micah Lee, the creator of Cyd and OnionShare, founder of Lockdown Systems, and author of Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data.'
-schema_type: NewsArticle
-preview:
-  cover: blog/assets/images/interview-with-micah-lee/social-preview-cover.webp
----
-# Interview with Micah Lee: Cyd, Lockdown Systems, OnionShare, and more
-
-![Photo of Micah Lee over a yellow and purple graphic background, and with the name Micah Lee written on the right.](../assets/images/interview-with-micah-lee/micah-lee-cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Micah Lee</small>
-
-If you don't know who Micah Lee is yet, here's why you should: Micah is an information security engineer, a software engineer, a journalist, and an author who has built an impressive career developing software for the public good, and working with some of the most respected digital rights organizations in the United States.<!-- more -->
-
-If you have been following software development related to data privacy and security for a while, you probably already know one of Micah's projects such as [OnionShare](https://onionshare.org/), [Dangerzone](https://dangerzone.rocks/), the [Tor Browser Launcher](https://github.com/torproject/torbrowser-launcher), and more recently [Cyd](https://cyd.social/) (a rebirth of Semiphemeral). Additionally, he is also a core contributor to the [Tor Project](https://www.torproject.org/) and a contributor to [Hush Line](https://hushline.app/).
-
-Besides software development, Micah is a board member for [Science & Design](https://scidsg.org/) and [Distributed Denial of Secrets](https://ddosecrets.com/), a former board member and cofounder of [Freedom of the Press Foundation](https://freedom.press), and has been a Staff Technologist for the [Electronic Frontier Foundation](https://www.eff.org/).
-
-You might have already read some of Micah's articles when he worked at [The Intercept](https://theintercept.com/staff/micah-lee/), or even read his new [book](https://hacksandleaks.com/) Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data.
-
-We spoke with Micah over email and are delighted that he decided to talk with us at Privacy Guides. Let's get into it!
-
-***Em:*** *Hi Micah! We're thrilled that you have accepted to give us this interview at Privacy Guides. Thank you for taking time off your busy schedule to talk with us.*
-
-## Cyd: The app to claw back your data from Big Tech
-
-***Em:*** *Let's start with your newest project. [Cyd](https://cyd.social) is an application you have created in 2024 to help people backing up and deleting their tweets on X-(Twitter). This app emerged from the ashes of [Semiphemeral](https://micahflee.com/2024/07/like-a-phoenix-semiphemeral-will-rise-from-the-ashes/), a great tool that was unfortunately rendered unusable when Twitter decided to [shut off its API](https://mashable.com/article/twitter-ending-free-api-tier-elon-musk-worst-decision). I personally loved Semiphemeral and used it to delete thousands of my tweets before eventually deleting my whole Twitter account later on. Can you tell us more about how Cyd works despite not using X's API?*
-
-**Micah:**
-
-APIs make it way simpler for programmers to interact with online services, but they're not the only way. As long as social media platforms like X still run websites, and it's still possible for you, the human, to manually scroll through your tweets and delete them, it's possible to write a program that can do this for you.
-
-This is basically how Cyd works. It's a desktop app that includes an embedded web browser. When you add an X account to it, you login to your account in the browser, and then Cyd takes over. You can tell it that you want to delete your tweets, or likes, or bookmarks, or unfollow everyone, or save a backup of your DMs, or plenty of other things, and it does this by automating the embedded browser on your behalf. No API required.
-
-Cyd uses open APIs when they're available and make sense. For example, if you want to quit X but you don't want your old tweets to disappear forever, Cyd can migrate them to Bluesky using Bluesky's API -- soon we'll add support for migrating to Mastodon too. But for closed platforms that suck (like X, and Facebook too, which we're adding support for right now), we're forced to do it the hard way.
-
-***Em:*** *Talking about openness, recently this year you have decided to [make Cyd open source](https://infosec.exchange/@micahflee/113885066507235250). This is fantastic news! What did you take into consideration before making this decision and what kind of [contributions](https://github.com/lockdown-systems/cyd) or feedback are you hoping to receive from the community?*
-
-**Micah:**
-
-I'm extremely happy that Cyd is now open source. I've open-sourced most code that I've ever written, so it honestly felt kind of weird starting out making Cyd proprietary.
-
-My biggest concern with making it open was that I want Cyd to be a sustainable business, where some of the features are free and some of the features are premium and cost money -- enough so that me, and eventually other people working on it, could get paid a decent wage. And as an open source app, it would be easy for someone to fork it and remove the bits of code that check if you've paid for premium access.
-
-But after talking it through with some other people who are very experienced open source devs, I decided that this isn't that big of a deal, and that the benefits of being open source far outweigh the costs.
-
-Now when you use Cyd, you can now *confirm* that it doesn't have access to your social media accounts or any of the data in it. Having an open issue tracker on GitHub is great too, because people in the community can open issues, post comments, and track the progress of features they're looking forward to. Also being open source means we have the ability to accept grants and donations, in addition to selling premium accounts. You can check out our Open Collective page at [https://opencollective.com/lockdown-systems](https://opencollective.com/lockdown-systems).
-
-I'm hoping that members of the community will discuss features we're making, or even contribute code directly to our project. Right now, Cyd is only available in English, but we're also hoping to translate it into many different languages going forward, so I'm hoping that people will eventually chip in it to help translate Cyd to their native languages.
-
-***Em:*** *Having access to Cyd in multiple languages would really be wonderful. Likewise for multiple social media, when additional ones will be added later on. But at the moment, Cyd definitely seems to be [focusing](https://cyd.social/want-to-quit-x-in-2025-heres-how-to-do-it-the-right-way-with-cyd/) on X. You have personally been on the receiving end of Elon Musk's vengeful whims before when your Twitter account got [banned](https://micahflee.com/2023/05/elon-banned-me-from-twitter-for-doing-journalism-good-riddance/) in 2022 for criticizing him. I would say this qualifies as a badge of honor. Do you think you could still be on his radar with Cyd focusing on [data deletion for X](https://cyd.social/delete-all-your-tweets-for-free-with-cyd/) even though X has shut off its API? Have you taken any specific measures about this?*
-
-**Micah:**
-
-I think it's actually more likely that I'll be on Elon Musk's radar because of my [recent work](https://www.youtube.com/live/APHo7bea_p4?si=stSrkmo1MWy5_iVX&t=3338) with the Tesla Takedown movement than with Cyd... Right now, Musk is spending all of his time purging the US government of critics and consolidating executive power under Trump. So maybe he's too distracted on his fascism project to care about what we're doing with deleting tweets?
-
-But that said, Musk is litigious and we're definitely concerned about legal threats. We've consulted lawyers and we're trying to be as safe as possible.
-
-## Lockdown Systems: The new organization developing Cyd
-
-***Em:*** *Cyd is a project of [Lockdown Systems](https://lockdown.systems), a new organization you have created with colleagues just a few months ago. Can you tell us more about the structure of this organization and who else is involved?*
-
-**Micah:**
-
-We're still finalizing the paperwork, but Lockdown Systems is a new worker-owned collective! At the moment there are five of us:
-
-- me
-- Jen, a former SecureDrop engineer who was the technical editor of my book and, for several years, my Dungeons & Dragons dungeon master
-- Saptak, a talented human-rights-focused open source developer who I work with on OnionShare
-- Yael, an investigative journalist friend who, among other things, broke a story with me about how Zoom had lied about supporting end-to-end encryption just as everyone started using it during the pandemic
-- Akil, a talented newsroom engineer I worked closely with at The Intercept
-
-Most companies are owned by investors who only care about profit. They don't care about the workers, and they definitely don't care about the end-users of the software they make. This is why it's so common for tech companies to end up spying on their users and selling that data: it's an additional way to make a profit for their investors.
-
-We're different. Lockdown Systems is owned by its workers, and we don't have outside investors. We have all agreed to the explicit goals of: ensuring the well-being of our members; making tools that help fight fascism and authoritarianism; and prioritizing impact over profit.
-
-We make decisions by coming to consensus, and everyone in the collective gets paid the same wage. Even though I started Cyd, I don't have more say than anyone else.
-
-***Em:*** *That is such a great organizational structure for software development. Lockdown Systems really has an impressive team of skilled and dedicated people. Presently, it seems from the website and [GitHub page](https://github.com/lockdown-systems) that Lockdown Systems is focusing on developing and growing Cyd only. Are you planning on using Lockdown Systems mainly for Cyd or are you envisaging other applications getting added to Lockdown Systems in the near (or far) future?*
-
-**Micah:**
-
-So far, Cyd is our only product. There are many features we plan on building, and we also need to get it the point where it can fund our continued work. Most likely, this will be our main project for the near future.
-
-That said, we're definitely open to branching out. We make software that directly empowers individuals, helping them reclaim their autonomy and privacy. So if we see an opportunity to build something that will directly help people who are facing fascist threats -- whether it's supporting abortion access, keeping immigrants safe, helping communities organize mutual aid, etc. -- we will absolutely do it.
-
-***Em:*** *If one day some generous millionaire (let's keep it at millionaire, we all know what happens at billionaire) decided to give Lockdown Systems a huge budget bump no string attached, how would you like to grow the organization with this money?*
-
-**Micah:**
-
-One cool thing about being a member of a collective is that if this happened, the whole collective would brainstorm together and we'd come up with ideas that are far better than what I could come up with alone. But that said, I definitely have some thoughts.
-
-Right now, everyone is working part time, between about 10 and 30 hours a week each. If we had the resources, many of us would work on Cyd full-time, and we'd be able to offer benefits like health care and retirement contributions. We could also increase how many people are part of the collective, and build out new features at a much faster rate.
-
-In my mind, future Cyd will be a single app (possible available on mobile devices, not just desktop) where you can have total control over all of your data that's currently stored by tech companies (X, Facebook, Instagram, TikTok, LinkedIn, Reddit, Bluesky, Mastodon, Discord, Slack, Telegram, Amazon, Airbnb, Substack, and on and on). You can backup all your data and then have choice over where you want the rest of it: you can delete *everything*, or you can choose to keep your online presence that you're proud of. You can easily cross-post to multiple platforms, and also automatically delete your older posts from the corporate platforms, while keeping them live on the open ones. Or, however else you choose to do it.
-
-If we had a bigger team to pay for more labor, there's a lot that we could get done.
-
-***Em:*** *In the meantime, I imagine one million $1 donations could also help. If our readers would like to support the development of Lockdown Systems, they can make a [donation on this page](https://opencollective.com/lockdown-systems).*
-
-## OnionShare: The app to share files, host websites, and chat anonymously through Tor
-
-***Em:*** *Our community is likely familiar with this great application included in so many security and privacy-focused projects, including [Tails](https://tails.net/), [Qubes OS](https://www.qubes-os.org/), [Whonix](https://www.whonix.org/), and [Parrot OS](https://parrotsec.org/). What motivated you to create [OnionShare](https://onionshare.org) more than 10 years ago, and what do you think is the best way to use it now?*
-
-**Micah:**
-
-I made OnionShare in 2014 while I was helping journalists report on the Snowden documents. The big motivation was a border search: Glenn Greenwald's partner, David, traveled from Berlin, where he was visiting Laura Poitras, back to his home in Rio de Janeiro. He was carrying an encrypted hard drive, on an assignment for The Guardian. During his layover at Heathrow airport in London, UK authorities detained him and searched him.
-
-None of this was necessary. Using the internet, encryption, and Tor, it's possible to securely move documents around the world without putting anyone at risk at a border crossing. In fact, I was already doing something similar with journalists I was collaborating with on Snowden stories myself. To send someone secret documents, I'd first encrypt them using PGP, and then place them in a folder on my laptop. I'd start up a web server with a simple directory listing for that folder, and then make that web server accessible as a Tor onion service.
-
-While this wasn't too hard for me, an experienced Linux nerd, to set up, it would be very challenging for most people. I made OnionShare basically as a user-friendly way for anyone to be able to securely share files, peer-to-peer, without needing to first upload them to some third party service like Dropbox.
-
-Today, OnionShare has more features. It's basically like a graphical interface to do cool things with Tor onion services -- you can send files, but you can also turn your laptop into an anonymous dropbox so people can upload files to you, and you can quickly host onion websites and spin up temporary chatrooms too. And there are Android and iPhone apps!
-
-The last time I used OnionShare myself was last week. On my personal newsletter, I'm writing a [series of posts](https://micahflee.com/exploring-the-paramilitary-leaks/) exploring the Paramilitary Leaks, 200 GB of data from the American militia movement, obtained by an infiltrator name John Williams. While working on one of my posts, John used OnionShare to send me some additional documents.
-
-## Other projects and thoughts
-
-***Em:*** *You have been a prolific writer as a journalist for [The Intercept](https://theintercept.com/staff/micah-lee/), your own [Blog](https://micahflee.com/), and in January 2024 you [released](https://micahflee.com/2023/12/hacks-leaks-and-revelations-the-art-of-analyzing-hacked-and-leaked-data/) a book called Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data. What is this book about, and who is it written for?*
-
-**Micah:**
-
-I spent many years reporting on hacked and leaked datasets, starting with the Snowden archive. Since then, I've seen the amount of hacked and leaked data grow exponentially. And at the same time, journalists and researchers -- the people who really need to dig through this data and find the good stories -- don't even know where to start.
-
-So that's what my book is, an interactive guide to downloading and exploring datasets. It doesn't require any prior knowledge, but it does get pretty technically, including two chapters teaching Python programming. If you're following along, near the beginning of the book you'll encrypt a USB hard drive and then download a copy of BlueLeaks to it -- hundreds of gigabytes of hacked police documents from the middle of the Black Lives Matter uprising in 2020. You'll use this dataset, along with several others, as examples as you learn how to make sense of data like this.
-
-You should definitely buy the book if you're interested and you can, but information wants to be free, so I also released the whole book under a Creative Commons license. You can read the whole thing online at [hacksandleaks.com](https://hacksandleaks.com/).
-
-***Em:*** *I can see how much of a valuable skill this is to learn for journalists and researchers in this day and age. Even if nothing compares to having a physical paper copy (in my opinion), it's wonderful that you share your book online for people who, for various reasons, cannot order a copy. You have worked or still work with the Electronic Frontier Foundation, Freedom of the Press Foundation, Science & Design, the Tor Project, and Distributed Denial of Secrets. Your contribution and commitment to digital rights is undeniable. From your experience, what are you envisioning for the future of digital rights activism?*
-
-**Micah:**
-
-I don't have all of the answers, but I do think that it's important for digital rights activists to meet the moment. Fascist politicians are gaining power around the world. The gap between the ultra rich and everyone else is wider than it's ever been before. Elon Musk has openly bought the US government, and the Trump-supporting oligarchs control all of our critical tech infrastructure. Climate change deniers and anti-vaxxers are the ones in charge right now, at least in the US. Things are pretty bad.
-
-Whatever we do, we should have the goal of shifting power away from the fascists and billionaires and towards everyone else. We need alternative platforms that are not only open and democratic, but also just as easy to use as the corporate walled gardens. We need digital rights, not to mention digital security, to fully integrate itself into the rest of the mass movements going on now, whether it's to save the planet from climate change, to protect immigrants getting sent to gulags, or to stop the genocide in Gaza.
-
-***Em:*** *Absolutely, and digital rights advocates and organizations undeniably have a crucial role to play in these movements. Finally, is there anything else you would like to share with us that we haven't discussed yet?*
-
-**Micah:**
-
-If you want to support Lockdown Systems and you work for an organization that might be interested in offering Cyd as a benefit to their employees, check out Cyd for Teams! If we can get organizations on board this will go a long way to making sure we can continue to get paid doing this work: [https://docs.cyd.social/docs/cyd-for-teams/intro](https://docs.cyd.social/docs/cyd-for-teams/intro)
-
-***Em:*** *Thank you so much Micah for taking the time to answer our questions today! The new projects you are working on are fascinating, and so important in the current landscape. I'm excited for more people to discover Cyd and Lockdown Systems, and will myself be following their evolution and expansion enthusiastically.*
-
-## Consider supporting Micah Lee's projects
-
-If you would like to follow Micah Lee's work and support his projects, consider:
-
-- [Following Micah Lee on Mastodon](https://infosec.exchange/@micahflee)
-
-- [Reading Micah Lee's Blog](https://micahflee.com/)
-
-- [Donating to Cyd and Lockdown Systems](https://opencollective.com/lockdown-systems)
-
-- [Signing up for Cyd for Teams](https://docs.cyd.social/docs/cyd-for-teams/sign-up)
-
-- [Getting a copy of Hacks, Leaks, and Revelations](https://hacksandleaks.com/)
-
-- [Contributing to one of Micah Lee's software](https://github.com/micahflee)
diff --git a/content/blog/posts/ios-configuration-guide.md b/content/blog/posts/ios-configuration-guide.md
deleted file mode 100644
index 7fcccdd4f..000000000
--- a/content/blog/posts/ios-configuration-guide.md
+++ /dev/null
@@ -1,204 +0,0 @@
----
-date:
-    created: 2022-10-22T19:00:00Z
-categories:
-    - Tutorials
-authors:
-    - mfwmyfacewhen
-    - jonah
-    - contributors
-tags:
-    - iOS
-license: BY-SA
-description: There are a number of privacy and security-related settings you should consider changing in the Settings app on iOS 16.
-schema_type: AnalysisNewsArticle
----
-# iOS 16 Privacy Configuration Guide
-
-There are a number of privacy and security-related settings you should consider changing in the **Settings** app on iOS.<!-- more -->
-
-## iCloud
-
-Apple uses **iCloud** to sync your settings, photos, documents, apps, etc. to your other devices. Some things synced to iCloud are end-to-end encrypted, while others are merely encrypted in transit. You can check [Apple's documentation](https://support.apple.com/en-us/HT202303) for information on which services are E2EE; anything listed as "in transit" or "on server" means it's possible for Apple to access that data without your permission. You should disable anything you don't want backed up to iCloud.
-
-!!! warning
-
-    Despite "Messages in iCloud" being E2EE, enabling iCloud Backup stores a key to unlock iMessage in your device backup, which is **not** E2EE. If you don't want to store a copy of your iMessage keys, disable iCloud Backup.
-
-At the top of the **Settings** app, you'll see your name and profile picture if you are signed in to iCloud. Select that, then **iCloud**, and turn off the switches for any services you don't want to sync to iCloud. You may see third-party apps listed under **Show All** if they sync to iCloud, which you can disable here. For the purposes of this guide, we will only be covering first-party Apple iCloud services:
-
-**iCloud Backup** backs up your phone and app data to Apple's servers. Unfortunately, these backups are not E2EE,[^1] and having them enabled even removes E2EE from some other iCloud services (like iMessage). Instead of iCloud Backup, we recommend making an encrypted backup to your computer using iTunes (Windows) or Finder (macOS).
-
-[^1]: [Reuters - Exclusive: Apple dropped plan for encrypting backups after FBI complained](https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT)
-
-Select **iCloud Backup**
-
-- [ ] Turn off **Back Up This iPhone**
-
-**Private Relay** is a paid ([**iCloud+**](https://support.apple.com/en-us/HT201318)) proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by Cloudflare. Because Private Relay is still in beta, and it only covers the Safari browser, we recommend you choose a proper [VPN](https://www.privacyguides.org/vpn/) instead.
-
-Select **Private Relay**
-
-- [ ] Turn off **Private Relay (Beta)**
-
-If you already use iCloud Mail, **Hide My Email** is Apple's first-party email aliasing feature. You can use email aliases with Sign In With Apple, for free, or generate unlimited aliases with a paid iCloud+ plan. Hide My Email may be good for iCloud Mail users because it only requires trusting one party (Apple) with your emails, but if you use any other email provider, we recommend [a standalone email aliasing service](https://www.privacyguides.org/email#email-aliasing-services) instead.
-
-### Media & Purchases
-
-At the top of the **Settings** app, you'll see your name and profile picture if you are signed in to an Apple ID. Select that, then select **Media & Purchases** > **View Account**.
-
-- [ ] Turn off **Personalized Recommendations**
-
-### Find My
-
-**Find My** is a service that lets you track your Apple devices and share your location with your friends and family. It also allows you to wipe your device remotely in case it is stolen, preventing a thief from accessing your data. Your Find My [location data is E2EE](https://www.apple.com/legal/privacy/data/en/find-my/) when:
-
-- Your location is shared with a family member or friend, and you both use iOS 15 or greater.
-- Your device is offline and is located by the Find My Network.
-
-Your location data is not E2EE when your device is online and you use Find My iPhone remotely to locate your device. You will have to make the decision whether these trade-offs are worth the anti-theft benefits of Activation Lock.
-
-At the top of the **Settings** app, you'll see your name and profile picture if you are signed in to an Apple ID. Select that, then select **Find My**. Here you can choose whether to enable or disable Find My location features.
-
-## Airplane Mode
-
-Enabling **Airplane Mode** stops your phone from contacting cell towers. You will still be able to connect to Wi-Fi and Bluetooth, so whenever you are connected to Wi-Fi you can turn this setting on.
-
-## Wi-Fi
-
-You can enable hardware address randomization to protect you from tracking across Wi-Fi networks. On the network you are currently connected to, press the info button:
-
-- [x] Turn on **Private Wi-Fi Address**
-
-You also have the option to **Limit IP Address Tracking**. This is similar to iCloud Private Relay but only affects connections to "known trackers." Because it only affects connections to potentially malicious servers, this setting is probably fine to leave enabled, but if you don't want *any* traffic to be routed through Apple's servers, you should turn it off.
-
-## Bluetooth
-
-**Bluetooth** should be disabled when you aren't using it as it increases your attack surface. Disabling Bluetooth (or Wi-Fi) via the Control Center only disables it temporarily: you must switch it off in Settings for disabling it to remain effective.
-
-- [ ] Turn off **Bluetooth**
-
-## General
-
-Your iPhone's device name will by default contain your first name, and this will be visible to anyone on networks you connect to. You should change this to something more generic, like "iPhone." Select **About** > **Name** and enter the device name you prefer.
-
-It is important to install **Software Updates** frequently to get the latest security fixes. You can enable **Automatic Updates** to keep your phone up-to-date without needing to constantly check for updates. Select **Software Update** > **Automatic Updates**:
-
-- [x] Turn on **Download iOS Updates**
-- [x] Turn on **Install iOS Updates**
-- [x] Turn on **Security Responses & System Files**
-
-**AirDrop** allows you to easily transfer files, but it can allow strangers to send you files you do not want.
-
-- [x] Select **AirDrop** > **Receiving Off**
-
-**AirPlay** lets you seamlessly stream content from your iPhone to a TV; however, you might not always want this. Select **AirPlay & Handoff** > **Automatically AirPlay to TVs**:
-
-- [x] Select **Never** or **Ask**
-
-**Background App Refresh** allows your apps to refresh their content while you're not using them. This may cause them to make unwanted connections. Turning this off can also save battery life, but it may affect an app's ability to receive updated information, particularly weather and messaging apps.
-
-Select **Background App Refresh** and switch off any apps you don't want to continue refreshing in the background. If you don't want any apps to refresh in the background, you can select **Background App Refresh** again and turn it **Off**.
-
-## Siri & Search
-
-If you don't want anyone to be able to control your phone with Siri when it is locked, you can turn that off here.
-
-- [ ] Turn off **Allow Siri When Locked**
-
-## Face ID or Touch ID & Passcode
-
-Setting a strong password on your phone is the most important step you can take for physical device security. You'll have to make trade-offs here between security and convenience: A longer password will be annoying to type in every time, but a shorter password or PIN will be easier to guess. Setting up Face ID or Touch ID along with a strong password can be a good compromise between usability and security.
-
-Select **Turn Passcode On** or **Change Passcode** > **Passcode Options** > **Custom Alphanumeric Code**. Make sure that you create a [secure password](https://www.privacyguides.org/basics/passwords-overview/).
-
-If you wish to use Face ID or Touch ID, you can go ahead and set it up now. Your phone will use the password you set up earlier as a fallback in case your biometric verification fails. Biometric unlock methods are primarily a convenience, although they do stop surveillance cameras or people over your shoulder from watching you input your passcode.
-
-If you use biometrics, you should know how to turn them off quickly in an emergency. Holding down the side or power button and *either* volume button until you see the Slide to Power Off slider will disable biometrics, requiring your passcode to unlock. Your passcode will also be required after device restarts.
-
-On some older devices, you may have to press the power button five times to disable biometrics instead, or for devices with Touch ID you may just have to hold down the power button and nothing else. Make sure you try this in advance, so you know which method works for your device.
-
-**Allow Access When Locked** gives you options for what you can allow when your phone is locked. The more of these options you disable, the less someone without your password can do, but the less convenient it will be for you. Pick and choose which of these you don't want someone to have access to if they get their hands on your phone.
-
-- [ ] Turn off **Today View and Search**
-- [ ] Turn off **Notification Center**
-- [ ] Turn off **Control Center**
-- [ ] Turn off **Lock Screen Widgets**
-- [ ] Turn off **Siri**
-- [ ] Turn off **Reply with Message**
-- [ ] Turn off **Home Control**
-- [ ] Turn off **Wallet**
-- [ ] Turn off **Return Missed Calls**
-- [ ] Turn off **USB Accessories**
-
-iPhones are already resistant to brute-force attacks by making you wait long periods of time after multiple failed attempts; however, there have historically been exploits to get around this. To be extra safe, you can set your phone to wipe itself after 10 failed passcode attempts.
-
-!!! warning
-
-    With this setting enabled, someone could intentionally wipe your phone by entering the wrong password many times. Make sure you have proper backups and only enable this setting if you feel comfortable with it.
-
-- [x] Turn on **Erase Data**
-
-## Privacy
-
-**Location Services** allows you to use features like Find My and Maps. If you don't need these features, you can disable Location Services. Alternatively, you can review and pick which apps can use your location here. Select **Location Services**:
-
-- [ ] Turn off **Location Services**
-
-You can decide to allow apps to request to **track** you here. Disabling this disallows all apps from tracking you with your phone's advertising ID. Select **Tracking**:
-
-- [ ] Turn off **Allow Apps to Request to Track**
-
-You should turn off **Research Sensor & Usage Data** if you don't wish to participate in studies. Select **Research Sensor & Usage Data**:
-
-- [ ] Turn off **Sensor & Usage Data Collection**
-
-**Safety Check** allows you to quickly view and revoke certain people and apps that might have permission to access your data. Here you can perform an **Emergency Reset**, immediately resetting permissions for all people and apps which might have access to device resources, and you can **Manage Sharing & Access** which allows you to go through and customize who and what has access to your device and account resources.
-
-You should disable analytics if you don't wish to send Apple usage data. Select **Analytics & Improvements**:
-
-- [ ] Turn off **Share iPhone Analytics** or **Share iPhone & Watch Analytics**
-- [ ] Turn off **Share iCloud Analytics**
-- [ ] Turn off **Improve Fitness+**
-- [ ] Turn off **Improve Safety**
-- [ ] Turn off **Improve Siri & Dictation**
-
-Disable **Personalized Ads** if you don't want targeted ads. Select **Apple Advertising**
-
-- [ ] Turn off **Personalized Ads**
-
-**App Privacy Report** is a built-in tool that allows you to see which permissions your apps are using. Select **App Privacy Report**:
-
-- [x] Select **Turn On App Privacy Report**
-
-**Lockdown Mode** is a security setting you can enable to make your phone more resistant to attacks. Be aware that certain apps and features [won't work](https://support.apple.com/en-us/HT212650) as they do normally.
-
-- [x] Select **Turn On Lockdown Mode**
-
-## Privacy/Security Tips
-
-### E2EE Calls
-
-Normal phone calls made with the Phone app through your carrier are not E2EE. Both FaceTime Video and FaceTime Audio calls are E2EE, or you can use [another app](https://www.privacyguides.org/real-time-communication/) like Signal.
-
-### Avoid Jailbreaking
-
-Jailbreaking an iPhone undermines its security and makes you vulnerable. Running untrusted, third-party software could cause your device to be infected with malware.
-
-### Encrypted iMessage
-
-The color of the message bubble in the Messages app indicates whether your messages are E2EE or not. A blue bubble indicates that you're using iMessage with E2EE, while a green bubble indicates they're using the outdated SMS and MMS protocols. Currently, the only way to get E2EE in Messages is for both parties to be using iMessage on Apple devices.
-
-If either you or your messaging partner have iCloud Backup enabled, the encryption key will be stored on Apple's servers, meaning they can access your messages. Additionally, iMessage's key exchange is not as secure as alternative implementations, like Signal (which allows you to view the recipients key and verify by QR code), so it shouldn't be relied on for particularly sensitive communications.
-
-### Blacking Out Faces/Information
-
-If you need to hide information in a photo, you can use Apple's built-in tools to do so. Open the photo you want to edit, press edit in the top right corner of the screen, then press the markup symbol at the top right. Press the plus at the bottom right of the screen, then press the rectangle icon. Now, you can place a rectangle anywhere on the image. Make sure to press the shape icon at the bottom left and select the filled-in rectangle. **Don't** use the highlighter to obfuscate information, because its opacity is not quite 100%.
-
-### Installing Beta Versions of iOS
-
-Apple always makes beta versions of iOS available early for those that wish to help find and report bugs. We don't recommend installing beta software on your phone. Beta releases are potentially unstable and could have undiscovered security vulnerabilities.
-
-### Before First Unlock
-
-If your threat model includes forensic tools, and you want to minimize the chance of exploits being used to access your phone, you should restart your device frequently. The state *after* a reboot but *before* unlocking your device is referred to as "Before First Unlock" (BFU), and when your device is in that state it makes it [significantly more difficult](https://belkasoft.com/checkm8_glossary) for forensic tools to exploit vulnerabilities to access your data. This BFU state allows you to receive notifications for calls, texts, and alarms, but most of the data on your device is still encrypted and inaccessible. This can be impractical, so consider whether these trade-offs make sense for your situation.
diff --git a/content/blog/posts/job-openings.md b/content/blog/posts/job-openings.md
deleted file mode 100644
index 91a5f7ac1..000000000
--- a/content/blog/posts/job-openings.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-date:
-    created: 2024-10-28T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - niek-de-wilde
-links:
-    - Job Openings: https://www.privacyguides.org/en/about/jobs/
-tags:
-    - Privacy Guides
-description: Privacy Guides is now hiring for a video content creation position and a journalist position, as well as a 6-month internship.
-schema_type: NewsArticle
----
-# Privacy Guides is Hiring
-
-We are thrilled to announce the opening of three new job positions aimed at enhancing our mission of promoting personal privacy and informed digital choices. As a non-profit organization dedicated to empowering individuals with the knowledge and tools they need to navigate the internet in a private manner, we are excited to expand our team with talented individuals who share our vision. They will play a key role in helping us reach new audiences to spread our message in multiple formats, and make sure we are the authoritative source for trustworthy and unbiased consumer privacy resources on the internet.<!-- more -->
-
-## Content Creator
-
-We're seeking a passionate multimedia content creator to spearhead our video production efforts on YouTube and other platforms. This role will involve creating engaging and informative video content that for example simplifies several privacy concepts and offers practical tips for protecting personal information. The ideal candidate will have experience in video production (but this is not strictly required) and a commitment to making complex topics accessible to a wide audience.
-
-This is your chance to enter the tech & educational content creation space, without worrying about sponsors and advertisers diluting your message. We have no commercial interests to interfere with your content, and no agenda beyond simply providing the best privacy information out there. If you're excited about using the power of video to educate and inspire, we want to hear from you!
-
-[Learn more and apply here](https://privacyguides.org/en/about/jobs/content-creator/)
-
-## Journalist
-
-We are also looking for a skilled journalist to join our team. This role will focus on producing in-depth articles for our blog that explore the latest trends in privacy and security, as well as the implications of emerging technologies. The ideal candidate will have a background in investigative journalism and a deep understanding of privacy issues. Your work will help inform our community and foster critical discussions about digital rights and responsibilities.
-
-Other tasks will be to research new subjects to cover, perform interviews, and conduct product and service reviews for our recommendations.
-
-[Learn more and apply here](https://privacyguides.org/en/about/jobs/journalist/)
-
-## News Curation Internship
-
-Finally, we are offering a paid internship position that will focus on staying up-to-date with the latest privacy and security news, interacting with our community, and providing overall support to our volunteers. This role will involve curating relevant articles, reports, and insights to keep our team informed and engaged with current events. This is an excellent opportunity for someone passionate about privacy issues and looking to gain hands-on experience in a non-profit environment. Ideal candidates will have strong research skills and a keen interest in digital rights.
-
-[Learn more and apply here](https://privacyguides.org/en/about/jobs/intern-news/)
-
-## Join us in making a difference
-
-At Privacy Guides, we believe that everyone deserves the right to privacy and security in the digital world. By joining our team, you will play a vital role in educating the public and advocating for stronger privacy protections. If you’re ready to make a difference and are excited about one of these roles, we encourage you to apply!
diff --git a/content/blog/posts/keepassium-review.md b/content/blog/posts/keepassium-review.md
deleted file mode 100644
index afe995436..000000000
--- a/content/blog/posts/keepassium-review.md
+++ /dev/null
@@ -1,696 +0,0 @@
----
-title: "KeePassium Review: A Flexible Password Manager for iOS and macOS"
-template: review-article.html
-schema_type: ReviewNewsArticle
-date:
-    created: 2025-05-13T16:30:00Z
-categories:
-    - Reviews
-authors:
-    - em
-description: If you need a password manager for iOS or macOS that gives you full control over your data, KeePassium is a fantastic option. With KeePassium, you can keep your password database offline entirely, or choose whomever you trust to store it. You can also change this anytime.
-preview:
-  logo: blog/assets/images/keepassium-review/keepassium.svg
-review:
-  type: SoftwareApplication
-  category: SecurityApplication
-  subcategory: Password Manager
-  name: KeePassium
-  price: 0
-  website: https://keepassium.com/
-  rating: 4.5
-  pros:
-    - Open source.
-    - Free basic plan.
-    - Data portability.
-    - Offline-only option.
-    - No account or personal data required.
-    - Easy to use, beautiful, and customizable.
-    - Excellent documentation.
-  cons:
-    - AutoFill might not work for some websites and browsers.
-    - Some important features only available on paid plans.
-    - No app for Linux, Android, or Windows.
----
-
-![The KeePassium logo over a yellow background showing Apple devices.](../assets/images/keepassium-review/keepassium-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: PicJumbo / Pexels</small>
-
-If you have been looking for a password manager giving you full control over your data, KeePassium is a fantastic option. The application available for iOS and macOS keeps your password database offline by default. KeePassium still offers synchronization and backup options, but allows you to choose which storage provider to trust with your database, and change it whenever you want.<!-- more -->
-
-![KeePassium logo](../assets/images/keepassium-review/keepassium.svg){align=right itemprop="image"}
-
-[KeePassium](https://keepassium.com/) is a commercial open-source application made by KeePassium Labs, based in Luxembourg.
-
-Because it's open-source, anyone can inspect and download its [code](https://github.com/keepassium/KeePassium) if they wish. Anyone could even [build](https://github.com/keepassium/KeePassium?tab=readme-ov-file#is-it-free) the entire application by themselves, and use the advanced features completely for free.
-
-However, if you do not want to bother with code, you can use either the basic plan for free, or pay for a premium plan to access advanced features and to support the project.
-
-KeePassium is a [KeePass](https://keepass.info/)-compatible project. If you are already familiar with any software from the [KeePass ecosystem](https://github.com/lgg/awesome-keepass), you will feel right at home with KeePassium.
-
-KeePassium's strength resides in how it integrates KeePass' security and features into a well-rounded and well-designed application, that is very instinctive to use, while not compromising on flexibility and customizability.
-
-<div class="admonition abstract" markdown>
-<p class="admonition-title">The KeePassium application</p>
-
-For this review, the words "KeePassium" and "application" refer to both the KeePassium iOS and macOS applications simultaneously, unless otherwise specified. The mobile application was tested first and will be more prominent in the examples and screenshots.
-
-</div>
-
-## Platforms and Compatibility
-
-KeePassium is written in Apple's Swift programming language and is available for Apple devices.
-
-### Mobile
-
-- For iPhone and iPad, KeePassium works on iOS 17.0 or later.
-
-### Desktop
-
-- For Mac computers, KeePassium works on macOS 14.0 (Sonoma) or later.
-- KeePassium is compatible with both Apple Silicon and Intel hardware.
-- The desktop application is new and was [released](https://keepassium.com/blog/2024/12/keepassium-2.0/) on December 17th, 2024.
-
-### Apple Vision
-
-- For Apple Vision, KeePassium works on visionOS 1.0 or later.
-
-### Languages
-
-The KeePassium application is available in the following languages: English, Arabic, Czech, Dutch, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, Simplified Chinese, Slovak, Spanish, Swedish, Thai, Traditional Chinese, Turkish, and Ukrainian.
-
-### Cross-compatibility
-
-One great strength of any applications derivative of KeePass is compatibility with other KeePass applications. This is due to implementing of the same `.kdbx` file format for password databases, and often sharing similar features as well.
-
-If you use KeePassium to store your passwords, you will be able to easily transfer your password database to other KeePass-compatible applications, and vice versa. This offers powerful portability for your password database.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">File formats and encryption</p>
-
-KeePassium supports the KDB, KDBX3, and KDBX4 file formats, and implements AES, ChaCha20, Twofish, and Argon2 for encryption algorithms.
-
-Even if compatibility with older database formats is available, it is recommended to use the more recent and [more secure](https://keepass.info/help/kb/kdbx_4.html) KDBX4 format. This latest format will be the default when you create a new database in KeePassium.
-
-</div>
-
-This cross-compatibility is so versatile that you could, for example, use KeePassium on mobile but sync it with [KeePassXC](installing-keepassxc-and-yubikey.md) on desktop.
-
-Similarly, if you have a Mac computer but an Android phone, you could use KeePassium on desktop but KeePassDX on mobile, and so on and so forth. You can consult KeePassium's documentation for a list of all [compatible apps](https://support.keepassium.com/kb/compatible-apps/).
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Testing compatibility</p>
-
-If you plan on using KeePassium with cloud storage and synchronization between devices, make sure to test your settings well before adding all your passwords to it.
-
-</div>
-
-Depending on your usage and settings, glitches in synchronization *could* corrupt your database file. This has more chances to happen if you use a cloud storage that isn't fully supported, or a KeePass-compatible application that isn't listed in KeePassium's documentation.
-
-Ideally, if you use synchronization, create a dummy database at first to test that synchronization works properly with your specific cloud configuration and between all the devices you use.
-
-It's also advisable to enable the backup feature and even keep a backup copy of your database file in a different directory. That way, if your main synced file were to get corrupted or lost somehow, you could always rely on this secondary backup.
-
-This is important because there is no remote database management done by KeePassium. **You are fully in control of your own data, but you are also fully responsible to protect it.**
-
-## Pricing
-
-KeePassium can be used completely for free!
-
-That being said, if you need advanced features, you might want to [pay](https://keepassium.com/pricing/) for a [Premium](https://keepassium.com/articles/why-upgrade-to-premium/) plan (monthly or yearly), or a Pro or Business plan. Fortunately, the monthly Premium plan is very affordable, allowing users to test the Premium features one month at the time before committing to a longer subscription.
-
-Alternatively, if you do not need any advanced features but would like to support the project, you could use the free plan and [donate](https://keepassium.com/donate/) a fix amount to KeePassium.
-
-#### Rent-to-own
-
-Something interesting about KeePassium Premium's plan is that it offers a "[rent-to-own](https://support.keepassium.com/kb/license-rent-own/)" license. This means that if you pay for a KeePassium subscription for 12 months or more, you will always "own" the features you've paid for, even if you stop paying.
-
-For example, if you pay for Premium for only one year then stop, you will keep access to all the Premium features that were available while you paid for Premium, but will not have access to new features added after your stopped paying. This is an excellent model that more applications should adopt.
-
-![Screenshot from the KeePassium website's Pricing page with a description of which features are included in each plan.](../assets/images/keepassium-review/keepassium-pricing.webp)
-
-## Security and Trust
-
-Security and trust are without a doubt the most important characteristics of a good password manager.
-
-While functionality and features are also important, there is no point in having a pretty application that doesn't safeguard your passwords properly. It would defeat the whole purpose of the password manager.
-
-KeePassium does not neglect security for convenience, and has done its homework to earn its users' trust. The database format it uses, its transparency with open source, and its independent security audit, are all factors contributing to build trust in KeePassium.
-
-### Trusted database format
-
-The application is using an encrypted database file format developed by [KeePass](https://en.wikipedia.org/wiki/KeePass), an open-source project with a good reputation in the security and privacy community. KeePass' code and formats are trusted by many other KeePass-compatible projects, including KeePassXC, KeeWeb, OneKeePass, ModernKeePass, MacPass, Keepass2Android, and [more](https://github.com/lgg/awesome-keepass).
-
-Even if the KeePassium application is relatively recent with its first [launch](https://keepassium.com/blog/2019/07/introducing-keepassium-for-ios/) in 2019, the formats it uses to secure password databases had many eyes on since the initial KeePass release in 2003. The fact that so many people have inspected, used, tested, and improved the security foundation of this file format through the years contributes to KeePassium's security as well.
-
-### Open-source code
-
-KeePassium was [created](https://keepassium.com/articles/who-created-keepassium/) by [Dr. Andrei Popleteev](https://popleteev.com/), who founded KeePassium Labs, and continues as its director to develop and maintain the app with a small team of [contributors](https://github.com/keepassium/KeePassium/graphs/contributors). Like KeePass, KeePassium's code is open-source under a [GNU General Public License](https://github.com/keepassium/KeePassium/blob/master/LICENSE.txt).
-
-Open-source code isn't magical, but it helps to build trust by providing full transparency. Because all of KeePassium's code is publicly accessible, anyone could inspect it. This can help to detect and reporting potential vulnerabilities early on, and quickly verifying any claims made. Of course, at least *some* independent qualified people have to inspect the code in order to make this meaningful at all. But this is true for any open-source projects.
-
-#### A note on KeePassium's open-source commercial model
-
-More precisely, KeePassium is a *commercial* open-source application. This means its code is fully open and available to inspect, download, and use (within its license's limits). However, users can also purchase paid plans to access advanced features, without having to build and manage the code themselves.
-
-Paid plans provide a source of revenue to KeePassium, which helps to maintain the application adequately to keep it compatible and secure, providing support to customers, and adding new features down the line.
-
-This commercial model can actually add stability to a project, making it more likely to survive long term. This is reassuring considering all the other KeePass-compatible projects that have stopped getting maintained and are unfortunately no longer usable.
-
-Furthermore, there is some [conflict](https://www.engadget.com/2011-01-09-the-gpl-the-app-store-and-you.html) between certain open-source licenses and publication on Apple's App Store. Because it isn't possible to download an iOS app outside of Apple's App Store (unless you adventure in the perilous waters of [jailbreaking](https://en.wikipedia.org/wiki/IOS_jailbreaking)), KeePassium and all other iOS apps are confined to operate within the App Store's requirements.
-
-Also for this reason, the KeePassium projects cannot accept external contributions to its code, but can still [accept contributions](https://github.com/keepassium/KeePassium?tab=readme-ov-file#how-to-contribute) for bug reports, feature suggestions, and translations.
-
-### Independent security audit (iOS)
-
-Perhaps one of the most compelling argument for trusting KeePassium is the [independent security audit](https://support.keepassium.com/kb/security-audits/) the iOS application went through last year.
-
-The Berlin-based cybersecurity firm [Cure53](https://en.wikipedia.org/wiki/Cure53) conducted a full evaluation and professional pentest of the mobile application in November 2024.
-
-The review included an audit of the source code, application, network communications, and the implemented cryptography. The few vulnerabilities found were all fixed following reception of the report.
-
-It's important to note that only KeePassium for iOS was audited, and not KeePassium for macOS, which was released after the audit. However, many aspects of KeePassium for iOS that were included in the audit are likely to be similar for KeePassium for macOS.
-
-Interestingly, Cure53 has [audited](https://cure53.de/) many other well-known security and privacy-focused or open-source applications such as Proton Pass, 1Password, Bitwarden, Obsidian, Mullvad VPN, Onion Browser, Threema, Briar, SecureDrop, Mastodon, and much [more](https://github.com/cure53/Publications).
-
-### Recommended by other applications
-
-Finally, if you already trust KeePassXC for your desktop password manager, know that KeePassium is one of the apps [suggested](https://keepassxc.org/docs/) by KeePassXC to use on iOS.
-
-## Privacy and Encryption
-
-Data privacy and encryption are fundamental aspects of any password managers. Because pretty much all data stored in a password manager is highly sensitive data, all data should be protected by strong end-to-end encryption.
-
-### Data collection
-
-On this point, KeePassium delivers. First, a quick look at Apple's privacy label indicates that "the developer does not collect any data from this app". This is a good start, and this description is true for both the iOS and macOS applications.
-
-![Screenshot from Apple's App Store for KeePassium's App Privacy label. The label states that the "developer does not collect any data from this app".](../assets/images/keepassium-review/keepassium-applelabel.webp)
-
-Second, in its current version, KeePassium's [Privacy Policy](https://keepassium.com/privacy/app/) is excellent. This is never a guarantee of course, but the app's [security audit](#independent-security-audit-ios) shows the Privacy Policy statements are likely founded.
-
-KeePassium separates its privacy policies for the application and the website. This is an excellent practice way too rarely adopted by companies. This approach provides much more clarity for what data is collected from where, and is a positive sign that an organization understands well data privacy legal requirements.
-
-The Privacy Policy for the app is detailed and thorough, which are essential qualities to any respectable privacy policies.
-
-It starts by stating clearly that KeePassium does not send any personal data to KeePassium Labs, the company developing the app. Then, it lists all instances where data *could* be collected through the purchase or use of KeePassium, and gives clear instructions on how to opt out for each. This is the kind of privacy policy that shows an organization genuinely values and understands data privacy. I highly encourage you to have a look at it from the link above.
-
-Worth noting as well, KeePassium's Privacy Policy for its *website* states it [does not use any cookies](https://keepassium.com/privacy/website/#our-use-of-cookies-and-tracking). This is certainly refreshing to read.
-
-### Encryption
-
-Although the application is compatible with older formats, KeePassium by default will use the newer KDBX4 file format to encrypt password databases.
-
-This is important because the KDBX4 format offers [significant security improvements](https://keepass.info/help/kb/kdbx_4.html) over the previous KDBX3 format. If you import an older database in KeePassium, it is recommended to upgrade it to KDBX4 and use a different main password for the upgraded database if you keep a backup of the previous one.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Upgrade from KDB to KDBX</p>
-
-If you need to upgrade an older database file to the newest file format to benefit from better security and KeePassium's full functionality, you can follow KeePassium's [instructions](https://support.keepassium.com/kb/convert-kdb-kdbx/).
-
-</div>
-
-To secure the database, and all the content included in it, KeePassium uses AES256, ChaCha20, Twofish, HMAC, and Argon2 (for KDBX4 only). Because the [KeePass database file format](https://keepass.info/help/kb/kdbx.html) (and so KeePassium's as well) encrypts the whole database, this means that not only passwords are encrypted but also usernames, website URLs, notes, attachments, etc.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Encrypting all data, not just passwords</p>
-
-Encrypting all user data contained in a password manager entry is *extremely* important, because encrypting passwords only just isn't enough.
-
-In August 2022, the password manager [LastPass suffered a security breach](https://blog.lastpass.com/posts/notice-of-recent-security-incident) where users' password vaults (databases) were stolen from LastPass' servers.
-
-This is bad enough even with end-to-end encrypted data (because vaults with a weak main password could get cracked), but even worse than this, some important data like website URLs were *not encrypted at all*, so this information was [stolen in plain text](https://www.pwndefend.com/2022/12/24/lastpass-breach-the-danger-of-metadata/).
-
-This is the perfect example of why **encrypting all data *and* metadata** input by the user is *crucial* for data privacy and security.
-
-Additionally, the LastPass' breach is a great argument in favor of keeping one's password database *offline,* whenever possible. Something that KeePassium makes possible even by default.
-
-</div>
-
-#### Encryption algorithms used by KeePassium
-
-[AES256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard): The Advanced Encryption Standard (AES) is a trusted and commonly used block cipher symmetric-key algorithm. It was established in 2001 by NIST, the American National Institute of Standards and Technology. The number following the acronym describes the key size in bits (128, 192, or 256 bits).
-
-[Twofish](https://en.wikipedia.org/wiki/Twofish): Twofish is another block cipher symmetric-key algorithm, which KeePassium can use to secure databases, in 256-bit key size as well. Famous cryptographer Bruce Schneier was part of the team who designed Twofish.
-
-[ChaCha20](https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant) (KDBX4 only): The ChaCha20 algorithm is a variant of Salsa20, both stream ciphers that encrypt and decrypt data in continuous stream instead of blocks. The number refers to the number of rounds in its structure.
-
-[HMAC](https://en.wikipedia.org/wiki/HMAC) (Key Derivative Function): Hash-based Message Authentication Code (HMAC) is a robust hash function. In KeePass-compatible apps, it is used to [verify](https://keepass.info/help/kb/kdbx.html#hbs) the integrity and authenticity of the database before decryption.
-
-[Argon2](https://en.wikipedia.org/wiki/Argon2) (Key Derivative Function, for KDBX4 only): Argon2 is a memory-hard function that offers better resistance against GPU cracking attacks compared to AES-KDF. Argon2 was the winner of the Password Hashing Competition in 2015.
-
-[AES-KDF](https://keepass.info/help/kb/kdbx_4.html#intro) (Key Derivative Function, for KDBX3 only): AES-KDF is a key derivative function based on AES. This method was previously used for the KDBX3 database format, but has since been replaced by Argon2 for KDBX4. This is partly because AES-KDF is not memory-hard, which makes it easier to crack for an attacker using modern technologies.
-
-![Screenshot from the iOS app showing the Encryption Settings.](../assets/images/keepassium-review/keepassium-encryptionoptions.webp){width="400"}
-
-## Usage and Features
-
-Once solid security and privacy protections have been confirmed, the second important part of a good password manager is how easy it is to use and the features it offers.
-
-In this regard, KeePassium excels again. Not only does KeePassium offer the features users familiar with KeePass-compatible applications will recognize, but importantly, it implements these features with a polished user interface and obvious consideration for accessibility and user experience.
-
-### Starting with KeePassium on iOS
-
-Installing the app from the App Store is a smooth process. Once installed, make sure to go in Apple's "Settings" > "KeePassium" > "Siri & Search" and disable the Siri options you are not using. Apple very annoyingly puts them all on by default for each new app installed.
-
-Additionally, you can follow KeePassium's [instructions](https://keepassium.com/privacy/app/) from its Privacy Policy to opt out of other Apple settings related to KeePassium.
-
-After installing the app, KeePassium will guide you step-by-step to set up an application PIN (you can also enable application lock with biometrics), and import or create a new database.
-
-If you are not familiar with it already, it's a good idea to read each popup from the welcome screen.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the Welcome page after installation.](../assets/images/keepassium-review/keepassium-startwelcome.webp)
-
-![Screenshot from the iOS app showing the page giving options to either create a new database, add an existing database, or connect to a server.](../assets/images/keepassium-review/keepassium-startdatabase.webp)
-
-</div>
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Secure the application properly</p>
-
-When prompted to select a Passcode to lock the application (which is different from the main password to secure your database), you will have the option to switch from the numeric keypad to a full alphanumeric keyboard. This is recommended to set up a stronger Passcode to protect the application, where your database(s) might be kept unlocked if you choose this option.
-
-</div>
-
-If you create a new database to store your passwords, make sure to choose a [strong main password](https://www.privacyguides.org/en/basics/passwords-overview/#passwords) (or "Master Key") that is *unique*, *complex*, and *long*.
-
-KeePassium will guide you to determine if your main password is sufficiently strong. However, the app cannot know if you have used this password before, so you should make sure that you haven't and this main password is unique.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Be careful to remember your main password!</p>
-
-This is the only password that cannot be stored in your password manager, so it's important to secure it properly and also ensure you can **remember it well**.
-
-Due to the nature of end-to-end encryption, there is no way for KeePassium to recover a lost password. Not remembering your main password could mean **getting locked out of your password database permanently**.
-
-</div>
-
-After creating a new database, you will be prompted to unlock it with your new main password ("Master Key").
-
-![Screenshot from the iOS app showing the New Database section.](../assets/images/keepassium-review/keepassium-newdatabase.webp){width="400"}
-
-After you have either created or imported a database, you are ready to explore KeePassium's features.
-
-### Starting with KeePassium on macOS
-
-To download KeePassium on macOS, you will need to go through Apple's App Store. Alternatively, you could also [build](https://github.com/keepassium/KeePassium) the application from the source code, but that is an entirely different process.
-
-![Screenshot from Apple's App Store on macOS showing the KeePassium page.](../assets/images/keepassium-review/keepassium-appstoremac.webp)
-
-Installing the application is a breeze, and the macOS app shares the same welcome sections and features the iOS version has, with a slightly different format.
-
-![Screenshot from the macOS app showing the Welcome page after installation.](../assets/images/keepassium-review/keepassium-startwelcomemac.webp)
-
-The application will guide you to either create or import a database, then you will recognize the same features described below for the iOS version.
-
-![Screenshot from the macOS app showing the New Database section.](../assets/images/keepassium-review/keepassium-newdatabasemac.webp)
-
-### Accessibility
-
-There are a few great accessibility features with KeePassium. First, KeePassium fully works with Apple's VoiceOver. To enable it on iPhone, you can go in the iOS "Settings" > "Accessibility" > "VoiceOver" and enable "VoiceOver".
-
-Second, from the KeePassium app you can tap on the "Settings" gear button on the lower-right to access the "Appearance" menu. From there, you will see a sliding option to adjust the entry's text size. This will change the size of the text in all entries' sections. You also have the option to change the font type from there.
-
-Additionally, when tapping on a Password in an entry section, you can quickly tap on the magnified "a" button (while the blue "Copied" overlay appears) to display the password in large font, with each character separated in an indexed table.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the Appearance page from the Settings with the Text Size option.](../assets/images/keepassium-review/keepassium-textsize.webp)
-
-![Screenshot from the iOS app showing an entry's password selected with the large font option, which displays each character from a password in a separate indexed box.](../assets/images/keepassium-review/keepassium-largeindexedfont.webp)
-
-</div>
-
-### Security features
-
-In the "Access Control" category of "Settings", there are some important options to customize the app's security features:
-
-#### App Protection
-
-This section gives options to secure the application itself. It includes using the device's biometric lock instead of the app's Passcode, changing the app's Passcode, and choosing when the app gets locked.
-
-#### Data Protection
-
-This section gives options to enable or disable if the database(s)' main password(s) is remembered locally in the device's secure keychain, or if it must be re-entered each time to unlock a database. It also allows you to choose when (if remembered) the database will lock itself again, how long to keep data (including copied passwords) in the device's clipboard, and other security preferences.
-
-A fun (and useful) feature you will find there is that you can decide what happens when the device is "shaken". This can be an important security feature for people in sensitive situations.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the App Protection page from the Settings.](../assets/images/keepassium-review/keepassium-appprotection.webp)
-
-![Screenshot from the iOS app showing the Data Protection page from the Settings.](../assets/images/keepassium-review/keepassium-dataprotection.webp)
-
-</div>
-
-#### Protection against weak passwords
-
-When first creating a database, KeePassium will indicate if the main password chosen is too weak and display a warning.
-
-This is an important security feature because **a database is only as protected as the strength of its main password**. It goes without saying the main password for a database should always be *unique* (has never been used elsewhere), *complex* (uses a variety of character types), and *long* (is long enough to not be vulnerable to brute-force attacks).
-
-Passwords chosen for each entry will also display an indicator of strength under each field.
-
-#### YubiKey support (Premium)
-
-For users with Premium plans, KeePassium offers [support for YubiKey](https://www.yubico.com/works-with-yubikey/catalog/keepassium/) to add extra protection to a database using the challenge-response implementation.
-
-The same feature is available on KeePassXC on desktop. For more details on this, you can check our [tutorial for KeePassXC](installing-keepassxc-and-yubikey.md), or our tutorial on [how to set up and back up a YubiKey](yubikey-reset-and-backup.md)'s challenge-response.
-
-#### Passwords audit (Premium)
-
-KeePassium offers to audit database's passwords for potential leaks. This feature works by comparing an obfuscated version of a password with the [Have I Been Pwned](https://haveibeenpwned.com/) service. The password is never shared externally during this process. This is helpful information to get an early warning and change a compromised password before the exposed account is attacked.
-
-### Groups and Smart Groups
-
-Before starting to add entries to a new database, it's a good idea to explore the Groups and Smart Groups features. Groups are directories that can be created inside a database to separate categories of passwords.
-
-Smart Groups are simply Groups created from a search query. If you imported a database already full of passwords, you might not feel like sorting them manually. Smart Groups will help to create Groups using queries to [categorize](https://support.keepassium.com/docs/smart-groups/) entries automatically. This can be very convenient to organize larger databases.
-
-When creating a new database, KeePassium will suggest some Groups, which you can be used as provided, changed, or deleted. To add a new Group or Smart Group, tap on the 3-dot button on the upper-right from inside a database and select "New Group" or "New Smart Group".
-
-![Screenshot from the iOS app showing different groups created within a database.](../assets/images/keepassium-review/keepassium-groups.webp){width="400"}
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Separate databases vs Groups</p>
-
-Using separate databases for different categories of passwords, for example one database for personal passwords, work-related passwords, and family-shared passwords is a good idea because it takes advantage of compartmentalization to add extra security and privacy.
-
-Each database will have its own main password, and if one database were to get compromised, the others might still be protected. KeePassium's free plan only allow to use *one* database at the time, however.
-
-Groups mainly serve to organize passwords and do not provide any additional security, privacy, or portability like separate databases do. For free plan users, Groups can still be a great feature to separate passwords when it isn't a security issue to encrypt them all together using a same main password.
-
-</div>
-
-### Entry options
-
-Once inside a database, users can add a new entry there or first create/enter a Group directory. To create a new entry, tap on the 3-dot menu on the upper-right, then select "New Entry".
-
-Each New Entry section will include a field for the entry's name, choice of icon (or option to download the service's favicon), "User Name", "Password", "URL", "Tags", "Notes", and option to "Set up one-time password (OTP)".
-
-Tapping the plus-sign button at the top will create a new custom text field for an entry. Enabling the "Protected Field" option on the lower-right will hide this field as if it was a password field. That being said, all fields from an entry will be fully encrypted with the database.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing a New Entry page with various empty fields.](../assets/images/keepassium-review/keepassium-newentry.webp)
-
-![Screenshot from the iOS app showing the page within a Group with four different entries.](../assets/images/keepassium-review/keepassium-entries.webp)
-
-</div>
-
-An entry section from macOS:
-
-![Screenshot from the macOS app showing an entry section with the "User Name", "Password", "URL", "Tags", and "Notes" fields filled.](../assets/images/keepassium-review/keepassium-entrymac.webp)
-
-Finally, to edit, move, copy or delete an entry on iOS, a long press over its name from the directory will show these options. Swiping left on a password entry will also show the edit and delete options.
-
-![Screenshot from the iOS app showing the options Edit, Move, Copy, and Delete when long-pressing on a listed entry.](../assets/images/keepassium-review/keepassium-moveentry.webp){width="400"}
-
-### Password generator
-
-Conveniently, KeePassium includes a password generator. This is a common feature for password managers, and KeePassium implements this feature very well.
-
-The generator can be used from either the die-shaped button on the right of every password field, the tool-shaped button menu on the lower-left from inside a database selecting "Random Generator", or the die-shaped button on the lower-left from the "Databases" section. The latter is a nice touch if you ever need to generate a random string while your database is locked.
-
-Each time you open the Random Generator, it will automatically generate new random strings for all 3 modes: Basic, Expert, and Passphrase.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the tool menu from within a database. The menu shows options for "Random Generator", "Password Audit", "Download Favicons", "Print", "Change Master Key", "Encryption Settings", and "Lock Database".](../assets/images/keepassium-review/keepassium-databaseoptions.webp)
-
-![Screenshot from the iOS app showing the Random Generator page that displays three random passwords for "Basic", "Expert", and "Passphrase".](../assets/images/keepassium-review/keepassium-generator.webp)
-
-</div>
-
-The Random Generator can also be customized. To customize each mode, tap on the gears-shaped button on the upper-right of the generator and change the mode to adjust the parameters for each. The app will remember the parameters every time it is used.
-
-The customization for Passphrase does not include the options for "MIXED" case at this time, however, considering this option was just added to KeePassXC last month, maybe it will be added to KeePassium as well in the near future.
-
-![Screenshot from the macOS app showing the Random Generator page that displays the options to adjust for generated passphrase.](../assets/images/keepassium-review/keepassium-generatormac.webp)
-
-### One-Time Password (OTP)
-
-KeePassium offers the option to store one-time password codes with each entry. This can be a convenient way to manage second-factor of authentication, and keep these codes stored locally only.
-
-However, this can also introduce additional risks. If a database file was to get compromised at some point, it would also compromise all the OTP codes within it, making this second-factor protection useless against an attack of the whole database.
-
-If this isn't a risk you are concerned with, then KeePassium's OTP can be a useful feature.
-
-OTP codes are easy to set up and can be entered manually or using a QR code. Once set up, the code will be displayed as a field in the entry. Tap on it to copy it.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing an entry for Mastodon Social with all credential fields filled, and an arrow pointing at a One-Time Password code.](../assets/images/keepassium-review/keepassium-otp.webp)
-
-![Screenshot from the iOS app showing an Entry page with the option to "Set up one-time password (OTP)" selected at the bottom and displaying a menu with the options "Scan QR code" and "Enter manually".](../assets/images/keepassium-review/keepassium-otpentry.webp)
-
-</div>
-
-### AutoFill
-
-Depending on your usage, AutoFill can be an important feature for a password manager. AutoFill will allow KeePassium to recognize a login page and automatically fill all in the login credentials.
-
-To ensure AutoFill works smoothly, it's important to enter the correct website URL for each entry, specifically the page's URL where the credentials will be required.
-
-Ultimately, it's possible some websites will just not work with KeePassium's AutoFill. Some [issues](https://github.com/keepassium/KeePassium/issues/405) have been experienced while testing the app for this review. If you experience the same issue with a website, you can simply copy-paste the credentials manually in each corresponding field.
-
-<div class="admonition failure" markdown>
-<p class="admonition-title">AutoFill issues for some websites</p>
-
-A possible cause of AutoFill issues can be an incorrect entry URL that isn't the proper "Caller ID". To troubleshoot this, you can consult KeePassium's helpful [instructions](https://support.keepassium.com/kb/autofill-matching/) here.
-
-</div>
-
-#### AutoFill for iOS
-
-When set up correctly on iOS, a "Passwords" button should appear above the keyboard for websites where credentials have been stored in your database. If it doesn't, this could mean AutoFill was not set up properly from the [iOS Settings](https://support.keepassium.com/kb/autofill-setup-ios/).
-
-![Screenshot from a mobile browser with the login page for mastodon.social displaying empty credential fields and iOS showing a "Passwords" button over the keyboard.](../assets/images/keepassium-review/keepassium-autofill.webp){width="400"}
-
-#### AutoFill for macOS
-
-There isn't a browser extension available for KeePassium on macOS. The desktop AutoFill feature integrates with the system as a [credential provider](https://www.reddit.com/r/KeePassium/comments/1isvjjd/comment/mdsbwwc/). Browser implementation depends on how each browser integrates this function. The desktop AutoFill feature does work flawlessly with Safari.
-
-To set up AutoFill for KeePassium, you will have to enable it from the [macOS Settings](https://support.keepassium.com/kb/autofill-setup-macos/). KeePassium will guide you through the process with clear instructions to follow:
-
-![Screenshot from the macOS app showing a setting popup to "Uncheck Keychain" with the option to enable KeePassium instead.](../assets/images/keepassium-review/keepassium-autofillmac.webp)
-
-Once enabled, every website with a corresponding URL in your database will display a small key icon on the right of the credential fields.
-
-![Screenshot from Safari showing the cryptpad.fr login page and a key icon on the right of the Username empty field, with the option on the left to select either KeePassium or Keychain to fill the credentials.](../assets/images/keepassium-review/keepassium-loginsafarimac.webp)
-
-Despite lacking a browser extension, integration with Safari and the macOS ecosystem works smoothly, and it will work with applications that aren't browsers as well.
-
-![Screenshot from the ProtonDrive login popup in macOS showing a menu over the Password field to select either KeePassium or Keychain to fill the credentials.](../assets/images/keepassium-review/keepassium-loginappmac.webp)
-
-### Backups
-
-Backing up your database is essential with any KeePass-compatible app. Because there is no remote backup automatically stored by the application, you become responsible for protecting this data properly.
-
-KeePassium offers many options to help users back up their databases.
-
-#### Enable backup copies
-
-The option to back up local copies automatically will be enabled by default. You can disable it if you prefer (ideally not), or enable the option to "Show Backup Files" in "Settings" > "Database Backup". You can also adjust for how long you wish to keep the local backups (the default value is 2 months).
-
-#### Exclude from iCloud/iTunes
-
-There is an important feature to exclude your database file and KeePassium's backups of your database from your device's iCloud or iTunes backups. If you do not trust Apple with your encrypted database, you should enable this everywhere (excluding from iCloud/iTunes is disabled by default).
-
-If your database is stored locally (you might not see the option otherwise): From the "Databases" page, tap on the 3-dot button right to your database name (not the *circled* 3-dot button at the top, the one below). Then tap on "File Info" and *enable* the option "Exclude From iCloud/iTunes Backup" to make sure your database file stays outside your device's iCloud or iTunes backups.
-
-Secondly, to also exclude the backups created by KeePassium, inside a database tap on the "Settings" gear button on the lower-right, then "Database Backup", and *enable* "Exclude Backup Files from System Backup".
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the File Info page for a database, with the "Exclude From iCloud/iTunes Backup" option enabled in green.](../assets/images/keepassium-review/keepassium-fileinfo.webp)
-
-![Screenshot from the iOS app showing the Database backup page from Settings with the "Exclude Backup Files from System Backup" option enabled in green.](../assets/images/keepassium-review/keepassium-backup.webp)
-
-</div>
-
-You will find the same option on macOS:
-
-![Screenshot from the macOS app showing the File Info for a database, with the "Exclude From iCloud/iTunes Backup" option enabled in yellow.](../assets/images/keepassium-review/keepassium-fileinfomac.webp)
-
-#### Auto-delete backup files
-
-You can choose the backup files to get deleted automatically after a certain period of time. For this, go to "Settings" then the "Database Backup" again, and scroll down to "Keep Backup Files". Select a retention period that is secure for your threat model. You can also tap on "Delete ALL Backup Files" below to delete all backups at any time.
-
-#### Manual backups
-
-Finally, you can simply back up your database `.kdbx` file manually. For this you have the options to transfer the file from KeePassium via cable, cloud storage, local network, AirDrop, email, or even Signal's [Note to Self](https://support.signal.org/hc/en-us/articles/360043272451-Note-to-Self)!
-
-To [transfer](https://support.keepassium.com/kb/database-transfer/) your database file entirely offline to another Apple device, connect your device together via USB cable and follow these [instructions](https://support.apple.com/en-gb/guide/mac-help/mchl4bd77d3a/mac).
-
-If you stored your database locally on iPhone, you will find the file in Apple's "Files" > "On My iPhone" > "KeePassium". From there, you can long press the file to see options to move or share it.
-
-![Screenshot from the iOS Files showing the menu from a long-press over the local database file with the option to "Move" the file circled.](../assets/images/keepassium-review/keepassium-movedatabase.webp){width="400"}
-
-#### Restore database from backup
-
-If you encounter any errors while managing your database, you can always restore it from a backup. Keeping multiple backup versions is a good idea to ensure you always have a functional file. Glitches and bugs are more likely to happen if you handle your database in unusual ways, with other software that may not have been tested for this usage yet.
-
-Restoring a database in KeePassium is a very straightforward operation. In the "Databases" section, tap on the 3-dot button on the upper-right, then select "Show Backup Files", if it isn't already on. Follow KeePassium's [instructions to restore](https://support.keepassium.com/kb/restore-backup/) a previous version.
-
-### Synchronization and direct connection
-
-While you can use KeePassium entirely offline, the app also offers options to synchronize your database with other KeePassium installations or other KeePass-compatible applications.
-
-There are two ways to do this. You can either simply store your database file in a cloud service of your choice and let KeePassium access this file, or you can use KeePassium's direct connection with certain cloud providers.
-
-You can see these two options from the app in "Settings" > "Network Access". From there, you have the option to select "Stay Offline", for maximum privacy, or "Allow Network Access", for maximum functionality.
-
-Whether you choose simple file synchronization or a direct connection, you can consult [this list](https://support.keepassium.com/kb/sync/) of cloud storage providers that have been tested by the KeePassium team and users to determine if your provider is supported.
-
-#### Stay offline, and synchronize through a cloud provider (recommended)
-
-This is KeePassium's [recommended method](https://keepassium.com/articles/cloud-sync-sandboxing/) to synchronize your database file(s) while maximizing privacy and minimizing external accesses. By default, KeePassium will remain offline, but you can store your database file with a cloud provider of your choice.
-
-This way, your cloud provider will manage the network communication, and KeePassium will only take care of decrypting your database. Because of system-enforced sandboxing, KeePassium will not have access to anything else on your cloud storage, only the database file(s) your have granted it access to.
-
-For example, you can store your database file on a cloud storage of your choice, then open it from KeePassium for iOS and also from KeePassXC on desktop. Both applications will access and manage the same file, therefore synchronizing your database.
-
-Be careful however when modifying your database. If synchronization isn't handled properly, this could cause errors that could corrupt your file. This is why it's important to test your setting first, and a good practice to keep a backup in a secure secondary location.
-
-![Screenshot from the iOS app showing the Network Access page with the option "Stay Offline" selected.](../assets/images/keepassium-review/keepassium-offline.webp){width="400"}
-
-<details class="example" markdown>
-<summary>Synchronization through Proton Drive</summary>
-
-Proton Drive isn't part of the recommended and tested list of cloud providers for KeePassium. However, it was briefly tested during this review.
-
-Between KeePassium iOS and KeePassXC on desktop, some synchronization was possible through Proton Drive, but with mixed results.
-
-To make it work, first the Proton Drive app needed to stay unprotected by a PIN or biometrics, which isn't ideal if you have other sensitive files on this drive. There was also some delay to sync the database between mobile and desktop, and a few bugs occurred while testing.
-
-That being said, synchronization was *possible* through Proton Drive between KeePassium for iOS and KeePassXC on desktop, but maybe not recommended. If you choose this setup for yourself, it is *strongly* recommended to conduct adequate testing first using a dummy database, and once set up with your actual database, to keep a secondary backup in a separate location.
-
-Testing couldn't make synchronization work between KeePassium iOS and KeePassium macOS through Proton Drive. Issues seem to come from conflict resolutions on the Proton Drive side. Of course, because Proton Drive isn't even listed by KeePassium as a supported storage, this was simply conducted as an experiment and not an expectation.
-
-Because many of our readers might use Proton Drive as a cloud provider, just be aware it probably isn't a usable synchronization solution at this time.
-
-Using Proton Drive to simply back up a password database file manually without synchronization is still a viable option, however.
-
-</details>
-
-#### Allow network access, to connect directly from KeePassium
-
-In 2022, KeePassium added direct connection options for certain cloud storage providers as a workaround solution for providers that were not integrating well with the system. This should however be a secondary choice only, as it will have some downsides for your data privacy.
-
-You can find this option from the "Data Encryption" welcome window at the start where you can either create a database, import a database, or "Connect to Server".
-
-Although KeePassium will only use what is necessary for this functionality, it [will access](https://keepassium.com/privacy/app/#direct-connections) more data than with the "Stay Offline" synchronization option. The data used for this functionality will however remain between your device and the cloud provider.
-
-#### Supported cloud storage providers
-
-KeePassium offers full support for iCloud Drive, Box, Dropbox, Google Drive, OneDrive, Resilio Sync, Nextcloud, SFTP / WebDAV, and limited support for Mega and Cryptomator.
-
-You might be able to make it work with cloud providers that aren't listed here. However, if you decide to use a provider that isn't fully supported, make sure to properly test your setup with a dummy database first.
-
-### Additional features
-
-This review focused testing on the most commonly used features that are accessible from a free plan. Nonetheless, KeePassium offers many more features, and additional ones for paid plans. Here's a summary of some other interesting features that have not been covered yet:
-
-#### Passkeys
-
-Since December 2024, KeePassium added [support](https://keepassium.com/blog/2024/12/keepassium-2.0/#passkey-support) for passkeys with its 2.0 release.
-
-#### Family sharing (Premium)
-
-You can use Apple's Family Sharing feature to [share](https://support.keepassium.com/kb/family-sharing/) your KeePassium paid license with your family members.
-
-#### Multiple databases (Premium)
-
-With a paid plan, it's possible to create or import multiple databases with KeePassium. This can be very convenient if you use a separate database for work and for your personal life, for example.
-
-#### Printing database
-
-KeePassium has a quick option to print an entire database in plain text, in an easy-to-read format. If this is secure for you, it can be a convenient way to keep a backup paper copy of all your passwords in case of emergency (or for inheritance purposes).
-
-To do this, while inside your database tap on the tool-shaped button on the lower-left, then select "Print". Of course make sure to secure this printed data *very well*, as it could be your weakest link.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Important security warning!</p>
-
-Depending on your printer's settings, you should be *very careful* when using the print function. This data will be sent in plain text to your printer, and even perhaps through a network (depending on your printer's settings).
-
-This **can represent a very high security risk**, depending on your printer setup and situation. The file with your plain text passwords could also remain stored in the printer's queue!
-
-The print function can be [disabled](https://support.keepassium.com/docs/mdm-appconfig/#allowDatabasePrint) for users with a Business license.
-
-</div>
-
-![Screenshot from the iOS app showing a preview to print a database file in plain text. The file lists the database name at the top, then each group, and within each group all entries' credentials including usernames, passwords in plain text, URL, and notes.](../assets/images/keepassium-review/keepassium-print.webp)
-
-#### Read-only database
-
-You can protect a database from accidental changes by enabling this option. This will prevent any entries from being added, removed, or modified.
-
-It can be very useful if you have installed the app for someone who isn't comfortable with technology and want to make sure they cannot inadvertently delete an entry, for example.
-
-To enable it from KeePassium on iOS, go to the "Databases" section, long press on your database file, select "Database Settings", then enable "Read Only" at the top.
-
-#### File storage (attachments)
-
-You can use your database to store files!
-
-It's probably best to stay reasonable with this because files will quickly make your database very heavy. This could significantly slow down the encryption and decryption processes.
-
-That being said, it's a great way to store more sensitive files securely. The files will be encrypted with your database.
-
-You can either add files to an entry already created, or create a new entry named "Files" (or anything else you wish) to store all of your files together.
-
-To add a file, select the paperclip-icon tab at the top of an entry, then tap the plus-sign button at the bottom. Your files (attachments) will be accessible from any other KeePass-compatible application, like KeePassXC for example.
-
-![Screenshot from the macOS app showing the section tab within an Entry to add and view attachment files.](../assets/images/keepassium-review/keepassium-attachmentmac.webp)
-
-Interestingly, KeePassium even uses a quite decent PDF viewer on iOS:
-
-![Screenshot from the iOS app showing a preview for a PDF file, in this case the document for Privacy by Design by Ann Cavoukian.](../assets/images/keepassium-review/keepassium-pdfviewer.webp){width="400"}
-
-## Nice to have
-
-- You can see what was added, changed, or fixed for each KeePassium version from "Settings" in the "What's New" section.
-
-- You can change the KeePassium and database icons from "Settings" > "Appearance" > in "App Icon" and "Database Icons".
-
-- KeePassium has [excellent documentation](https://support.keepassium.com/)! This is handy to learn about features or to troubleshoot if you encounter any errors.
-
-- You can see the full credits for the app from "Settings" in the "About KeePassium" section.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">Check the credits!</p>
-
-KeePassium not only credits its direct contributors but also lists credits for each graphics, code, and encryption algorithms used. You will find the same list of credits on KeePassium's GitHub [page](https://github.com/keepassium/KeePassium?tab=readme-ov-file#author-and-credits). This is a wonderful idea that more software should get inspired by.
-
-</div>
-
-## Downsides
-
-Even if KeePassium is a great secure application that is easy and pleasant to use, there are still a few downsides that should be mentioned:
-
-- People with older versions of iOS or macOS will unfortunately not be able to use the application at all.
-
-- KeePassium only works in the Apple ecosystem, and there are no versions for other systems at this time.
-
-- If you are using a cloud provider that doesn't work smoothly with KeePassium and you need synchronization, you will unfortunately need to synchronize your database manually or change your cloud storage provider.
-
-- AutoFill on iOS might not work for every account. This can be an inconvenience depending on your usage and which of your accounts (if any) are impacted.
-
-- AutoFill on macOS might not work with your favorite browser (if it isn't Safari).
-
-## Conclusion
-
-Overall, KeePassium is a privacy-focused, offline-first application, that has clearly prioritized user experience and user interface, while not neglecting security and privacy.
-
-When used with the basic and supported settings, it works fairly smoothly and allows enough customization to adapt to a variety of user needs and situations.
-
-The fact that KeePassium allows full compatibility with most other KeePass-compatible applications is an immense benefit compared to proprietary password managers.
-
-If you already keep your database in the KeePass file format, there are no downsides in trying KeePassium. If you aren't using this database format yet, this is a great opportunity to start and free yourself from locked-in systems that secure your precious passwords with obscurity rather than with openness.
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
diff --git a/content/blog/posts/linux-application-sandboxing.md b/content/blog/posts/linux-application-sandboxing.md
deleted file mode 100644
index 409e70dba..000000000
--- a/content/blog/posts/linux-application-sandboxing.md
+++ /dev/null
@@ -1,76 +0,0 @@
----
-date:
-    created: 2022-04-22T19:00:00Z
-categories:
-    - Tutorials
-authors:
-    - contributors
-tags:
-    - Linux
-    - Security
-license: BY-SA
-description: We outline a few projects which aim to solve the poor sandboxing situation in Linux relative to operating systems like macOS and ChromeOS.
-schema_type: AnalysisNewsArticle
----
-# Sandboxing Applications on Desktop Linux
-
-Some sandboxing solutions for desktop Linux distributions do exist, however they are not as strict as those found in macOS or ChromeOS. Applications installed from the package manager (`dnf`, `apt`, etc.) typically have **no** sandboxing or confinement whatsoever. Below are a few projects that aim to solve this problem:<!-- more -->
-
-## Flatpak
-
-[Flatpak](https://flatpak.org) aims to be a universal package manager for Linux. One of its main functions is to provide a universal package format which can be used in most Linux distributions. It provides some [permission control](https://docs.flatpak.org/en/latest/sandbox-permissions.html). However, [it is known](https://madaidans-insecurities.github.io/linux.html#flatpak) that Flatpak sandboxing could be improved as particular Flatpaks often have greater permission than required. There does seem to be [some agreement](https://theevilskeleton.gitlab.io/2021/02/11/response-to-flatkill-org.html) that this is the case.
-
-You can restrict applications further by issuing [Flatpak overrides](https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-override). This can be done with the command-line or by using [Flatseal](https://flathub.org/apps/details/com.github.tchx84.Flatseal). Some sample overrides are provided by [rusty-snake](https://github.com/rusty-snake/kyst/tree/main/flatpak).
-
-We generally recommend revoking access to:
-
-- the Network (`share=network`) socket (internet access)
-- the PulseAudio socket (for both audio in and out), `device=all` (access to all devices including the camera)
-- `org.freedesktop.secrets` dbus (access to secrets stored on your keychain) for applications which do not need it
-
-If an application works natively with Wayland (and not running through the [XWayland](https://wayland.freedesktop.org/xserver.html) compatibility layer), consider revoking its access to the X11 (`socket=x11`) and [Inter-process communications (IPC)](https://en.wikipedia.org/wiki/Unix_domain_socket) socket (`share=ipc`) as well.
-
-We also recommend restricting broad filesystem permissions such as `filesystem=home` and `filesystem=host` which should be revoked and replaced with just the directories that the app needs to access. Some applications like [VLC](https://www.flathub.org/apps/details/org.videolan.VLC) implement the [Portals](https://docs.flatpak.org/en/latest/portal-api-reference.html) [API](https://en.wikipedia.org/wiki/API), which allows a file manager to pass files to the Flatpak application (e.g. VLC) without specific filesystem access privileges. VLC is only able to access the specific file that you want to open, rather than requiring privileges to particular locations.
-
-Hard-coded access to some kernel interfaces like [`/sys`](https://en.wikipedia.org/wiki/Sysfs) and [`/proc`](https://en.wikipedia.org/wiki/Procfs#Linux) and weak [seccomp](https://en.wikipedia.org/wiki/Seccomp) filters unfortunately cannot be secured with Flatpak.
-
-## Firejail
-
-[Firejail](https://firejail.wordpress.com/) is another method of sandboxing. As it is a large [setuid](https://en.wikipedia.org/wiki/Setuid) binary, it has a large attack surface which may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation).
-
-[This post from a Whonix security researcher](https://madaidans-insecurities.github.io/linux.html#firejail) provides additional details on how Firejail can worsen the security of your device.
-
-## Mandatory Access Control
-
-[Mandatory access control](https://en.wikipedia.org/wiki/Mandatory_access_control) systems require policy files in order to force constraints on the system.
-
-The two main control systems are [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) (used on Android and Fedora) and [AppArmor](https://en.wikipedia.org/wiki/AppArmor).
-
-Fedora includes SELinux preconfigured with some policies that will confine [system daemons](https://en.wikipedia.org/wiki/Daemon_(computing)) (background processes). We don’t recommend disabling SELinux.
-
-openSUSE gives the choice of AppArmor or SELinux during the installation process. We recommend sticking to the default for each variant (AppArmor for [Tumbleweed](https://get.opensuse.org/tumbleweed/) and SELinux for [MicroOS](https://microos.opensuse.org/)). openSUSE’s SELinux policies are derived from Fedora.
-
-Arch and Arch-based operating systems often do not come with a mandatory access control system and that must be configured manually for either [AppArmor](https://wiki.archlinux.org/title/AppArmor) or [SELinux](https://wiki.archlinux.org/title/SELinux).
-
-Linux desktops don't usually include individual app confinement rules, unlike Android which sandboxes every application installed.
-
-## Making your own policies/profiles
-
-You can make your own AppArmor profiles, SELinux policies, Bubblewrap profiles, and [seccomp](https://en.wikipedia.org/wiki/Seccomp) blacklist to have better confinement of applications. This is an advanced and sometimes tedious task, so we won’t go into detail about how to do it here, but we do have a few projects that you could use as reference.
-
-- Whonix’s [AppArmor Everything](https://github.com/Whonix/apparmor-profile-everything)
-- Krathalan’s [AppArmor profiles](https://github.com/krathalan/apparmor-profiles)
-- noatsecure’s [SELinux templates](https://github.com/noatsecure/hardhat-selinux-templates)
-- Seirdy’s [Bubblewrap scripts](https://sr.ht/~seirdy/bwrap-scripts)
-
-## Securing Linux containers
-
-If you’re running a server, you may have heard of Linux Containers, Docker, or Podman which refer to a kind of [OS-level virtualization](https://en.wikipedia.org/wiki/OS-level_virtualization). Containers are more common in server and development environments where individual apps are built to operate independently.
-
-[Docker](https://en.wikipedia.org/wiki/Docker_(software)) is one of the most common container solutions. It does not run a proper sandbox, and this means that there is a large kernel attack surface. The [daemon](https://en.wikipedia.org/wiki/Daemon_(computing)) controls everything and [typically](https://docs.docker.com/engine/security/rootless/#known-limitations) runs as root. If it crashes for some reason, all the containers will crash too. The [gVisor](https://en.wikipedia.org/wiki/GVisor) runtime which implements an application level kernel can help limit the number of [syscalls](https://en.wikipedia.org/wiki/System_call) an application can make and can help isolate it from the host’s [kernel](https://en.wikipedia.org/wiki/Kernel_(operating_system)).
-
-Red Hat develops [Podman](https://docs.podman.io/en/latest/) and secures it with SELinux to [isolate](https://www.redhat.com/sysadmin/apparmor-selinux-isolation) containers from each other. One of the notable differences between Docker and Podman is that Docker requires [root](https://en.wikipedia.org/wiki/Superuser) while Podman can run with [rootless containers](https://developers.redhat.com/blog/2020/09/25/rootless-containers-with-podman-the-basics) that are also [daemonless](https://developers.redhat.com/blog/2018/08/29/intro-to-podman), meaning if one crashes they don’t all come down.
-
-Another option is [Kata containers](https://katacontainers.io/), where virtual machines masquerade as containers. Each Kata container has its own Linux kernel and is isolated from the host.
-
-The above container technologies can be useful if you want to run certain web app software on your local network, such as [Vaultwarden](https://github.com/dani-garcia/vaultwarden) or images provided by [LinuxServer.io](https://www.linuxserver.io), to increase privacy by decreasing dependence on various web services. A guide on [hardening Docker and OCI](https://wonderfall.dev/docker-hardening) has been written by the author "Wonderfall."
diff --git a/content/blog/posts/linux-system-hardening.md b/content/blog/posts/linux-system-hardening.md
deleted file mode 100644
index c07402722..000000000
--- a/content/blog/posts/linux-system-hardening.md
+++ /dev/null
@@ -1,140 +0,0 @@
----
-date:
-    created: 2022-04-22T19:00:00Z
-categories:
-    - Tutorials
-authors:
-    - contributors
-tags:
-    - Linux
-    - Security
-license: BY-SA
-robots: nofollow, max-snippet:-1, max-image-preview:large
-description: There are a number of procedures you can follow to make your Linux desktop system more secure, some more advanced than others. We cover some general techniques here.
-schema_type: AnalysisNewsArticle
----
-# Hardening Your Desktop Linux System's Security
-
-There are a number of procedures you can follow to make your Linux desktop system more secure, some more advanced than others. We cover some general techniques here.<!-- more -->
-
-## Firewalls
-
-A [firewall](https://en.wikipedia.org/wiki/Firewall_(computing)) may be used to secure connections to your system. If you’re on a public network, the necessity of this may be greater than if you’re on a local trusted network that you control. We would generally recommend that you block incoming connections only, unless you’re using an application firewall such as [OpenSnitch](https://github.com/evilsocket/opensnitch) or [Portmaster](https://safing.io/portmaster/).
-
-Red Hat distributions (such as Fedora) are typically configured through [firewalld](https://en.wikipedia.org/wiki/Firewalld). Red Hat has plenty of [documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/using-and-configuring-firewalld_configuring-and-managing-networking) regarding this topic. There is also the [Uncomplicated Firewall](https://en.wikipedia.org/wiki/Uncomplicated_Firewall) which can be used as an alternative.
-
-You could also set your default firewall zone to drop packets. If you're on a Red Hat based distribution, such as Fedora this can be done with the following commands:
-
-!!! Example
-
-    ```bash
-    firewall-cmd --set-default-zone=drop;
-    firewall-cmd --add-protocol=ipv6-icmp --permanent;
-    firewall-cmd --add-service=dhcpv6-client --permanent;
-    ```
-
-All these firewalls use the [Netfilter](https://en.wikipedia.org/wiki/Netfilter) framework and therefore cannot protect against malicious programs running on the system. A malicious program could insert its own rules.
-
-If you are using Flatpak packages, you can revoke their network socket access using Flatseal and prevent those applications from accessing your network. This permission is not bypassable.
-
-If you are using non-classic [Snap](https://en.wikipedia.org/wiki/Snap_(package_manager)) packages on a system with proper snap confinement support (with both AppArmor and [cgroups](https://en.wikipedia.org/wiki/Cgroups) v1 present), you can use the Snap Store to revoke network permission as well. This is also not bypassable.
-
-## Kernel hardening
-
-Kernel hardening options such as configuring [sysctl](https://en.wikipedia.org/wiki/Sysctl#Linux) keys and [kernel command-line parameters](https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html) can help harden your system. We suggest looking at the following [sysctl settings](https://madaidans-insecurities.github.io/guides/linux-hardening.html#sysctl) and [boot parameters](https://madaidans-insecurities.github.io/guides/linux-hardening.html#boot-parameters).
-
-We **strongly** recommend that you learn what these options do before applying them. There are also some methods of [kernel attack surface reduction](https://madaidans-insecurities.github.io/guides/linux-hardening.html#kernel-attack-surface-reduction) and [access restrictions to sysfs](https://madaidans-insecurities.github.io/guides/linux-hardening.html#restricting-sysfs) that can further improve security.
-
-!!! Note
-    Unprivileged [user namespaces](https://madaidans-insecurities.github.io/linux.html#kernel) can be disabled, due to it being responsible for various privileged escalation vulnerabilities. Some software such as Docker, Podman, and LXC require unprivileged user namespaces to function. If you use these tools you should not disable `kernel.unprivileged_userns_clone`.
-
-    Disabling access to `/sys` without a proper whitelist will lead to various applications breaking. This will unfortunately be an extremely tedious process for most users. Kicksecure, and by extension, Whonix, has an experimental [hide hardware info service](https://github.com/Kicksecure/security-misc/blob/master/lib/systemd/system/hide-hardware-info.service) which does just this. From our testing, these work perfectly fine on minimal Kicksecure installations and both Qubes-Whonix Workstation and Gateway. If you are using Kicksecure or Whonix, we recommend that you follow the [Kicksecure Wiki](https://www.kicksecure.com/wiki/Security-misc) to enable hide hardware info service.
-
-## Linux-Hardened
-
-Some distributions like Arch Linux have the [linux-hardened](https://github.com/anthraxx/linux-hardened), kernel package. It includes [hardening patches](https://wiki.archlinux.org/title/security#Kernel_hardening) and more security-conscious defaults. Linux-Hardened has `kernel.unprivileged_userns_clone=0` disabled by default. See the [note above](#kernel-hardening) about how this might impact you.
-
-## Linux Kernel Runtime Guard (LKRG)
-
-LKRG is a kernel module that performs runtime integrity check on the kernel to help detect exploits against the kernel. LKRG works in a *post*-detect fashion, attempting to respond to unauthorized modifications to the running Linux kernel. While it is [bypassable by design](https://lkrg.org/), it does stop off-the-shelf malware that does not specifically target LKRG itself. This may make exploits harder to develop and execute on vulnerable systems.
-
-If you can get LKRG and maintain module updates, it provides a worthwhile improvement to security. Debian based distributions can get the LKRG DKMS package from KickSecure's secure repository and the [KickSecure documentation](https://www.kicksecure.com/wiki/Linux_Kernel_Runtime_Guard_LKRG) has instructions.
-
-On Fedora, [fepitre](https://github.com/fepitre), a QubesOS developer has a [COPR repository](https://copr.fedorainfracloud.org/coprs/fepitre/lkrg/) where you can install it. Arch based systems can obtain the LKRG DKMS package via an [AUR package](https://aur.archlinux.org/packages/lkrg-dkms).
-
-## GRSecurity
-
-GRSecurity is a set of kernel patches that attempt to improve security of the Linux kernel. It requires [payment to access](https://grsecurity.net/purchase) the code and is worth using if you have a subscription.
-
-## Simultaneous multithreading (SMT)
-
-[SMT](https://en.wikipedia.org/wiki/Simultaneous_multithreading) has been the cause of numerous hardware vulnerabilities, and subsequent patches for those vulnerabilities often come with performance penalties that negate most of the performance gain given by SMT. If you followed the “kernel hardening” section above, some kernel parameters already disable SMT. If the option is available to you, we recommend that you disable it in your firmware as well.
-
-## Hardened memory allocator
-
-The [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) from [GrapheneOS](https://grapheneos.org) can also be used on general Linux distributions. It is available as an [AUR package](https://wiki.archlinux.org/title/Security#Hardened_malloc) on Arch based distributions, and (though not enabled by default) on Whonix and Kicksecure.
-
-If you are using Whonix, Kicksecure or the AUR package, consider setting up `LD_PRELOAD` as described in the [Kicksecure Documentation](https://www.kicksecure.com/wiki/Hardened_Malloc) or [Arch Wiki](https://wiki.archlinux.org/title/Security#Hardened_malloc).
-
-## Umask
-
-If you are not using openSUSE, consider changing the default [umask](https://en.wikipedia.org/wiki/Umask) for both regular user accounts and root to 077. Changing umask to 077 can break snapper on openSUSE and is **not** recommended.
-
-## Mount point hardening
-
-Consider adding the [following options](https://man7.org/linux/man-pages/man8/mount.8.html) `nodev`, `noexec`, and `nosuid` to [mount points](https://en.wikipedia.org/wiki/Mount_(computing)) which do not need them. Typically, these could be applied to `/boot`, `/boot/efi`, and `/var`.
-
-These flags could also be applied to `/home` and `/root` as well, however, `noexec` will prevent applications from working that require binary execution in those locations. This includes products such as Flatpak and Snap.
-
-If you use [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/), `/var/log/journal` must not have any of those options. If you are on Arch Linux, do not apply `noexec` to `/var/tmp`.
-
-## Disabling SUID
-
-SUID allows a user to execute an application as the owner of that application, which in many cases, would be the `root` user. Vulnerable SUID executables could lead to privilege escalation vulnerabilities.
-
-It is desirable to remove SUID from as many binaries as possible; however, this takes substantial effort and trial and error on the user's part, as some applications require SUID to function.
-
-Kicksecure, and by extension, Whonix has an experimental [permission hardening service](https://github.com/Kicksecure/security-misc/blob/master/lib/systemd/system/permission-hardening.service) and [application whitelist](https://github.com/Kicksecure/security-misc/tree/master/etc/permission-hardening.d) to automate SUID removal from most binaries and libraries on the system. From our testing, these work perfectly fine on a minimal Kicksecure installation and both Qubes-Whonix Workstation and Gateway.
-
-If you are using Kicksecure or Whonix, we recommend that you follow the [Kicksecure Wiki](https://www.kicksecure.com/wiki/SUID_Disabler_and_Permission_Hardener) to enable the permission hardener.
-
-Users of other distributions can adapt the permission hardener to their own system based on the source code linked above.
-
-## Secure Time Synchronization
-
-Most Linux distributions by default (especially Arch based distributions with `systemd-timesyncd`) use unencrypted NTP for time synchronization. Securing NTP can be achieved by [configuring NTS with chronyd](https://fedoramagazine.org/secure-ntp-with-nts/) or by using [swdate](https://github.com/Kicksecure/sdwdate) on Debian based distributions.
-
-## Linux Pluggable Authentication Modules (PAM)
-
-The security of [PAM](https://en.wikipedia.org/wiki/Linux_PAM) can be [hardened](https://madaidans-insecurities.github.io/guides/linux-hardening.html#pam) to allow secure authentication to your system.
-
-On Red Hat distributions you can use [`authselect`](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_authentication_and_authorization_in_rhel/configuring-user-authentication-using-authselect_configuring-authentication-and-authorization-in-rhel) to configure this e.g.:
-
-```bash
-sudo authselect select <profile_id, default: sssd> with-faillock without-nullok with-pamaccess
-```
-
-On systems where [`pam_faillock`](https://man7.org/linux/man-pages/man8/pam_tally.8.html) is not available, consider using [`pam_tally2`](https://man7.org/linux/man-pages/man8/pam_tally.8.html) instead.
-
-## USB port protection
-
-To better protect your [USB](https://en.wikipedia.org/wiki/USB) ports from attacks such as [BadUSB](https://en.wikipedia.org/wiki/BadUSB), we recommend [USBGuard](https://github.com/USBGuard/usbguard). USBGuard has [documentation](https://github.com/USBGuard/usbguard#documentation) as does the [Arch Wiki](https://wiki.archlinux.org/title/USBGuard).
-
-Another alternative option if you’re using the [linux-hardened](#linux-hardened) is the [`deny_new_usb`](https://github.com/GrapheneOS/linux-hardened/commit/96dc427ab60d28129b36362e1577b6673b0ba5c4) sysctl. See [Preventing USB Attacks with `linux-hardened`](https://blog.lizzie.io/preventing-usb-attacks-with-linux-hardened.html).
-
-## Secure Boot
-
-[Secure Boot](https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_Boot) can be used to secure the boot process by preventing the loading of [unsigned](https://en.wikipedia.org/wiki/Public-key_cryptography) [UEFI](https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface) drivers or [bootloaders](https://en.wikipedia.org/wiki/Bootloader).
-
-One of the problems with Secure Boot, particularly on Linux is, that only the [chain loader](https://en.wikipedia.org/wiki/Chain_loading#Chain_loading_in_boot_manager_programs) (shim), the [bootloader](https://en.wikipedia.org/wiki/Bootloader) (GRUB), and the [kernel](https://en.wikipedia.org/wiki/Kernel_(operating_system)) are verified and that's where verification stops. The [initramfs](https://en.wikipedia.org/wiki/Initial_ramdisk) is often left unverified, unencrypted, and open up the window for an [evil maid](https://en.wikipedia.org/wiki/Evil_maid_attack) attack. The firmware on most devices is also configured to trust Microsoft's keys for Windows and its partners, leading to a large attacks surface.
-
-To eliminate the need to trust Microsoft's keys, follow the "Using your own keys" section on the [Arch Wiki](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot). The important thing that needs to be done here is to replace the OEM's key with your own Platform Key.
-
-- If you enroll your own keys as described above, and your distribution supports Secure Boot by default, you can add your distribution's EFI Key into the list of trusted keys (db keys). It can then be enrolled into the firmware. Then, you should move all of your keys off your local storage device.
-- If you enroll your own keys as described above, and your distribution does **not** support Secure Boot out of the box (like Arch Linux), you have to leave the keys on the disk and setup automatic signing of the [kernel](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Signing_the_kernel_with_a_pacman_hook) and bootloader. If you are using Grub, you can install it with the `--no-shim-lock` option and remove the need for the chain loader.
-
-The second option is creating an [EFI Boot Stub](https://wiki.archlinux.org/title/Unified_kernel_image) that contains the [kernel](https://en.wikipedia.org/wiki/Kernel_(operating_system)), [initramfs](https://en.wikipedia.org/wiki/Initial_ramdisk), and [microcode](https://en.wikipedia.org/wiki/Microcode). This EFI stub can then be signed. If you use [dracut](https://en.wikipedia.org/wiki/Dracut_(software)) this can easily be done with the [`--uefi-stub` switch](https://man7.org/linux/man-pages/man8/dracut.8.html) or the [`uefi_stub` config](https://www.man7.org/linux/man-pages/man5/dracut.conf.5.html) option. This option also requires you to leave the keys on the disk to set up automatic signing, which weakens the security model.
-
-After setting up Secure Boot it is crucial that you set a “firmware password” (also called a “supervisor password”, “BIOS password” or “UEFI password”), otherwise an adversary can simply disable Secure Boot.
-
-These recommendations can make you a little more resistant to [evil maid](https://en.wikipedia.org/wiki/Evil_maid_attack) attacks, but they are not good as a proper verified boot process such as that found on [Android](https://source.android.com/security/verifiedboot), [ChromeOS](https://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview/#verified-boot), [macOS](https://support.apple.com/en-us/HT208198), or [Windows](https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process).
diff --git a/content/blog/posts/macos-ventura-privacy-security-updates.md b/content/blog/posts/macos-ventura-privacy-security-updates.md
deleted file mode 100644
index 4de698ab6..000000000
--- a/content/blog/posts/macos-ventura-privacy-security-updates.md
+++ /dev/null
@@ -1,94 +0,0 @@
----
-date:
-    created: 2022-10-27T19:00:00Z
-categories:
-    - News
-authors:
-    - jonah
-tags:
-    - macOS
-    - Security
-links:
-    - posts/ios-configuration-guide.md
-license: BY-SA
-description: We cover the improvements macOS Ventura will bring to Apple users when it comes to personal privacy and security.
-schema_type: NewsArticle
----
-# New Privacy and Security Features in macOS 13 Ventura
-
-macOS Ventura was released this week, and the Apple users among us may be interested in the improvements it brings to your personal privacy and security. We always recommend running the most up-to-date version of your operating system available. Updates add privacy and security improvements all the time—and macOS Ventura is no exception.<!-- more --> Some notable new additions to the macOS privacy ecosystem include:
-
-- Lockdown Mode
-- Rapid Security Responses
-- Passkeys
-
-Let's venture in and see what these updates will mean for you.
-
-## Lockdown Mode
-
-Apple's headline security feature for macOS and iOS this year was **Lockdown Mode**, a setting which allows you to enable much stricter security protections on your device. Designed for the rare few who are actively targeted by cyberattacks, Lockdown Mode still received widespread attention in the privacy and security space as an important attack surface reduction tool.
-
-Enabling Lockdown Mode can be done easily in the **System Settings** app:
-
-1. Click **Privacy & Security** in the sidebar.
-2. Scroll down to **Lockdown Mode** and click **Turn On**.
-3. Click **Turn On & Restart** to restart your device in Lockdown Mode.
-
-Lockdown Mode needs to be enabled separately on each device. Lockdown Mode [changes your device's behavior](https://support.apple.com/en-us/HT212650) significantly in a number of ways. Its worth trying for yourself to see if it impacts your everyday usage. There is little downside to enabling it as its impact to most features is relatively minor in day-to-day use.
-
-### Safari
-
-Enabling Lockdown Mode disables a number of "complex web technologies". These can impact your device's browsing performance and battery efficiency, in some cases to a significant degree. The changes to Safari include:
-
-- JavaScript's Just-in-Time (JIT) compilation features are disabled. JIT allows JavaScript code to be compiled on the fly during its execution. Disabling JIT shows performance decreases by up to 95% in some browser benchmarks, though this difference is difficult to notice in everyday browsing. Unfortunately, the added performance and complexity of JIT in JavaScript comes with a [significant security cost](https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/). An analysis [conducted](https://docs.google.com/spreadsheets/d/1FslzTx4b7sKZK4BR-DpO45JZNB1QZF9wuijK3OxBwr0/edit#gid=0) by Mozilla indicates that over half of Chrome exploits "in the wild" abused a JIT bug, so disabling JIT can roughly cut your attack surface in half.
-- [WebAssembly](https://en.wikipedia.org/wiki/WebAssembly) (WASM) support is also disabled. WASM was created to allow for high-performance applications on web pages; however, it can be used to fingerprint browsers to track people across websites and apps.
-- JPEG 2000 support is disabled. Safari is the only modern browser to [support](https://caniuse.com/jpeg2000) the JPEG 2000 image format, which makes its support an easy way to identify Safari users.
-- PDF previews are disabled. The PDF format has historically been subject to a number of exploits; this change means that PDF files will be downloaded and have to be opened in a dedicated PDF previewing app instead.
-
-Other technologies that were [disabled](https://blog.alexi.sh/posts/2022/07/lockdown-jsc/) include WebGL, MathML, Gamepad API, Web Audio API, RTCDataChannel, and SVG Fonts. Additionally, many other external web fonts are disabled, limiting websites to only the fonts pre-installed on the device. This notably breaks a lot of icons on various websites, which are often replaced by an empty square.
-
-Luckily, Lockdown Mode can be disabled on a per-site basis on Safari, so none of these issues should prevent you from enabling Lockdown Mode on your device. If you encounter a trusted website which breaks with Lockdown Mode enabled, you can easily add an exception for that website while keeping the rest of Lockdown Mode's protections intact.
-
-### Apple Services
-
-Lockdown Mode also changes the way a number of different Apple services are used on your device.
-
-- **Messages**: Most message attachments are blocked, besides certain image, video, and audio attachments. This includes most iMessage "apps" such as in-conversation games. Link previews are also disabled.
-- **FaceTime**: Incoming calls are blocked, unless you have previously called that person or contact. This is likely in response to past FaceTime bugs, such as the [exploit in 2019](https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/) which allowed an attacker to listen in on your microphone before you picked up the call.
-- **Photos**: The new Shared Albums functionality in iCloud Photos is blocked, and invitations are automatically rejected. Shared Albums do still work on any devices without Lockdown Mode enabled.
-
-In addition to these, other Apple services like **Home** will reject incoming invitations unless you have previously interacted with the sender.
-
-### Device Changes
-
-Some other device functionality is limited with Lockdown Mode enabled as well. If you have a Mac with Apple Silicon, connected devices or accessories are not allowed to connect unless your Mac is unlocked and explicit approval of the device is given. Configuration profiles can no longer be installed either, and the ability to enroll in a Mobile Device Management (MDM) system is disabled. These are enterprise management features, which are occasionally abused to control or monitor devices.
-
-## Passkeys
-
-**Passkeys** are likely to be the most impactful new feature for the everyday person's security practices. Passkeys are a cross-platform standard supported by Google, Apple, and Microsoft. Based on the FIDO2 standard, passkeys are the first real effort to replace passwords as your primary mode of authentication.
-
-Using a passkey stored on your phone is supported by most browsers in macOS, but only Safari currently allows you to use a passkey stored on your Mac. Passkeys generated on your iPhone or Mac are stored in iCloud Keychain, which is end-to-end encrypted with your phone or computer's lock screen password. In Safari, passkeys are replacing the single-device WebAuthn registration, which allowed you to use your computer as a hardware key with Touch ID.
-
-The benefits of passkeys are fairly limited at the moment, until more services support the standard for primary or multifactor authentication.
-
-## Rapid Security Responses
-
-Alongside iOS 16, Apple is introducing **Rapid Security Responses** (RSR) to macOS Ventura. RSR allows Apple to ship small security fixes on the fly much faster than before.
-
-Previously, releasing even a small security patch meant Apple had to release a huge multi-gigabyte update package. This was required to preserve the system's cryptographic integrity, following changes to how the system volume is handled in macOS Big Sur. With RSR, updates are much smaller, so patches can be downloaded much faster and applied more reliably.
-
-RSR patches are applied immediately. However, [they are tied](https://support.apple.com/guide/deployment/whats-new-dep950aed53e/1/web/1.0) to the macOS minor version they are released with, meaning you need to be on the latest available macOS update to receive them: they are not a replacement for regular updates.
-
-What [remains to be seen](https://eclecticlight.co/2022/09/22/apple-can-patch-ventura-on-the-fly-rsr-is-coming/) is which security patches will be released via RSR as opposed to standard security updates. More severe bugs, including Mach zone memory leaks and bugs which could cause kernel panics, are still likely to require a formal macOS update rather than a quick patch.
-
-## Gatekeeper Changes
-
-**Gatekeeper** is Apple's primary approach to handling malware on macOS, which has historically operated as a "scan at launch" feature for newly downloaded apps. In macOS Ventura, Gatekeeper has been updated to run signature and notarization checks upon every launch of an application, as opposed to just the first launch. This should improve its malware scanning capabilities, but could potentially [cause problems](https://eclecticlight.co/2022/09/24/why-some-apps-wont-run-in-ventura-and-how-to-fix-it/) with apps which update themselves. This practice is common with apps distributed outside the App Store, and could lead to discrepancies between the app's code signature and actual content.
-
-## A Bug with Malware Scanners and Monitoring Tools
-
-WIRED [reported](https://www.wired.com/story/apple-macos-ventura-bug-security-tools/) that a bug in the initial release of macOS Ventura cuts off third-party security products like [BlockBlock](https://objective-see.org/products/blockblock.html) from Objective-See from the access they need to perform system scans. There is a workaround to fix this access, so if you use tools like these you should manually check your security app to make sure it is working as intended. Apple should fix this problem in the next system update.
-
-## Final Thoughts
-
-If you are a Mac user, macOS Ventura brings a lot of new security and privacy features to the table. We recommend upgrading to macOS Ventura as soon as possible (I already have). We'll continue to keep an eye on how security features like these are used and improved in the future, on Apple platforms and beyond.
diff --git a/content/blog/posts/mastodon-privacy-and-security.md b/content/blog/posts/mastodon-privacy-and-security.md
deleted file mode 100644
index 70c1bca05..000000000
--- a/content/blog/posts/mastodon-privacy-and-security.md
+++ /dev/null
@@ -1,365 +0,0 @@
----
-date:
-    created: 2025-07-15T17:00:00Z
-    updated: 2025-07-22T20:00:00Z
-categories:
-    - Explainers
-authors:
-    - em
-tags:
-    - Mastodon
-description: While most social media rely on commercial models harvesting users' data, Mastodon offers an alternative that doesn't seek profits from your data and attention.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/mastodon-privacy-and-security/mastodon-cover.webp
----
-
-# Privacy and Security on Mastodon
-
-![The Mastodon name and logo over a dark purple background with a large purple padlock icon under it.](../assets/images/mastodon-privacy-and-security/mastodon-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Logo: Mastodon gGmbH</small>
-
-Mastodon is an open-source and decentralized social network that has been growing in popularity for the past few years.
-
-While most social media rely on commercial models harvesting users' data to sell to advertisers, Mastodon offers a human-centric alternative that doesn't seek profits from your data and attention. This means better social connections, better controls, and better privacy.<!-- more -->
-
-Mastodon doesn't use your data to make money. This fact alone comes with incredible benefits for data privacy and security. Because the goal isn't to collect as much information as possible on its users, Mastodon embraces data minimization and only requires providing what is truly needed to run the service for you.
-
-This article is the first of a **series of two** on Mastodon, covering a general overview of the privacy and security benefits of Mastodon. The [second article](mastodon-tutorial-privacy-and-security.md) will delve into specific settings you can adjust to improve your privacy as a Mastodon user.
-
-If you do not have a Mastodon account yet, but would like to learn more about its privacy and security practices and features before creating one, this first article will give you an overview of what they are.
-
-If you're still unsure about using Mastodon, [this excellent video](https://news.elenarossini.com/fediverse-video/) from Elena Rossini might convince you.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Mastodon the software vs the network vs the instance</p>
-
-Unless otherwise specified, the word *Mastodon* in this article will refer to the Mastodon *software,* in its default version. The Mastodon *software* is different from the Mastodon.Social original *instance* (server), and is different from the Mastodon *network*.
-
-**Mastodon software**: The software used by people on the Mastodon network, and installed by administrators to run an instance (what you see).
-
-**Mastodon network**: The network of interconnected instances using the Mastodon software (all the different Mastodon instances you interact with). The Mastodon network also connects to the larger Fediverse network.
-
-**Mastodon.Social, the instance**: The largest Mastodon server, managed and moderated by the Mastodon nonprofit organization.
-
-</div>
-
-One of the wonderful possibility Mastodon offers is to [self-host your own Mastodon instance](https://docs.joinmastodon.org/user/run-your-own/). While this is the pinnacle of control, security, and privacy for a skilled administrator, self-hosting also means more responsibilities, where more expertise and resources are required. This isn't realistically accessible to everyone.
-
-For this reason, this article will focus on the experience from the **user side**, not the administrator side.
-
-## Choosing a Mastodon instance
-
-The biggest distinction of Mastodon compared to commercial social media is its true decentralization.
-
-The Mastodon network is composed of a [multiplicity of instances](https://joinmastodon.org/servers) that connect with each other, through a protocol called [ActivityPub](https://docs.joinmastodon.org/#fediverse). This collection of connected instances, along with other connected software using the same protocol, is called [the Fediverse](https://jointhefediverse.net/).
-
-![Screenshot of the official Mastodon website from the page presenting various Mastodon instances.](../assets/images/mastodon-privacy-and-security/mastodon-choosing-instance.webp)
-
-This article will not go deep into this topic, but it's important to mention that different instances will offer different degrees of privacy and security. Choosing an instance can have an important impact on this.
-
-This is because the administration team of each instance has the responsibility to configure the software properly, to keep it updated, and to safeguard the server hosting the data. This in itself implies many security duties. It's important to consider the capabilities of the administration team to secure the instance you choose to join.
-
-Moreover, even when the security part of hosting is well managed, the administration team is also responsible for enforcing policies and moderation. The quality of moderation can have a significant impact on the safety and privacy of a community.
-
-Choosing an instance where you trust the administration and moderation team is essential to have a good and secure experience on the network. This is true for any other social media as well, even the ones that sadly don't offer any option to move your account if you aren't happy with management.
-
-To facilitate choosing an instance, the Mastodon official website keeps a list of instances that have all agreed to follow the [Mastodon Server Covenant](https://joinmastodon.org/covenant), committing to the following:
-
-- Enforcing active moderation against racism, sexism, homophobia, and transphobia
-
-- Conducting daily backup to avoid accidental data loss
-
-- Having at least one other person with emergency access to the server
-
-- Giving at least 3 months of advance notice if the server shuts down and users have to move (this isn't frequent)
-
-### Changing instance
-
-Despite these considerations, Mastodon newcomers **shouldn't feel [analysis paralysis](https://en.wikipedia.org/wiki/Analysis_paralysis) over choosing an instance**. This decision isn't permanent, and can be changed later on, once one has acquired a better sense of the platform.
-
-Indeed, Mastodon makes it easy to [move an account](mastodon-tutorial-privacy-and-security.md/#moving-to-another-instance) from one instance to another!
-
-If trust is broken by an instance administration or moderation team, users can easily decide to migrate to another one with better practices. This account portability is quite unique to the Fediverse.
-
-While account content (posts) will unfortunately not get transferred through this process on Mastodon (yet), account followers *and* follows will be moved unharmed during a Mastodon account migration.
-
-Furthermore, this process might get improved soon! There is work currently being done to implement data portability between two ActivityPub servers (even for account content) with the [LOLA protocol](https://swicg.github.io/activitypub-data-portability/lola). This could eventually allow Mastodon's account migration process to include posts migration as well.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">You can always keep a copy of your content!</p>
-
-Even if the Mastodon migration process doesn't allow for automatic posts transfer (yet), you are still able to [keep a local copy of all your content](mastodon-tutorial-privacy-and-security.md#data-access-and-backups), before moving to another instance or for backup purposes.
-
-</div>
-
-## How secure is Mastodon
-
-As explained previously, choosing an instance with a competent and trustworthy administration team is fundamental on Mastodon. Due to a plurality of instances, levels of security expertise can greatly vary from one server to another.
-
-### Server security
-
-As for any platform we use online (including commercial social media), it's important to evaluate properly the level of trust we are willing to give before subscribing to a service handling our data.
-
-In this case, it means trusting the administration team of the instance you choose to safeguard the instance's server and data properly.
-
-Additionally, like any other social media, Mastodon isn't immune to software vulnerability. When a problem arises, your server's security will depend on the responsiveness of your administrator(s).
-
-Mastodon's development team has a good track record of acting promptly to fix and transparently inform the community when a critical [vulnerability is found](https://www.theregister.com/2024/02/02/critical_vulnerability_in_mastodon_is/). However, your instance's administration team must also act quickly to implement the fix.
-
-Due to the decentralization of the Mastodon network, software patches cannot be automatically pushed to all instances at once. Administrators' reaction time may vary for each instance.
-
-### Software security
-
-Because the Mastodon software is open-source, anyone can inspect [its code](https://github.com/mastodon/mastodon). This *can* offer the benefit of getting more opportunities to spot and patch potential problems.
-
-It also allows anyone to verify privacy and security claims, which greatly improves transparency and trust. This is something that cannot be done with proprietary closed-source software like most commercial social media use.
-
-But open-source code isn't magically secure either. Experts still have to take the time to actually inspect the code for this to have any significant value.
-
-In 2023, the Mozilla Foundation funded a penetration test for Mastodon that was conducted by the German cybersecurity firm [Cure53](https://cure53.de/). Following the results, the Mastodon development team [promptly fixed](https://arstechnica.com/security/2023/07/mastodon-fixes-critical-tootroot-vulnerability-allowing-node-hijacking/) the critical vulnerabilities found, and informed instance administrators to be ready to patch the software quickly. Mastodon instances updated to the most recent software now benefit from greater security, thanks to the excellent work of Cure53 and the Mastodon development team.
-
-Additionally, anybody detecting a security vulnerability in Mastodon's code can [report it easily](https://github.com/mastodon/mastodon/security/policy) on the project's GitHub page. Known security vulnerabilities are also transparently reported to the public in the [security advisories](https://github.com/mastodon/mastodon/security/advisories) list.
-
-Since April 1st this year, the Nivenly Foundation started the Fediverse Security Fund, a [security bounty program](https://nivenly.org/docs/programs/fediverse-security-fund/) to encourage more people to contribute to securing Mastodon and other Fediverse-connected software.
-
-The experimental program will run **until September 30th, 2025**, and invites individual researchers and contributors to identify or patch vulnerabilities, rewarding them with a one-time sponsorship. If successful, the program could get extended, depending on member votes.
-
-Regarding the software itself, Mastodon [uses](https://docs.joinmastodon.org/spec/security/) public key cryptography to secure HTTP Signatures and Linked Data Signatures. From [version 4.4](https://blog.joinmastodon.org/2025/07/mastodon-4.4/), Mastodon implemented a number of [security improvements](https://blog.joinmastodon.org/2025/07/mastodon-4-4-for-devs/) to authentication and authorization mechanisms. Mastodon 4.4 now [supports](https://docs.joinmastodon.org/spec/security/#http-message-signatures) incoming HTTP requests to be signed with RFC9421-compatible signatures. Additionally, the older (less secure) OAuth password grant type has been removed, and the OAuth Client Auth with HTTP Basic Auth with SSO has been fixed.
-
-On the user side, Mastodon gives options to improve account security with the use of **multifactor authentication**, using an authenticator app or a physical security key. Already, this is better account security than what many (if not most) commercial social media platforms propose.
-
-In addition, Mastodon users can see within their account lists of all sessions open, the authentication history, and all third-party software authorized to access the account. Users can quickly revoke access to any unauthorized or unused sessions or app, as necessary.
-
-### Data security
-
-Finally, because Mastodon only requires **minimal information** to create an account, less personal data risks getting exposed, in the unfortunate eventuality of a data breach. For example, no phone number, legal name, or official ID is required. This is excellent for both privacy and security.
-
-Even if Mastodon has a much smaller security team than larger commercial platforms, its decentralization, transparency, and data minimization gives it significant advantages over for-profit social media.
-
-Users' private data is protected reasonably well at the software level, but again, this protection also relies on the server security for each specific instance.
-
-While security and privacy are related concepts that can enhance each other, they differ in many points. A piece of software could be very secure, yet collect and use a lot of private data, regardless of the user's consent or knowledge. Inversely, a seemingly privacy-respectful software could be collecting very little user data, yet not securing it properly.
-
-Both privacy and security are important to consider for users, and both must be examined when evaluating software.
-
-## How private is Mastodon
-
-When using social media, there are always two sides to data privacy: The data collected by the service, and the data exposed by the user posting content.
-
-### Data collected by the service
-
-On Mastodon, the platform collects only minimal information from the user. Besides the content you decide to share for your profile and posts, the software only requires an *email address,* a *username,* and a *password* to sign up.
-
-Starting from version 4.4, some instances might also collect a *date of birth,* if the instance implements a minimum age policy. This date of birth is only used to validate age requirements and isn't stored anywhere, but it is [checked](https://blog.joinmastodon.org/2025/07/mastodon-4-4-for-devs/) against the minimum age condition server-side.
-
-Additionally, Mastodon will collect your *IP address(es)*, *applications* used, and the *times* you logged in. This is necessary to provide the service to you. You can increase your account privacy by registering with an [alias email address](https://www.privacyguides.org/en/email-aliasing) (if allowed by your instance), and logging in through a [trustworthy VPN](https://www.privacyguides.org/en/vpn/).
-
-It's worth mentioning that Mastodon.Social, the instance administrated by the Mastodon organization, recently added to their terms of service an additional clause to [explicitly prohibit scraping](https://techcrunch.com/2025/06/17/mastodon-updates-its-terms-to-prohibit-ai-model-training/) users' data for unauthorized purposes, such as to train AI models. Many other instances might soon add similar clauses (or already have them).
-
-While this provides little technical protections, it does provide some interesting *legal* protections. These are protections most commercial social media do not offer, as many already exploit users' content to train their own AI models or sell it to third-parties for this purpose.
-
-This new Mastodon.Social policy is well aligned with the more human-centric values of the Fediverse.
-
-<div class="admonition abstract" markdown>
-<p class="admonition-title">Summary of data collected by Mastodon</p>
-
-- Email address
-- Username
-- Password
-- IP addresses (temporarily stored, may vary per instance)
-- Browser and application types (temporarily stored, may vary per instance)
-- Login history (temporarily stored, may vary per instance)
-- Date of birth (not stored, may vary per instance)
-- Optional: The data you decide to share with the service (profile information, posts, post timestamps, uploaded media, favorites, boosts, followers, follows, bookmarks, lists, blocks, mutes, personal notes)
-
-</div>
-
-### Data you post on the service
-
-Regarding the content of your profile and posts (including private mentions), no matter how much you restrict access to your account, you should always consider that this content *can* technically be accessed by the administration and moderation team of your instance.
-
-Concerning people outside your instance's administration team, the privacy of the data you upload yourself will greatly vary depending on how you use and configure your account.
-
-We have a [dedicated tutorial](./mastodon-tutorial-privacy-and-security.md) in this Mastodon article series which provides information on how to adjust your account's configuration for better privacy in more detail.
-
-### Who can access your private data
-
-As described above, the administration team of your instance *can* always technically access *any* data related to your account, regardless of if you make it public or private. This is true for most commercial platforms as well.
-
-That being said, administration teams are generally much smaller on the Mastodon network, so this might not represent a lot of people. It could even mean only *one* administrator.
-
-This has both benefits and downsides: The benefit is that fewer people have access to your private account data. The downsides are that, due to limited resources, this data *could* get less protection. That said, large commercial platforms aren't immune to data breaches either, despite all the resources they could use in prevention.
-
-### Account configuration
-
-Outside access from the administration team, content privacy will vary per account, depending on configuration. Similarly to any other social media platforms.
-
-Some people might prefer to share openly with everyone, even with people who do not have a Mastodon account. While others might prefer to lock their account entirely, and reduce content visibility to their approved followers only. Both types of usage are possible on Mastodon.
-
-Additionally, Mastodon offers much better controls over your data. You can set up automated post deletion with specific thresholds, adjust post visibility for each post, adjust searchability and discoverability to your preferences, and allow or restrict the upcoming quote posts feature.
-
-All these features are fantastic for data privacy, and often absent from commercial platforms.
-
-### Users tracking and profiling
-
-Most important of all, because Mastodon has no interest in monetizing your data, there is **no tracking, no advertising, and no "Mastodon-AI" profiling you** and scanning all your posts. Mastodon doesn't collect any data from you for a reason other than providing the service *to you*.
-
-This is completely antithesis to commercial social media. And this alone makes Mastodon fundamentally **much more private than any other big tech platforms**.
-
-## Privacy benefits of Mastodon
-
-Each Mastodon instance will have a different privacy policy that you should consult before creating an account, like for any other platforms. But unless the software was modified, data collection should be similar to what is described here, and remain minimal for the majority of connected instances.
-
-Here's a summary of some benefits Mastodon can offer for your data privacy:
-
-### Data minimization
-
-Mastodon only collects what's necessary. The information required to create an account is minimal. There are no "real-name" policy and no phone number required. Only the data absolutely necessary to provide the service to you is required.
-
-### Adjustable visibility
-
-While profile information will be visible publicly, post visibility can be adjusted to your preference for each post. The list of who follows you and who you follow can be visible or hidden. Account searchability, discoverability, and quote posts from unmentioned users can all be disabled.
-
-### Your data is yours
-
-On Mastodon, you have full control over accessing and deleting your data. You don't need any third-party software to get your post deleted, and you don't need to wait after a company's customer service to download your data. Those controls are accessible to any user from their own account.
-
-### No data monetization
-
-The Mastodon software is developed and maintained by a nonprofit organization, the German [Mastodon gGmbH](https://joinmastodon.org/about). This software is free and accessible to anyone. There is no incentive to generate profit from your data on Mastodon. This is an *immense* privacy advantage over *any* commercial social platforms. There is nothing tracking you around or building an advertising profile on you. Your data is not for sale.
-
-### Transparency and mobility
-
-Because the Mastodon code is open-source, anyone can inspect it. This helps quickly verifying claims, proposing new features, and allowing other developers to create their own application for Mastodon.
-
-With Mastodon, you are not stuck with only one app. If you don't like the official app, just use [another one](https://joinmastodon.org/apps)! Moreover, you can even move your account from one instance to another. This means you don't have to trust your administration team forever. **You can choose who you trust, and your trust (and consent) is revocable, as it should.**
-
-### Respects your privacy protections
-
-So many services and websites have adopted a hostile stance towards people using privacy protections such as a VPN server, a privacy-focused browser, or running their phone in [Lockdown Mode](https://support.apple.com/en-us/105120). But with Mastodon, you are free to use all the protections you love. **Mastodon isn't hostile to your privacy.**
-
-## What to stay careful about
-
-While the privacy benefits of Mastodon are numerous, there are also a few things to keep in mind when using the platform:
-
-### Direct messages (private mentions)
-
-Direct messages on Mastodon are better described at private mentions. Private mentions are like any other posts (and will sometimes show up in your feed! Don't panic!), but they will only be visible to the people you *mentioned* in it.
-
-However, do **not** type the handle of someone to talk "in private" about them with someone else, because this *mentioned* person *will* also get included in this thread!
-
-Additionally, private mentions on Mastodon, like private messages on other commercial social media, aren't end-to-end encrypted. The Mastodon interface shows this clearly:
-
-![Screenshot of the Mastodon interface showing a warning presented when selecting private mention visibility for a post. The message says: "Posts on Mastodon are not end-to-end encrypted. Do not share any sensitive information over Mastodon. Learn more"](../assets/images/mastodon-privacy-and-security/mastodon-private-mention-encryption.webp){width="400"}
-
-This means that all your private mention posts *could* be accessed by the administration and moderation team of your instance. **Never share any sensitive information using private mentions.** The same advice is applicable to any other social media.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">End-to-end encryption could be coming soon!</p>
-
-That being said, this could change soon! The ActivityPub team is currently [working on integrating end-to-end encryption](https://socialwebfoundation.org/program-protocol-e2ee/) for the protocol. This would be nothing less than revolutionary for platforms using ActivityPub, like Mastodon.
-
-It's difficult to estimate when this feature could be available to Mastodon users however, because implementing end-to-end encryption properly isn't a simple task. Even once the integration is completed for the ActivityPub protocol, it might take some time before the Mastodon development team implements it for the software as well.
-
-Nevertheless, Fediverse users can dare to hope this feature may be available relatively soon, perhaps in the next year or two.
-
-</div>
-
-### The open web is open to all
-
-On Mastodon, you don't need an account to see people's profile page and public (or quiet-public) posts.
-
-This is an **immense benefit for organizations**, to share information with the public without restricting access like on commercial platforms. However, this can also mean more account visibility than some individual users may prefer.
-
-It's important to stay aware that your account *could* be seen by anyone on the internet visiting your Mastodon account's public page. Your account's public page address is your instance's website address followed by your account's username, in the following format:
-
-```html
-https://YOUR_INSTANCE_ADDRESS/@YOUR_USERNAME
-```
-
-For example, for the Privacy Guides Mastodon account hosted on the mastodon.neat.computer Mastodon instance, this account's public page address looks like this:
-
-```html {.copy}
-https://mastodon.neat.computer/@privacyguides
-```
-
-Whether you lock your account (approve followers and use followers-only posts) or not, your display name, biography, profile and header pictures, followers and follows counts, date joining the instance, and extra fields will always be visible to anyone from your account's public page.
-
-Your public posts can even be accessed via [RSS feed](https://fedi.tips/following-mastodon-and-fediverse-accounts-through-rss/) on Mastodon. To limit this, you can adjust the settings to restrict the visibility of your posts.
-
-### Connection with commercial social media
-
-Some Mastodon instances [connect](https://www.howtogeek.com/threads-now-connects-to-mastodon-and-other-fediverse-platforms/) with larger commercial social media like Threads (from Meta), and Bluesky ([through a bridge](https://techcrunch.com/2024/06/05/bluesky-and-mastodon-users-can-now-talk-to-each-other-with-bridgy-fed/)).
-
-The Fediverse community is quite [divided](https://wedistribute.org/2024/03/block-threads-to-remain-listed/) on this topic. Some people argue that more connectivity is good, while others want to stay away from commercial platforms entirely, partly due to their questionable data privacy, ethics, and [moderation practices](https://www.wired.com/story/meta-immigration-gender-policies-change/).
-
-If this is important to you, you can check your instance's policies to see if it allows connections with these commercial social media. If it does, and you do not want this, you can block specific instances at the account level. This isn't a complete protection for your data, but it does reduce visibility from and to these platforms.
-
-If this isn't enough for you, you can migrate your account to an [instance blocking Threads](https://fedipact.veganism.social/) (or other servers) at the administrator level. This offers stronger protections.
-
-### Connection with other instances
-
-It's important to remember that on Mastodon, there isn't only one centralized entity that receives your data.
-
-For example, if you send a private mention post to someone on a different instance than yours, this person's instance administration team will now have access to your message as well, and your data *for this post* will also be stored on that instance.
-
-This is very similar to how emails work. If you are a Tuta or Proton email user, and you send a message to someone using Gmail, now Google will also have a stored copy of your message.
-
-### Decision paralysis trusting an instance
-
-Finally, probably the biggest block people hit when starting to use Mastodon is *which instance to trust*.
-
-Sadly, this simple decision has discouraged many potential users. Yet, having to choose an instance is indeed a feature and not a bug.
-
-Because yes, this choice does burden you to pick who you trust, but **it also empowers you** to be able to *revoke* this trust at any time. No commercial social media gives you the option to stop trusting Mark Zuckerberg and move to another Facebook server that matches better your values, for example.
-
-Be careful who you trust of course, but don't get paralyzed by this choice. Even if this might feel intimidating at first, this fear of choosing isn't worth staying with possibly even less trustworthy big tech administrators.
-
-## Mastodon keeps getting better
-
-This article only presents an overview of Mastodon's features, and focuses on the features related to privacy and security. But Mastodon is so much more. It's a social platform that truly respects its community.
-
-Mastodon is genuinely mindful of its users' experiences. In comparison, commercial social media are far behind in terms of customization and respect for their users.
-
-**On Mastodon, you are not a product, you are a *person*.**
-
-Moreover, the software and community keeps growing and getting even better every year. For the next Mastodon update planned later this year, we can expect Quote Posts to be fully implemented, while respecting users' consent to have their posts quoted or not.
-
-Perhaps next year we can hope for improvement of the migration process, allowing users to also transfer their content to a new instance, thanks to the LOLA protocol. Then, we can dream of fully private direct messaging down the road, with the integration of end-to-end encryption.
-
-Once again, all these features will put Mastodon and other Fediverse software well above any commercial platforms. Keep an eye on the [Mastodon roadmap for more](https://joinmastodon.org/roadmap)!
-
-Mastodon isn't there to exploit your data and sell it to advertisers. There is no incentive to monetize you. On Mastodon, **you are a person who is part of a community**. This makes all the difference to respect your privacy rights 💛
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What next?</p>
-
-To continue learning about Mastodon's privacy and security features, consult the [second article](mastodon-tutorial-privacy-and-security.md) of this series, a step-by-step guide to improving your privacy and security as a Mastodon user.
-
-</div>
-
-## Consider supporting Mastodon
-
-Mastodon doesn't sell your data, but it still needs money to survive and thrive. Mastodon is supported by its community!
-
-If you enjoy the platform and can contribute, consider supporting the project by:
-
-- [Donating to support Mastodon's development and operations](https://joinmastodon.org/sponsors)
-
-- Donating to your Mastodon instance (ask your administrator)
-
-- [Buying cute merch from the Mastodon organization](https://shop.joinmastodon.org/)
-
-- [Contributing to the Mastodon project on GitHub](https://github.com/mastodon/.github/blob/main/CONTRIBUTING.md)
-
-- [Starting your own Mastodon instance](https://docs.joinmastodon.org/user/run-your-own/)
-
-- [Talking to your friends and family about joining the Fediverse!](https://jointhefediverse.net/join)
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
-
----
-
-**Update (2025-07-22):** This article was updated to move the tutorial portion to a [separate article](mastodon-tutorial-privacy-and-security.md), to segment the information better for readers.
diff --git a/content/blog/posts/mastodon-tutorial-privacy-and-security.md b/content/blog/posts/mastodon-tutorial-privacy-and-security.md
deleted file mode 100644
index d93151542..000000000
--- a/content/blog/posts/mastodon-tutorial-privacy-and-security.md
+++ /dev/null
@@ -1,631 +0,0 @@
----
-date:
-    created: 2025-07-22T20:00:00Z
-categories:
-    - Tutorials
-authors:
-    - em
-tags:
-    - Mastodon
-description: This article is a tutorial on how to improve your Mastodon account's security, and how to adjust the different privacy features to your preferences.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/mastodon-tutorial-privacy-and-security/mastodon-tutorial-cover.webp
----
-
-# How To Improve Your Privacy and Security on Mastodon
-
-![Illustration of a mastodon mascot pointing at a padlock icon in a cheerful way. Above is the Mastodon logo over a purple background.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-tutorial-cover.webp)
-<small aria-hidden="true">Montage: Em / Privacy Guides | Illustration: @dopatwo@mastodon.social (1)</small>
-{ .annotate }
-
-1. Mastodon mascot by [@dopatwo@mastodon.social](https://mastodon.social/@dopatwo) and Mastodon logo used with permission from Mastodon gGmbH. This site is not otherwise affiliated with Mastodon gGmbH.
-
-Increasingly, more and more people have joined Mastodon in recent years. The advantages provided by a decentralized network and using open-source software maintained by a nonprofit organization are undeniable. Mastodon offers much more robust protections for your privacy than commercial social media platforms do. This tutorial will show you how to make the most of it.<!-- more -->
-
-This tutorial is the second of a **series of two** articles on Mastodon. If you would like to read a general overview about privacy and security on Mastodon, start with reading the [first article](mastodon-privacy-and-security.md) of this series.
-
-This second article will guide you on how to improve your Mastodon account's security, and how to adjust the different privacy features to your preferences. This isn't an onboarding guide to start using Mastodon, but if that's what you seek, you can first take a look at this [short guide](https://docpop.org/2025/02/how-to-get-started-with-mastodon/) from Doc Pop.
-
-Additionally, while self-hosting a Mastodon account offers the most freedom and control over your data, it also requires much more expertise and resources, which isn't realistically accessible to everyone. For this reason, this tutorial will focus on the experience from the **user side**, and not from the administrator side.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">Who is this tutorial for?</p>
-
-- You already have an account on Mastodon
-
-- You are *not* familiar with all the Mastodon settings yet
-
-- You are *not* self-hosting your instance
-
-</div>
-
-Although many variations and versions of the Mastodon software are in use on the Fediverse, for the sake of simplification and universality, this tutorial will focus on its most recently released version (4.4).
-
-If your instance software version is different, you will likely still be able to follow this tutorial, but might notice some variations.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">What software version is your instance running?</p>
-
-To check which version your instance (server) is currently running, from the web interface on desktop, check the information in the lower-left corner of your instance website (e.g. [https://mastodon.social/](https://mastodon.social/)). The very last line should list something similar to `v4.4.1`. This is your instance's Mastodon version number.
-
-</div>
-
-This tutorial was created from the desktop web interface (desktop browser). Experiences and setting accesses may vary greatly from a mobile app. It is recommended to **follow along from the desktop web interface** as well.
-
-Screenshots for the tutorial were mostly taken from an account on the Mastodon.Social instance (server), but you will be able to follow this tutorial even if your account is on a different instance.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Mastodon the software vs the network vs the instance</p>
-
-The Mastodon *software* is different from the Mastodon.Social original *instance* (server), and is different from the Mastodon *network*.
-
-**Mastodon software**: The software used by people on the Mastodon network, and installed by administrators to run an instance (what you see).
-
-**Mastodon network**: The network of interconnected instances using the Mastodon software (all the different Mastodon instances you interact with). The Mastodon network also connects to the larger Fediverse network.
-
-**Mastodon.Social, the instance**: The largest Mastodon server, managed and moderated by the Mastodon nonprofit organization.
-
-</div>
-
-## Improving account security
-
-Using a [unique email address](https://www.privacyguides.org/en/email-aliasing/) and a unique and [strong password](https://www.privacyguides.org/en/basics/passwords-overview/) are the starting points for good account security, and this is no different for Mastodon accounts.
-
-Additionally, you should enable multifactor authentication for your account as soon as you can. This is one of the most important step you can take to increase your account's security, and its protections against account takeover attacks.
-
-### Two-factor authentication
-
-For this, go to "Preferences" (in the right-side menu) > "Account" > "Two-factor Auth", then click on the purple "Set up" button at the bottom.
-
-![Screenshot of the Mastodon web interface showing the Two-factor Auth page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-setup.webp)
-
-#### Authenticator app
-
-Confirm your password when prompted. Then scan the QR code with your [authenticator app](https://www.privacyguides.org/en/multi-factor-authentication/), or enter manually the plain-text secret on the right of the QR code. Confirm with entering the two-factor code from your authenticator app, then click "Enable" at the bottom.
-
-![Screenshot of the Mastodon web interface showing the Two-factor Auth page in Preferences. This shows a QR code to scan or a plain-text secret to register a code for an authenticator app.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-qrcode.webp)
-
-**Carefully note the recovery codes** provided. You will need to use them if you lose access to your authenticator, for example if you were to lose your phone.
-
-If you need to change your authenticator app later, you can go back to this menu and select "Edit" on the right of "Authenticator app". You can also return to this menu to generate new recovery codes, if you have lost your older ones or if they were compromised. Generating new recovery codes will invalidate your previous ones.
-
-![Screenshot of the Mastodon web interface showing the Two-factor Auth page in Preferences. The page displays a confirmation message that authentication is enabled, and options to "Edit", "Add", or "Disable 2FA" methods.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-enabled.webp)
-
-#### Security key
-
-Once you have enabled two-factor authentication with an authenticator app, you will see the option to add a [security key](https://www.privacyguides.org/en/security-keys/) as well. You can add one if you want to register multiple second factors of authentication for your account.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Browser compatibility</p>
-
-Some browsers will not support security key authentication. For example, the Mullvad Browser doesn't support it.
-
-</div>
-
-To add a security key, click on "Add" on the right of the listing. Insert your security key, choose a "Nickname" for it, then click on the "Add new security key" purple button.
-
-![Screenshot of the Mastodon web interface showing the Security keys page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey.webp)
-
-On macOS, you might be prompted with an option to "Choose how to manage your passkeys". If you get this pop-up, click on "Other Options" at the bottom.
-
-![Screenshot of the Mastodon web interface showing the Security keys page with a macOS pop-up window over it. The pop-up gives options to "Choose how to manage your passkeys".](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-mac-popup.webp)
-
-On the second pop-up, select "Security key" then "Continue". When prompted with "Set Up Security Key", activate your security key (for some keys, this means touching the metal part of it). This step may differ depending on your operating system type and version.
-
-Once completed, you should see a confirmation that "Your security key was successfully added" on the page.
-
-![Screenshot of the Mastodon web interface showing the Two-factor Auth page in Preferences. The page displays a confirmation message and options to "Edit" both two-factor methods.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-added.webp)
-
-From now, each time you log in your Mastodon account, you will be prompted to select one of your authentication methods after entering your email address and password:
-
-**To log in using your security key**, click on the "Use security key" purple button when prompted by your browser. Your operating system might present you with a pop-up to choose again between your authenticator app or your security key. On macOS, select "Security key", click "Continue", then insert and activate your key. There may be variations depending on your operating system, but it should be similar to this.
-
-**To log in using your authenticator app**, click on the "Enter a two-factor code from your phone or a recovery code" link at the bottom, then enter the code from your authenticator app when prompted by your browser (or recovery code if you've lost your authenticator).
-
-If you try to sign in from a browser that doesn't support security keys after enabling it (or if you lost access to your security key), you can still log in your account using your authenticator app as described above.
-
-![Screenshot of the Mastodon web interface showing the login page for the second factor of authentication. The page gives the option to "Use security key" or "Enter a two-factor code from your phone or a recovery code".](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-multifactor-securitykey-prompted.webp)
-
-Keep in mind that adding *more* methods of authentication to your account *doesn't* make it more secure, it's the opposite.
-
-If you register both an authenticator app *and* a security key, this means anyone who can access *either* your authenticator app *or* your security key could log into your account (if they already have your password). Different second factors aren't added together here, they simply provide more options to *access* your account.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">When enabling multifactor authentication with any account</p>
-
-Be careful to choose a method you will have access to easily each time you log in. In addition, make sure to note the recovery codes provided *very carefully* and store them in a secure location (ideally offline). Keep in mind these codes will allow you to recover your account, but could also allow *anyone* to bypass your multifactor authentication.
-
-</div>
-
-### Account accesses
-
-In "Preferences" > "Account" > "Authorized apps", you can see which applications have access to your account.
-
-There, you will see every application you have granted access to. If you no longer use a mobile app or a service listed there, you should revoke access.
-
-If you do not recognize a listed service, you can ask your instance administrator to know if this is a legitimate application (some administrators might connect legitimate services to your account you may not recognize, such as Matrix).
-
-![Screenshot of the Mastodon web interface showing the "Your authorized applications" page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-authorized-apps.webp)
-
-### Sessions and login history
-
-Additionally, in "Preferences" > "Account" > "Account settings", in the "Sessions" section, you will find a list of authorized browser sessions. Again, you can revoke access to any sessions you no longer use, or do not recognize.
-
-![Screenshot of the Mastodon web interface showing the Account settings page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-sessions-list.webp)
-
-Just above this sessions list, you will see a link labeled "View authentication history of your account". Click on it to see a list of past logins, including applications used and IP addresses.
-
-If you see a login that isn't legitimate, you should *immediately* revoke accesses you aren't using, and consider changing your password.
-
-![Screenshot of the Mastodon web interface showing the Authentication history page from clicking on the "View authentication history of your account" link on the previous Account settings page.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-accesses-login-history.webp)
-
-## Adjusting privacy vs discovery
-
-When using social media, there's usually a sliding scale between privacy and discoverability.
-
-You might decide to enable the most restrictions on your account's visibility (more privacy), make it as public as possible (more reach), or anything in between.
-
-**Only you can decide what is best for your unique situation and usage.**
-
-On Mastodon, you have many options to adjust this to your preferences and needs. In "Preferences" > "Public profile", select the "Privacy and reach" tab at the top.
-
-![Screenshot of the Mastodon web interface showing the Public profile page in Preferences, from the "Privacy and reach" tab.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-reach.webp)
-
-### Reach
-
-- The option "Feature profile and posts in discovery algorithms" allows more people to find your account and public posts (default is unchecked). **Leave it *unchecked* for more privacy.**
-
-- The option "Automatically accept new followers" allows anyone to be able to follow you (default is checked). Approving each follower can increase the privacy of your follower-only posts. **If you prefer to approve each new follower (locking your account), then *uncheck* this option.**
-
-### Search
-
-- The option "Include public posts in search results" allows people to be able to find your public posts when searching for keywords in Mastodon (default is unchecked). **Leave it *unchecked* for more privacy.**
-
-- The option "Include profile page in search engines" allows your Mastodon profile to potentially appear in search engine results, like Google and Bing (default is checked). ***Uncheck* this option to increase your account's privacy.**
-
-### Privacy
-
-- The option "Show follows and followers on profile" allows anyone to be able to see who you follow and who follows you (default is checked). If you prefer to hide this from the public, ***uncheck* this option for more privacy.**
-
-- The option "Display from which app you sent a post" will display publicly which application you are posting from for each post (default is checked). If you prefer to not show which app(s) you are using, ***uncheck* this option for more privacy.**
-
-Once you have adjusted the account options to your preferences, click on "Save changes" at the bottom to confirm your choices.
-
-![Screenshot of the Mastodon web interface showing the Public profile page in Preferences, from the "Privacy and reach" tab. The page is scrolled down to the "Save changes" button at the very bottom of the six unchecked options.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-account-privacy-options.webp)
-
-## Selecting post visibility and access
-
-In addition to your account's privacy preferences, you can also adjust visibility for each post. This is very handy to allow you to pick in a more granular way which information you wish to share more or less openly.
-
-On Mastodon, you can choose between 4 types of visibility for each post: Public, Quiet public, Followers, and Private mention.
-
-![Screenshot of the Mastodon web interface showing the post composition window. The image shows the drop-menu from the "Change post privacy" button, with four different post visibility options.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-visibility-types.webp){width="400"}
-
-### Public post
-
-This post is visible to anyone, whether they follow you or not. This post will also be visible from your account's public page, to people who do not necessarily have a Mastodon account.
-
-For example, if you log *out* of your account, then go to `https://YOUR_INSTANCE_ADDRESS/@YOUR_USERNAME`, you will see what someone outside of Mastodon could see from your public page.
-
-![Screenshot of a Mastodon account's public page from a browser. A yellow arrow points at the account's URL, and three red arrows point at information visible to the public such as a public post, a quiet-public post, and the fact that this account is locked.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-account-page.webp)
-<small aria-hidden="true">Note: Please do not follow this account. This account is for research purposes only, and is not an official Privacy Guides account.</small>
-
-### Quiet public post
-
-This post is visible to anyone, and is also visible from your account's public page (like a Public post). However, it will not be featured in the "Trending" or "Live feeds" timelines. Additionally, it will not be searchable. This reduces its public exposure slightly, and is sometimes recommended for replies.
-
-### Followers post
-
-This post is only visible to your followers. If you enabled the option to approve each follower, then only people you have approved will see this post. Followers-only posts cannot be boosted (re-posted) by others, and will *not* appear on your account's public page.
-
-Your Followers-only posts will have significantly less reach, and potentially less engagement, but will be much more private.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Followers-only post and approving followers</p>
-
-An important thing to keep in mind when selecting a post's visibility is who your followers are (or could be).
-
-If you select Followers-only, but anyone could follow you, this restriction will block boosts for this post, and remove visibility from your account's public page, but anyone who decided to follow you can see it.
-
-However, if you *also* enable restrictions on who can follow you, you will have more control over the visibility of your Followers-only posts, by pre-approving who can follow you and see these posts.
-
-</div>
-
-### Private mention post
-
-This post is only visible to the people mentioned in it. This works like a "Direct message" feature, except that anyone mentioned will be included.
-
-Be careful not to write the handle of someone you do not want included in this conversation! Because this *will* include them.
-
-Additionally, always keep in mind that the administration and moderation team of your instance *could* see all your posts, including your Private mention posts (like it is the case for any other social media). Never share sensitive information in Private mention posts!
-
-![Screenshot of the Mastodon web interface showing the post composition window for a Private mention post. There is a warning message above saying that "Posts on Mastodon are not end-to-end encrypted. Do not share any sensitive information over Mastodon. Learn more".](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-private-mention.webp){width="400"}
-
-<div class="admonition info" markdown>
-<p class="admonition-title">End-to-end encryption for private mentions</p>
-
-There is currently work being done to [integrate end-to-end encryption](https://socialwebfoundation.org/program-protocol-e2ee/) to the ActivityPub protocol, potentially making end-to-end encrypted private mention on Mastodon possible one day.
-
-Implementing end-to-end encryption properly is no small task, and understandably it could take some time for this to be ready for Mastodon users.
-
-However, it would make your private mentions truly private, being accessible only to its intended sender(s) and recipient(s). This could be groundbreaking for the Fediverse, and for your privacy!
-
-</div>
-
-### Default post visibility
-
-Even if you can adjust visibility for each post, you may also want to adjust your account's *default* post visibility.
-
-For example, this can help by preventing accidentally sharing something publicly if posting to followers only is preferred, especially if your account is locked for more privacy.
-
-To adjust the default post visibility, go to "Preferences" > "Preferences" > "Other". In the "Posting privacy" section, select your preference in the "Posting privacy" drop-menu for either "Public - Everyone can see", "Unlisted - Everyone can see, but not listed on public timelines", or "Followers-only - Only show to followers".
-
-Confirm your choice by clicking on "Save changes" on the upper-right.
-
-![Screenshot of the Mastodon web interface showing the "Preferences" page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-default.webp)
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Hide posted media (slighly)</p>
-
-Additionally, you might want to check the "Always mark media as sensitive" option from the same section. This will label the media as "Sensitive content", and require others to click on it to view the image. This will **not stop anyone from clicking to view it**, including people without a Mastodon account from your account's public page, but it might *slightly* reduce the visibility for certain media.
-
-Depending on the content, your instance may have some rules requiring to hide certain type of content. Make sure to consult your instance's Server rules about this.
-
-</div>
-
-### Quote posts
-
-Mastodon version 4.4 is already preparing for the implementation of a new [Quote Posts feature](https://blog.joinmastodon.org/2025/02/bringing-quote-posts-to-mastodon/) coming up in Mastodon 4.5. Quote posts have been long requested and debated on Mastodon.
-
-Mastodon didn't lack quote posts accidentally, it was a deliberate choice from the development team to [reduce potential abuse](https://techcrunch.com/2025/07/08/mastodons-latest-update-readies-the-app-for-quote-posts-revamps-design/). This is why the team has been very careful, taking the time to implement this new feature properly, and giving options for Mastodon users to opt out.
-
-Again, this shows how Mastodon differs from commercial social media, by prioritizing users' safety and control over monetizing attention.
-
-To give control to the users, important options have been planned out:
-
-1. People will be able to choose if they want their post to be quoted or not
-2. People will be notified when their post is quoted
-3. People will be able to **withdraw their post from being quoted** at any time
-
-These options greatly reduce the potential for abuse when quoting posts, a behavior we have sadly all witnessed on commercial social media with a culture of dunking on others.
-
-From Mastodon version 4.4, you can already decide which permission you want to allow for your posts to be quoted. This is only in preparation for the feature for now, the final implementation should be available in the [next software update](https://blog.joinmastodon.org/2025/07/mastodon-4-4-for-devs/).
-
-To adjust this in preparation, go to "Preferences" > "Preferences" > "Other". From the "Posting defaults" section, find the drop-menu labeled "Who can quote", and select either "Everyone", "Followers and mentioned users", or "Only mentioned users".
-
-Confirm your choice by clicking on "Save changes" on the upper-right.
-
-![Screenshot of the Mastodon web interface showing the "Preferences" page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-posts-quote-posts.webp)
-
-## Verifying yourself and others
-
-The account verification process on Mastodon is excellent. Not only is it free, but it doesn't require you to provide any official ID or other intrusive documentation to proof your identity. It is a privacy-respectful verification feature.
-
-The way it functions is very simple: Verification works by providing a *proof of control* over a website, or a web page.
-
-For example, if you are the official Mastodon account for the privacyguides.org website, you can easily add a simple invisible link to this website to confirm that this Mastodon account is official. Once the verification process is completed, the Mastodon account profile page will display a **verified link in green with a checkmark**, confirming this account is authorized by the owner of this website (or web page).
-
-From a profile page, it looks like this:
-
-![Screenshot of the Privacy Guides Mastodon account's public page. The profile page shows multiple verified links in green with a checkmark on the left, including the official Privacy Guides website, forum, articles, videos, and donation pages.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-links.webp)
-
-All the links displayed in green with a checkmark have been verified from the listed websites.
-
-This is **a feature very important to use for organizations**. It confirms to readers and followers this Mastodon account is authorized and truly belongs to the organization. It's also important for any individuals, writers, and journalists who want to confirm their identity to the public.
-
-Looking for these verified links, other Mastodon users can validate if an account is legitimate, increasing trust and security.
-
-### Account verification
-
-If you would like to verify your own account, here's how you can do it yourself.
-
-It's easy, and it's free!
-
-Go to "Preferences" > "Public profile", then select the "Verification" tab at the top. From there, follow the instructions to copy the link to the web page you want to use to verify your account.
-
-![Screenshot of the Mastodon web interface showing the Public profile page in Preferences, from the "Verification" tab. The page shows a link to copy containing the account's address, and a confirmation of links already verified.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-link-setup.webp)
-
-If you prefer not to add a Mastodon link to your web page, you can simply add this HTML line in the web page's head section (replacing `https://YOUR_INSTANCE_ADDRESS/@YOUR_USERNAME` with the link to your own Mastodon account):
-
-```html
-<link href="https://YOUR_INSTANCE_ADDRESS/@YOUR_USERNAME" rel="me">
-```
-
-### Author attribution for journalists and writers
-
-In addition to the verification process available to everyone, Mastodon recently [added](https://blog.joinmastodon.org/2024/07/highlighting-journalism-on-mastodon/) a feature specifically for writers and journalists!
-
-Since last year, journalists and bloggers alike can link their articles to their Mastodon account. This validates their identity, while also increasing their Mastodon account's discoverability from article links. This is fantastic feature!
-
-Popular websites like TechCrunch, ProPublica, and of course Privacy Guides have already adopted it! You might have noticed this feature previously, for example if you found this article from a Mastodon post.
-
-To add author attributions to your articles, scroll down the same page and simply add the provided link to each of your article's HTML page, then lists the website(s) allowed to credit you below:
-
-```html
-<meta property="fediverse:creator" content="@YOUR_USERNAME@YOUR_INSTANCE_ADDRESS">
-```
-
-![Screenshot of the Mastodon web interface showing the Public profile page in Preferences, from the "Verification" tab. The page is scrolled down to the very bottom, showing the option and instructions to add Author attribution to articles.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-verification-author-setup.webp)
-
-## Deleting and accessing your data
-
-Data deletion is a fundamental part of data privacy, and a protected right under many privacy laws.
-
-Mastodon makes data deletion effortless. You will never have to battle the insufferable BigTech™️ customer service to request your data to be deleted on Mastodon. You can control most of it just by yourself.
-
-### Automated post deletion
-
-First, you can easily set up automatic post deletion and adjust it to your precise preferences. This is a rare feature on social media, and demonstrates once again how Mastodon prioritizes users' benefits over data monetization.
-
-To enable it, go to "Preferences" > "Automated post deletion", then check the option "Automatically delete old posts" on the upper-left. Adjust the "Age threshold" on the upper-right to anything between 1 week and 2 years.
-
-In the "Exceptions" section below, you can select a number of variables to customize post deletion. Keeping your pinned posts from being deleted is likely a good idea, for example.
-
-You can also keep the option checked to protect from deletion your own posts that you have favorited. This is very convenient to get a more granular control over automated deletion, purposefully keeping some posts while letting others getting automatically deleted.
-
-![Screenshot of the Mastodon web interface showing the Automated post deletion page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion.webp)
-
-In the "Exceptions based on interactions" section, you can select a threshold of favorites and/or boosts to protect posts from automatic deletion.
-
-Once you have adjusted automated deletion to your preferences, click on "Save changes" on the upper-right to confirm your choices.
-
-### Data access and backups
-
-Another important side of digital rights is access to your own data. Here again, Mastodon makes it easy. You can download a copy of your account data any time you want.
-
-For this, go to "Preferences" > "Import and export" > "Export". From there, you can request a compressed archive of all your posts and uploaded media once every 7 days. This archive will be readable by any ActivityPub-compatible software, or you can open it with any simple text software.
-
-![Screenshot of the Mastodon web interface showing the Export page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-export.webp)
-
-Additionally, you can download lists of your Follows, Followers, Lists, Mutes, Blocks, Domain Blocks, and Bookmarks in CSV format any time (also readable with any simple text software).
-
-Keeping a local copy of your data for regular backup purposes is a good idea in general, and also recommended before an account migration.
-
-### Account deletion
-
-Finally, if you decide to delete your *whole* account, this is again incredibly easy. Simply go to "Preferences" > "Account" > "Account settings", and scroll down to the bottom of this page.
-
-Once you are ready to delete your data (and have downloaded the data you wish to keep), click on the "proceed here" link. Read the information from the "Account deletion" page, and enter your password when you are ready to confirm.
-
-![Screenshot of the Mastodon web interface showing the Account deletion page, from the "proceed here" link on the previous "Account" page.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-deletion-account.webp)
-
-## Blocking users and instances
-
-You have a lot of control on which information you show and see on Mastodon. Like for other social media, you can block users individually on Mastodon. But additionally, you can also block a whole instance if you aren't happy interacting with it. This, like an individual block, can benefit your privacy by restricting further who can access your posts.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Filtering content and muting users</p>
-
-This tutorial will not discuss in details all the Mastodon features, as it focuses on privacy and security. However, it's worth mentioning briefly that there are softer options than blocking, if you simply wish not to see some content on Mastodon.
-
-First, you can use [Filters](https://docs.joinmastodon.org/user/moderating/#filters) to hide specific content or hashtags from your timelines. Second, you can [Mute](https://docs.joinmastodon.org/user/moderating/#mute) a user, temporarily or permanently. However, remember that muting a user will still allow them to see your posts. Since Mastodon 4.4, you can also use "Remove follower" to simply remove someone from following you, without having to block them.
-
-</div>
-
-### User block
-
-If you block a user, this person will not be able to interact with you, and will not see your posts from their account anymore. They could however still see your public and quiet-public posts from your account's public page.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Adding a Personal Note</p>
-
-If you want to remember why you blocked (or muted) someone, you can [add a Personal Note](https://fedi.tips/what-are-notes-on-mastodon-what-does-click-to-add-note-mean-on-mastodon-profiles/) on their profile page. They will not be able to see this note, but your notes could be read by your instance's administration or moderation team. Be careful what you write there. Notes cannot be transferred during account migration at this time.
-
-![Screenshot of the Mastodon web interface showing a user's profile page viewed from within a logged-in user interface. A yellow arrow points at the section to add a Personal Note on a user's profile page.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-personal-note.webp)
-
-</div>
-
-To block a single user, find their profile and click on the 3-dot "Menu" button on the upper-right. From the drop-menu, select "Block `USERNAME`".
-
-![Screenshot of the Mastodon web interface showing a user's profile page viewed from within a logged-in user interface. A yellow arrow points at the drop-menu from the profile page's "Menu" button, with the selection to Block that user.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-user.webp)
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Blocked users can still visit your account's public page</p>
-
-Remember that blocked accounts (and instances) might still be able to see your public and quiet-public posts outside Mastodon, by visiting your account's public page. Although, they will not be able to interact with your posts anymore.
-
-</div>
-
-### Instance block
-
-If you block an entire instance, *everyone* from this instance will stop seeing your posts, you will stop seeing theirs, and they will be removed from your followers and follows. Nobody from this instance will be able to follow you anymore, and you will not be able to follow them either.
-
-There are two ways to block a whole instance. The simplest way is to find a user from that instance and click on the 3-dot "Menu" button on their profile. From the drop-menu, select "Block domain `DOMAIN_NAME`".
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">This blocks everyone from that instance</p>
-
-Remember this will block *everyone* using this instance at once, and you will lose *all* followers and follows you may have from this instance as well. You might not be able to recover those followers if you change your mind later.
-
-</div>
-
-![Screenshot of the Mastodon web interface showing a user's profile page viewed from within a logged-in user interface. A yellow arrow points at the drop-menu from the profile page's "Menu" button, with the selection to Block domain the whole instance this user is from.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-instance.webp)
-
-Alternatively, you can even "pre-block" an instance on Mastodon. For example, many people used this method when Meta's Threads announced they would connect to the Fediverse, but didn't have any connected accounts yet.
-
-To do this, go to "Preferences" > "Import and export" > "Export", then download the "CSV" file for your "Domain blocks".
-
-![Screenshot of the Mastodon web interface showing the Export page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-csv.webp)
-
-Open the `blocked_domains.csv` file as a text file, then type each domain you wish to block. Use one line for each domain (if you want to block more than one). Save this file using the same filename.
-
-![Screenshot of the "blocked domains" CSV file opened with TextEdit. The file contains two different domains written on each a separate line.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-file.webp)
-
-Back to your account, move to the "Import" section from the left-side menu. From the "Import type", select "Domain blocking list".
-
-Keep the "Merge" option on if you want to *add* new domains to block, or select "Overwrite" to replace your old list with this new list. Browse to upload the file you just modified, then click "Upload".
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Carefully verify the correct type!</p>
-
-Make sure to select "Domain blocking list" in the "Import type" or you could accidentally overwrite other important data! For safety, always save a backup of your existing data before doing any modifications like this.
-
-</div>
-
-![Screenshot of the Mastodon web interface showing the Import page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-block-domains-import.webp)
-
-You will be prompted to confirm. Verify the information is correct, then click "Confirm". You should see a confirmation message with "Your data was successfully uploaded and will be processed in due time". You can now leave this page.
-
-### User report
-
-Reporting users isn't necessarily directly linked to privacy and security (although it can be), but it's still an important mechanism to address the overall safety of the network.
-
-Because moderators have less resources on the Fediverse, they rely on users reporting problematic posts in order to enforce moderation policies.
-
-As a member of your instance's community, it's important to report posts violating your instance's Server rules, but it's also important not to misuse report mechanisms when there are no violations.
-
-To report a post, click on the 3-dot "More" button on the lower-right of the problematic post, then select "Report `USERNAME`".
-
-Answer the form to the best of your knowledge, and **try to be as helpful to your instance's moderation team as you can, without overwhelming them**.
-
-![Screenshot of the Mastodon web interface showing a user's profile page viewed from within a logged-in user interface. A red arrow points at the "More" button of a post, and another red arrow points at the "Report" selection from the drop-menu.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-report.webp)
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Do not report if there are no policy violations</p>
-
-People who volunteer to moderate an instance are doing it for the community. It's important to respect their time, to stay kind, and to not abuse reporting mechanisms.
-
-Only report content that violates the policies of your instance, or theirs. Do not report users simply because you dislike their posts. There are better mechanisms to hide the content you simply dislike, such as Filters, Mutes, or Blocks.
-
-</div>
-
-## Opting out with hashtags
-
-Data privacy and user consent are principles strongly valued by the Fediverse community. Sometimes, developers trying to create tools for the Fediverse or utilizing its user data without prior explicit consent have come into conflict with these values.
-
-Unfortunately, despite how illegal it may be, there aren't many technical barriers to stop malicious actors from violating users' consent.
-
-### Special hashtags
-
-However, many developers creating tools for the Fediverse actually *do care* about respecting these values, and want to build tools the right way.
-
-Some have implemented methods to opt in or opt out the data they collect or the tools they build. This is why you will sometimes see people adding special hashtags in their profile biography, such as `#noindex`, `#nosearch`, `#nobot`, `#noai`, `#nobridge`, etc.
-
-Ideally, all data collection should be prohibited until users' consent is obtained, and data subjects notified (opt in default). This is obligatory by law for many jurisdictions. Sadly, many developers do not follow sound legal practices in reality, and will not seek users' consent, despite their legal and moral obligations.
-
-Adding these hashtags (and maybe others in the future) to your profile biography *might* help to opt out certain data collection and certain tools built by developers who do respect users' consent. This can effectively *reduce* data scraping, in some situations. If anything, it is at least a public statement against disrespectful (and sometimes illegal) practices.
-
-## Moving to another instance
-
-The freedom to move from one instance to another can greatly contribute to keeping Mastodon a place that puts its users first.
-
-If suddenly your instance were to implement a data scraper for its AI model to train on all your content (like so many commercial social media do now), or drastically drop moderation, you could simply move your account to another instance, one that is more respectful of your values and privacy rights.
-
-This is a feature completely absent from centralized social media. Allowing them to unleash unchecked user exploitation, knowing fully users feel trapped and somehow forced to endure the abuse on their platforms.
-
-Mastodon is protected again such abuse, by design.
-
-When investing your precious time and energy participating in a Fediverse community, you will retain your data and your agency to choose which type of administration you prefer.
-
-If you are unhappy with your Mastodon instance's management, here's how to leave for greener pastures:
-
-### Planning your move
-
-First, plan your move properly. While moving your account is easy enough to do, there is a 30 days cooldown period in which you will not be able to move your account again. Make sure to choose your new home (instance) carefully, you will be there for *at least* 30 days.
-
-Then, you might want to inform your followers. While moving followers is done automatically, it may take a few hours before completion, and your followers might be wondering what is going on. It can be a good idea to post about it from the account you are moving away from before moving.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Summary of the steps to follow</p>
-
-1. Save an archive of your posts (if you want)
-2. Save a copy of the six CSV files in "Export" (to import later)
-3. Choose a new instance
-4. Create a new account on your new instance (you can use the same username if available)
-5. Alias your two accounts
-6. Move your old account to the new one
-7. From your new account: Wait that your followers are all transferred
-8. From your new account: Import data and verify that everything is transferred properly
-9. From your old account: Delete your older account (if you want)
-
-</div>
-
-### Backing up your data
-
-The first step is to back up your data. This is important both for security and to allow you to import it later to your new account (some data isn't transferred automatically).
-
-Go to "Preferences" > "Import and export" > "Export", then click the "Request your archive" purple button at the bottom.
-
-Wait for the archive to be ready (you should receive an email notification within a few minutes), then download your precious archive somewhere secure.
-
-Do not stop there!
-
-You also need to download the CSV files above to import them manually to your new account. For each line with a CSV option on the table below ("Follows", "Lists", "You mute", "You block", "Domain blocks", and "Bookmarks"), download the CSV file in a secure location. Be careful not to forget anything.
-
-![Screenshot of the Mastodon web interface showing the Export page in Preferences. The downloadable CSV files are highlighted.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-export.webp)
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Your posts will not be moved!</p>
-
-Unfortunately, you will not be able to import your posts to your new Mastodon account (yet).
-
-But this might change soon! The ActivityPub team is currently working on a [live online account portability protocol (LOLA)](https://swicg.github.io/activitypub-data-portability/lola) that could get added to Mastodon relatively soon. This will be a wonderful improvement to this process, and allow even more freedom and agency to Mastodon users!
-
-</div>
-
-### Moving your account
-
-Once you have backed up your data, informed your followers, and created a new account on your instance of choice, you can start the migration process.
-
-**From your new account:** Go to "Preferences" > "Account" > "Account settings", scroll down to "Moving **from** a different account", and click on "create an account alias".
-
-In the field labeled "Handle of the old account", enter the complete handle (`@YOUR_USERNAME@YOUR_INSTANCE_ADDRESS`) of the *old* account you want to move *from*. Then click on "Create alias" at the bottom to confirm.
-
-This will not initiate the migration yet. It will only create an alias, and it is reversible.
-
-![Screenshot of the Mastodon web interface showing the Account aliases page in Preferences, from the "Moving from a different account" link on the Account settings page.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-alias.webp)
-
-**From your old account:** Go to "Preferences" > "Account" > "Account settings", scroll down to "Move **to** a different account", and click on "configure it here".
-
-Carefully read the information on this page. Enter the *complete handle* (`@YOUR_NEW_USERNAME@YOUR_NEW_INSTANCE_ADDRESS`) of the new account you want to move *to* in "Handle of the new account". Confirm with your current (old) account password on the right, then click on the "Move followers" purple button at the bottom.
-
-**This will initiate the migration process.**
-
-![Screenshot of the Mastodon web interface showing the Account aliases page in Preferences, from the "Move to a different account" link on the Account settings page.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-account-migration.webp)
-
-Moving all your followers to your new account might take some time, but normally should be fully completed within 24 hours.
-
-Besides waiting for your followers to migrate, you will also need to manually import your "Following list", "Bookmarks", "Lists", "Muting list", "Blocking list", and "Domain blocking list". For this, go to "Preferences" > "Import and export" > "Import".
-
-For **each** of these 6 types of data, select a type in the "Import type" drop-menu, then click on "Browse" to upload the corresponding file you have exported earlier in the [Backing up your data](#backing-up-your-data) step.
-
-Choose "Merge" on the right if you want to *add* this old data to data your already have on your new account, or "Overwrite" if you want to only keep data from your old account. Then click "Upload" below.
-
-![Screenshot of the Mastodon web interface showing the Import page in Preferences.](../assets/images/mastodon-tutorial-privacy-and-security/mastodon-move-import.webp)
-
-There you go! Your Mastodon account was successfully moved from one Mastodon instance to another!
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Delete your old account (if you want)</p>
-
-You may want to delete your old account once you have completed your account migration and verified all your followers and data were transferred properly.
-
-If your old instance isn't shutting down, you can also keep it of course. But remember that keeping an account abandoned in the long-term can create some security issues.
-
-</div>
-
-## Consider supporting Mastodon
-
-Mastodon is supported by its community! If you enjoy the platform and can contribute, consider supporting the project by:
-
-- [Donating to support Mastodon's development and operations](https://joinmastodon.org/sponsors)
-
-- Donating to your Mastodon instance (ask your administrator)
-
-- [Buying cute merch from the Mastodon organization](https://shop.joinmastodon.org/)
-
-- [Contributing to the Mastodon project on GitHub](https://github.com/mastodon/.github/blob/main/CONTRIBUTING.md)
-
-- [Starting your own Mastodon instance](https://docs.joinmastodon.org/user/run-your-own/)
-
-- [Talking to your friends and family about joining the Fediverse!](https://jointhefediverse.net/join)
-
-<div class="admonition info" markdown>
-<p class="admonition-title">More information</p>
-
-For more information on Mastodon and the Fediverse, you can visit the excellent website [Fedi.Tips](https://fedi.tips/).
-
-</div>
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
diff --git a/content/blog/posts/merch-announcement.md b/content/blog/posts/merch-announcement.md
deleted file mode 100644
index 6c5bd3f5d..000000000
--- a/content/blog/posts/merch-announcement.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-date:
-    created: 2023-05-31T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - freddy
-    - niek-de-wilde
-tags:
-    - Privacy Guides
-license: BY-SA
-description: Privacy Guides has partnered with HELLOTUX to create what we think are the finest garments in the land.
-schema_type: BackgroundNewsArticle
----
-# Privacy Guides Now Has Merchandise
-
-Yes, you read the title correctly: we have merch now. Privacy Guides has partnered with [HELLOTUX](https://www.hellotux.com/privacyguides) to create what we think are the finest garments in the land.<!-- more -->
-
-It would be ironic to sell our products on a site riddled with ads and trackers. So we weren't going to. This decision ruled out loads of providers, as our privacy-focused values and their Google Analytics just didn't quite align. Privacy Guides has a global audience, so worldwide shipping was a must. And we didn't want to be peddling tacky cheaply printed t-shirts either. This narrowed down our options considerably.
-
-Then we stumbled across HELLOTUX.
-
-HELLOTUX is a family business who have been making high quality merchandise for open source projects since 2002. Their site is tracker free, and isn't littered with irritating adverts. They seemed, pardon the pun, the perfect fit.
-
-We're excited to launch a range of dashing t-shirts and Polo shirts, along with our very own hoodies and jackets. Check them out at [`www.hellotux.com/privacyguides`](https://www.hellotux.com/privacyguides).
-
-Buying our merch is a great way to support us financially. We get between three and five dollars per garment, depending on the product. Privacy Guides is a non-profit, socially motivated website so all the money we receive will be put towards improving our site and community. Our finances can be viewed publicly via the [Open Collective](https://opencollective.com/privacyguides).
-
-A fun fact about HELLOTUX is that they make everything with Linux: the embroidery, the website, the customer service - the whole shebang. They also offer a money-back guarantee. If you're not happy with your order, just send it back within three months, and they will sort you out with a replacement or refund.
-
-So go ahead: bag yourself some Privacy Guides swag today!
diff --git a/content/blog/posts/monero-server-using-truenas.md b/content/blog/posts/monero-server-using-truenas.md
deleted file mode 100644
index c77798f64..000000000
--- a/content/blog/posts/monero-server-using-truenas.md
+++ /dev/null
@@ -1,362 +0,0 @@
----
-date:
-    created: 2025-06-12T18:15:00Z
-categories:
-    - Tutorials
-tags:
-    - Self-Hosting
-    - Cryptocurrency
-    - TrueNAS
-authors:
-    - justin
-description: In this guide, we will walk you through setting up a very powerful Monero server on TrueNAS.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/monero-server-using-truenas/cover.webp
----
-# Creating a Tricked-Out Monero Server with TrueNAS
-
-![A cover image for this post showing an illustration of a NAS and stacks of coins imprinted with the Monero logo](../assets/images/monero-server-using-truenas/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-In this guide, we will walk you through setting up a very powerful [Monero](https://www.privacyguides.org/en/cryptocurrency/#monero) server on TrueNAS. By completing these steps, you will be able to connect to your own self-hosted Monero node with the official Monero wallet and Cake Wallet, and you will be able to connect to your own self-hosted Monero LWS server with Edge Wallet and MyMonero.<!-- more -->
-
-<div class="admonition note" markdown>
-<p class="admonition-title">Guest Contributor</p>
-
-Please welcome Justin Ehrenhofer as a first-time guest contributor! Justin is the president of MAGIC Grants, a nonprofit which supports public cryptocurrency infrastructure and promotes privacy, and operates as Privacy Guides' [fiscal host](privacy-guides-partners-with-magic-grants-501-c-3.md). Privacy Guides does not publish guest posts in exchange for compensation, and this tutorial was independently reviewed by our editorial team prior to publication.
-
-</div>
-
-This guide assumes that you are using TrueNAS for the first time. TrueNAS is an open-source operating system that is meant to function primarily as a NAS, and it supports running arbitrary Docker apps. [MAGIC Grants](https://magicgrants.org) spent the last few months making dedicated apps on the TrueNAS store to make this setup process simpler than starting from scratch.
-
-## Advantages of Running Your Own Node
-
-Monero is a cryptocurrency with strong privacy properties by default, and it is the only cryptocurrency currently [recommended](https://www.privacyguides.org/en/cryptocurrency/) by Privacy Guides.
-
-Despite Monero's privacy protections, your wallet needs to communicate with the rest of the Monero network. There are two main options:
-
-1. Connecting to someone else's node; or
-2. Connecting to your own node.
-
-By connecting to your own node, you do not need to reveal when you are using your wallet and what transactions you send to the node operator.
-
-By following this guide, your transaction broadcasts will be protected with the Tor and/or I2P [networks](https://www.privacyguides.org/en/alternative-networks/).
-
-In short, if you *can* run your own node, you *should* run your own node.
-
-## Hardware/Software Recommendations
-
-* A spare machine (e.g., an old desktop computer) with:
-    * One or more SSDs with >100 GB of free space
-    * 4+ CPU cores
-    * 4GB+ of RAM
-    * TrueNAS already installed
-* A domain name (optional, for encrypted clearnet connections)
-
-It's possible to undercut these recommendations, but please don't do that to yourself.
-
-## What We Will Set Up
-
-All of these applications are optional. You can set up nearly any combination of these. For example, you can skip just the I2P app if you don't plan to use I2P.
-
-| Software | Description | Purpose |
-| -------- | -------- | -------- |
-| Arti | A [Tor](https://www.privacyguides.org/en/advanced/tor-overview) client written in Rust. | Connect to Tor nodes, broadcast transactions over Tor, and connect to TrueNAS apps over Tor. |
-| Java I2P | The officially distributed app to connect to the [I2P network](https://www.privacyguides.org/en/alternative-networks/#i2p-the-invisible-internet-project). | Connect to I2P nodes, broadcast transactions over I2P, and connect to TrueNAS apps over I2P. |
-| Monero Node | The officially distributed app for communicating with the Monero network. | The app provides the necessary information to send and receive Monero transactions. Most wallets (including the official Monero wallets and Cake Wallet) connect to Monero nodes. |
-| Monero-LWS | A "**L**ight-**W**allet **S**erver" that allows "light-wallets" to send and receive Monero transactions. | Monero light-wallet apps (including Edge Wallet and MyMonero) can connect to this server so that the wallet itself does not need to scan/sync Monero history; the server handles this scanning/syncing. |
-
-## Configure TrueNAS Storage
-
-We will configure storage for the Monero blockchain, and we will use default storage settings for other purposes. If you are an advanced user, you can configure the storage yourself.
-
-### Create a Monero Pool
-
-In TrueNAS, a pool is a collection of hard drives for a specific use-case. For simplicity, we will configure the entirety of a single SSD for Monero's use.
-
-1. Click **Storage**.
-2. Click **Create Pool**.
-3. Type `monero-pool` for the name. Leave encryption disabled (this will only store public blockchain data). Click **Next**.
-4. Choose the layout that you will be using. We will pick **Stripe** in this guide.
-5. Select the entire storage space for the SSD. Click **Next**.
-6. Skip all the remaining options for metadata, log, cache, spare, and dedup. Keep clicking **Next**.
-7. Finish creating the pool by clicking **Create Pool**.
-
-### Create a Monero Dataset
-
-A dataset is effectively a folder inside a pool. We will make one folder for the Monero blockchain data:
-
-1. Click **Datasets**.
-2. Click on the `monero-pool` pool.
-3. Click **Add Dataset**.
-4. Set the name to `monero-blockchain`
-5. Set the dataset preset to **Apps**.
-6. Click **Save**.
-
-![Screenshot showing the Datasets list in TrueNAS](../assets/images/monero-server-using-truenas/01-datasets.webp)
-
-Next, we will assign the ownership of that folder to the `apps` user:
-
-1. While the `monero-blockchain` dataset is selected, click **Edit** under Permissions.
-2. At the top, change the **Owner** and **Owner Group** from `root` to `apps`.
-3. Check the boxes for **Apply Owner** and **Apply Group**.
-4. Check **Apply permissions recursively**.
-5. Click **Save Access Control List**.
-
-![Screenshot showing the ACL settings for monero-blockchain](../assets/images/monero-server-using-truenas/02-edit-acl.webp)
-
-## Configure Arti (Tor)
-
-<div class="admonition example" markdown>
-<p class="admonition-title">Experimental software</p>
-
-Arti is experimental software. At the time of writing, Arti should not be used for privacy-critical applications. Connecting to your own Monero node is "low risk" in most circumstances. However, if you have very sensitive requirements you should not use Arti until it has been tested further by the community. By using Arti today, you are helping to make Arti better!
-
-</div>
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Arti`. Click on the **Arti** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Hidden Services**, click **Add**. For each of the functions below that you want to support, create a new hidden service:
-    1. Monero Node (for incoming P2P connections)
-        1. Name: `monerodp2p`
-        2. App Port: `18084`
-        3. Hidden Service Port: `18084`
-    2. Monero Node (for incoming RPC (wallet) connections)
-        1. Name: `monerodrpc`
-        2. App Port: `18089`
-        3. Hidden Service Port: `18089`
-    3. Monero LWS
-        1. Name: `monerolws`
-        2. App Port: `18090`
-        3. Hidden Service Port: `18090`
-6. Leave the other settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, click on the shell icon under Workloads and to the right of `arti – Running` (not `config` or `perms`).
-
-![Screenshot showing how to click the Arti shell icon](../assets/images/monero-server-using-truenas/03-arti-shell.webp)
-
-In the shell, type the command `arti hss --nickname monerodp2p onion-address`. This will return a string that ends in `.onion`. In notepad, Excel, or another app, save the `.onion` address and the service it is associated with (`monerodp2p`). You might need to copy from the shell with ++ctrl+ins++.
-
-![Screenshot showing the command and response to get the onion address](../assets/images/monero-server-using-truenas/04-arti-shell.webp)
-
-Do this again for the following two commands as well:
-
-```console
-arti hss --nickname monerodrpc onion-address
-arti hss --nickname monerolws onion-address
-```
-
-You should have three saved and unique `.onion` addresses.
-
-## Configure I2P
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `I2P`. Click on the **I2P** app.
-4. Click **Install**. This will pull up a form.
-5. Change the **Port Bind Mode** for **I2P HTTP Proxy Port** to `None`.
-6. Change the **Port Bind Mode** for **I2P HTTPS Proxy Port** to `None`.
-7. To the right of **Additional Ports**, click **Add**.
-8. In the newly exposed fields, set the Port Number as `4447`.
-9. In the same newly exposed fields, set the Container Port as `4447`.
-10. Leave the other settings as default. Click **Install**.
-
-![Screenshot showing the I2P installation settings](../assets/images/monero-server-using-truenas/05-i2p-install.webp)
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, open a browser and direct it to the I2P configuration wizard. This is available at `<hostname>:7657`, for example `192.168.1.100:7657`.
-
-Complete the initial I2P wizard using the default settings.
-
-### Create I2P SOCKS Proxy
-
-1. Click **Local Tunnels**.
-2. Click on the I2P HTTP Proxy.
-3. Uncheck **Automatically start tunnel when router starts**.
-4. Click **Save**.
-5. To the right of the I2P HTTP Proxy, click **Stop**.
-6. Click on the I2P HTTPS Proxy.
-7. Uncheck **Automatically start tunnel when router starts**.
-8. Click **Save**.
-9. To the right of the I2P HTTP Proxy, click **Stop**.
-10. At the bottom and to the right of **New client tunnel:**, change the type in the dropdown from `Standard` to `SOCKS 4/4a/5` and click **Create**.
-    1. Set the name as `monerod`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the Access Point **Port** to `4447`.
-    4. Set **Reachable by** to `0.0.0.0`.
-    5. Click **Save**.
-
-### Create I2P Hidden Services
-
-There is an optional step below to reduce the hidden service tunnel length from the default of 3 to 1. This will substantially increase the reliability of the server at the cost of anonymity.
-
-However, the server's connection to the I2P network for connecting to Monero wallets and the rest of the Monero network is typically not sensitive, unless you want to completely conceal that you are running a Monero node. Thus, most users will prefer the higher performance of the shorter tunnel length.
-
-We do not recommend shortening the tunnel lengths for the I2P SOCKS Proxy (in the previous section above) on the other hand, since transaction broadcasts tend to be sensitive.
-
-1. Under **I2P Hidden Services** and to the right of **New hidden service:**, change the type in the dropdown from `HTTP` to `Standard` and click **Create**.
-    1. Set the name as `monerodp2p`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18085`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-2. Create another `Standard` hidden service.
-    1. Set the name as `monerodrpc`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18089`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-3. Create another `Standard` hidden service.
-    1. Set the name as `monerolws`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18090`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-
-You will see the three I2P Hidden Services that you configured. Under each, you will see a `.b32.i2p` address after **Destination:**. You will need to use the destination `.b32.i2p` addresses in later steps (just like the `.onion` addresses), so keep them handy.
-
-![Screenshot showing I2P Hidden Services settings](../assets/images/monero-server-using-truenas/06-i2p-settings.webp)
-
-## Configure Monero Node
-
-### Initial Setup
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero Node`. Click on the **Monero Node** app.
-4. Click **Install**. This will pull up a form.
-5. *Optional:* Uncheck **Prune the blockchain**. This will use significantly more storage.
-6. Under **Storage Configuration** and **Blockchain storage location**, change the **Type** from `ixVolume` to `Host Path`.
-7. Under **Host Path**, use the folder picker to select the `monero-blockchain` dataset. This should usually be `/mnt/monero-pool/monero-blockchain`.
-8. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the node sync faster.
-9. Leave the other settings as default. Click **Install**.
-
-#### Why not configure Tor and I2P settings to begin with?
-
-Some users may be sensitive to a privacy risk where your Tor and I2P addresses could be matched with your public IPV4 address while it is syncing. By waiting to configure these settings until after your node is already fully synced, we minimize this risk.
-
-### Check on the Sync Status
-
-It will take a day or more for most systems to fully sync the Monero blockchain from scratch.
-
-To check the status, go to the app page and click on the `monerod` app. Under Workloads and to the right of `monerod – Running`, click on the shell icon.
-
-![Screenshot showing how to click the Monero Node shell icon](../assets/images/monero-server-using-truenas/07-monero-shell.webp)
-
-Type `monerod status` and press enter.
-
-If the status reports `Height: ####/#### (100.0%) on mainnet`, then your node is fully synced. You can proceed to the next step.
-
-![Screenshot showing the Monero Node sync status command](../assets/images/monero-server-using-truenas/08-monero-shell.webp)
-
-### Add Tor and I2P
-
-After your Monero node is fully synced, click on the `monerod` app and then click **Edit**. This will bring up the same form that you configured when installing the app.
-
-1. Check **Enable Tor connections**.
-2. Set the **Tor IP** as your hostname, for example `192.168.1.100`.
-3. Set the **Tor port** as `9150`.
-4. Check **Enable inbound Tor connections**.
-5. Set the **Inbound onion address** as the `.onion` address for `monerodp2p` that you observed earlier.
-6. Check **Enable inbound I2P connections**.
-7. Set the **I2P IP** as your hostname, for example `192.168.1.100`.
-8. Set the **I2P Port** as `4447`.
-9. Check **Enable inbound I2P connections**.
-10. Set the **Inbound I2P base32 address** as the `.b32.i2p` address for `monerodp2p` that you observed earlier.
-11. If you wish to enable Monero LWS, under **ZMQ RPC Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-12. If you wish to enable Monero LWS, under **ZMQ Pub Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-13. Under **Tor inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-14. Under **I2P inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-15. Click **Update**.
-
-![Screenshot showing the Monero Node install settings](../assets/images/monero-server-using-truenas/09-monero-install.webp)
-
-## Configure Monero LWS
-
-For security reasons, the Monero LWS app only accepts requests from allowlisted Monero addresses. Requests from other users will be rejected.
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero LWS`. Click on the **Monero LWS** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Accounts**, you can add sets of allowlisted Monero wallets that will be supported by this server. Click **Add** to add a wallet. For each wallet, include the `Address`, `View Key`, and `Restore Height`. If a restore height is not provided, it will scan the entire blockchain (which is thorough but inefficient).
-6. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the server scan multiple wallets faster.
-7. After you have added all the wallets, click **Install**.
-
-You can add new Monero wallets in the future by adding them to the list of accounts.
-
-## Configure Secure Clearnet Connections
-
-It is insecure to connect your wallet to your server over an unencrypted connection.
-
-If you only configure your wallet to connect to your server over its I2P or Tor addresses, then you're all set. The connection is already encrypted.
-
-There are different ways to connect to your node over an encrypted clearnet connection, each with their pros and cons:
-
-| Method | Pros | Cons |
-| --- | --- | --- |
-| Tor | No additional configuration necessary. Private. Secure. Reliable. | Slow for non-LWS wallets. |
-| I2P | No additional configuration necessary. Private. Secure. | Slow. Unreliable. |
-| Nginx Proxy Manager | High degree of user control. Secure. Reliable. Fast. | Requires a domain. Requires configuration. |
-| Cloudflare Tunnels | Secure. Reliable. Fast. Easy to set up. Extra security settings. | Requires a domain. Decrypted traffic is shared with Cloudflare. |
-
-### Nginx Proxy Manager (Recommended)
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Nginx Proxy Manager`. Click on the **Nginx Proxy Manager** app.
-4. Click **Install**. This will pull up a form.
-5. Leave the settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Nginx Proxy Manager app shows the status as **Running**, open a browser to `<hostname>:30020`, for example `192.168.1.100:30020`.
-
-#### Configure Your Domain and Router
-
-You will need to create A and (optionally) AAAA records with your DNS provider that point to your public IPV4 and IPV6 IP addresses, respectively. You will then need to forward the ports in your router to your TrueNAS hostname. These steps are out of scope for this guide.
-
-#### Add Proxy Hosts to Nginx Proxy Manager
-
-From the Nginx Proxy Manager browser interface, click **Hosts**, **Proxy Hosts**, then **Add Proxy Host**. We recommend creating proxy hosts as follows:
-
-| Domain Name | Scheme | Forward Hostname / IP | Forward Port |
-| --- | --- | --- | --- |
-| `monerod-rpc.<domain>` | `http` | `<hostname>` | `18089` |
-| `monero-lws.<domain>` | `http` | `<hostname>` | `18090` |
-
-For each entry, enable **Block common exploits**.  Configure the SSL settings with **Request a new SSL Certificate**, **Force SSL** enabled, and **HTTP/2 Support** enabled.
-
-Optionally assign an access list.
-
-You should now be able to access these services using your domain!
-
-## A Note About Clearnet Networking
-
-Making clearnet connections without encryption (without SSL/TLS) is insecure. This guide uses the Nginx Proxy Manager app to configure these secure connections, but you can alternatively use another approach such as Cloudflare Tunnels, Tailscale, or WireGuard.
-
-## What About Bitcoin?
-
-Bitcoin is not recommended by Privacy Guides due to its very weak privacy properties by default. Nevertheless, MAGIC Grants has made several Bitcoin oriented applications in the TrueNAS store that you may benefit from if you need to use Bitcoin.
-
-## Test Connections
-
-We will test connections to our node over Tor using [Cake Wallet](https://cakewallet.com), [Edge Wallet](https://edge.app), and [Orbot](https://orbot.app). Make sure you have these apps installed and already have Monero wallets set up.
-
-Use **Full Device VPN** mode with Orbot for this guide.
-
-### Test with Cake Wallet
-
-Cake Wallet will connect to your Monero node. Follow [these steps](https://docs.cakewallet.com/features/advanced/tor-with-orbot/#switch-back-to-cake-wallet) to change the Monero node that Cake Wallet uses. Provide your `monerodrpc` onion address for the Monero Node app as the node address, `18089` as the port, no username, no password, and **Use SSL** unchecked.
-
-You should see a green dot next to this newly added node, and you should notice that your wallet is able to sync. Syncing performance to a Monero node over Tor is slow.
-
-### Test with Edge Wallet
-
-Edge Wallet will connect to your Monero-LWS server. In Edge Wallet, click on the upper right hamburger menu, then **Settings**, then **Asset Settings**, then **Monero**. Select **Custom Light Wallet Server** and provide your `monerolws` onion address with the port. For example, `http://monerolws.onion:18090`, replacing `monerolws.onion` with your correct onion address.
-
-Back in the main wallet overview, you should see that your Monero wallet is fully synced.
diff --git a/content/blog/posts/move-fast-and-break-things.md b/content/blog/posts/move-fast-and-break-things.md
deleted file mode 100644
index 37ba4b068..000000000
--- a/content/blog/posts/move-fast-and-break-things.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-date:
-    created: 2022-04-04T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - freddy
-links:
-    - posts/virtual-insanity.md
-tags:
-    - Facebook
-license: BY-SA
-description: If someone has to tell you that they care about your privacy, they probably don’t.
-schema_type: OpinionNewsArticle
----
-# Move Fast and Break Things
-
-Mark Zuckerberg does not look comfortable on stage. Yet, there he was proclaiming that “the future is private”. If someone has to tell you that they care about your privacy, they probably don’t.<!-- more -->
-
-For someone trying not to appear like a cartoon villain, Zuckerberg doesn’t do a great job. He gives the impression of some strange cyborg algorithmically attempting to impersonate human life. His movements are not quite robotic, but he lacks the charisma you might expect from one of the most powerful people on the planet. A *New Yorker* [profile](https://www.newyorker.com/magazine/2018/09/17/can-mark-zuckerberg-fix-facebook-before-it-breaks-democracy) of him revealed that he had an affinity for Emperor Augustus, an ancient Roman tyrant. ‘Through a really harsh approach, [Augustus] established two hundred years of world peace,’ he said.
-
-It’s the first part of that sentence that is worrying.
-
-Is this what Zuckerberg sees himself as: a modern-day emperor hellbent on using any means he can to gain world peace? Probably not, but it would have been reassuring if he just told us he liked doing Sudoku and dad-dancing with his daughter (interestingly named August).
-
-The Zuck once [joked](https://www.esquire.com/uk/latest-news/a19490586/mark-zuckerberg-called-people-who-handed-over-their-data-dumb-f/) to a friend that he could get them ‘info’ about anyone in Harvard. He had email addresses, pictures, real addresses: the lot. When the friend asked how, this was his riposte: ‘People just submitted it. I don’t know why. They trust me. Dumb fucks.’ We now live in a reality where Zuckerberg can get ‘info’ about almost anyone in the world.
-
-Like a depraved tabloid journalist fishing through a minor celebrity’s trash, Facebook collects everything it can about its users. Even if it means sifting through garbage, they want that data. But Facebook is not technically in the data business. It is in what author and professor Carissa Véliz [terms](https://aeon.co/essays/privacy-matters-because-it-empowers-us-all) ‘the business of power’ – which sounds rather more sinister than flogging off mildly irritating adverts.
-
-Véliz argues that privacy is a form of power. It is the power to influence you, show you adverts and predict your behavior. In this sense, personal data is being used to make us do things we otherwise would not do: to buy a certain product or to vote a certain way. Filmmaker Laura Poitras [described](https://www.washingtonpost.com/news/the-switch/wp/2014/10/23/snowden-filmmaker-laura-poitras-facebook-is-a-gift-to-intelligence-agencies/) Facebook as ‘a gift to intelligence agencies’. It allows governments to arrest people planning to participate in protests before they have even begun.
-
-The social media giant is tip-toeing ever closer into our personal lives. When Facebook encountered competition it just bought it, adding Instagram and WhatsApp to its roster. The company even tried to make its own cryptocurrency so that one day the Facebook would control all our purchases too. Earlier this year, the project was [killed](https://www.ft.com/content/a88fb591-72d5-4b6b-bb5d-223adfb893f3) by regulators. It is worth noting that when Zuckerberg purchased WhatsApp and Instagram, they had no revenue. Author Tim Wu notes in his book *The Attention Merchants* that Facebook is ‘a business with an exceedingly low ratio of invention to success’. Perhaps that is a part of Zuck’s genius.
-
-‘Move fast and break things’ was the old company motto. When there were a few too many scandals, they moved fast and [rebranded](https://www.privacyguides.org/blog/2021/11/01/virtual-insanity) to Meta. No one expected online privacy to be the ‘thing’ they broke.
-
-Before it became a global behemoth, Facebook started out as a dorm-room project. Zuckerberg sat at his keyboard after a few drinks and built it mainly because he could. It now has nearly three billion users. In the same way, Facebook [conducted](https://www.theguardian.com/technology/2014/jul/02/facebook-apologises-psychological-experiments-on-users) social experiments seemingly just for fun. Why he did it doesn’t really matter. As John Lanchester [put it](https://www.lrb.co.uk/the-paper/v39/n16/john-lanchester/you-are-the-product): he simply did it *because*.
-
-It is unfair to say that Zuckerberg does not care about privacy – he does. That’s why he [spared](https://www.theguardian.com/technology/2013/oct/11/mark-zuckerberg-facebook-neighbouring-houses) no expense buying the houses that surrounded his home. Zuckerberg knows the power of privacy, which is painfully ironic given he has built his career on exploiting it. For Zuckerberg, at least, the future is private. It’s the rest of us that should be worried.
diff --git a/content/blog/posts/mozilla-disappoints-us-yet-again-2.md b/content/blog/posts/mozilla-disappoints-us-yet-again-2.md
deleted file mode 100644
index 25c6966c8..000000000
--- a/content/blog/posts/mozilla-disappoints-us-yet-again-2.md
+++ /dev/null
@@ -1,93 +0,0 @@
----
-date:
-    created: 2024-07-14T19:00:00Z
-categories:
-    - News
-authors:
-    - jonah
-tags:
-    - Firefox
-    - Mozilla
-description: "'No shady privacy policies or back doors for advertisers' proclaims the Firefox homepage, but that's no longer true in Firefox 128."
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp
----
-
-# "Privacy-Preserving" Attribution: Mozilla Disappoints Us Yet Again
-
-![](../assets/images/mozilla-disappoints-us-yet-again-2/cover.webp)
-
-<small aria-hidden="true">Image: Unsplash</small>
-
-**"No shady privacy policies or back doors for advertisers" proclaims the Firefox homepage, but that's no longer true in Firefox 128.**
-
-Less than a month after [acquiring the AdTech company Anonym](https://discuss.privacyguides.net/t/mozilla-acquires-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/18936), Mozilla has added special software co-authored by Meta and built for the advertising industry directly to the latest release of Firefox, in an experimental trial you have to opt out of manually. This "Privacy-Preserving Attribution" (PPA) API adds another tool to the arsenal of tracking features that advertisers can use, which is thwarted by traditional content blocking extensions.<!-- more -->
-
-It seems that 6 years after the [Mr. Robot extension debacle](https://www.theverge.com/2017/12/16/16784628/mozilla-mr-robot-arg-plugin-firefox-looking-glass), Mozilla still hasn't learned their lesson about sneaking unwanted advertising and features onto our computers.
-
-We already know from Google's [Privacy Sandbox](https://www.eff.org/deeplinks/2019/08/dont-play-googles-privacy-sandbox-1) that simply adding "privacy" to the name of your feature does not make it private. While Mozilla claims that the "Privacy-Preserving" attribution aims to provide a more privacy-friendly alternative to ad tracking, there are a plethora of issues with this new (anti-)feature that are worth examining:
-
-## Misaligned Incentives
-
-Mozilla's decision to implement PPA in Firefox highlights a growing trend among user agents (browsers) to grant preferential treatment to the advertising industry over all other businesses.
-
-**All** websites on the internet—including ad networks!—are **guests** on our computers, and the content they provide are merely suggestions for a user agent to interpret and show us how it chooses. This has always been a fundamental truth of how the internet works, and enables many great things: from highly-accessible text-based web browsers to the ability to [block trackers](https://www.privacyguides.org/en/browser-extensions/) and other unwanted bloat on the websites you visit. By baking in software that's tailor-made for the advertising industry, Mozilla is wrongly asserting that the advertising industry has a legitimate interest in collecting your data and tracking you across the internet over all other parties, including over your own interests.
-
-The advertising industry and [Google](https://discuss.privacyguides.net/t/ublock-origin-lite/15329/11) in particular have been trying their hardest to reverse this dynamic, to turn browsers into a locked-down piece of viewing software under the total control of the servers it's accessing. Mozilla is the organization meant to protect us from the ever-encroaching desires of industry to control and track what we see online, but instead they're continually giving in to the idea that user agents should serve website operators and ad-tracking networks instead of users.
-
-## Lack of Consent
-
-Mozilla constantly fails to understand the basic concept of consent. Firefox developers seem to see their position as shepherds, herding the uninformed masses towards choices they interpret to be "good for them." Firefox users are not a captive audience that needs to be coddled, they are generally full-grown adult computer users who need to be listened to.
-
-One Mozilla developer claimed that explaining PPA would be too challenging, so they had to opt users in by default.
-
-<iframe src="https://mastodon.social/@Schouten_B/112784434152717689/embed" class="mastodon-embed" style="max-width: 100%; border: 0" width="400" allowfullscreen="allowfullscreen"></iframe><script src="https://mastodon.social/embed.js" async="async"></script>
-
-<iframe src="https://mastodon.social/@Schouten_B/112784608473016028/embed" class="mastodon-embed" style="max-width: 100%; border: 0" width="400" allowfullscreen="allowfullscreen"></iframe><script src="https://mastodon.social/embed.js" async="async"></script>
-
-The reality is that it isn't simply a *privileged minority* of users who care about surveillance tracking software being built in to their browsers.
-
-Firefox users are **fully** capable of understanding basic concepts like tracking, and can make an informed decision about whether they want their browser to track them. Mozilla refuses to acknowledge this, because it's in their best (financial) interest to get as many people as possible to use this feature.
-
-At the end of the day, Mozilla **knows** this feature isn't something that Firefox users want. If they truly believed this was the one path away from the constant data theft perpetuated by the advertising industry, they would've announced this loudly and proudly. They could've given the privacy and general Firefox communities ample time to scrutinize the protocol beforehand.
-
-Instead, they buried the announcement in a two sentence blurb at the bottom of the release notes, 5 months after they posted a very brief [blog post](https://blog.mozilla.org/en/mozilla/privacy-preserving-attribution-for-advertising/) talking about this technology which was likely ignored by the vast majority of Firefox users.
-
-## False Privacy
-
-Let's ignore all of this though, and say you don't care that Mozilla is selling out to advertisers, as long as the feature is actually more private than the current status quo. PPA still isn't the answer we are looking for.
-
-The simple truth is that the "Distributed Aggregation Protocol" Mozilla is using here is **not private by design.**
-
-The way it works is that individual browsers report their behavior to a data aggregation server (operated by Mozilla), then that server reports the aggregated data to an advertiser's server. The "advertising network" only receives aggregated data with differential privacy, but the aggregation server still knows the behavior of individual browsers!
-
-This is essentially a semantic trick Mozilla is trying to pull, by claiming the advertiser can't infer the behavior of individual browsers by re-defining part of the advertising network to not be the advertiser.
-
-It is extremely disingenuous for Mozilla to claim that Firefox is adding technical measures to protect your privacy, when the reality is that your privacy is only being protected by social measures. In this particular case, Mozilla and their partner behind this technology, the ISRG (responsible for Let's Encrypt), could trivially collude to compromise your privacy.
-
-## Uselessness
-
-Finally, there is no reason for this technology to exist in the first place, because tracking aggregate ad conversions like this **can already be done** by websites without cookies and without invading privacy, using basic web technology.
-
-All an advertisement has to do is link to a unique URL: Instead of linking to `example.com` one could link to `example.com/ad01`, and the website operator simply has to track how many people visit the `ad01` page on their end.
-
-In contrast to the amazingly complex PPA setup Mozilla is pushing, this is a perfectly viable alternative that advertisers could easily adopt today. The reason they do not is simply because they have an insatiable need for as much of your data as possible.
-
-## Disabling PPA
-
-Firefox users should disable this feature:
-
-1. Open Firefox's settings page at `about:preferences`
-2. In the Privacy & Security panel, find the *Website Advertising Preferences* section.
-3. Uncheck the box labeled **Allow websites to perform privacy-preserving ad measurement.**
-
-There are also plenty of other [web browsers](https://www.privacyguides.org/en/desktop-browsers/) you could choose from, if you're growing tired of Mozilla's behavior in recent months. Between their foray into generative AI and their business acquisitions in the advertising industry itself, I certainly wouldn't blame you.
-
-PPA is an additional privacy attack surface that has no value for end users whatsoever, as its sole purpose is to give data to the advertising industry for nothing in return. Instead of focusing their efforts on compromising with advertisers, Mozilla could work to actively block unwanted data collection. Because they aren't blocking any of the myriad of ways advertisers currently track you, Mozilla is not acting in your best interest here.
-
-For a browser and organization which has built its reputation entirely on protecting user privacy, these moves are really eroding the trust of its core user base. We hope that Mozilla will listen to the overwhelming user feedback surrounding this feature and their other endeavors, and consider whether these recent actions are aligned with their core mission of putting users first.
-
----
-
-[Discuss this article on our forum](https://discuss.privacyguides.net/t/privacy-preserving-attribution-mozilla-disappoints-us-yet-again/19467/2), or leave a comment below.
diff --git a/content/blog/posts/multi-party-computation.md b/content/blog/posts/multi-party-computation.md
deleted file mode 100644
index cbf5143b2..000000000
--- a/content/blog/posts/multi-party-computation.md
+++ /dev/null
@@ -1,157 +0,0 @@
----
-date:
-    created: 2025-09-15T17:30:00Z
-categories:
-    - Explainers
-authors:
-    - fria
-tags:
-    - Privacy Enhancing Technologies
-schema_type: BackgroundNewsArticle
-description: Learn about Secure Multi-Party Computation and how it can be used to solve real-world privacy problems.
-preview:
-  cover: blog/assets/images/multi-party-computation/cover.webp
----
-# What is Multi-Party Computation?
-
-![An image of a lock and multiple keys going toward it to unlock it](../assets/images/multi-party-computation/cover.webp)
-
-<small aria-hidden="true">Illustration: Jordan Warne / Privacy Guides</small>
-
-We know how to secure data in storage using E2EE, but is it possible to ensure data privacy even while processing it server-side? This is the first in a [series](../tags.md/#tag:privacy-enhancing-technologies) of articles I'll be writing covering the privacy-enhancing technologies being rolled out.<!-- more -->
-
-## History
-
-In a seminal [paper](https://dspace.mit.edu/bitstream/handle/1721.1/148953/MIT-LCS-TM-125.pdf?sequence=1) called "Mental Poker" by Adi Shamir, Ronald L. Rivest, and Leonard M. Adleman from 1979, the researchers attempt to demonstrate a way of playing poker over a distance using only messages and still have it be a fair game.
-
-To explain, fan favorites Alice and Bob will make a return. First, Bob encrypts all the cards with his key, then sends them to Alice. Alice picks five to deal back to Bob as his hand, then encrypts five with her own key and sends those to Bob as well. Bob removes his encryption from all ten cards and sends Alice's cards back to her.
-
-<div style="position: relative; padding-top: 56.25%;"><iframe title="Mental Poker Animation" width="100%" height="100%" src="https://neat.tube/videos/embed/k5jMvrTPLx5VcgzNq3ej1B?title=0" frameborder="0" allowfullscreen="" sandbox="allow-same-origin allow-scripts allow-popups allow-forms" style="position: absolute; inset: 0px;"></iframe></div>
-
-Notice that Bob needs to be able to remove his encryption *after* Alice has applied hers. This commutative property is important for the scheme to work.
-
-This early scheme is highly specialized for this task and not applicable to different situations.
-
-### Secure Two-Party Computation
-
-Alice and Bob have struck it rich! They're both millionaires, but they want to be able to see who has more money without revealing exactly how much they have to each other.
-
-Luckily, we can use **Multi-Party Computation** (**MPC**) to solve this "Millionaire's Problem," using a method invented by Andrew Yao called *garbled circuits*. Garbled circuits allow us to use MPC for any problem as long as it can be represented as a boolean circuit, i.e. a set of logic gates such as `AND` `OR` `XOR` etc.
-
-### Garbled Circuits
-
-We can split the two parties into an "Evaluator" and a "Generator". The Generator will be responsible for setting up the cryptography that'll be used, and the Evaluator will actually perform the computation.
-
-We start by making the truth table for our inputs. In order to hide the values of the truth table, we assign each input a different label. Importantly, we need to assign a different label for each input, so 1 will not be represented by the same label for each. We also need to shuffle the order of the rows, so the values can't be inferred from that.
-
-We can still tell what the value is based on knowing the type of logic gate. For example, an `AND` gate would only have one different output, so you could infer that output is 1 and the others are 0. To fix this, we can encrypt the rows using the input labels as keys, so only the correct output can be decrypted.
-
-We still have a problem, though: how can the Evaluator put in their inputs? Asking for both labels would allow them to decrypt more than one output, and giving their input would break the whole point. The solution is something called "Oblivious Transfer".
-
-The solution is for the Evaluator to generate two public keys, one of which they have the private key for. The Generator encrypts the two labels for the Evaluator's inputs using the provide public keys and sends them back. Since the Generator only has a private key for one of the labels, they will decrypt the one they want. The Generator puts the labels in order so that the Evaluator can choose which one they want to decrypt. This method relies on the Evaluator not to send multiple keys that can be decrypted. Because some trust is required, this protocol is considered "semi-honest".
-
-There's a good explainer for Yao's garbled circuits [here](https://lcamel.github.io/MPC-Notes/story-en-US.html) if you're interested in a step-by-step walkthrough.
-
-### Birth of Multi-Party Computation
-
-Multi-Party Computation was solidified with the [research](https://dl.acm.org/doi/pdf/10.1145/28395.28420) of Oded Goldreich, Silvio Micali, and Avi Wigderson and the GMW paradigm (named after the researchers, similar to how RSA is named).
-
-#### More Than Two Parties
-
-Yao's protocol was limited to two parties. The GMW paradigm expanded the protocol to be able to handle any number of parties and can handle actively malicious actors as long as the majority are honest.
-
-#### Secret Sharing
-
-The GMW paradigm relies on secret sharing which is a method of splitting private information like a cryptographic key into multiple parts such that it will only reveal the secret if the shares are combined. The GMW protocol uses additive secret sharing, which is quite simple. You come up with a secret number, say 123, and you split it up into however many other numbers you want.
-
-`99 + 24 = 123`
-
-You distribute each number to a participant and add them all together to get the original secret. While simple, it doesn't play well with multiplication operations.
-
-#### Zero-Knowledge Proofs
-
-The GMW paradigm introduced protections against malicious adversaries, powered by zero-knowledge proofs (ZKP). ZKP allow one party to convince another party a statement is true without revealing any other information than the fact that the statement is true. The concept of ZKP was first introduced in a [paper](https://dl.acm.org/doi/pdf/10.1145/22145.22178) from 1985 by Shafi Goldwasser, Silvio Micali, and Charles Rackoff.
-
-A humorous paper titled *[How to Explain Zero-Knowledge Protocols to Your Children](https://pages.cs.wisc.edu/~mkowalcz/628.pdf)* gives a storybook explanation of how they work (who says academic papers can't be fun?).
-
-The main crux revolves around probability: if a party knows the proper way to get a result, they should be able to reliably get the correct answer.
-
-To borrow the cave explanation, imagine Alice and Bob have taken up cave exploration. They've found a cave in the shape of a loop with a magic door connecting each entrance together and Alice claims to know how to open it. However, she doesn't want Bob to know the secret to open the door.
-
-Alice, acting as the "Prover" goes into the cave. Bob, the "Verifier", stays outside and yells which side of the cave Alice should come out of. They repeat this many times. If Alice can reliably make it out of the correct side of the cave, then she must know how to open the magic door.
-
-### BGW Protocol
-
-While the GMW protocol was a huge leap forward for MPC, there were still huge limitations. The garbled circuit protocol is limited to boolean logic gates which makes implementing many different common operations much more difficult. It also requires communication for every single gate, which is highly inefficient.
-
-The researchers Michael Ben-Or, Shafi Goldwassert, and Avi Wigderson in their paper *[Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation](https://dl.acm.org/doi/pdf/10.1145/62212.62213)* made several advancements in the efficiency and robustness of MPC, moving it closer to being practical to use in the real world.
-
-#### Arithmetic Circuits
-
-Instead of boolean circuits, the BGW protocol uses arithmetic circuits. These allow for easier mathematical operations like multiplication and addition instead of being limited to logic gates on individual bits. This makes a huge difference in the amount of communication between parties and thus the efficiency of the protocol.
-
-#### Shamir's Secret Sharing
-
-The BGW protocol utilizes [Shamir's Secret Sharing](https://web.mit.edu/6.857/OldStuff/Fall03/ref/Shamir-HowToShareASecret.pdf), which relies on polynomials instead of addition. This allows for more efficiency in multiplication and allows for setting a threshold where only a certain number of shares need to be present in order to reconstruct the secret.
-
-#### Less Communication
-
-The BGW protocol doesn't require as much communication between parties, partly thanks to its use of Shamir's secret sharing which works well with arithmetic operations.
-
-Additionally, it doesn't require Oblivious Transfer or zero-knowledge proofs. Its use of Shamir's secret sharing and error correction codes instead provides the same properties in a more efficient way.
-
-### Fairplay
-
-The field was further advanced by the introduction of the [Fairplay](https://www.cs.huji.ac.il/w~noam/FairplayMP.pdf) system.
-
-Up until this paper, MPC was limited to boolean circuits or arithmetic circuits: not exactly friendly if you're a programmer that's used to using higher level languages. Fairplay introduces a compiler, SFDL, which can compile higher level languages to boolean circuits and then securely computes the circuit.
-
-Fairplay also brings some advancements in efficiency. It utilizes constant rounds, with a fixed 8 rounds, reducing the communication overhead. It also uses the free XOR technique so that encryption operations don't have to be performed on XOR gates, improving efficiency.
-
-### Real-World Usage
-
-As MPC saw gradual optimizations and improvements, it grew from an interesting thought experiment to something that could have real-world uses.
-
-#### Danish Sugar Beet Auction
-
-The first instance of MPC being used in a real-world scenario wouldn't occur until 2008.
-
-Denmark's sugar beet industry faced a problem: with the EU significantly reducing its financial support for sugar beet production, they needed to figure out what price the thousands of sugar beet farmers were willing to sell at, and which price the company that bought all the sugar beets would be willing to buy them at, a so-called "double auction" where the buyer and seller figure out the **market clearing price**, or the price at which demand meets supply most effectively.
-
-But who should be in charge of the auction? Farmers don't want to trust Danisco with their bids as it reveals information about each individual farmer's business. The farmers can't be in charge of it because they don't trust each other. They could use an external consulting firm, but then the entire operation would rely on that one firm's confidentiality and the reliability of their tools.
-
-The [solution](https://a.storyblok.com/f/266767/x/e4c85ffa34/mpc-goes-live_whitepaper_2008-068.pdf) was to use a "virtual auctioneer" that relied on MPC to fairly carry the auction out.
-
-It relied on three servers, with one representing each party: Danisco, DKS (the Danish sugar beet growers association), and The SIMAP project (Secure Information Management and Processing, a project sponsored by the Danish National Research Agency).
-
-The solution was so successful that it was used every year until 2015 when it was no longer needed. A survey of the farmers found that the vast majority found the system simplified the process of trading contracts and that they were satisfied with the level of confidentiality it provided.
-
-The first test run of MPC was a massive success and the potential was now proven.
-
-#### The Boston Women's Workforce Council
-
-In 2016, the [Boston Women's Workforce Council](https://www.boston.gov/sites/default/files/document-file-09-2017/bwwcr-2016-new-report.pdf) worked with 69 companies to investigate if women are paid the same as men.
-
-Using MPC, the companies were able to process their data without revealing the actual wages of any employees. The wage data of 112,600 employees was collected, representing about 11% of the Greater Boston workforce.
-
-You can read their detailed findings in the report, but they found that women were indeed being paid less than men: 77 cents for every dollar a man makes on average.
-
-It was reported in 2023 that thanks to this data, the Boston Women's Workforce Council was able to reduce the wage gap by 30%.
-
-#### Allegheny County
-
-In 2018, Allegheny County Department of Human Services partnered with the [Bipartisan Policy Center](https://bipartisanpolicy.org/press-release/bpc-partners-with-allegheny-county-on-new-privacy-preserving-data-project/) to implement MPC, allowing for private and secure sharing of county data on services to the homeless, behavioral health services, causes and incidence of mortality, family interventions, and incarceration.
-
-The experiment was considered a success, with a recommendation from the U.S. Commission on Evidence-Based Policymaking to further explore the use of MPC.
-
-## MPC Today
-
-Today, the [MPC Alliance](https://www.mpcalliance.org) represents a collective of companies that have come together to advance the use of MPC.
-
-MPC is used for everything from [cryptocurrency](https://www.coinbase.com/learn/wallet/what-is-a-multi-party-computation-mpc-wallet) to HIPAA-compliant [medical](https://pmc.ncbi.nlm.nih.gov/articles/PMC6658266/) uses. There are ongoing efforts to [standardize](https://csrc.nist.gov/projects/threshold-cryptography) it from organizations like NIST, although it's a difficult proposition due to the sheer variation in MPC protocols and use cases.
-
-There's been research into using MPC for secure and [verifiably fair](https://eprint.iacr.org/2014/075.pdf) [electronic voting](https://arxiv.org/html/2205.10580v4), something that's much needed as countries move toward [electronic voting](https://worldpopulationreview.com/country-rankings/electronic-voting-by-country). It's important to not completely dismiss the march of technology, but these things should be implemented with the utmost caution and scientific rigor. I feel that implementing black-box electronic voting without open and provably secure technologies like MPC is irresponsible and endangers elections.
-
-MPC acts as an essential privacy tool in the toolbox. It intersects with other PETs like homomorphic encryption, a method of encrypting data in such a way that operations can still be performed on it without revealing the unencrypted data.
-
-MPC is just one tool among many that's reshaping the privacy landscape. I'm excited to see how it's used in the future and what new advancements it unlocks.
diff --git a/content/blog/posts/onion-browser-review.md b/content/blog/posts/onion-browser-review.md
deleted file mode 100644
index 6abb3e5b1..000000000
--- a/content/blog/posts/onion-browser-review.md
+++ /dev/null
@@ -1,177 +0,0 @@
----
-title: "Onion Browser Review: Tor on iOS"
-description: "Onion Browser is our recommended way of connecting to Tor on iOS, but it does have a number of drawbacks compared to the traditional Tor Browser on other platforms you should be aware of."
-template: review-article.html
-schema_type: ReviewNewsArticle
-date:
-    created: 2024-09-18T19:00:00Z
-categories:
-    - Reviews
-authors:
-    - jonah
-links:
-    - Tor Recommendations: https://www.privacyguides.org/en/tor/
-    - Tor Overview: https://www.privacyguides.org/en/advanced/tor-overview/
-tags:
-    - Tor
-    - iOS
-license: BY-SA
-preview:
-  logo: theme/assets/img/self-contained-networks/onion_browser.svg
-review:
-  type: MobileApplication
-  category: BrowserApplication
-  subcategory: Tor Network Browser
-  name: Onion Browser
-  price: 0
-  website: https://onionbrowser.com/
-  rating: 3.5
-  pros:
-    - Officially endorsed way to access Tor on iOS.
-  cons:
-    - Some inconsistent and confusing settings.
-    - Doesn't provide the same protections as Tor Browser.
----
-![Onion Browser logo](../assets/img/self-contained-networks/onion_browser.svg){ align=right }
-
-Search the App Store for "Tor Browser" and you'll be flooded with a variety of ways to connect to the Tor network from your iPhone. However, there's only one solution officially [endorsed](https://support.torproject.org/tormobile/tormobile-3/) by the Tor Project themselves: **Onion Browser**.<!-- more -->
-
-[Homepage](https://onionbrowser.com)
-[Privacy Policy](https://onionbrowser.com/privacy-policy)
-[Documentation](https://onionbrowser.com/faqs)
-[Source Code](https://github.com/OnionBrowser/OnionBrowser)
-[Contribute](https://onionbrowser.com/donate)
-{ .pg:buttons }
-
-Onion Browser is an open-source app created by Mike Tigas, who has worked closely with Tor Project in the past and was previously an investigative journalist at ProPublica (he is currently an advisor at the FTC). His company still maintains the app, although lately it is primarily [developed](https://github.com/OnionBrowser/OnionBrowser/graphs/contributors) by other maintainers.
-
-!!! info inline end "Side info"
-
-    - [App Store download](https://apps.apple.com/app/id519296448)
-
-We already recommend Onion Browser for any iOS users out there, with the important caveat that it doesn't have all the privacy features that Tor Browser on *other* operating systems would provide.
-
-## Usage
-
-Of course installing Onion Browser is as easy as any other app on iOS, Apple ID unfortunately required. Onion Browser can be set as your default browser in system settings too, which is nice.
-
-When you open Onion Browser for the first time you're given the option to connect to Tor via [Orbot](https://www.privacyguides.org/en/tor/#orbot), or with a built-in Tor network proxy. Using the built-in option is the easiest, it connects very quickly and doesn't require a separate app. It also allows you to [use Tor alongside another VPN app](https://www.privacyguides.org/en/advanced/tor-overview/#safely-connecting-to-tor), which may be helpful in certain circumstances. The Orbot app acts as its own "VPN connection" in iOS preventing the possibility of combining it with another VPN, but it is more flexible, and it extends Tor network protections to every app on your device.
-
-<figure markdown="span">
-  ![A screenshot asking whether you want to use Orbot or built-in Tor to connect, noting the built-in Tor has security problems.](../assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp){ width="200" }
-  <figcaption>You're presented with a choice at startup</figcaption>
-</figure>
-
-Using the dedicated Orbot app also provides more robust protections against IP address leaks. Onion Browser warns in its comparison that using the built-in option could leak your IP or network information to malicious JavaScript code.
-
-I confirmed the built-in option works perfectly fine, in fact I occasionally had trouble connecting Orbot to Onion Browser, where it would re-prompt me to start Orbot even though it was already running until I restarted the Onion Browser app. The built-in proxy generally worked seamlessly. However, for most people using Onion Browser alongside Orbot probably still makes more sense. It's the official recommendation from Tor Project and the browser's developer themselves, so that's what I'll be sticking with for the rest of this review.
-
-<figure markdown="span">
-  ![A screenshot of check.torproject.org that says congratulations, this browser is configured to use Tor. It shows the IP address of the exit node, then states: however, it does not appear to be Tor Browser.](../assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp){ width="200" }
-  <figcaption>You can check your connection at check.torproject.org, but you'll be warned you're not using Tor Browser</figcaption>
-</figure>
-
-Onion Browser comes with 6 `.onion` bookmarks preinstalled: DuckDuckGo, the New York Times, the BBC, ProPublica, Freedom of the Press Foundation, and Deutsche Welle, which provides you with a good entry point into Tor network resources.
-
-<figure markdown="span">
-  ![A screenshot of the default new tab page, purple, with 6 bookmarks pre-installed](../assets/images/onion-browser-review/D0A2D20B-5550-4C1F-8FC6-F6D84AEBDF13_1_102_o.jpeg){ width="200" }
-  <figcaption>You can get started right away with built-in resources</figcaption>
-</figure>
-
-DuckDuckGo via its `.onion` address is also the default search engine. Unlike Safari, search engines in Onion Browser are completely configurable. Included by default are a few different DuckDuckGo configurations, Google, and Startpage, but you can add your own [search engine](https://www.privacyguides.org/en/search-engines/) easily if you prefer another option.
-
-I ran into trouble with DuckDuckGo not being able to display results, however. Switching to the **DuckDuckGo HTML** search engine in settings helped, and I prefer that more lightweight version myself anyway. I'm curious whether this is a common issue or a momentary glitch with DuckDuckGo, but neither switching circuits nor reducing security levels fixed it. Speaking of...
-
-<figure markdown="span">
-  <div markdown="span" style="display: flex; gap: 1em; justify-content: center;">
-    ![A screenshot of DuckDuckGo saying sorry, we ran into an issue displaying these results, and asking to try again](../assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp){ width="200" }
-    ![A screenshot of DuckDuckGo results loading normally when using the HTML version of the search engine](../assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp){ width="200" }
-  </div>
-  <figcaption>DuckDuckGo wouldn't work until I used their HTML-only version</figcaption>
-</figure>
-
-### Security Levels
-
-There are three configurable security levels in Onion Browser: Bronze, Silver (the default), and Gold. These levels roughly correlate to the *Safe, Safer, Safest* [security levels](https://tb-manual.torproject.org/security-settings/) in regular Tor Browser.
-
-<figure markdown="span">
-  ![A screenshot showing the security level for this site settings and three options, Gold, Silver, and Bronze](../assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp){ width="200" }
-  <figcaption>You can toggle security levels on a per-site basis with two taps</figcaption>
-</figure>
-
-I had no issues browsing the web in the standard Silver level, which felt similar to just using Safari. Even websites which rely a bit more on JavaScript like our own [forum](https://discuss.privacyguides.net/) were unaffected, so this seems to be a sane default for most people.
-
-The security level toggle next to the address bar is a bit dangerous, in my opinion. It changes the security level on a per-site basis, which can lead to inconsistent settings. I ran into this when I set the security level to Gold on privacyguides.**org**, then I navigated to our forum (hosted on privacyguides.**net**) and found the security level reset itself to Silver. Changing the security level for all sites requires going into the app's settings and changing the default security, which is something to keep in mind if you don't trust the sites you're visiting.
-
-That being said, I also found that even the default security level setting didn't apply itself consistently after changing it. When I set the default security to Gold and opened DuckDuckGo, it opened at the lower Silver security level. I believe this is because I had manually set DuckDuckGo to Silver using the per-site toggle earlier, but changing the default setting *really* should reset those preferences.
-
-The Gold browsing experience definitely broke more websites. Our forum didn't load at all, despite theoretically having a non-JavaScript version available. Other pages had broken elements: I loaded the Freedom of the Press Foundation's homepage fine, but I wasn't able to open the mobile navigation menu with the button in their header without switching back to Silver.
-
-Something to note is that even the Gold level protections don't go nearly as far as Safest protections in Tor Browser. For example, the Safest setting on desktop Tor Browser will block resources like external fonts, which are not blocked on any level by Onion Browser. Onion Browser is meant to be a censorship circumvention tool, but it is not ready to defend your anonymity against any more dedicated adversaries.
-
-### Other Settings
-
-Onion Browser comes with reasonable defaults and a fairly sparse number of customization options, but there's some you'll probably want to change if you're using this every day.
-
-The **Tab Security** setting defaults to *Forget in Background*, which I found closes your tabs even if you simply check your notifications. It's certainly good that it errs on the side of caution and closes your tabs when you do literally *anything* outside the app, but I think most people will probably prefer this set to *Forget at Shutdown* where the data is only wiped when the app is actually closed. If you're really not concerned about local data storage, you can have the browser remember tabs until you close them for a more standard browser-like experience.
-
-In the **Default Security** settings you can choose a different user agent, or leave it blank to send the default, in which case it sends Safari's default user agent for your device. You may find this useful to change how websites present themselves, but impersonating the user agent of another browser does **not** make you blend in with that browser from a fingerprinting perspective. There are many ways a website could determine what browser you are using outside your user agent, so don't rely on this setting to make you blend in with everyone else using Tor Browser on other devices.
-
-Besides leaving it blank for the default, it comes with three built-in user agent strings you can choose from, or you can enter your own. You might find it useful to use Tor Browser for Android's, but if you have no idea what any of this means it's probably best to leave the user agent settings alone.
-
-=== "Default (on my device)"
-
-    ```
-    Mozilla/5.0 (iPhone; CPU iPhone OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/605.1.15
-    ```
-
-=== "Safari Desktop"
-
-    ```
-    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Safari/605.1.15
-    ```
-
-=== "Tor Browser Desktop"
-
-    ```
-    Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
-    ```
-
-=== "Tor Browser Android"
-
-    ```
-    Mozilla/5.0 (Android 9; Mobile; rv:78.0) Gecko/20100101 Firefox/78.0
-    ```
-
-The other settings in the app are fairly self-explanatory, but I don't expect many people will need to change them.
-
-## Drawbacks
-
-A large part of Onion Browser's problems come down to how iOS works. Most notably the iOS requirement for third-party browsers to use the WebKit framework built in to iOS.
-
-This requirement means that Onion Browser has completely separate development from Tor Browser on desktop and Android, so it can't easily make use of all the advanced privacy-protecting features the Tor Project team is constantly adding to their browser. Technically it does also mean Onion Browser has historically been immune to [Firefox-related vulnerabilities](https://blog.mozilla.org/security/2016/11/30/fixing-an-svg-animation-vulnerability/), but Safari is not known for its perfect security record either, and the number of eyes on Tor-related *WebKit* vulnerabilities is certainly far smaller than on *Firefox/Gecko*-related ones.
-
-The Tor Project [notes](https://blog.torproject.org/tor-heart-onion-browser-and-more-ios-tor/) another drawback to Onion Browser's use of WebKit as well: The WebKit APIs simply don't give browser developers the level of control they're used to over the rendering and execution of web pages. This relates to what we saw earlier with the "Gold" protection levels not quite matching what you'd see in Tor Browser on other platforms.
-
-The EU recently required Apple to let third-party browser developers use their own engines instead of WebKit. It's possible that—likely many years from now—a version of Onion Browser or Tor Browser could come to iOS alongside Tor's stricter protections found in their standard browsers. Even still, the mobile version of Tor Browser on Android which *does* use Firefox's mobile engine is leagues behind desktop Tor Browser in terms of privacy and security. It's safe to say that desktop Tor Browser is going to be the best way to access Tor for quite some time.
-
-## Lockdown Mode
-
-There is one more way to improve Onion Browser security, but we have to look outside the browser to find it. [Lockdown Mode](macos-ventura-privacy-security-updates.md#lockdown-mode) is a feature introduced in iOS 16 that reduces the attack surface of your device by disabling a myriad of features, including web browsing features that could potentially impact security.
-
-Because Onion Browser is built on Apple's WebKit, these security improvements extend to Onion Browser as well. Most notably, external web fonts *are* blocked in Onion Browser with Lockdown Mode enabled, just as they are in Safari. These are disabled in desktop Tor Browser's Safest mode due to both privacy concerns, and security concerns related to the font rendering engine on your device, so having the option to disable them here on iOS is very useful for those looking to maximize their security.
-
-<figure markdown="span">
-  ![A screenshot of the Privacy Guides homepage with external fonts disabled](../assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp){ width="200" }
-  <figcaption>External fonts and JavaScript disabled with Gold + Lockdown Mode</figcaption>
-</figure>
-
-However, enabling Lockdown Mode *is* detectable by websites, meaning it could potentially be used to fingerprint you. Onion Browser in any form does not really provide the same fingerprinting protections that desktop Tor Browser is able to, so this probably shouldn't stop you from using Lockdown Mode, but it is something to keep in mind.
-
-## Conclusion
-
-The decision to use Onion Browser will ultimately come down to your specific requirements. If you simply need a web browser that connects to [Tor hidden services](https://www.privacyguides.org/en/advanced/tor-overview/#path-building-to-onion-services), and you're not concerned with being tracked down, this is a perfectly reasonable choice on iOS.
-
-It's also a good way to promote and normalize the use of Tor in general. My browsing experience using Onion Browser, while still a bit slower than regular browsing, was perfectly acceptable for reading the news, searching the web, and other everyday browsing tasks most of us do on our phone. The more people that use Tor for their everyday traffic, the safer the overall network becomes for people who really need it.
-
-Just don't expect the same level of protection that desktop Tor Browser can provide. If you're concerned about serious adversaries targeting you, the safest way to use Tor is still to use it via [Whonix+Qubes](https://www.privacyguides.org/en/desktop/#whonix).
diff --git a/content/blog/posts/privacy-guides-hires-three-staff-members.md b/content/blog/posts/privacy-guides-hires-three-staff-members.md
deleted file mode 100644
index 779a968c6..000000000
--- a/content/blog/posts/privacy-guides-hires-three-staff-members.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-date:
-    created: 2025-01-17T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - niek-de-wilde
-tags:
-    - Privacy Guides
-description: Privacy Guides is welcoming three new additions to the team.
-schema_type: NewsArticle
----
-
-# Privacy Guides Hires Three Staff Members
-
-At Privacy Guides, we are always looking for ways to be more effective at our mission of promoting privacy and security for everyone. To help us grow, reach a broader audience, and provide more high quality educational resources, we are thrilled to announce the hiring of three talented individuals to our team! Each of them brings a strong passion to their respective roles, and we are excited about working with them.<!-- more -->
-
-## Em – Journalist
-
-![](https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/em/288/8211_2.png){ align=right }
-
-We’re excited to welcome Em (she/her), our new journalist, who will play an important role in taking our [articles](https://www.privacyguides.org/articles/) to the next level. She will be focusing on creating in-depth, interesting posts that explore the most important topics in the world of online privacy, security, and digital rights. Em will also conduct interviews with experts in the industry, analyze reports and studies, and produce investigative news stories to keep our readers informed.
-
-*Em is a privacy advocate and public‑interest technologist who has been fervently defending privacy rights online (and offline) since 2018. Her work focuses on raising awareness and informing the public and organizations on data privacy tools, practices, and regulations. She is a passionate writer and thorough investigator, continuously working on ways to improve adoption of better privacy practices, and regularly creating educational material to make protective tools accessible to the groups who need them most.*
-
-*Em is also a human rights activist who deeply values inclusivity, diversity, accessibility, and software for the public good. In her free time, you can find Em on Mastodon sharing privacy tips or boosting photos of cats and moss.*
-
-[Follow Em at @Em0nM4stodon@infosec.exchange](https://infosec.exchange/@Em0nM4stodon)
-
-## Jordan – Content Producer
-
-![](https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/jordan/288/7793_2.png){ align=right }
-
-We also welcome Jordan Warne (they/them), our new content producer who will manage our channels on various video platforms! Jordan has a strong background in video production and content strategy, and we’re confident that they will help us expand our reach and connect with a broader audience. Through informative, easy-to-understand videos, Jordan will simplify complex privacy topics and keep our community engaged. Expect a significantly larger presence on our [PeerTube](https://neat.tube/c/privacyguides/videos) and [YouTube](https://www.youtube.com/@privacyguides) channels in the coming months!
-
-*Jordan is a passionate creative with an education in both cybersecurity and photography. Having completed a Diploma of Digital Imaging at Billy Blue College of Design, Jordan is equipped with the skills and experience to take Privacy Guides' video content to the next level. Having recently completed a Diploma of Information Technology (Cybersecurity) Jordan has the unique skill set to simplify complex cybersecurity topics and turn them into engaging and approachable content.*
-
-*Outside producing high-quality videos, Jordan enjoys exploring the Australian bush, capturing intricate details of its flora and fauna through photography.*
-
-[Follow Jordan at @jw@social.lol](https://social.lol/@jw)
-
-## Kevin – Intern
-
-![](https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/kevpham/288/8198_2.png){ align=right }
-
-Last but not least, we are excited to start working with Kevin Pham (he/him), our new intern focused on community & news, who will support both Em and Jordan in their roles while also engaging with our community across all platforms. His enthusiasm for digital privacy and his commitment to helping others make him a perfect fit for our team. He will help with managing our community, and interact with our growing online community to ensure that everyone has a voice. Kevin’s passion and eagerness to learn will no doubt contribute greatly to our mission.
-
-*Kevin is a senior at Tufts University studying Political Science and Science & Technology Studies. Originally from Florida, he is now freezing up in the greater Boston area. Kevin is passionate about usable security and privacy for vulnerable populations. He has previously worked with Freedom of the Press Foundation's Digital Security Team and Cornell Tech's Clinic to End Tech Abuse to help journalists and domestic violence survivors alike.*
-
-*Besides doom scrolling on social media, he loves cooking new recipes, reading philosophy essays, and perpetuating his caffeine addiction with Vietnamese coffee. Please feel free to reach out to him to discuss anything regarding best operational security practices and threat modeling...or just say hi!*
-
-[Follow Kevin at @kevpham@mastodon.social](https://mastodon.social/@kevpham)
-
-## What This Means for Privacy Guides
-
-The expansion of the Privacy Guides team continues our commitment to provide the best quality resources and information on privacy and security. With Em’s investigative work, Jordan’s video content, and Kevin’s hands-on support, we look forward to communicating easy to understand and factual information with a broader audience.
-
-We’re excited to see how these talented people will help Privacy Guides continue to grow, and we look forward to the amazing work they will contribute in the coming months.
-
-Thank you for being a part of our community, and stay tuned for the exciting new content and updates that will be coming your way soon!
-Welcome aboard, Em, Jordan, and Kevin! Let’s make privacy accessible for everyone. 🚀
-
-[Follow Privacy Guides at @privacyguides@neat.computer](https://mastodon.neat.computer/@privacyguides)
-
-[Subscribe to Privacy Guides on YouTube](https://www.youtube.com/@privacyguides)
diff --git a/content/blog/posts/privacy-guides-partners-with-magic-grants-501-c-3.md b/content/blog/posts/privacy-guides-partners-with-magic-grants-501-c-3.md
deleted file mode 100644
index 4dbc3a4ed..000000000
--- a/content/blog/posts/privacy-guides-partners-with-magic-grants-501-c-3.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-date:
-    created: 2024-07-22T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - jonah
-description: We're excited to announce a partnership with MAGIC Grants, a Public 501(c)(3) charity with the mission of supporting privacy projects like ours and providing undergraduate scholarships for students interested in cryptocurrencies and privacy.
-schema_type: BackgroundNewsArticle
-preview:
-  cover: blog/assets/images/privacy-guides-partners-with-magic-grants-501-c-3/magicblog.webp
----
-# Privacy Guides Partners With MAGIC Grants 501(c)(3)
-
-![](../assets/images/privacy-guides-partners-with-magic-grants-501-c-3/magicblog.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-In February, the OpenCollective Foundation (OCF)—[our fiscal host of 4 years](https://blog.privacyguides.org/2019/10/31/weve-joined-the-open-collective-foundation/)—emailed us to [announce](https://docs.opencollective.foundation/) that they would be shutting down, and they would no longer be able to collect donations on our behalf (or for any of the hundreds of projects they provided fiscal hosting services to). We immediately began to consider multiple options for the future of this project, including forming our own non-profit or finding another [fiscal host](https://en.wikipedia.org/wiki/Fiscal_sponsorship).<!-- more -->
-
-We're excited to announce a [partnership](https://magicgrants.org/2024/07/22/Privacy-Guides-Fund) with MAGIC Grants, a Public 501(c)(3) charity with the mission of supporting privacy projects like ours and providing undergraduate scholarships for students interested in cryptocurrencies and privacy. They will immediately take over all the operations previously provided by OCF, including accepting donations on our behalf, handling any of our accounting and taxes, reimbursing team members and volunteers, and taking legal ownership of assets like our domains and servers.
-
-This last point is important, because we want to ensure Privacy Guides is never fully reliant on a single individual like myself. This setup ensures Privacy Guides never strays from its mission of providing free and accessible privacy and security resources to protect consumers.
-
-Of course, all of our projects including the [open-source](https://github.com/privacyguides/privacyguides.org) Privacy Guides website, our communities, and this blog remain editorially independent and volunteer led. This partnership only affects our administrative platform behind the scenes.
-
-MAGIC Grants was the right choice for our project for a number of reasons:
-
-1. They are a 501(c)(3) non-profit, which allows us to retain our tax-deductible status in the United States, and means there are legal safeguards in place to prevent Privacy Guides from being used for personal profit.
-2. They've provided us with a great deal of flexibility and independence over how we run our project, and added many safeguards to ensure the current Privacy Guides team retains ultimate control over the project. This means that nothing about Privacy Guides will change, now or in the future, due to outside influence.
-3. They've generously offered to provide their services to us for no fee, in support of our shared core mission of creating great educational materials.
-
-Finally, unlike OCF, MAGIC Grants is extremely flexible when it comes to accepting cryptocurrencies. Previously we have not been able to accept cryptocurrency donations, because OCF did not have the accounting tools in place to handle such transactions. MAGIC Grants is highly experienced in the cryptocurrency—and especially [Monero](https://www.privacyguides.org/en/cryptocurrency/)—space, and we will be able to accept completely private donations through that very soon.
-
-Donations to Privacy Guides are considered restricted contributions which may only be used under the [Privacy Guides Fund agreement](https://magicgrants.org/funds/privacy_guides/) we have with MAGIC Grants, and not for any of MAGIC Grants’ other endeavors. You can make a general donation to MAGIC Grants on their [website](https://magicgrants.org/contribute/).
-
----
-
-We considered forming our own organization, but estimated that the initial costs to do so would meet or exceed our current annual budget, which wasn't financially viable. We have reserved the right to spin off as an independent non-profit, or to transfer to another fiscal host in the future, if we feel it would be beneficial to do so.
-
-Running this network of websites and services for free to the public is a time-consuming and costly endeavor. We do it because we believe it is the right thing to do, not because we are looking to make a profit. Any contributions have been either used to pay our expenses or saved in a reserve for expansion or times of need.
-
-Your support of this project will help us keep our servers running and pay for other various expenses accrued by the team while developing this community. We do not operate Privacy Guides for personal profit, and all funds will be used to further our mission in one form or another.
-
-If you like what we do, please consider contributing to our project at <https://www.privacyguides.org/en/about/donate/>.
-
----
-
-Read more about the [Privacy Guides Fund announcement](https://magicgrants.org/2024/07/22/Privacy-Guides-Fund) on MAGIC Grants' blog.
diff --git a/content/blog/posts/privacy-is-like-broccoli.md b/content/blog/posts/privacy-is-like-broccoli.md
deleted file mode 100644
index 9ff15f9b8..000000000
--- a/content/blog/posts/privacy-is-like-broccoli.md
+++ /dev/null
@@ -1,112 +0,0 @@
----
-date:
-    created: 2025-07-24T18:20:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: Improving privacy can get overwhelming at first. It's important to move one step at a time, but remain persistent. Good privacy is like good health habits.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/privacy-is-like-broccoli/broccoli-cover.webp
----
-
-# Privacy Is Like Broccoli
-
-![Background filled with numbers from 0 to 2, representing binary code separated by the character 2. Outlined in bright green color is the shape of a piece of broccoli.](../assets/images/privacy-is-like-broccoli/broccoli-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides</small>
-
-If you are just starting the journey to improve your privacy online, you might feel overwhelmed by all the information you recently learned. This is normal, don't panic!<!-- more -->
-
-When we first start learning about how much data is collected on us, and all the things we need to do to protect it, it's very common to feel stressed and distressed.
-
-In a state of panic, you might be tempted to try doing it all at once, driven by an urgent desire to delete yourself from the entire internet, like right now! While this feeling is very understandable, this is the wrong approach.
-
-The right approach is to see privacy like broccoli. Yes, broccoli, you have not misread me.
-
-## Privacy is like good health habits
-
-Good privacy is very similar to good health habits. If you want to improve your health, and your plan for this is to take one week per year to stuff yourself with broccoli, spend 7 days in a bath, and exercise 20 hours per day that week (while in the bath eating broccoli, I presume), then for the rest of the year follow a strict diet of ice cream and chips without any exercise or hygiene, you will not in fact end up being healthier.
-
-The best *sustainable* approach to become healthier is to adopt better practices that you can keep doing the *whole* year, at a reasonable pace.
-
-Slowly, while you eat some broccoli with healthy meals once in a while, exercise moderately but regularly, and take care of your body in general, you will effectively improve your health over the months and years.
-
-The same is true for data privacy.
-
-Trying to stuff yourself with better privacy is a common and normal reaction after realizing how much of our personal data is getting exploited online. The extent to which our privacy rights are getting violated daily is understandably terrifying.
-
-However, trying to fix it all at once can lead to the greatest danger of all: Giving up entirely.
-
-As it is for good health habits, it's important to work on adopting good privacy habits slowly but *persistently*. These improvements need to be habits you will be able to maintain through the whole year.
-
-For some privacy-enhancing tools, it might take more time to set it up and get used to it at first, but then take no extra time to keep using it through the year. Nevertheless, it's important to actually **keep using these tools**. If you spend money on a stationary bike, then leave it to collect dust in the garage, this isn't going to improve your health at all.
-
-## What you can do concretely
-
-There is so much you can do to improve your privacy online, but here's the good news: You should start with the *easiest*.
-
-Here are a few things you can start doing to improve your data privacy. Start with the **easiest for you.** Complete goals **one at a time**. Once you are comfortable with one improvement, **then pick another one**.
-
-Don't forget to keep using these tools and practices through the whole year, not just for one stuffing-broccoli week. The key here is persistence.
-
-### Tools and services you can start using
-
-Start with the improvements that are easier for you, and with the recommendations that are realistically applicable to your unique situation. Only you can determine what are the tools that work best for yourself. Don't do it all at once! Pace yourself, but stay persistent.
-
-- [x] [**Browser**: Start using privacy-respectful browsers](https://www.privacyguides.org/en/desktop-browsers/)
-
-- [x] [**Internet Search**: Use a privacy-focused search engine](https://www.privacyguides.org/en/search-engines/)
-
-- [x] [**Communication**: Use Signal for your text messages, calls, and video chats whenever possible](https://www.privacyguides.org/en/real-time-communication/#signal)
-
-- [x] [**Social Media**: Start using better social media like Mastodon](https://www.privacyguides.org/en/social-networks/)
-
-- [x] [**Documents**: Use CryptPad for your collaborative documents and forms](cryptpad-review.md)
-
-- [x] [**Security**: Enable multifactor authentication for your accounts](https://www.privacyguides.org/en/multi-factor-authentication/)
-
-- [x] [**Passwords**: Start using a secure password manager](https://www.privacyguides.org/en/passwords/)
-
-- [x] [**Email**: Migrate to a privacy-respectful email service](https://www.privacyguides.org/en/email/)
-
-- [x] [**Virtual Private Network**: Protect your IP address with a trustworthy VPN service](https://www.privacyguides.org/en/vpn/)
-
-- [x] [**Cloud**: Move your data to an end-to-end encrypted cloud storage](https://www.privacyguides.org/en/cloud/)
-
-- [x] [Continue your journey with more recommendations here!](https://www.privacyguides.org/en/tools/)
-
-### Practices and habits to adopt progressively
-
-- [x] [**Use pseudonymity when creating accounts:**](stay-safe-but-stay-connected.md/#pseudonymity) Favor sharing only a nickname or a first name when possible. Create accounts using email aliases, unique passwords, and a VPN connection when you can. Avoid sharing your phone number as much as possible.
-
-- [x] [**Limit the photos you share:**](stay-safe-but-stay-connected.md/#photo-sharing) Be careful when sharing photos of yourself online. Be mindful of the information it contains, such as precise location. Examine your photos for reflections that could share more details than you intended. Keep in mind that using the same photos on different services might link these services together. Never share photos of others without their prior consent!
-
-- [x] [**Remove metadata:**](stay-safe-but-stay-connected.md/#file-metadata) Whenever you share a photo or a file somewhere, strip the metadata from this file before sharing it.
-
-- [x] **Minimize shared data:** When filling a form or creating an account, don't share more information than what is necessary. Even if there is a question with a field, this field might not be mandatory to fill. Only fill the mandated information to obtain the service you need.
-
-- [x] [**Opt out of data collection, say no:**](you-can-say-no.md) Whenever possible, try opting out of unnecessary data collection. Sometimes, options to opt out aren't advertised, but you can ask if there is one. Opt out of meetings or medical visits being recorded (often done from AI transcription tools), opt out of facial scans at airports (if you legally can), reject all cookies!
-
-- [x] **Opt out of AI features:** Each time a service or app asks for your consent to use a "smart" feature, if you don't absolutely need it, choose No. Don't use AI features if you can avoid it. Unfortunately, many if not most of these features do collect your data, in a way that often makes it impossible to delete later. Unless you have reliable guarantees this feature is privacy-respectful, it's always safer to opt out and say no.
-
-- [x] [**Delete your unused accounts:**](https://www.privacyguides.org/en/basics/account-deletion/) Get into the habit of deleting the accounts you no longer use (and the data it contains). If required, email the service to submit an official data deletion request. You will feel lighter and lighter over time!
-
-- [x] **Continue your journey with us:** Keep consulting our many resources to adopt even more healthy privacy practices persistently!
-
-## Persistence is key
-
-There are a lot of recommendations above, but don't do it all at once. Be careful not to choke on broccoli!
-
-Take steps to bookmark this information for later, and go through it slowly at a pace that doesn't overwhelm you. **Always take the easiest next step.**
-
-Maybe keep a to-do list, use a privacy-respectful calendar app, or even a bingo card (gamified privacy!) for your privacy improvement goals for the year. Make it easy, and make it fun!
-
-Perhaps joining a group of like-minded people may also help you to stay motivated. There's a truly wonderful community on our [Privacy Guides Forum](https://discuss.privacyguides.net/) you are welcome to join! Many people there will be able to help you if you have questions through your privacy journey. Give yourself the tools and support you need to succeed, you are not alone with this.
-
-Your greatest enemy is yourself giving up.
-
-Your greatest allies are the amazing variety of free privacy-preserving tools and services available to you, the numerous guides and communities out there to help you, and the friends you will make along the way.
-
-Remember to stay healthy and persistent with your privacy! 🥦✨
diff --git a/content/blog/posts/privacy-is-not-dead.md b/content/blog/posts/privacy-is-not-dead.md
deleted file mode 100644
index 5177aef03..000000000
--- a/content/blog/posts/privacy-is-not-dead.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-date:
-    created: 2025-02-17T20:00:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: Privacy is only dead if we let it die. Be careful about the all-or-nothing mindset in data privacy, it can do more damage than good to the cause. While striving for improvements, do not forget to cheer and celebrate each small win.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/privacy-is-not-dead/cover.webp
----
-# No, Privacy is Not Dead: Beware the All-or-Nothing Mindset
-
-![Photo of a protest with someone holding a sign saying Fight Today For a Better Tomorrow.](../assets/images/privacy-is-not-dead/cover.webp)
-
-<small aria-hidden="true">Photo: Markus Spiske / Pexels</small>
-
-In my work as a privacy advocate, I regularly encounter two types of discourse that I find very damaging to privacy as a whole. The first one is the idea that *privacy is dead*, implying it's not worth putting any effort to protect personal data anymore. This is the abdication mindset. This attitude is the one that scares me the most because without giving it a fight then of course the battle is lost in advance. **Like a self-fulfilling prophecy, privacy is dead if you let it die.**<!-- more -->
-
-All human rights have seen advancements and improvements in history through long battles and hard-earned victories. There needs to be people willing to fight in order to win the fight. Losing a human right is easy. Protecting a human right always requires lots of effort.
-
-The second mindset I want to bring up might seem like the diametric opposite, but in fact often leads to the same outcome overtime, and feeds the aforementioned. It's the mindset assuming that for anything to have value in data privacy it needs to be 100% perfectly private and secure.
-
-While it's true we should strive to build better privacy-focused tools and practices every day, it's extremely important to keep an open mind and a nuanced approach in data privacy.
-
-Now to be precise, I'm absolutely *not* talking about criticisms of false claims and snake oil. There's a lot of snake oil in data privacy and every misleading information and gimmick product should be exposed and severely condemned publicly.
-
-What I'm talking about here is different. I'm referring to the idea that if a *good* product/tool/practice isn't perfect it isn't worth using it. This mindset is missing such an important point. The point isn't to make privacy perfect. The point here is to **reduce harm and improve privacy by small increments** at a pace that is realistically sustainable for an average person.
-
-Here's a concrete example: Let's say your friend just told you they moved their communications from SMS to Signal. This is something to celebrate! Your friend just improved their data privacy a lot by deciding to start [using Signal instead of SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why/). It is absolutely *not* the time to tell your friend things like "Okay, but you're not even using Firefox!" Cherish the win, encourage your friend to embrace Signal and appreciate the new protections it offers. Once your friend is comfortable with Signal, then you can slowly bring a new idea: "Hey Friend! I'm so glad we can communicate with Signal now, this is wonderful! I'd love to introduce you to this new browser now, I think you'd like it too!"
-
-Help people move slowly but surely in the right direction, at their own pace, and with lots of positive reinforcements.
-
-Another example of the same issue: Let's say someone posts on social media they just discovered (or recommend) this great PrivacyProduct™️ and love it! This is fantastic! This person just improved their privacy by starting to use a tool (or recommending a tool) that is *more* private than the previous one. Again, this is something to celebrate. It is absolutely *not* the time to reply something like "But this PrivacyProduct™️ logs your IP! Maybe it's end-to-end encrypted, but they log your IP! You should instead use this OtherPrivacyProduct™️ that is much less usable, has none of the features you need, and you will definitely hate it, but it's so much more private!"
-
-When someone replies things like that, it only has the effect of discouraging people from adopting new tools that improve their privacy. **This sort of reply makes them want to stop sharing their enthusiasm about data privacy and go back to their old ways.** Even worse, this often has the effect of planting doubt in the minds of everyone else around who were also thinking about migrating from BigTechProduct™️ to the better PrivacyProduct™️. **This doubt brings inertia**, and with inertia they will just stay with BigTechProduct™️, and their privacy is now *much* worse for it.
-
-I understand that we are all very passionate about data privacy and would love others to move so much faster to meet us here. But our impatience can sometimes create more damage to the cause. It is critical to push hard for privacy rights and practices with *governments* and *organizations*. Yes, push hard there, be relentless. Institutions only listen to the people when the people scream. But with *individuals*, when someone shares their excitement for data privacy, when someone shares their PrivacyProduct™️ recommendation that, even if imperfect, is still a great tool without misleading information, then **we should all celebrate and support this**.
-
-Privacy isn't just about the tools we use. Privacy is a culture we need to build. Cultures come with mindsets and customs. I would love to see the privacy community thrive and celebrate together every win we get. **Tolerate imperfection and treasure improvement.** Every little step on the path to better privacy rights and better privacy practices is a win.
-
-Celebrate and cheer loudly each little privacy win. This is how we all win.
diff --git a/content/blog/posts/privacy-means-safety.md b/content/blog/posts/privacy-means-safety.md
deleted file mode 100644
index c975ac343..000000000
--- a/content/blog/posts/privacy-means-safety.md
+++ /dev/null
@@ -1,225 +0,0 @@
----
-date:
-    created: 2025-03-25T20:30:00Z
-categories:
-    - News
-authors:
-    - em
-description: Privacy is a human right that should be granted to everyone, no matter the reason. That being said, it's also important to remember that for millions of people around the world, data privacy is crucial for physical safety. For people in extreme situations, privacy can literally mean life or death.
-schema_type: NewsArticle
-preview:
-  cover: blog/assets/images/privacy-means-safety/privacy-means-safety-cover.webp
----
-# Privacy Means Safety
-
-![Photo of a padlock with "SOS" written on it and a drawn heart instead of an "O" letter. It is locked on a metal fence.](../assets/images/privacy-means-safety/privacy-means-safety-cover.webp)
-
-<small aria-hidden="true">Photo: Georgy Rudakov / Unsplash</small>
-
-Privacy is a human right that should be granted to everyone, no matter the reason. That being said, it's also important to remember that for millions of people around the world, data privacy is crucial for physical safety. For people in extreme situations, privacy can literally mean life or death.<!-- more -->
-
-Many of us have experienced moments when our privacy concerns have been minimized or even completely dismissed.
-
-This general hostility towards data protection is dangerous. Yes, dangerous. **Data privacy isn't a trivial matter.**
-
-There are many circumstances where inadvertently or maliciously exposed data can put someone in grave danger. Worse, sometimes this danger might not even be known at the time, but might become incredibly important later on.
-
-We should never downplay the serious risk of exposing someone's data, even if this isn't a situation we personally experience, or even understand.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Content Warning: This article contains mention of sexual assault, violence, and death.</p></div>
-
-## Leaked data can have grave consequences
-
-This isn't a hypothetical situation. There has been many tragic events where people have been harmed and even killed because data about them was leaked, stolen, or otherwise revealed to someone hostile.
-
-### Children
-
-The data of children is something our society should be much more invested in protecting, yet most new legislation [proposed](the-future-of-privacy.md#chat-control-wants-to-break-end-to-end-encryption) or [passed](the-future-of-privacy.md#age-verification-wants-to-collect-your-sensitive-data) to supposedly protect the children are doing the complete *opposite*, endangering everyone's data, *including* the children's.
-
-As for the data protection we already have, they are insufficient to protect most people's data, also including the children's.
-
-In 2020, the Irish child and family agency, Tusla, was fined €75,000 for a breach of the General Data Protection Regulation (GDPR). Investigation [revealed](https://www.irishtimes.com/news/crime-and-law/tusla-becomes-first-organisation-fined-for-gdpr-rule-breach-1.4255692) three instances where data about children had been negligently disclosed to unauthorized parties.
-
-In one case, the location and contact information of a mother and child was revealed to an alleged abuser. In another, the agency neglectfully [provided](https://www.irishtimes.com/ireland/social-affairs/2025/03/04/abusers-using-data-protection-law-to-get-details-on-victims/) the address of a child and the mother's phone number to a man accused of child sexual abuse.
-
-Such data leaks should never be tolerated. Sadly, much stronger fines will be required to stop organizations from being so dangerously careless.
-
-In 2018, an incredibly unfortunate 12-year-old gamer and his mother were both likely [traumatized for life](https://www.pcgamesn.com/fortnite/fortnite-stream-swatting) by a violent [swatting attack](https://en.wikipedia.org/wiki/Swatting) when the child's home address was exposed online. The outcome of this horrible attack could have ended much more tragically. The story doesn't explain how the child's address was found.
-
-Swatting attacks have become such a [problem](#mistaken-identity) in the United States that the Federal Bureau of Investigation (FBI) recently [created](https://www.nbcnews.com/news/us-news/fbi-formed-national-database-track-prevent-swatting-rcna91722) a national database to help track and prevent such attacks.
-
-### Victims of stalkers
-
-Stalking victims are incredibly vulnerable to any data leak. People in such situation can often be gravely endangered by data broker services, data breaches, information they might have shared online recently or decades ago, and information shared about them by friends and family.
-
-Unfortunately, this kind of horrifying situation isn't rare.
-
-The danger to victims of online stalkers should never be minimized. Stalking and harassment are serious crimes that should be reported and severely punished. Overlooking these offenses is being ignorant to how quickly the consequences of such crimes can escalate.
-
-In 2019, a 21-year-old Japanese pop star got stalked and sexually [assaulted](https://www.bbc.co.uk/news/world-asia-50000234) by a man who found her location from a picture she posted online. The photo had such high definition that the perpetrator was able to see and identify a specific train station that was visible *through a reflection in the singer's eyes*.
-
-The aggressor also gathered information about the victim's home by examining the photos she posted from her apartment to determine the exact unit location. He then went to the train station he identified from the photo, waited for her, and followed her home.
-
-In 2023, a podcast host and her husband were [killed](https://www.nbcnews.com/news/us-news/podcast-host-killed-stalker-deep-seated-fear-safety-records-reveal-rcna74842) by an online stalker. Despite having requested a protection order against the murderer, and despite blocking his phone number and social media accounts, after months of intense harassment online, the man eventually found the podcaster's home address, broke in, and fatally shot her and her husband.
-
-### Victims of domestic violence
-
-Victims of domestic violence are at an elevated risk of severe or even fatal repercussions when their data gets leaked or shared. People in this extreme situation often have to take extreme measures to protect data that could allow their abuser to find their new location.
-
-Things as banal as exposing someone's license plate, or posting online a photo taken in a public space could literally get a person in such situation killed.
-
-Moreover, some abusers are [weaponizing](https://www.irishtimes.com/ireland/social-affairs/2025/03/04/abusers-using-data-protection-law-to-get-details-on-victims/) subject access requests in an attempt to find the location of the victims fleeing them.
-
-It is imperative to ensure that data access legislation cannot be misused in such a dangerous way. Data legally shared with a subject should never lead to the harm of someone else.
-
-In another instance, a woman who was raped by a former partner was unable to safely receive counseling care because the notes from her counseling sessions could have been [shared](https://www.irishtimes.com/crime-law/courts/2025/01/17/calls-for-law-to-be-changed-to-end-access-to-rape-victims-counselling-notes/) in court with the perpetrator.
-
-Data privacy regulations should protect such sensitive data from being shared without explicit and free consent from the patient.
-
-### Healthcare seekers
-
-People seeking essential healthcare in adverse jurisdictions can be prosecuted when their private communications or locations are intercepted.
-
-In 2023, a mother from Nebraska (US) was arrested and criminally [charged](https://www.theverge.com/2023/7/11/23790923/facebook-meta-woman-daughter-guilty-abortion-nebraska-messenger-encryption-privacy) after she helped her 17-year-old daughter get an abortion.
-
-The woman was arrested partly based on the Facebook messages she exchanged with her daughter discussing medication for the abortion. Police obtained a copy of the private Facebook conversation by serving a warrant to Meta, which the company quickly complied with.
-
-### Whistleblowers and activists
-
-Whistleblowers and activists are at especially high risk of harm, particularly if they have publicly opposed or exposed oppressive regimes or criminal groups.
-
-Governments around the world, especially more authoritarian ones, have been increasingly [monitoring social media](https://privacyinternational.org/long-read/5337/social-media-monitoring-uk-invisible-surveillance-tool-increasingly-deployed) to track, identify, and persecute critics, activists, and journalists.
-
-Authorities have also been mandating direct collaboration from service providers to arrest activists. In 2021, a French climate activist was [arrested](https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/) after Proton Mail was legally [compelled](https://proton.me/blog/climate-activist-arrest) by Swiss laws to log and share the activist's IP address with authorities.
-
-In 2017, a 25-year-old working for the American National Security Agency (NSA) as a contractor was arrested after she was [identified](https://arstechnica.com/information-technology/2017/06/how-a-few-yellow-dots-burned-the-intercepts-nsa-leaker/) as the whistleblower who leaked a report about Russian electoral interference in the United States.
-
-The whistleblower had mailed the classified document to The Intercept anonymously. However, when the news organization tried to confirm the authenticity of the document with the NSA, the agency was able to determine which printer was used to print this copy, and from there deanonymized [Reality Winner](https://en.wikipedia.org/wiki/Reality_Winner). The technique used to track the document was the reading of almost invisible [printer tracking dots](https://en.wikipedia.org/wiki/Printer_tracking_dots) that many laser printers and photocopiers produce on all printed documents.
-
-This year on March 7th, community activist and whistleblower Pamela Mabini was [shot and killed](https://www.hrw.org/news/2025/03/11/activist-and-whistleblower-killed-south-africa) just outside her home in South Africa. She was an activist working with the [Maro Foundation](https://www.dailydispatch.co.za/local-heroes/2023-07-10-helping-others-is-the-reason-for-pamela-mabinis-smile/), a nonprofit organization dedicated to fighting poverty and gender-based violence.
-
-Mabini's murder has sparked a debate on the importance of protections offered to whistleblowers [exposing criminals](https://www.citizen.co.za/news/another-high-profile-whistleblower-gunned-down-how-safe-speak-out/) to justice. Following the activist's death, organizations have been calling to fast-track the [Whistleblower Protection Bill](https://www.iol.co.za/news/south-africa/calls-for-government-to-fast-track-protection-bill-following-activists-murder-3e8adc20-be58-4f3d-9a55-4a5818171c92) to bring more protections to those fighting for justice in South Africa.
-
-### Trans and queer activists
-
-Trans and queer activists are at elevated risk of harassment online in today's political climate. In 2022, 28-year-old trans activist Clara Sorrenti was victim of a swatting attack after police believed a fake report about violent threats made by her aggressor.
-
-She was arrested at gunpoint by the police, handcuffed, had her electronic devices seized, and her apartment searched for eight hours for non-existent evidence. The aggressor who made the false threats had [provided](https://www.cbc.ca/news/canada/london/trans-twitch-star-arrested-at-gunpoint-fears-for-life-after-someone-sent-police-to-her-london-ont-home-1.6546015) her name and home address to police.
-
-### Journalists
-
-Journalists around the world can become vulnerable to attacks even from governments when they report on oppressive regimes. This kind of situation can be extremely dangerous, considering the almost unlimited resources state-backed attackers can have to identify, track, and persecute their victims.
-
-In 2018, the prominent journalist and critic of Saudi Arabia's government Jamal Khashoggi was [murdered](https://www.bbc.co.uk/news/world-europe-45812399). Despite being based in the United States, the journalist traveled to Istanbul's Saudi consulate in Turkey to pick up official documents. Khashoggi was killed inside the consulate a few days later on October 2nd.
-
-Investigations revealed that people close to Khashoggi had their devices infected by NSO's [Pegasus spyware](https://freedom.press/digisec/blog/journalists-targeted-with-pegasus-yet-again/). This likely allowed the attacker to gather information about Khashoggi traveling outside the United States.
-
-Many other journalists, politicians, and human rights activists have been [targeted](https://www.bbc.co.uk/news/world-57891506) by state-backed spyware such as Pegasus.
-
-In 2022, Human Rights Watch [reported](https://www.hrw.org/news/2022/12/05/iran-state-backed-hacking-activists-journalists-politicians) that two of their staff members and at least 18 other activists, researchers, or journalists working on Middle East issues had been targeted by a phishing campaign coming from a group affiliated with the Iranian government. The entity succeeded in stealing emails and other sensitive data from at least three human rights defenders.
-
-### Targeted harassment
-
-Another danger of leaked data that shouldn't be minimized is targeted harassment. Targeted harassment can have devastating consequences ranging from silencing their victims, to suicide, to death by swatting attack.
-
-A well-known example of targeted harassment is Gamergate. Gamergate was a loosely organized [harassment campaign](https://en.wikipedia.org/wiki/Gamergate_(harassment_campaign)) targeting women in the video game industry. It started in 2014 when Zoë Quinn's ex-partner published a blog post with false insinuation about Quinn, a video game developer.
-
-Quinn was subsequently subjected to an incredibly intrusive [doxxing](https://en.wikipedia.org/wiki/Doxing) campaign, and even received rape threats and death threats. Attackers were able to steal an insecure password and [break into](https://time.com/4927076/zoe-quinn-gamergate-doxxing-crash-override-excerpt/) one of Quinn's account, which resulted in horrible consequences. The harassment campaign later expanded to target others who had defended Quinn online.
-
-In another case, targeted harassment resulted in one death and a five years prison sentence. In 2020, Mark Herring started receiving requests asking him to give up his Twitter handle, which he refused. Herring's "crime" was to have been quick enough to secure the handle "@Tennessee" shortly after Twitter came online.
-
-Over weeks, harassment escalated from sustained text messaging to random food delivery to his house. After Herring's harasser posted his home address in [a Discord chat room used by criminals](https://krebsonsecurity.com/2021/07/serial-swatter-who-caused-death-gets-five-years-in-prison/), someone used this data to direct a swatting attack at Herring's place. Police surrounded his home and demanded he crawl under a back fence, despite his health. After crawling under the fence, 60-year-old Mark Herring stoop up then collapsed from a heart attack, and died soon after.
-
-### Mistaken identity
-
-What is more, everyone can get victimized by exposed data, even people who are not online and even people who are not a whistleblower, a journalist, an activist, a victim of domestic violence, or someone who has committed the "unthinkable crime" of securing a cool Twitter handle.
-
-In 2017, 28-year-old Andrew Finch was [shot and killed](https://edition.cnn.com/2019/09/14/us/swatting-sentence-casey-viner/index.html) by police during a swatting attack in the United States.
-
-The attack was conducted after the perpetrator had an argument online over a multiplayer first-person shooter game. The perpetrator, who was later sentenced, threatened another player he was upset with to "swat" him. The perpetrator then enlisted another man to call the police and conduct the attack on the player, with the home address the player provided. This address turned out to be the previous address of the player, which was now Andrew Finch's address.
-
-When police arrived at Andrew Finch's home and surrounded the place, Finch, completely unaware of what was happening, barely had the time to comply and get outside when the police shot and killed him at the front door.
-
-The man who conducted the swatting attack for the perpetrator got [sentenced](https://en.wikipedia.org/wiki/2017_Wichita_swatting) to 20 years in federal prison.
-
-In 2021, an Australian 15-year-old girl was [mistakenly targeted](https://www.abc.net.au/news/2021-03-26/canberra-family-doxxed-sent-death-threats-after-social-video/100014706) and later doxxed with her real information after she had been wrongly identified online as someone who had participated in a racist social media video posted on Facebook.
-
-A few hours after her name was shared online, the girl started to be inundated by hateful messages and unspeakable threats from all around the world. Her phone number and home address were eventually shared online. Her family received hateful messages from strangers as well.
-
-During the ordeal, her mother had to be hospitalized for heart disease. The girl, who had absolutely nothing to do with the racist video that spawned the attacks, contemplated suicide due to the violence of the harassment. She and her mother no longer felt safe.
-
-Digital traces of the personal data that was exposed during the attacks will likely remain online forever, even if the girl and her family were completely innocent and unrelated to what triggered the cyber-swarming.
-
-The 26-year-old American who incorrectly identified the Australian girl and shared her name and social media accounts online later apologized for his mistake.
-
-## How data finds its way to an aggressor
-
-### Targeted research, attack, and spyware
-
-For targeted attacks, aggressors will often use simple techniques to find a victim's data from what is already leaked online or openly shared on social media. For more sophisticated attacks, perpetrators might use criminal methods such as impersonation for [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). When attackers have more resources, such as state-backed attackers, more sophisticated processes might be used, like device infection with [NSO Group's spyware](https://citizenlab.ca/tag/nso-group).
-
-### Maliciously stolen or negligently leaked
-
-Data can be stolen maliciously in all sort of ways, but even more often and common, data is leaked online from banal *negligence*.
-
-Once data is leaked online, it will likely become accessible to anyone looking for it eventually. Additionally, any data breach happening now has the potential to endanger someone years down the line. Perhaps it's a home address that has not changed in years, a phone number used for a decade, a legal name, a photograph, or even a [medical file](https://krebsonsecurity.com/2024/04/man-who-mass-extorted-psychotherapy-patients-gets-six-years/).
-
-Unfortunately, the data broker industry thrives on bundling up all this data together in neat packages to be sold to anyone looking for it, making any attacker's job much easier.
-
-#### Unencrypted data
-
-When the data leaked or stolen is well encrypted, the [risk is reduced](https://www.maketecheasier.com/how-secure-stolen-encrypted-data/). If the leaked data cannot be decrypted easily, this will greatly mitigate the damage done by a breach. Conversely, unencrypted leaked data will always inflict maximum damage.
-
-This is why we should demand that all the services we use implement strong, *end-to-end* encryption wherever possible.
-
-### Obliviously shared without consent
-
-Sometimes, the data endangering someone isn't leaked negligently or stolen maliciously, but simply shared by a friend or a family member oblivious to the danger.
-
-This is [a cultural problem we all need to work on](the-privacy-of-others.md).
-
-Despite all the technological protections we can put on data, and despite all the regulations we can ask organizations to comply with, if our culture doesn't understand the danger of sharing the data of others, we will fail to protect the most vulnerable people in our society.
-
-## Protecting data for everyone's safety is a societal, communal, and individual responsibility
-
-Protecting data isn't simply a matter of preference, although it can absolutely be. But for so many people around the world, it is vital to understand how *crucial* data privacy is.
-
-As explicitly demonstrated above, data protection can literally mean life or death for people in vulnerable situations. Beyond that, it is unfortunately also true for anyone unlucky enough to get mistakenly targeted when their data is shared.
-
-In all of these situations, **data privacy means safety**.
-
-We must demand that governments, corporations, and organizations of all kinds do better to improve data protection practices and technologies.
-
-As a community, we also have a responsibility to protect the most vulnerable people from harm caused by data leaks.
-
-And finally, as individuals, we share this duty of care and must all work on improving the way we protect our own data, but even more importantly, the data of everyone around us.
-
-**Privacy means safety, for everyone.**
-
----
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Resources in the United States & Canada</p>
-
-If you or someone you know is in one of the situations described above, these additional resources may help. Make sure to take [appropriate measures](https://www.privacyguides.org/en/basics/threat-modeling/) to protect your privacy if your situation is sensitive. If you are in a high risk situation, you might want to access these resources using [Tor](https://www.privacyguides.org/en/advanced/tor-overview/) or [Tails](installing-and-using-tails.md).
-
-**Suicide & Crisis Support Line** [988 Lifeline](https://988lifeline.org/) Phone number: 988 (US & Canada)
-
-**Trans Peer Support** [Trans Lifeline Hotline](https://translifeline.org/hotline/) Phone number US: 1-877-565-8860 / Canada: 1-877-330-6366
-
-**Stalking Victim Support** US: [SafeHorizon](https://www.safehorizon.org/get-help/stalking/) / Canada: [The Canadian Resource Centre for Victims of Crime](https://crcvc.ca/wp-content/uploads/2021/09/Cyberstalking-_DISCLAIMER_Revised-Aug-2022_FINAL.pdf)
-
-**Domestic Violence Victim Support** US: [The National Domestic Violence Hotline](https://www.thehotline.org/) Phone number: 1-800-799-7233 / Canada: [Canadian resources by situation and province](https://www.canada.ca/en/public-health/services/health-promotion/stop-family-violence/services.html)
-
-**Reproductive Rights & Healthcare** US: [Planned Parenthood](https://www.plannedparenthood.org/) / Canada: [Action Canada for Sexual Health & Rights](https://www.actioncanadashr.org/resources/services)
-
-**Journalists and Whistleblowers** US: [Freedom or the Press Foundation Guides & Resources](https://freedom.press/digisec/guides/) / Canada: [Canadian Association of Journalists](https://caj.ca/advocacy/digital-security/)
-
-**Protesters** [The Protesters' Guide to Smartphone Security](activists-guide-securing-your-smartphone.md)
-
-</div>
-
----
-
-**Correction (Mar. 27):** This article was updated to correct a typo in a date. The previous version wrongly described the arrest of a French climate activist happening in 2012, when these events actually happened in 2021. 
diff --git a/content/blog/posts/privacy-pass.md b/content/blog/posts/privacy-pass.md
deleted file mode 100644
index b15acae02..000000000
--- a/content/blog/posts/privacy-pass.md
+++ /dev/null
@@ -1,247 +0,0 @@
----
-date:
-    created: 2025-04-21T17:30:00Z
-categories:
-    - Explainers
-authors:
-    - fria
-tags:
-    - Privacy Pass
-license: BY-SA
-schema_type: BackgroundNewsArticle
-description: |
-  Privacy Pass is a new way to privately authenticate with a service. Let's look at how it could change the way we use services.
-preview:
-  cover: blog/assets/images/privacy-pass/cover.webp
----
-# Privacy Pass: The New Protocol for Private Authentication
-
-![Cover photo of the Privacy Pass logo over a yellow background](../assets/images/privacy-pass/cover.webp)
-
-<small aria-hidden="true">Background Image: Thomas Ensley / Unsplash</small>
-
-Services that require authentication can correlate your activity on that service with your account, and that account is normally linked with payment information that could potentially link back to your real identity. With the Privacy Pass protocol, it doesn't have to be that way.<!-- more -->
-
-## History
-
-The story of Privacy Pass begins with a [paper](https://dl.acm.org/doi/pdf/10.1145/4372.4373) by David Chaum from 1985 (he actually has an earlier paper from [1982](https://chaum.com/wp-content/uploads/2022/02/chaum_dissertation.pdf), but I'll be referencing this one), in which he laments the ever-increasing data collection by companies and government agencies.
-
-It's funny that all the way back in 1985 he talks about the same issues we deal with today: persistent identifiers tied to our real identity for transactions, government IDs, etc.
-
-Chaum proposes three solutions to the state of affairs he describes.
-
-### Pseudorandom Identifiers
-
-Instead of persistent identifiers like we now have with our government IDs, credit cards, etc., Chaum suggests randomly generated identifiers. For example, you could have a one-time unique identifier for each transaction at a shop.
-
-For ongoing relationships such as a bank, you can use a single pseudorandom identifier for that organization that you use continuously.
-
-### Card Computers
-
-One of the more quaint ideas in the paper is the idea of a small "card computer" on which you would perform transactions. Chaum's theoretical device resembles "a credit-card-sized calculator, and [includes] a character display, keyboard, and a limited distance communication capability (like that of a television remote control)".
-
-Nowadays, we carry around credit-card sized computers like it's nothing. The secret "card number" he describes would probably be your device PIN or even biometric authentication, which are already used to authenticate transactions.
-
-We still haven't *quite* reached Chaum's vision yet in some areas. His idea is for these "card computers" to fully replace ATMs and checkout terminals in stores. Essentially, he wants all transactions to be online transactions, with something like Apple Pay or Google Pay on your device mediating the transaction and using your device PIN to prevent fraudulent transactions.
-Making all transactions online transactions is an interesting idea. I think most people can share in the frustration of dealing with checkout terminals, especially the self-checkout ones with cameras pointed at your face.
-
-We're still falling short in a major area though.
-
-> card computers could be purchased or constructed just like any other personal computer, and would have no secrets from or structures unmodifiable by their owners.
-
-Current smartphones are non-upgradeable by their owners and can't be built from scratch like a desktop computer can. They also contain lots of black-box proprietary code. Even a Google Pixel, the gold standard of Android smartphone freedom that allows you to install your own operating system securely, still suffers from the same pitfalls.
-
-### Cryptography
-
-How do we ensure the pseudonyms can't be linked together? We already use cryptography to protect our communications. Chaum presents ways to similarly protect unlinkability using cryptography:
-
-> Simple mathematical proofs show that, with appropriate use of the systems, even conspiracy of all organizations and tapping of all communication lines cannot yield enough information to link the pseudonyms-regardless of how clever the approach is or how much computation is expended.
-
-## Blind Signatures
-
-Digital signatures normally are used to ensure that something like a piece of software or a message comes from the original sender and hasn't been tampered with. You want to know who the signer is for this system to work.
-
-But what if the signer and the one sending a request are different? Say you have a membership to a hypothetical *PrivacyGuides+ subscription service*, and you want to authenticate with it, but don't want to identify yourself. That's where blind signatures come in.
-
-### How it Works
-
-You can imagine blind signatures like an envelope that's been wrapped in [carbon paper](https://en.wikipedia.org/wiki/Carbon_paper) with a window showing your pseudonym for that account, whether it be an account number, username, etc. They never see anything but the account identifier, or whatever they need to verify that you're a valid customer.
-The organization then signs it, indicating you're a valid customer, and you're allowed to access the service.
-
-Later, when you're presented with a request to authenticate as an active subscriber of PrivacyGuides+, you unwrap the envelope and discard it along with the carbon paper. You rewrap it in a new envelope with a window showing the signature and a different pseudonym, and the requester can then be sure that you're allowed to access PrivacyGuides+.
-
-![A diagram showing an envelope being wrapped in carbon paper, transferred to an organization, then passing over a boundary representing the unlinkability between the two transactions. Then the envelope is unwrapped, put in a new envelope with a window showing the signature from the previous organization, and presented to a different organization.](../assets/images/privacy-pass/blind-signatures.webp)
-
-<small aria-hidden="true">Illustration: [David Chaum](https://dl.acm.org/doi/pdf/10.1145/4372.4373)</small>
-
-This system relies on the same strong cryptography that tried and true systems use, with the difference being the unlinkability between the credential issuer and the credential receiver.
-
-## Problems
-
-Services that don't require an account or payment to use are great; you can use them with Tor, clear your browser history, whatever you need to do to keep your activity private.
-
-But logging into an account completely invalidates all of that. Every time you log in or authenticate with a service, you have to identify yourself as the same person, linking all your previous activity together. Increasingly, we're asked to provide personal information in order to be able to use certain websites or services.
-
-### Linkability
-
-As long as you're logged into an account with a service, all your previous and current activity can be linked together, along with any data you provided such as an email address, payment information, etc.
-
-### Data Collection
-
-A lot of websites and services want to — [or are forced to](https://en.wikipedia.org/wiki/Social_media_age_verification_laws_in_the_United_States) — filter out users below a certain age.
-
-We're starting to see a rise in extremely privacy-invasive age verification systems such as submitting a government ID when you want to access a website or invasive facial scans.
-
-### Blocking VPN and Tor Users
-
-Bots are a rampant problem for online services, leading them to sometimes block non-residential IP addresses such as those used for commercial VPNs and Tor.
-
-### CAPTCHAs
-
-When VPN and Tor users aren't blocked, they often have to deal with annoying [CAPTCHAs](http://www.captcha.net) that take up your precious time and use invasive [fingerprinting](https://developers.google.com/recaptcha/docs/v3).
-
-CAPTCHAs aren't even particularly good at detecting bots. With advances in AI, [bots can solve CAPTCHAs better than humans can](https://arxiv.org/pdf/2307.12108).
-
-## Privacy Pass
-
-Several blind signature-based solutions are in various states, some being implemented but not widely used, some being proposed browser APIs, and some being IETF standards.
-
-The landscape is very confusing right now, so I'll try to elucidate what I've found.
-
-[Privacy Pass](https://privacypass.github.io) started out as an attempt at a privacy-preserving way to bypass CAPTCHAs.
-
-It started out and is still an extension that can be installed on the [Chrome](https://chromewebstore.google.com/detail/silk-privacy-pass-client/ajhmfdgkijocedmfjonnpjfojldioehi) or [Firefox](https://addons.mozilla.org/en-US/firefox/addon/privacy-pass/) extension store, but it's since expanded to become an [IETF standard](https://datatracker.ietf.org/wg/privacypass/about/).
-
-The Privacy Pass protocol has massively outgrown its original purpose. It's been updated to support multiple different schemes and purposes.
-
-There are three main roles that need to be played for the authentication mechanism to work. These can be filled by all the same party, by three separate parties, or any combination in between. You'll have increased privacy the more separation there is between each role, so ideally they should all be filled by different parties.
-
-### Origin
-
-The origin is the original website or service that's requesting a token for redemption. The client presents a valid token, or it must request more tokens.
-
-### Attester
-
-The attester is responsible for verifying something about the client. There are several ways it can achieve this, and it can use multiple at the same time if desired.
-
-#### CAPTCHA
-
-The attester can make the client solve a CAPTCHA to prove that it's not a bot. Not the most elegant solution but solving one CAPTCHA instead of multiple is preferable.
-
-#### Client State
-
-The attester can verify something about the client's state like the geographic location, whether the client has a valid account, or the number of issuance protocol invocations.
-
-#### Trusted Device
-
-If your client is running on hardware that's capable of producing device-level attestation, like a device with a secure element, then it can use that to verify that the device is trusted.
-
-For example, in Apple's Private Access Token implementation, they use certificates stored in the Secure Enclave and verify that your Apple account is in good standing.
-
-### Issuer
-
-The issuer is responsible for issuing tokens in response to requests from clients.
-
-The client presents tokens to the Origin once they're provided by the issuer.
-
-![diagram showing the structure of Private Access Tokens. The origin asks the client for a token, the client forwards the request to the attester which then forwards it to the issuer which then generates a token, sends it to the client which then sends it to the origin.](../assets/images/privacy-pass/private-access-tokens.webp)
-
-<small aria-hidden="true">Illustration: [Cloudflare](https://blog.cloudflare.com/eliminating-captchas-on-iphones-and-macs-using-new-standard/)</small>
-
-The tokens need to identify which issuers are trusted.
-
-They can also be interactive or non-interactive. Interactive means that you need a fresh token based on the challenge, whereas a non-interactive token can be stored for later use.
-
-Tokens can also be constrained to one specific Origin, or they can be used across Origins.
-
-### Private State Tokens
-
-[Private State Tokens](https://developers.google.com/privacy-sandbox/protections/private-state-tokens) (PSTs) are a [proposed browser API](https://github.com/WICG/trust-token-api) by Google as part of their [Privacy Sandbox](https://developers.google.com/privacy-sandbox). They're based on the Privacy Pass protocol.
-
-The main benefit of PSTs is that they provide a secure place for websites to store their tokens so that you don't need a separate extension for every service.
-
-A browser-level API, I imagine, would significantly reduce the development burden of browser-based services looking to implement Privacy Pass, but it would leave non-browser apps like VPNs high and dry.
-
-### Private Access Tokens
-
-[Private Access Tokens](https://blog.cloudflare.com/eliminating-captchas-on-iphones-and-macs-using-new-standard/) are based on Privacy Pass as well, but they don't seem to be specifically bound to the browser.
-
-It's unclear to me what really makes Private Access Tokens different from Privacy Pass itself, other than that Private Access Tokens seem to call for separation of the Attester and Issuer while Privacy Pass allows the origin, attester, and issuer to be the same. Delegating each role to a different party adds extra privacy.
-
-The origin website only knows your URL and IP from the initial connection.
-
-The attester only knows the data needed to verify you as a valid user.
-
-The issuer knows the site you visited, but doesn't know any of your device information that the attester used to verify you.
-
-### Kagi
-
-There are scant services actively using Privacy Pass to authenticate users, but a recent and very exciting example is [Kagi](https://blog.kagi.com/kagi-privacy-pass).
-
-With their implementation, you can now install their extension for [Firefox](https://addons.mozilla.org/en-US/firefox/addon/kagi-privacy-pass/) and [Chrome](https://chromewebstore.google.com/detail/kagi-search/cdglnehniifkbagbbombnjghhcihifij). Safari isn't supported at the moment, but their [Orion](https://chromewebstore.google.com/detail/kagi-search/cdglnehniifkbagbbombnjghhcihifij) browser supports it and is WebKit-based.
-
-The need for an extension and lack of support for some platforms highlights the need for widespread support for Privacy Pass in browsers and platforms. It's not reasonable to expect every single platform to implement Privacy Pass themselves and users likely don't want to install a separate extension for every platform either.
-
-That said, I applaud Kagi for their efforts. They went above and beyond to protect their users' privacy. A few notes for future improvements, though.
-
-#### No Account Requirement
-
-Currently, Kagi requires an account in order to use it. Although they allow you to put in a fake email address on account creation since they don't [check it](https://kagifeedback.org/d/3813-enable-anonymous-registration-no-email/16), it's still a persistent identifier that could be eliminated.
-
-Their announcement blog post states that the ability to use Kagi fully without an account is a possibility for the future with an invitation to request the feature on their [forum](https://kagifeedback.org/d/6163-kagi-privacy-pass), so feel free to add your voice. A fully accountless search engine that doesn't rely on ads would be great to see.
-
-#### Separation of Origin, Attester, Issuer
-
-Kagi uses the [Shared Origin, Attester, Issuer](https://www.ietf.org/archive/id/draft-ietf-privacypass-architecture-03.html?_fsi=jKxFixnl#section-4.1) model for their implementation, which leaves the possibility of data being correlated between each step of the process, such as device fingerprinting or IP address being used to correlate a user who is issued tokens with when they redeem them.
-
-Kagi's onion service helps to mitigate this issue, but I think it would be a significant privacy improvement to separate all three entities.
-
-#### Remove Requirement for an Extension
-
-Having to install an extension is annoying as an end user and surely incurs some development cost in both the initial development and upkeep over time. I'm not sure how it would be possible to get rid of the extension as it seems like there's no good way to do so at the moment, but I'm hopeful that the Private State Token API could be used for that in the future if it ever gets fully standardized as a browser API.
-
-## Future Possibilities
-
-Overall, Privacy Pass is an exciting standard that is already improving the privacy of users on a wide scale.
-
-### Easier Adoption
-
-However, for widespread adoption of anonymous authentication for all online services, there needs to be an easier way for developers to implement it. I see Private State Tokens and Private Access Tokens as paths toward that goal, but they have their own limitations.
-
-Private State Tokens seem to be restricted to browsers, which is mostly fine since so many online services are accessed through the browser. It does put services like VPNs that operate outside the browser in a tight spot though.
-
-Private Access Tokens seem like a possible solution for device-wide Privacy Pass authentication, but the only place I've seen them implemented is in Apple's operating systems to identify users as real iOS or macOS users. I'd like to see wider adoption for more use cases than just that. It's unclear what the vision for Private Access Tokens is for the moment.
-
-### Carriers
-
-One of the biggest and most privacy-invasive services is mobile carriers. They take lots of personal information when you sign up, and then you have permanent identifiers, both IMSI identifying you as a subscriber and IMEI identifying your device, tied to that information while you use it. Because of how the cell network works, they also can tie that information to your physical location and all the traffic you send through their network.
-
-[Cape](https://www.cape.co/research) is a privacy-focused carrier that says they're "studying the use of blinded tokens and zero-knowledge proofs to disaggregate subscriber information." This would have a massive impact on user privacy, possibly allowing a KYC'd mobile subscriber to use their carrier at least semi-anonymously (it's unclear how IMSI and IMEI fit into this scheme, as well as location information).
-
-### VPNs
-
-Commercial VPNs typically require some kind of account identifier, even if it's just a randomized number.
-
-Apple's iCloud Private Relay uses RSA blind signatures to anonymously authenticate users to each of the two hops.
-
-Google's former [VPN](https://www.gstatic.com/vpn/google_vpn_white_paper.pdf) service also used blind signatures to protect users.
-
-![Diagram showing Google's blind signature VPN authentication scheme](../assets/images/privacy-pass/google-vpn.webp)
-
-<small aria-hidden="true">Image: [Google](https://www.gstatic.com/vpn/google_vpn_white_paper.pdf)</small>
-
-Hopefully we can see more VPN companies start to use Privacy Pass to authenticate users, I think it would be a massive improvement to user privacy.
-
-### Digital Cash
-
-Part of Chaum's vision was anonymous digital transactions using blind signatures, which he made a reality with his company [DigiCash](https://chaum.com/wp-content/uploads/2022/01/05-27-94-World_s-first-electronic-cash-payment-over-computer-networks.pdf).
-
-For whatever reason, *eCash*, as it was called, never caught on and the company filed for bankruptcy in 1998. We're left with the terrible current system where you need to input your credit card and personal information in order to make a transaction, which is easily traceable back to you. Not to mention the security implications, [credit card fraud](https://www.security.org/digital-safety/credit-card-fraud-report/) is rampant today.
-
-The dream isn't dead, however. Chaum's [eCash 2.0](https://chaum.com/ecash-2-0/) is quantum-resistant and has been built and tested in the Bank for International Settlements' [Project Tourbillon](https://www.bis.org/about/bisih/topics/cbdc/tourbillon.htm).
-
-### Digital ID
-
-Laws are being passed forcing 18+ websites and even [app stores](https://thehill.com/policy/technology/5179865-utah-app-store-age-verification-law/) to collect verify the ID of users. This is a massive slap in the face to the privacy and security of everyone. Data breaches and tracking are inevitable under the current system.
-
-Blind signatures could provide a private and secure way to verify age or other information without having to submit your entire ID or submit invasive face scans.
diff --git a/content/blog/posts/privacy-washing-is-a-dirty-business.md b/content/blog/posts/privacy-washing-is-a-dirty-business.md
deleted file mode 100644
index cc6341fc9..000000000
--- a/content/blog/posts/privacy-washing-is-a-dirty-business.md
+++ /dev/null
@@ -1,216 +0,0 @@
----
-date:
-    created: 2025-08-20T17:00:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description:
-    Privacy washing is a widely used deceptive strategy. Learning to detect it better is an important skill to develop to help us to respond to it and report it.
-schema_type: Opinion
-preview:
-  cover: blog/assets/images/privacy-washing-is-a-dirty-business/washing-cover.webp
----
-
-# Privacy Washing Is a Dirty Business
-
-![Filtered photo of a sticker on a metallic surface with graffiti. The sticker has the sentence "We respect your privacy!" written on it, and the whole sentence is barred is a red line over it.](../assets/images/privacy-washing-is-a-dirty-business/washing-cover.webp)
-
-<small aria-hidden="true">Photo: Marija Zaric / Unsplash</small>
-
-Perhaps you haven't heard the term *privacy washing* before. Nonetheless, it's likely that you have already been exposed to this scheme in the wild. Regrettably, privacy washing is a widespread deceptive strategy.<!-- more -->
-
-## What is privacy washing
-
-Similarly to whitewashing (concealing unwanted truths to improve a reputation) and greenwashing (deceptively presenting a product as environmentally friendly for marketing purposes), privacy washing misleadingly, or fraudulently, presents a product, service, or organization as being responsible and trustworthy with data protection, when it isn't.
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Your privacy is&ast; important to us. <small aria-hidden="true">&ast;not!</small></p></div>
-
-The term has been used for over a decade already. It's saddening to see that not only is this [not a new problem](https://dataethics.eu/privacy-washing/), but it has only gotten worse through the years.
-
-With the acceleration of data collection, the accumulation of data breaches, and the erosion of customers' trust, companies have an increased need for reassuring users to gain their business.
-
-Despite consumers' rights and expectations, implementing proper data protection takes time, expertise, and money. Even if the long term benefits are colossal, the time invested often doesn't translate into direct *short term* profits, the main objective for most businesses. On the other hand, collecting more data to sell it to third parties often *does* translate into short term profits.
-
-For these reasons, many companies quickly realize the need for *advertising* better privacy, but aren't necessarily willing to invest what it takes to make these claims true.
-
-There comes privacy washing: <span class="pullquote-source">"Your privacy is&ast; important to us." <small aria-hidden="true">&ast;not!</small></span>
-
-Privacy washing comes with a selection of washer cycles, from malicious trap to deceptive snake oil to perhaps the most common wash: plain negligence.
-
-## Negligence, incompetence, or malevolence
-
-In some other contexts, intentions might matter more. But when it comes to privacy washing, the result is often the same regardless of intentions: Personal data from users, customers, employees, patients, or children even being leaked and exploited in all sorts of ways.
-
-Whether false claims come from negligence by failing to verify that data protections are properly implemented, incompetence to evaluate if they are, or maliciously trying to trick users in using a service that is actually detrimental to their privacy, harm is done, and sometimes permanently so.
-
-Nonetheless, understanding the different types of privacy washing can help us to evaluate how to detect it, respond to it, and report it.
-
-### Negligence and greed
-
-> *They know what they are doing, but they care more about money*
-
-The most common occurrence of privacy washing likely comes from negligence and greed. One of the biggest drivers for this is that the current market incentivizes it.
-
-Today's software industry is largely inflated by venture capitalist funding, which creates expectations for a substantial return on investment. This funding model often encourages startups to quickly build an app following the [minimum viable product](https://en.wikipedia.org/wiki/Minimum_viable_product) principles, grow its user base as fast as possible, increase its value, and then sell it off for profits.
-
-The problem is, this model is antithetical to implementing good privacy, security, and legal practices from the start. Data privacy cannot only be an afterthought. It must be implemented from the start, before users' data even gets collected.
-
-Many startups fail to see how being thorough with data privacy will benefit them in the long term, and view privacy and security requirements only as a burden slowing down their growth. This mindset can result in perceiving privacy as a simple marketing asset, something businesses talk to users about for reassurance, but without putting any real effort into it beneath the surface.
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Perhaps moving fast and breaking things wasn't such a good idea after all.</small></p></div>
-
-Outside of privacy, this common startup mindset of playing fast and loose with customers and their safety frequently has **devastating** consequences. One recent and tragic example comes from OceanGate's Titan deep-sea submersible that [infamously imploded](https://globalnews.ca/news/11318623/titan-sub-report-oceangate-culture-critically-flawed/) during an exploration, killing its five passengers in an instant.
-
-The final report blamed a problematic safety culture at OceanGate that was “critically flawed and at the core of these failures were glaring disparities between their written safety protocols and their actual practices.”
-
-<span class="pullquote-source">Perhaps [moving fast and breaking things](move-fast-and-break-things.md) wasn't such a good idea after all.</span>
-
-Alas, similar "glaring disparities" between policies and practices are widespread in the tech industry. While maybe not as dramatic and spectacular as an imploding submersible, [data leaks can also literally kill people](privacy-means-safety.md).
-
-**Data privacy is the "passenger safety protocol" for software**, and it should never be trivialized.
-
-Privacy isn't just "risk management", it is a human right. Analogous to safety protocols, organizations are responsible for ensuring their data protection policies are being followed, and are accurately describing their current practices. Anything less is negligence, at best.
-
-Unfortunately, users (like passengers) often have very few ways to verify false claims about allegedly privacy-respectful features and policies. But this burden should never be on them in the first place.
-
-### Incompetence and willful ignorance
-
-> *They don't know what they are doing, or they just don't want to know*
-
-Partly related to negligence, is plain incompetence and willful ignorance. Some organizations might be well-intentioned initially, but either lack the internal expertise to implement proper privacy practices, or conveniently decide not to spend much time researching about what their data protection responsibilities are.
-
-For example, most businesses have heard by now of the requirement to present a privacy policy to their users, customers, and even web visitors. Deplorably, in a failed attempt to fulfill this legal obligation, many simply copy someone else's privacy policy and paste it on their own website. Not only this is very unlikely to be compliant with applicable privacy regulations, but it also possibly infringes *copyright* laws.
-
-Do not simply copy-paste another organization's privacy policy and claim it as your own!
-
-It's important to remember that legal requirements for policies aren't the end goal here. **The true requirements are the data protection *practices*.**
-
-The policies *must* accurately describe what the *practices* are in reality. Because no two organizations have the exact same internal practices and third-party vendors, no two organizations should have the exact same privacy policy.
-
-**Copy-paste privacy policies aren't compliance, they're deception.**
-
-A privacy policy that isn't accurately describing an organization's practices is a form of privacy washing. Sadly, a quite commonly used one, like some quick light-wash cycle.
-
-It's worth noting these days that creating a privacy policy using generative AI will lead to the exact same problems related to accuracy and potential infringement of both privacy and copyright laws. This is *not* a smart "shortcut" to try.
-
-While lack of understanding of policies and legal requirements is only one example of how incompetence can become a form of privacy washing, there are infinitely more ways this can happen.
-
-As soon as data is collected by an organization (or by the third-party software it uses), there is almost certainly legal obligations to protect this data, to restrict its collection and retention, and to inform data subjects.
-
-Organizations that do not take this responsibility seriously, or blissfully decide to remain unaware of it, while presenting an empty privacy policy, are effectively doing privacy washing.
-
-Implementing protections and limiting collection cannot be an afterthought. Once data is leaked, there is often nothing that can be done to truly delete it from the wild. The damage caused by leaked data can be tragic and permanent.
-
-Organizations must take this responsibility much more seriously.
-
-### Malevolence and fraud
-
-> *They lie, and they want your data*
-
-Greed and ignorance are common causes of privacy washing, but they can quickly escalate to fraud and ambush.
-
-It's worth noting that a large amount of negligence or incompetence can be indistinguishable from malice, but there are organizations that deliberately lie to users to exploit them, or to trick them into unwillingly revealing sensitive information.
-
-#### Anom, the secret FBI operation
-
-Perhaps one of the most infamous example of this is the Anom honeypot. Anom was an encrypted phone company promising privacy and security, but that was in fact part of an undercover operation staged by the American Federal Bureau of Investigation (FBI), [Operation Trojan Shield](https://en.wikipedia.org/wiki/Operation_Trojan_Shield).
-
-Investigative journalist Joseph Cox [reported](https://www.vice.com/en/article/inside-anom-video-operation-trojan-shield-ironside/) in 2021 that Anom advertised their products to criminal groups, then secretly sent a copy of every message on the device to the FBI. It was so secret, even Anom developers didn't know about the operation. They were told their customers were corporations.
-
-A screenshot [shared](https://www.vice.com/en/article/operation-trojan-shield-anom-fbi-secret-phone-network/) by Motherboard shows an Anom slogan: "Anom, Enforce your right to privacy". It's hard to tell how many non-criminal persons (if any) might have accidentally been caught in this FBI net. Although this specific operation seems to have been narrowly targeting criminals, who knows if a similar operation could not be casting a wider net, inadvertently catching many innocent privacy-conscious users in its path.
-
-#### Navigating VPN providers can be a minefield
-
-Using a [trustworthy](https://www.privacyguides.org/en/vpn/) Virtual Private Network (VPN) service is a good strategy to improve your privacy online. That being said, evaluating trustworthiness is critical here. Using a VPN is only a transfer of trust, from your Internet Service Provider (ISP) to your VPN provider. Your VPN provider will still know your true IP address and location, and *could* technically see all your online activity while using the service, if they decided to look.
-
-[Different VPN services are not equal](https://www.privacyguides.org/videos/2024/12/12/do-you-need-a-vpn/), unfortunately, snake oil products and traps are everywhere in this market. As with anything, do not assume that whoever screams the loudest is the most trustworthy. Loudness here only means more investment in advertising.
-
-For example, take the interesting case of [Kape Technologies](https://en.wikipedia.org/wiki/Kape_Technologies), a billionaire-run company formerly known as Crossrider. This corporation has now acquired four different VPN services: ExpressVPN, CyberGhost, Private Internet Access, and Zenmate. This isn't that suspicious in itself, but Kape Technologies has also [acquired](https://cyberinsider.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/) a number of VPN *review* websites, suspiciously always ranking its own VPN services at the top. This is a blatant conflict of interest, to say the least.
-
-Sadly, on the VPN market — [estimated](https://www.grandviewresearch.com/industry-analysis/virtual-private-network-market) at $41.33 billion USD in 2022 — what is called a ["review" is often just *advertising*](the-trouble-with-vpn-and-privacy-review-sites.md).
-
-Moreover, many free VPN providers [break their privacy promises](https://iapp.org/news/a/privacy-violations-by-free-vpn-service-providers) regarding users' data. In 2013, Facebook [bought](https://gizmodo.com/do-not-i-repeat-do-not-download-onavo-facebook-s-vam-1822937825) the free VPN provider Onavo, and included it in a Facebook feature deceptively labeled "Protect". As is now standard behavior for Facebook, the social media juggernaut actually collected and analyzed the data from Onavo users. This allowed Facebook to monitor the online habits of its users even when they weren't using the Facebook app. This is very much the opposite of data privacy, and of any implied promises to "Protect".
-
-Then there's the case of Hotspot Shield VPN, accused in 2017 of [breaking](https://www.zdnet.com/article/privacy-group-accuses-hotspot-shield-of-snooping-on-web-traffic/) its privacy promises by the Center for Democracy & Technology, a digital rights nonprofit organization. While promising "anonymous browsing", Hotspot Shield allegedly deployed persistent cookies and used more than five different third-party tracking libraries. The parent company AnchorFree denied the accusations, but even *if* it wasn't the case for AnchorFree, how tempting would it be for a business with an ad-based revenue model to utilize the valuable data it collects for more of this revenue? And indeed, many free VPN services do [monetize](https://thebestvpn.com/how-free-vpns-sell-your-data/) users' data.
-
-Worst of all are the *fake*, free VPN services. Like stepping on a landmine, criminals are [luring users](https://www.techradar.com/pro/criminals-are-using-a-dangerous-fake-free-vpn-to-spread-malware-via-github-heres-how-to-stay-safe) looking for a free VPN service and tricking them into downloading malware on their devices. While this goes beyond privacy washing, it's still a piece of software actively harming users and deceptively gaining their trust with the false promise of better privacy. Wherever privacy washing is being normalized by greedy or lazy organizations, criminals like this flourish.
-
-#### Using compliance to appear legitimate
-
-Another fraudulent case of privacy washing is organizations using false claims related to privacy law compliance to appear more legitimate.
-
-Earlier this year, the digital rights organization Electronic Frontier Foundation (EFF) [called](https://www.eff.org/deeplinks/2025/01/eff-state-ags-time-investigate-crisis-pregnancy-centers) for an investigation into deceptive anti-abortion militant organizations (also called "[fake clinics](https://www.plannedparenthood.org/blog/what-are-crisis-pregnancy-centers)") in eight different US states.
-
-These fake clinics were claiming to be bound by the Health Insurance Portability and Accountability Act (HIPAA) in order to appear like genuine health organizations. HIPAA is an American federal privacy law that was established in 1996 to protect sensitive health information in the United States.
-
-Not only are many of these fake clinics **not** complying with HIPAA, but they collect extremely sensitive information without being bound by HIPAA in the first place, because they *aren't* licensed healthcare providers. Worse, some have [leaked this data](https://jessica.substack.com/p/exclusive-health-data-breach-at-americas) in all sorts of ways.
-
-Thanks to the EFF's work, some of those fake clinics have now [quietly removed](https://www.eff.org/deeplinks/2025/08/fake-clinics-quietly-edit-their-websites-after-being-called-out-hipaa-claims) misleading language from their websites. But sadly, this small victory doesn't make these organizations any more trustworthy, it only slightly reduces the extent of their privacy washing.
-
-### Deception and privacy-masquerading
-
-> *They talk privacy, but their words are empty*
-
-Perhaps the most obvious and pernicious examples of privacy washing are organizations that are clearly building products and features harming people's privacy, while using deceptive, pro-privacy language to disguise themselves as privacy-respectful organizations. There are likely more occurrences of this than there are characters in this article's text.
-
-Buzzwords like "military-grade encryption", "privacy-enhancing", and the reassuring classic "we never share your data with anyone" get thrown around like candies falling off a privacy-preserving-piñata.
-
-But **words are meaningless when they are deceitful**, and these candies quickly turn bitter once we learn the truth.
-
-#### Google, the advertising company
-
-An infamous recent example of this is Google, who [pushed](https://proton.me/blog/privacy-washing-2023) a new Chrome feature for targeted advertising in 2023 and dared to call it "Enhanced Ad Privacy"
-
-This [enabled by default](https://www.eff.org/deeplinks/2023/09/how-turn-googles-privacy-sandbox-ad-tracking-and-why-you-should) technology allows Google to target users with ads customized around their browsing history. It's really difficult to see where the "privacy" is supposed to be here, even when squinting very hard.
-
-Of course, Google, an advertising company, has long mastered the art of misleading language around data privacy to reassure its valuable natural resource, the user.
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Google continued to collect personally identifiable user data from their extensive server-side tracking network.</small></p></div>
-
-Everyone is likely familiar with Chrome's infamously deceptive "Incognito mode". In reality, becoming "Incognito" stopped at your own device where browsing history will not be kept, while <span class="pullquote-source">Google continued to collect personally identifiable user data from their extensive server-side tracking network.</span> Understandably, disgruntled users filed an official [class action lawsuit](https://www.theverge.com/2023/8/7/23823878/google-privacy-tracking-incognito-mode-lawsuit-summary-judgment-denied) to get reparation from this deception. In 2023, Google agreed [to settle](https://www.bbc.co.uk/news/business-67838384) this $5 billion lawsuit.
-
-Despite claims of "privacy" in their advertising to users, Google, like many other big tech giants, has in reality spent millions [lobbying against](https://www.politico.com/news/2021/10/22/google-kids-privacy-protections-tech-giants-516834) better privacy protections for years.
-
-#### World App, the biometric data collector
-
-Similarly, Sam Altman's World project loves to throw privacy-preserving language around to reassure prospect users and investors. But despite all its claims, data protection authorities around the world have been [investigating, fining, and even banning](sam-altman-wants-your-eyeball.md/#privacy-legislators-arent-on-board) its operations.
-
-The World App (developed by the World project) is an "everything app" providing users with a unique identifier called a World ID. This World ID, which grants various perks and accesses while using the World App, is earned by providing biometric data to the organization, in the form of an iris scan.
-
-Providing an iris scan to a for-profit corporation with little oversight will rightfully scare away many potential users. This is why the company has evidently invested heavily in branding itself as a "privacy-preserving" technology, claims that are [questionable](sam-altman-wants-your-eyeball.md/#how-privacy-preserving-is-it) to say the least.
-
-Despite catchy declarations such as "privacy by default and by design approach", the World project has accumulated an impressive history of privacy violations, and multiplies contradicting and misleading statements in its own documentation.
-
-There are some stains that even a powerful, billionaire-backed, privacy wash just cannot clean off.
-
-#### Flo, sharing your period data with Facebook
-
-In 2019, the Wall Street Journal [reported](https://therecord.media/meta-flo-trial-period-tracking-data-sharing) that the period tracking application Flo had been sharing sensitive health data with Facebook (Meta), despite its promises of privacy.
-
-The app, developed by Flo Health, repeatedly reassured users that the very sensitive information they shared with the app would remain private and would not be shared with any third parties without explicit consent.
-
-Despite this pledge, the Flo app did share sensitive personal data with third parties, via the software development kits incorporated into the app.
-
-This extreme negligence (or malevolence) have likely harmed some users in unbelievable ways. Considering the state of abortion rights in the United States at the moment, it's not an exaggeration to say this data leak could [severely endanger](privacy-means-safety.md/#healthcare-seekers) Flo App's users, including with risk of imprisonment.
-
-In response, users have filed several [class action lawsuits](https://www.hipaajournal.com/jury-trial-meta-flo-health-consumer-privacy/) against Flo Health, Facebook, Google, AppsFlyer, and Flurry.
-
-Trivializing health data privacy while promising confidentiality to gain users' trust should never be banalized. This is a very serious infringement of users' rights.
-
-## Remain skeptical, revoke your trust when needed
-
-Regardless of the promises to safeguard our personal data, it's sad to say, we can never let our guard down.
-
-Privacy washing isn't a trend that is about to fade away, it's quite likely that it will even worsen in the years to come. We must prepare accordingly.
-
-The only way to improve our safety (and our privacy) is to remain vigilant at all time, and grant our trust only sparsely. We also need to stay prepared to revoke this trust at any time, when we learn new information that justifies it.
-
-Always remain skeptical when you encounter privacy policies that seem suspiciously too generic; official-looking badges on websites advertising unsupported claims of "GDPR compliance", reviews that are lacking supporting evidence and doubtfully independent; and over usage of buzzwords like "military-grade encryption", "privacy-enhancing", "fully encrypted", and (more recently) "AI-powered".
-
-It's not easy to navigate the perilous waters of supposedly privacy-respectful software. And it's even worse in an age where AI-spawned websites and articles can create the illusion of trustworthiness with only a few clicks and prompts.
-
-Learning [how to spot the red flags, and the green(ish) flags](red-and-green-privacy-flags.md), to protect ourselves from the deceptive manipulation of privacy washing is an important skill to develop to make better informed choices.
diff --git a/content/blog/posts/private-european-alternatives.md b/content/blog/posts/private-european-alternatives.md
deleted file mode 100644
index 2bb3ac49b..000000000
--- a/content/blog/posts/private-european-alternatives.md
+++ /dev/null
@@ -1,297 +0,0 @@
----
-date:
-    created: 2025-03-19T21:00:00Z
-categories:
-    - News
-authors:
-    - jonah
-description: There is a growing sentiment that the US shouldn't be relied upon for the technologies that many people and businesses use every day. These privacy-centric recommendations come from a variety of European-based companies and organizations, that you should definitely consider checking out!
-schema_type: NewsArticle
-preview:
-  color: "#003399"
-  text_color: "#ffffff"
-  site_logo: privacy-guides-logo-notext-colorbg-white.svg
-  icon: simple/europeanunion
----
-# Privacy-Respecting European Tech Alternatives
-
-![European Union flag and Privacy Guides logo side by side](../assets/images/private-european-alternatives/eu-alternatives.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-There is a growing sentiment that the US shouldn't be relied upon for the technologies that many people and businesses use every day. Lately, the US has been unilaterally [cutting off](https://archive.ph/EJ26f) access to critical technologies to European countries, prompting [calls for "radical action"](https://techcrunch.com/2025/03/16/european-tech-industry-coalition-calls-for-radical-action-on-digital-sovereignty-starting-with-buying-local/) to bolster European tech stacks from EU lawmakers.<!-- more -->
-
-At Privacy Guides, we generally value technical guarantees over matters like jurisdiction. There is simply no alternative to privacy technologies like strong *end-to-end encryption* when it comes to protecting your information.
-
-That being said, the United States *certainly* does not have a monopoly on the best technologies, and many of our favorite [recommended tools](https://www.privacyguides.org/en/tools/) come from Europe and all over the world. Tools from the European Union also generally benefit from much stronger data protection laws, thanks to the EU's General Data Protection Regulation (GDPR).
-
-If supporting the European tech industry is something that is important to you, here's a non-exhaustive list of some of our favorites. We have many more recommendations throughout our website if you are interested in learning more about privacy-respecting tech alternatives!
-
-## Email Services
-
-Many people and businesses are tied to Google's Gmail or Microsoft's Outlook products, but there are *far* more secure and private [alternative email providers](https://www.privacyguides.org/en/email/) out there!
-
-### Tuta :flag_de:
-
-<div class="admonition recommendation" markdown>
-
-![Tuta logo](../assets/img/email/tuta.svg#only-light){ align=right }
-![Tuta logo](../assets/img/email/tuta-dark.svg#only-dark){ align=right }
-
-Based in Hanover, Germany, **Tuta** is an email service with a focus on security and privacy through the use of encryption. Tuta has been in operation since 2011.
-
-Free accounts start with 1 GB of storage.
-
-[More Info](https://www.privacyguides.org/en/email/#tuta)
-[Homepage](https://tuta.com)
-{ .pg:buttons }
-
-</div>
-
-### Proton Mail :flag_ch:
-
-<div class="admonition recommendation" markdown>
-
-![Proton Mail logo](../assets/img/email/protonmail.svg){ align=right }
-
-Based in Geneva, Switzerland, **Proton Mail** is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since 2013.
-
-The Proton Mail Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
-
-[More Info](https://www.privacyguides.org/en/email/#proton-mail)
-[Homepage](https://proton.me)
-{ .pg:buttons }
-
-</div>
-
-## Office Suites
-
-Of course, email isn't the only thing offered by solutions like Google Workspace and Microsoft 365. Many people use their entire suite of [productivity tools](https://www.privacyguides.org/en/document-collaboration/) to manage their businesses and collaborate with others.
-
-Luckily, there are plenty of alternatives that incorporate strong encryption and can even be self-hosted, which will not only decrease your reliance on the traditional Big Tech companies, but keep your data far more secure as well.
-
-### CryptPad :flag_fr:
-
-Developed and hosted by *XWiki* in Paris, France, **CryptPad** is a complete online office suite with applications including Documents, Rich Text, Spreadsheets, Code/Markdown, Kanban, Slides, Whiteboard and Forms.
-
-<div class="admonition recommendation" markdown>
-
-![CryptPad logo](../assets/img/document-collaboration/cryptpad.svg){ align=right }
-
-**CryptPad** is a private-by-design alternative to popular office tools. All content on this web service is end-to-end encrypted and can be shared with other users easily.
-
-[More Info](https://www.privacyguides.org/en/document-collaboration/#cryptpad)
-[Homepage](https://cryptpad.org)
-{ .pg:buttons }
-
-</div>
-
-We recently did a [full review of CryptPad](cryptpad-review.md), which you should definitely check out if you might be interested in switching!
-
-### Nextcloud :flag_de:
-
-**Nextcloud** comes from German startup *Nextcloud GmbH*, and offers a complete cloud drive alternative to Google Drive or OneDrive.
-
-<div class="admonition recommendation" markdown>
-
-![Nextcloud logo](../assets/img/self-hosting/nextcloud.svg){ align=right }
-
-**Nextcloud** is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control.
-
-[More Info](https://www.privacyguides.org/en/document-collaboration/#nextcloud)
-[Homepage](https://nextcloud.com)
-{ .pg:buttons }
-
-</div>
-
-### LibreOffice :flag_de:
-
-**LibreOffice** is developed by *The Document Foundation* based in Berlin, Germany. It's a free and open-source office suite with extensive functionality.
-
-<div class="admonition recommendation" markdown>
-
-![LibreOffice logo](../assets/img/office-suites/libreoffice.svg){ align=right }
-
-Web-based editors aren't for everyone. If you need a full-fledged office suite that runs locally on your computer, **LibreOffice** is a fantastic alternative to Microsoft Office.
-
-[More Info](https://www.privacyguides.org/en/office-suites/#libreoffice)
-[Homepage](https://libreoffice.org)
-{ .pg:buttons }
-
-</div>
-
-## Search Engines
-
-One of the most frequently used tools on the internet is the venerable search engine. Switching from **Google** to an [alternative](https://www.privacyguides.org/en/search-engines/) is one of the biggest impact approaches to improving your privacy that you can make.
-
-### Startpage :flag_nl:
-
-Headquartered and developed in the Netherlands, Startpage is one great alternative to Google you could consider:
-
-<div class="admonition recommendation" markdown>
-
-![Startpage logo](../assets/img/search-engines/startpage.svg#only-light){ align=right }
-![Startpage logo](../assets/img/search-engines/startpage-dark.svg#only-dark){ align=right }
-
-**Startpage** is a private search engine. One of Startpage's unique features is the [Anonymous View](https://startpage.com/en/anonymous-view), which puts forth efforts to standardize user activity to make it more difficult to be uniquely identified. The feature can be useful for hiding [some](https://support.startpage.com/hc/articles/4455540212116-The-Anonymous-View-Proxy-technical-details) network and browser properties. However, unlike the name suggests, the feature should not be relied upon for *total* anonymity.
-
-[Homepage](https://www.privacyguides.org/en/search-engines/#startpage)
-[Homepage](https://startpage.com)
-{ .pg:buttons }
-
-</div>
-
-It is worth noting that [since 2020](relisting-startpage.md), Startpage has been a subsidiary of American company System1. Their operations and employees remain in the Netherlands, and you can choose to utilize only European servers if you wish.
-
-## Web Browsers
-
-Web browsers are historically very tricky to build, and the three major browser engines, Chromium, Gecko (Firefox), and WebKit (Safari) are all *primarily* developed by American companies. This is a space that could certainly use improvement.
-
-### Mullvad Browser :flag_se:
-
-One of our [recommended browsers](https://www.privacyguides.org/en/desktop-browsers/) is spearheaded by Swedish VPN company *Mullvad*, although it's worth noting that its development is somewhat reliant on American non-profits Mozilla and the Tor Project, being a Tor Browser fork.
-
-<div class="admonition recommendation" markdown>
-
-![Mullvad Browser logo](../assets/img/browsers/mullvad_browser.svg){ align=right }
-
-**Mullvad Browser** is a version of Tor Browser with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against mass surveillance programs. It is developed by the Tor Project and distributed by Mullvad, although it does *not* require the use of Mullvad's VPN.
-
-[More Info](https://www.privacyguides.org/en/desktop-browsers/#mullvad-browser)
-[Homepage](https://mullvad.net/en/browser)
-{ .pg:buttons }
-
-</div>
-
-## Maps & Navigation
-
-Mapping and location apps like Google Maps can track your every move, and that data is used by tech companies for a wide variety of purposes, including for military and defense. The best mapping apps for your privacy can be used completely offline:
-
-### Organic Maps :flag_ee:
-
-<div class="admonition recommendation" markdown>
-
-![Organic Maps logo](../assets/img/maps/organic-maps.svg){ align=right }
-
-Based in Estonia, **Organic Maps** is an open source, community-developed map display and satnav-style navigation app for walkers, drivers, and cyclists. The app offers worldwide offline maps based on OpenStreetMap data, and navigation with privacy — no location tracking, no data collection, and no ads. The app can be used completely offline.
-
-[More Info](https://www.privacyguides.org/en/maps/#organic-maps)
-[Homepage](https://organicmaps.app)
-{ .pg:buttons }
-
-</div>
-
-### OsmAnd :flag_nl:
-
-<div class="admonition recommendation" markdown>
-
-![OsmAnd logo](../assets/img/maps/osmand.svg){ align=right }
-
-Based in the Netherlands, **OsmAnd** is an offline map and navigation application based on OpenStreetMap, offering turn-by-turn navigation for walking, cycling, driving, as well as public transport. It is open-source and does not collect any user data.
-
-[More Info](https://www.privacyguides.org/en/maps/#osmand)
-[Homepage](https://osmand.net)
-{ .pg:buttons }
-
-</div>
-
-## Password Managers
-
-### KeePassXC :flag_de:
-
-<div class="admonition recommendation" markdown>
-
-![KeePassXC logo](../assets/img/password-management/keepassxc.svg){ align=right }
-
-**KeePassXC** is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal of extending and improving it with new features and bug fixes to provide a feature-rich, cross-platform, and modern open-source password manager.
-
-[More Info](https://www.privacyguides.org/en/passwords/#keepassxc)
-[Homepage](https://keepassxc.org)
-{ .pg:buttons }
-
-</div>
-
-We recently published an article on [securely using KeePassXC with a YubiKey](installing-keepassxc-and-yubikey.md)!
-
-### Proton Pass :flag_ch:
-
-<div class="admonition recommendation" markdown>
-
-![Proton Pass logo](../assets/img/password-management/protonpass.svg){ align=right }
-
-**Proton Pass** is an open-source, end-to-end encrypted password manager developed by the Swiss company Proton AG, the team behind Proton Mail. It securely stores your login credentials, generates unique email aliases, and supports and stores passkeys.
-
-[More Info](https://www.privacyguides.org/en/passwords/#proton-pass)
-[Homepage](https://proton.me/pass)
-{ .pg:buttons }
-
-</div>
-
-## Instant Messengers
-
-Switching off of WhatsApp, Facebook Messenger, or iMessage in favor of a more [private instant messenger](https://www.privacyguides.org/en/real-time-communication/) is an excellent way to safeguard your chats.
-
-### Element :flag_gb:
-
-Element is based in the United Kingdom, which is of course no longer in the European Union. However, it is a trusted messaging platform by the [French government](https://element.io/case-studies/tchap), and the [German military](https://element.io/case-studies/bundeswehr), among many other organizations in Europe and around the world looking for sovereignty from Big Tech messaging platforms like Slack and Google Messages.
-
-<div class="admonition recommendation" markdown>
-
-![Element logo](../assets/img/social-networks/element.svg){ align=right }
-
-**Element** is the flagship client for the [Matrix](https://matrix.org/docs/chat_basics/matrix-for-im) protocol, an [open standard](https://spec.matrix.org/latest) for secure decentralized real-time communication.
-
-Messages and files shared in private rooms (those which require an invite) are by default E2EE, as are one-to-one voice and video calls.
-
-[More Info](https://www.privacyguides.org/en/real-time-communication/#element)
-[Homepage](https://element.io)
-{ .pg:buttons }
-
-</div>
-
-### SimpleX :flag_gb:
-
-Another open-source option from the United Kingdom, SimpleX chat has very strong security features, and can be entirely self-hosted anywhere in the world if you prefer the assurances a [custom server](https://simplex.chat/docs/server.html) can bring.
-
-<div class="admonition recommendation" markdown>
-
-![Simplex logo](../assets/img/messengers/simplex.svg){ align=right }
-
-**SimpleX Chat** is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against censorship.
-
-[More Info](https://www.privacyguides.org/en/real-time-communication/#simplex-chat)
-[Privacy Policy](https://simplex.chat)
-{ .pg:buttons }
-
-</div>
-
-### Briar :earth_africa:
-
-Briar is an open source project not legally incorporated in any jurisdiction, although it has received funding from European initiatives like [NGI](https://ngi.eu/) and the [NLnet Foundation](https://nlnet.nl/), and includes many Europeans in their voluntary board and team.
-
-<div class="admonition recommendation" markdown>
-
-![Briar logo](../assets/img/messengers/briar.svg){ align=right }
-
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing censorship. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
-
-[More Info](https://www.privacyguides.org/en/real-time-communication/#briar)
-[Homepage](https://briarproject.org)
-{ .pg:buttons }
-
-</div>
-
-## More Services...
-
-Looking for more? Here's a short (and non-exhaustive) list of other recommendations of ours which are based in Europe:
-
-- [**VPN Services**](https://www.privacyguides.org/en/vpn/): :flag_se: [Mullvad](https://www.privacyguides.org/en/vpn/#mullvad) and :flag_ch: [Proton VPN](https://www.privacyguides.org/en/vpn/#proton-vpn)
-- [**DNS Providers**](https://www.privacyguides.org/en/dns/#recommended-providers): :flag_fr: [dns0.eu](https://dns0.eu/), :flag_se: [Mullvad DNS](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls), and :flag_ch: [Quad9](https://quad9.net/)
-- [**Calendars**](https://www.privacyguides.org/en/calendar/): :flag_de: [Tuta](https://tuta.com/calendar) and :flag_ch: [Proton Calendar](https://proton.me/calendar)
-- [**Notes Apps**](https://www.privacyguides.org/en/notebooks/): :flag_gb: [Joplin](https://joplinapp.org/) and :flag_ee: [Crypt.ee](https://crypt.ee/)
-- [**Pastebins**](https://www.privacyguides.org/en/pastebins/): :flag_fr: [PrivateBin](https://privatebin.info/)
-- [**Linux Distros**](https://www.privacyguides.org/en/desktop/): :flag_de: [openSUSE](https://www.opensuse.org/)
-
-If you're in Europe and looking to build or host your *own* European technology, there are also plenty of alternatives to the typical American IT providers. Topics like cloud computing platforms, web analytics services, and content delivery networks are currently out of scope for what we cover here at Privacy Guides, but [European Alternatives](https://european-alternatives.eu/) is one great resource for finding more services like these.
-
-At the end of the day, we trust *all* of our [recommended privacy tools](https://www.privacyguides.org/en/tools/) to keep you safe from prying eyes, but there are many valid reasons you may prefer to stick to the European market.
diff --git a/content/blog/posts/proton-wallet-review.md b/content/blog/posts/proton-wallet-review.md
deleted file mode 100644
index 90e56ba7a..000000000
--- a/content/blog/posts/proton-wallet-review.md
+++ /dev/null
@@ -1,131 +0,0 @@
----
-title: "Proton Wallet Review: Is Proton Losing Touch?"
-template: review-article.html
-schema_type: ReviewNewsArticle
-description: "It may well be that Proton Wallet is the easiest way to start using Bitcoin, but is a Bitcoin wallet the solution people need to improve their financial privacy?"
-date:
-    created: 2024-09-08T19:00:00Z
-categories:
-    - Reviews
-authors:
-    - jonah
-links:
-    - Cryptocurrency: https://www.privacyguides.org/en/cryptocurrency/
-tags:
-    - Cryptocurrency
-license: BY-SA
-preview:
-  logo: theme/assets/img/cryptocurrency/proton-wallet.svg
-review:
-  type: SoftwareApplication
-  category: FinanceApplication
-  subcategory: Cryptocurrency Wallet
-  name: Proton Wallet
-  price: 0
-  website: https://proton.me/wallet
-  rating: 2
-  pros:
-    - Secure, non-custodial option for Proton users.
-  cons:
-    - Only supports Bitcoin, a non-private cryptocurrency.
-    - No support for Lightning or CoinJoin.
-    - iOS app still in beta.
----
-![Proton Wallet logo](../assets/img/cryptocurrency/proton-wallet.svg){ align=right itemprop="image" }
-
-Proton, the Swiss creators of privacy-focused products like [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) and [Proton VPN](https://www.privacyguides.org/en/vpn/#proton-vpn), recently released the latest product in their ever-growing lineup: **Proton Wallet**. [Announced](https://discuss.privacyguides.net/t/introducing-proton-wallet-a-safer-way-to-hold-bitcoin/19636) at the end of July 2024, it promotes itself as "an easy-to-use, self-custodial" Bitcoin wallet that will ostensibly make financial freedom more attainable for everyone.<!-- more -->
-
-!!! info inline "Side info"
-
-    - Proton Wallet's [Privacy Policy](https://proton.me/wallet/privacy-policy)
-    - This review was conducted with the reviewer's personal Proton Visionary account. Proton was not contacted prior to this publication.
-
-It may well be that Proton Wallet is the easiest way to start using Bitcoin, but is a Bitcoin wallet the solution people need to improve their financial privacy?
-
-## A cryptocurrency primer
-
-Contrary to popular belief, [cryptocurrency](https://www.privacyguides.org/en/cryptocurrency/) is not an inherently private transactional system.
-
-The vast majority of cryptocurrency, including Bitcoin, uses a transparent and public blockchain as the ledger for all transactions. This means that anyone you've transacted with or who knows your wallet's public address can trivially trace all of your past transactions, and monitor all of your future transactions at any time.
-
-This is a huge problem for Proton Wallet, because Bitcoin is the **only** cryptocurrency it supports. Furthermore, Proton Wallet doesn't support the few privacy-enhancing additions to Bitcoin that do exist, like CoinJoin or even the Lightning Network. While these technologies still don't bring Bitcoin close to the levels of privacy attainable with some alternatives like Monero, to see them lacking in a product from a privacy-centric company like Proton is extremely disappointing.
-
-Proton has claimed in a few interviews that they chose Bitcoin because of its mass appeal, and it's certainly true that Bitcoin has the mind share and market share to beat out any other cryptocurrency, but the *most popular* option isn't always the *best* option.
-
-Had Proton Wallet added support for Monero or a similarly private cryptocurrency, they could have single-handedly boosted a financial system that is *actually* private by default by a significant degree. In my eyes, failing to do so in favor of the market leader is an unfortunate step back from their "privacy by default" mantra.
-
-## Using the app
-
-Proton Wallet *is* in beta, like many of Proton's products are when newly released, and available via the web, an Android app, and an iOS [TestFlight](https://testflight.apple.com/join/6OIcXtQN).
-
-![Proton wallet registration page](../assets/images/proton-wallet-review/1.webp)
-
-Creating your wallet is a simple process, after registering you'll be asked to choose a name for your wallet and a default currency. You can also optionally set a passphrase to secure your account. Note that this isn't merely a passphrase securing your account on Proton's servers beyond your usual account credentials, it's a [BIP39 extension word](https://en.bitcoin.it/wiki/Seed_phrase#Two-factor_seed_phrases), meaning that if you lose it your wallet will be completely unrecoverable, **even if** you back up your 12 word seed phrase.
-
-![Proton wallet setup page](../assets/images/proton-wallet-review/2.webp)
-
-The default currency here isn't the currency being *stored* in Proton Wallet. It is just used to show you the current conversion rate between Bitcoin and your local currency.
-
-Once you're in, Proton Wallet is fairly straightforward. In fact, there's not much to explore beyond finding your wallet address and buying Bitcoin. Clicking the **Receive** button brings up a panel which shows your address and allows you to generate a new one on the fly. When you generate a new address, all of your previous addresses will continue to work, but are no longer displayed anywhere.
-
-![Proton wallet address QR code and text displayed in sidebar](../assets/images/proton-wallet-review/3.webp)
-
-Buying Bitcoin is simple as well. Proton is working with two providers, Banxa and Ramp, and if you're in the United States like I am both are available, so you can choose the one with the best exchange rate to go with. Before you purchase, Proton Wallet asks you for your current country, so that will determine which providers it's possible to use.
-
-There's no private payment methods though, you're stuck with credit card, Google Pay, or Apple Pay. The purchase experience isn't quite seamless either, as it redirects you to either banxa.com or ramp.network to perform the actual transaction. Everything is pre-filled with your Proton Wallet information however, so it isn't a huge problem.
-
-## "Bitcoin via Email"
-
-The flagship feature of Proton Wallet is something they call **Bitcoin via Email**, which integrates with Proton Mail to allow you to send Bitcoin to any email address. Opening your wallet settings lets you enable Proton's *Receive Bitcoin via Email* feature, which allows other Proton Wallet users to send Bitcoin to your account with just your Proton Mail address.
-
-![Proton wallet receive Bitcoin via email settings page](../assets/images/proton-wallet-review/4.webp)
-
-If you have multiple addresses on your Proton account, such as aliases or addresses on a custom domain, only one address can be linked to your wallet. This can be a bit annoying for people who have given out different Proton addresses to others in the past, like if you gave out your @protonmail.com address to some people, before later migrating to @proton.me when that domain became available.
-
-On the other hand, if you have aliases for different projects, this is a great way to keep Bitcoin payments to each address separate. If you have your personal email and a business alias for example, you can link your personal email to your primary wallet and create a second wallet to link your business alias to, thus keeping your personal and business transactions separate.
-
-Proton says that you can "create as many wallets as your Proton Wallet plan allows," but the exact limits are not very clear at the moment. This may become clearer as Proton Wallet exits its beta status.
-
-Sending Bitcoin to an email address is as simple as it is in mainstream payment apps like Venmo or CashApp, which is great. You can even include a memo with your transaction, and the transaction appears on the recipient's side very quickly. However, it can take a few hours or more for a transaction to actually complete and be usable by the recipient, so all they'll be able to do is monitor its progress in the meantime. This can be sped up by choosing a higher "network fee" when sending the payment, which costs more Bitcoin as the name would suggest.
-
-I'm not convinced this is particularly revolutionary though. Many Bitcoin wallets have streamlined the process of exchanging address information with other people with methods like QR codes, which are likely going to be more widely used than email in today's mobile-first world. Being able to replace Bitcoin addresses with emails fairly seamlessly *is* nice, but is it nice enough to warrant the entire Proton Wallet product? I'm not so sure.
-
-## What else sets it apart?
-
-There isn't much separating Proton Wallet from the existing options on the market. It is a *noncustodial* wallet, meaning that you control the private keys rather than Proton. This is a huge step-up in security compared to keeping your Bitcoin in an online exchange like Coinbase, but it isn't a big differentiator from other software wallets where noncustodial key storage is typically the norm.
-
-Besides that, and Bitcoin via Email, if you visit Proton's website to see how else they differentiate themselves the best third reason they could muster up is:
-
-> Our business is privacy: Proton isn't a crypto company — we're a privacy company that wants to empower everyone to use Bitcoin securely and privately.
-
-Unfortunately for Proton, this doesn't quite ring true when it comes to Proton Wallet. When it launched in 2014, Proton Mail was revolutionary in the email space. Encrypted email providers already existed, but Proton offered something different: Proton brought a good user experience to an interoperable encryption standard, PGP. While everyone else in the email space was rolling their own password-protected web portals to secure messages or simply delivering emails in plaintext, Proton built a user-friendly platform that actually improved the email ecosystem at large in the process.
-
-Proton's leadership thinks they can do for cryptocurrency what they once did for email, but there's a clear difference between then and now. Proton Mail had privacy and security ready to go from the beginning, but Proton Wallet simply meets the status quo.
-
-## Why does this exist?
-
-Proton Wallet is in a strange position. I've spoken to a few sources who suggest that privacy features like CoinJoin, which can mix Bitcoin in order to better anonymize transactions, were intended to be included at launch. The [crackdown](https://bitcoinmagazine.com/legal/samourai-wallet-breaking-down-dangerous-precedents) on the ill-fated Samouri Wallet project by U.S. authorities last April certainly put a damper on privacy in the Bitcoin space, and likely made Proton wary of introducing such features to the public.
-
-Proton suggests this themselves, stating on their [website](https://proton.me/wallet/bitcoin-guide-for-newcomers):
-
-> Coinjoin is considered the best solution for improving blockchain privacy. It works by mixing your BTC with other users’ BTC in a collaborative self-custodial transaction where you get back the same amount of BTC that you put in but on a different address that cannot be easily linked to your previous address. However, in 2024, in what many consider to be a regulatory overreach and attack on privacy, some of these Coinjoin services have been declared illegal in the US and EU. The future of financial privacy may therefore be decided by ongoing litigation in the next decade and privacy advocates should support these efforts.
-
-This situation likely soured Proton on other privacy-friendly cryptocurrencies like Monero as well. I get it, financial privacy is an extremely challenging task for any company to take on. We can't expect Proton to take on the risk of offering a completely anonymous payment service in the current legal climate, but it begs the question: why enter the financial space at all?
-
-Proton Wallet seems like a product that doesn't know its own place in the world. Is it meant to save us from the tyranny of payment processors like PayPal who can freeze your funds at a whim? Proton certainly thinks so, having faced that exact problem themselves during their original 2014 crowdfunding campaign. But in that case, is Bitcoin the actual solution to this problem, or is it just a stopgap fix that Proton happened to latch on to way back in 2014 when Bitcoin was more *in vogue* and there were few competitors?
-
-Today, there are many alternatives to Bitcoin which are safer to store your money in while remaining protected from intrusive fintech companies like PayPal. Stablecoins like USDC can be traded on multiple cryptocurrency networks without the need for middlemen payment processors, and can be exchanged at a variety of exchanges with the huge benefit of having *significantly* less risk than Bitcoin, theoretically no risk at all. Support for USDC or a similar technology would go a long way towards enabling *usable* cryptocurrency transactions for everyday users, even though USDC doesn't have any additional privacy protections either.
-
-Or, was Bitcoin chosen to give us independence from fiat currency, including stablecoins, entirely? Maybe so, but is that something we actually want? Prepping for a worldwide market collapse is perhaps a bit of a fool's errand. If the US Dollar and other economies failed overnight, I think we would all have a lot more problems than Bitcoin is going to solve for us. Bitcoin is a poor store of value to serve as an alternative to traditional currency anyway. Any asset which can gain or lose half its purchasing power on any given day of the week simply can't function as a viable medium of exchange, meaning it's virtually useless for day-to-day transactions.
-
-However, if Proton Wallet wasn't meant for all that, if it was simply meant to bring privacy to Bitcoin, then it's certainly a failure. Proton hasn't taken any risks with this product, meaning it's really only good for satisfying a singular belief: That Bitcoin is just inherently good, and anything to promote Bitcoin is inherently good as well. I don't share these fanatical beliefs of *Bitcoin maximalists*, however, when Bitcoin is demonstrably lacking in a wide variety of ways.
-
-## Conclusion
-
-Personally, I'm a bit of a cryptocurrency pessimist in general, but I can see some appeal for the technology in very specific areas. Unfortunately, Proton Wallet doesn't seem to fit in to a useful niche in any meaningful way. The functionality it does support is extremely basic, even by Bitcoin standards, and it simply doesn't provide enough value over the existing marketplace.
-
-If you're an existing Proton user simply looking for a place to store some Bitcoin *you already have* sitting around, Proton Wallet might be perfectly adequate. For everyone else, I don't see this product being too useful. Bitcoin is still far too volatile to be a solid investment or used as a safe store of value if you crave financial independence and sovereignty, and Proton Wallet simply isn't adequate for [paying for things privately online](https://www.privacyguides.org/en/advanced/payments/).
-
-There is some potential with Proton Wallet. Personally, I would like to see [support for Monero](https://protonmail.uservoice.com/forums/960668-proton-wallet/suggestions/48672359-support-monero), a cryptocurrency that has privacy features built-in by default. There is also the possibility of Proton expanding into the *traditional* finance space with features like a digital wallet for credit/debit cards, card aliasing à la [privacy.com](https://www.privacyguides.org/en/financial-services/#privacycom-us), and tap to pay within their mobile apps. A third-party alternative to Apple Pay and Google Wallet, and for the first time ever such a product could actually be viable: It's always been possible on Android, but just last month Apple announced the possibility for [iOS developers to use NFC](https://www.apple.com/newsroom/2024/08/developers-can-soon-offer-in-app-nfc-transactions-using-the-secure-element/) to facilitate payments outside of Apple Wallet. This presents a golden opportunity for Proton Wallet to be the first cross-platform digital wallet, if they can deliver.
-
-Alas, none of this is available in Proton Wallet today, and that's all that really counts.
diff --git a/content/blog/posts/pwa-vs-iwa.md b/content/blog/posts/pwa-vs-iwa.md
deleted file mode 100644
index c1656bda7..000000000
--- a/content/blog/posts/pwa-vs-iwa.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-date:
-    created: 2024-11-30T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - fria
-tags:
-    - PWA
-    - IWA
-    - Web
-license: BY-SA
----
-# State of the Web App: Current Woes and Promising Futures
-
-The concept of a [progressive web app](https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps) is enticing: an application using web technologies that is inherently cross-platform (since it runs in a browser) and acts like a native app, even functioning offline. Support for PWAs in traditionally locked-down platforms like iOS means that PWAs can give users the freedom to install apps without having to go through Apple’s App Store. But there are problems with web content that PWAs haven't solved.<!-- more -->
-
-## Current Web-Based Apps
-
-Attempts at similar things have been made before, the most infamous of which is [Electron](https://www.electronjs.org). Electron is a software framework that allows developers to easily create cross-platform apps by essentially bundling an entire Chromium browser in with the app. This approach has its [drawbacks](https://usa.kaspersky.com/blog/electron-framework-security-issues/28952/?srsltid=AfmBOor_UcYY-84soHz5K2ULTmhlX44-DsIfJp_StotBrusD63MweSGO), though. Browsers have huge attack surface, so it's important to keep them updated with the latest security fixes, but many Electron apps ship outdated versions, leaving those apps vulnerable. Each Electron app has its own version of Chromium with its own attack surface, amounting to a performance and security nightmare. In contrast, PWAs use the browser that you already have installed, so as long as you keep it updated, all your apps will have the latest security fixes.
-
-So why isn't every Electron app shipping as a PWA? The answer is an age-old problem with web content: the fact that you have to trust the server fully. You make an HTML GET request, and you're served the content (i.e., the site's HTML, CSS, and JavaScript), but if the server is compromised, you'll be served a compromised website. You also need to rely on the security of DNS name resolution and the [certificate authority](https://www.digicert.com/blog/what-is-a-certificate-authority) system. This is a huge problem for security-sensitive applications like messengers. An attacker that gains access to their server—even just temporarily—could distribute compromised clients to millions of people, potentially breaking E2EE or executing a host of other malicious actions.
-
-## Improving Web Apps
-
-A typical native app is downloaded onto your computer from some kind of trusted place like an app store and only receives updates when the developers push them out. Additionally, there's usually a process of checks and verification before that happens, like Apple's [App Review](https://developer.apple.com/distribute/app-review) and the Google Play [App Review](https://support.google.com/googleplay/android-developer/answer/9859455) process. In contrast to PWAs, with which the threat of an attacker with server access constantly looms, it's much more difficult to target a particular person. In other words, a malicious app update is much less likely to escape scrutiny than a highly targeted attack via compromised servers.
-
-Isolated Web Apps (IWAs) build on the work done on PWAs and [Web Packaging](https://github.com/WICG/webpackage). They are a specification that allows web content to be distributed offline outside a browser, much like a traditional app. It can be signed just like a regular app too, allowing you to verify that it came from the proper place and hasn't been modified. You could install an IWA from your favorite app store just like any other app and have the same security assurances. This would be incredibly useful in allowing for cross-platform E2EE web apps that don't need to trust a server every time you use them.
-
-Google [distinguishes](https://chromeos.dev/en/web/isolated-web-apps) between the drive by web, PWAs, and IWAs. The drive by web requires more conservative access to the system as the most accessible and is therefore least trusted. PWAs are a bit more trusted and can integrate a bit more deeply into the system as a result. IWAs are the most trusted and, as such, can have deeper access into the system and more powerful capabilities.
-
-<figure markdown>
-  ![Diagram showing the drive by web, a PWA, and then a dotted line separating them from IWAs](../assets/images/pwa-vs-iwa/iwa-diagram.webp)
-  <figcaption>source: <a href="https://chromeos.dev/en/web/isolated-web-apps">chromeos.dev</a></figcaption>
-</figure>
-
-This higher security assurance from isolated and signed web applications and the inherently more trusted nature of a natively installed app will allow for IWAs to safely access APIs which wouldn't be safe to allow normal websites to access, like [Direct Sockets](https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md).
-
-IWAs use a totally new [URL scheme](https://github.com/WICG/isolated-web-apps/blob/main/Scheme.md) since they're not relying on HTTPS certificate authorities or DNS. They're totally isolated from each other and the web using enforced Content Security Policy and Cross-Origin Isolation, hence the name.
-
-## Issues
-
-The [Worldwide Web Consortium](https://www.w3.org) currently has an open issue on their GitHub for IWAs with some interesting discussions that are worth checking out. There are some [criticisms](https://github.com/w3ctag/design-reviews/issues/842#issuecomment-1989631915) of IWAs, at least in their current form. A big point of contention is giving IWAs access to more powerful features like raw TCP and UDP socket access, similar to what a natively installed app might be able to do, which Martin Thomson at Mozilla argues is dangerous even with user consent. Martin wrote a nice in-depth [article](https://lowentropy.net/posts/bundles) on bundling web content that's worth checking out on their website. It'll be a long process of iterating on the design before a version of this idea that's secure and available across browsers.
-
-Right now, Chrome ships the feature [enabled by default](https://chromestatus.com/feature/5146307550248960) but only on ChromeOS for admin-controlled machines and select development partners of Google. Safari and Firefox haven't implemented the feature, with [Firefox](https://github.com/mozilla/standards-positions/issues/799#issuecomment-2342084330) taking a stance against it. Perhaps in its trial run, the technology will prove its potential, or maybe IWAs aren't the best solution after all and another attempt at improving web apps will come along. I'll be watching with great interest either way.
diff --git a/content/blog/posts/queer-dating-apps-beware-who-you-trust.md b/content/blog/posts/queer-dating-apps-beware-who-you-trust.md
deleted file mode 100644
index 3556187d9..000000000
--- a/content/blog/posts/queer-dating-apps-beware-who-you-trust.md
+++ /dev/null
@@ -1,572 +0,0 @@
----
-date:
-    created: 2025-06-24T21:00:00Z
-categories:
-    - News
-tags:
-    - Pride Month
-authors:
-    - em
-description: At the intersection of data privacy and LGBTQ+ experiences, it's inevitable to talk about queer dating apps. Unfortunately, most are horrible for data privacy.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp
----
-
-# Queer Dating Apps: Beware Who You Trust With Your Intimate Data
-
-![Photo of a hand holding a phone with a rainbow gradient and a white heart on it. The hand holds the phone in front of a vertical rainbow background with an open eye displayed transparently over it, symbolizing surveillance.](../assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Surasak Ch / Unsplash</small>
-
-When discussing the intersection of data privacy and LGBTQ+ experiences, it's inevitable to also talk about queer dating apps. Due to a smaller percentage of the population and a number of factors complicating in-person dating, people part of the queer community are more likely to seek online platforms to meet lovers and friends. Unfortunately, using queer dating apps can be very dangerous for privacy, and even for safety.<!-- more -->
-
-Dating apps are generally horrible for everyone's privacy, but the queer population is at an even higher risk of harm due to discrimination, and even [criminalization in certain regions](https://www.humandignitytrust.org/lgbt-the-law/map-of-criminalisation/).
-
-Despite the risks, LGBTQ+ people still need to fulfill their social and romantic needs like anyone else.
-
-This isn't an easy task outside the online realm either. Discrimination can be much worse in physical environments that aren't specifically catering to the queer community. In some regions, this can even mean a greater risk of physical aggression.
-
-LGBTQ+ people aren't necessarily safe to date in the same ways cisgender heterosexual people are, increasing the need for safe spaces.
-
-Another important factor is that a smaller percentage of the population necessarily creates a smaller dating pool. Even if someone were to avoid entirely online services, if they aren't located in a town large enough to host LGBTQ+ venues and events, or if they live in an environment where revealing their queer identity could be unsafe to them, online spaces might be their only viable option to [find connections](stay-safe-but-stay-connected.md).
-
-Sadly, this isn't ideal. In today's world, it seems very few services (if any) are considering the importance of data privacy for dating apps seriously enough.
-
-For this reason, it is crucial to acknowledge the dangers, and learn about ways to minimize the risks, and to stay safe while looking for romantic or sexual partners online.
-
-## Dating apps are horrible for data privacy
-
-Unfortunately, whether it's dating apps catering to everyone or to a narrower segment of the population, they are pretty much *all horrible for data privacy*.
-
-Some apps might be worse than others, but at this time, there are no good, largely used, *and* privacy-respectful dating apps.
-
-Due to the nature of dating apps, a major problem is that any dating app will unavoidably collect at least some of very sensitive personal data. This can include photos, intimate photos, sexual preferences, intimate conversations, detailed physical descriptions, and likely much more.
-
-Because of this, a good privacy-respectful dating app would need to implement considerably stronger protections for this data, and obviously not share it with any third party. Regrettably, this isn't what is happening *at all*.
-
-### They collect very sensitive information, legally and illegally
-
-Necessarily, most dating apps will collect *at minimum* a nickname, email, photo, and descriptions of your personality and physical appearance. But, the majority of apps do not stop there.
-
-Most dating apps also collect your location, IP address, and phone number (a strong quasi-static identifier that can be linked to your other accounts and legal identity).
-
-Then, you might upload additional sensitive information, such as a detailed physical description, detailed personality description, health condition, religion, political views, sexual preferences, and even intimate photos in private chats. All this information is collected and stored by the dating app, and maybe even shared with third parties.
-
-According to a [report from Mozilla](https://www.mozillafoundation.org/en/privacynotincluded/articles/data-hungry-dating-apps-are-worse-than-ever-for-your-privacy/), about 25% of apps also collect metadata on uploaded content. This means that if you do not [remove metadata](https://www.privacyguides.org/en/data-redaction/) from your photos and videos (or other file types) before uploading them, the dating app could collect it. This can include very precise information on where and when a photo or video was taken, for example.
-
-Additionally, dating apps can collect a scandalous amount of information from your social media accounts if you use them to sign up with the app. Already in 2017 (this is likely much worse 8 years later into surveillance capitalism), The Guardian journalist Judith Duportail [reported](https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold) on her experience with Tinder after requesting a copy of her account data. Tinder had kept 800 pages of information on her, including Facebook likes, number of Facebook friends, Instagram photo links, ages of men she was interested in, and so on. From her experience she wrote:
-
-> What will happen if this treasure trove of data gets hacked, is made public or simply bought by another company? I can almost feel the shame I would experience.
-
-She is not alone in this. Every dating-app user is at risk of having their intimate data exposed if their account or the app's servers gets hacked, or if the company otherwise leaks or shares their data.
-
-Tragically, data breaches and companies acquisitions aren't rare occurrences. It's more a matter of "when" than "if".
-
-#### Identity verification
-
-Moreover, many apps now require to "verify identity" by requesting users to submit a video selfie, official ID, or other means of verification.
-
-This practice is intrusive at best, and straight out *dangerous* at worst. Any verification practice requiring a piece of official ID or a facial scan has the potential of endangering this data, and increases the risk of a data leak exposing your intimate dating information while being strongly linked to your legal identity.
-
-No dating app should be requiring such sensitive information. Fighting bots and fake accounts isn't worth the risk this represents to users.
-
-#### Biometric data
-
-Even for users who might be careful to choose more privacy-respectful apps, or feel protected by stronger local legislation, trust can be broken.
-
-In 2024, Bumble and Badoo settled a [class action lawsuit](https://www.the-sun.com/money/12327292/bumble-settlement-badoo-payment/) for allegedly infringing the privacy rights of users residing in Illinois US, by violating the [Biometric Information Privacy Act](https://en.wikipedia.org/wiki/Biometric_Information_Privacy_Act) (BIPA). The complainants alleged the apps, both owned by Bumble Inc, were capturing and storing users' facial scan biometrics it extracted from profile's content without the users' consent.
-
-While users located in Illinois were entitled to financial compensation from the [settlement](https://topclassactions.com/lawsuit-settlements/closed-settlements/40m-bumble-badoo-bipa-class-action-settlement/), others located in regions with weaker local regulation didn't receive any compensation for this violation of their consent.
-
-#### Artificial intelligence features
-
-Finally, most dating services have now [integrated AI features in their platforms](https://www.platformer.news/grindr-ai-boyfriend-wingman-monetization-paid-taps/). This is dreadful for privacy.
-
-The problem with current AI features is that most will not just generate data but will also *collect* data. Once data is integrated into a model, it's incredibly difficult (if not impossible) to delete it later.
-
-Grindr's terms of service include a section specifying that, when using the platform, [you grant an irrevocable right to Grindr](https://www.grindr.com/terms-of-service) to "exploit Your User Content" to train "AI Technologies". **Your content is up for AI-grabs on Grindr.**
-
-Horrifyingly, most other dating apps aren't better.
-
-While other apps might be careful not to directly name "AI" or "training" in their terms of service, risking scaring users away, OkCupid, Hinge, and Plenty of Fish (all part of the Texas-based dating service conglomerate Match Group), describe a similar clause in their terms of service that could potentially include AI technologies training on users' content (if not already).
-
-For example, OkCupid specifies in clause 7 of their [Terms & Conditions](https://okcupid-app.zendesk.com/hc/en-us/articles/23941864418203-Terms-Conditions) (emphasis added for clarity):
-
-> By creating an account, **you grant to OkCupid a worldwide, perpetual, transferable**, sub-licensable, royalty-free **right and license to** host, store, use, copy, display, reproduce, adapt, edit, publish, translate, modify, reformat, **incorporate into other works, advertise, distribute and otherwise make available to the general public Your Content**, including any information you authorize us to access from Facebook or other third- party sources (if applicable), in whole or in part, and **in any way and in any format or medium currently known or developed in the future.** OkCupid's license to Your Content shall be non-exclusive, except that OkCupid's license shall be exclusive with respect to derivative works created through use of our Services. For example, **OkCupid would have an exclusive license to screenshots of our Services that include Your Content.**
-
-Of course "any medium developed in the future" could include AI technologies, and/or anything else.
-
-OkCupid has already integrated AI features in users' dating experience using OpenAI's ChatGPT for its services. Michael Kaye, OkCupid's head of communications, excitedly [told Mashable](https://mashable.com/article/okcupid-chatgpt-questions) that "daters who think ChatGPT is a lifesaver get almost 40 percent more Matches on OkCupid than those who think it's too big brother".
-
-Well, perhaps users who accurately think "it's too big brother" have simply already left the app...
-
-### They can expose legal identities
-
-Besides the data privacy dangers created by integrating AI features in dating apps, [identity and age verification is another growing problem](age-verification-wants-your-face.md).
-
-Unfortunately, it seems dating apps are more concerned with fighting fake accounts than protecting users' data, and are willing to sacrifice the latter for the former.
-
-Of course, this security measure is only theatrical. Criminals will easily go around identity verification systems, while the inevitable data breaches will endanger and harm all trustworthy users at once.
-
-#### Identity verification endangers the most vulnerable
-
-Each time a dating application asks for a video selfie or an official piece of ID to prove identity or age, this data risks getting leaked and stolen later.
-
-Moreover, requiring official IDs and face scans severely harm the most vulnerable users who need [protective practices to stay safe online](stay-safe-but-stay-connected.md/#practices-and-tools-that-help-in-various-contexts), for example by using a pseudonym. This is true for victims of domestic violence, victims of online stalking, as well as for the LGBTQ+ community.
-
-Exposed legal identities, particularly in conjunction with dating data, can lead to identity theft, online harassment, doxxing, non-consensual outing, extortion, loss of employment, arrest, and even sexual and physical violence.
-
-Pseudonymity can save lives online. Fighting pseudonymity isn't fighting crime, it's [fighting against the safety](https://journals.sagepub.com/doi/full/10.1177/17416590221111827) of the most vulnerable in our society.
-
-#### Biometric data and dystopian third party
-
-Continuing this horrifying trend, Match Group has announced this spring they are partnering with the [dystopian World App](sam-altman-wants-your-eyeball.md) to start testing age verification for Tinder in Japan. The World App generates unique identifiers based on biometric iris scan.
-
-If having to scan your official ID to continue using Tinder is *bad*, having to scan your eyeball from a questionable third party app is even *worse*.
-
-This practice will start for Tinder in Japan, but it's likely the verification process could be expanded to all users of Match Group apps in the near future.  Soon, the only way to avoid having to share biometric data with the World App to continue using your favorite dating app could be to leave the app entirely.
-
-#### Payment information
-
-Finally, payment information can also create a link between your dating account and your legal identity.
-
-If you provide a credit card under your legal name to use a dating app, then this profile is inevitably linked to your legal identity.
-
-It's possible that some application *might* use third-party software to manage payments, and that this data *might* not leak associated with your dating profile. However, this depends on which payment services the dating app works with, and what the company's security practices are.
-
-### They sell users' data to data brokers
-
-Sadly, not only most dating apps collect *way too much data* they don't secure properly, but they also willingly share this data with data brokers.
-
-If you are not familiar with the [data broker industry](https://www.eff.org/deeplinks/2021/07/data-brokers-are-problem), data brokers are usually private for-profit companies that specialize in collecting personal information on everyone, using and scraping public records, social media accounts, various websites, other online sources, and any applications willing to work with them.
-
-They then make this information [available to anyone](https://gizmodo.com/alleged-minnesota-shooter-used-data-brokers-to-find-lawmakers-addresses-2000616975) for sale. They do not care about your consent nor your safety, at all.
-
-**Data brokers are the archenemy of privacy rights.**
-
-And yes, dating apps share your dating data with them. California's Privacy Protection Agency even uses dating apps in its [example](https://cppa.ca.gov/data_broker_registry/) for the Data Broker Registry it keeps:
-
-> For example, if a person signs up for a dating app, a data broker may buy all recent sign ups of that dating app from the app developer and sell the information to a gym that is looking to target potential new customers.
-
-The chosen example of a data broker selling dating app data to a gym is quite mild. As explained in the next section, [what actually happens](#hateful-groups-tracking-users) with this data if often much more grim.
-
-One type of data often [bought by data brokers](https://www.eff.org/issues/location-data-brokers) is location data. Location data can easily be used to precisely identify a user, a user's home address, a user's work address, a user's favorite venues, and a user's connections with others. **Many dating apps share location data.**
-
-In 2022, The Markup [published](https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker) the results of an investigation from a 2018-2019 sample dataset they obtained from the data broker X-Mode. The dataset compiled location data collected from 107 different apps, including the dating app Bro "for bi, gay, and open-minded men".
-
-While conducting research on apps from the Google app store in 2020, the Yale Privacy Lab uncovered several other queer dating apps selling data to X-Mode. At that time, the dating apps Wapo, Wapa, MEET MARKET, and FEM were all sharing users' location data with the same data broker.
-
-Replying to journalists, Bro App's founder confirmed that the company no longer shares users' location with X-Mode.
-
-But what other data and which other data brokers dating apps might be working with? How many other dating apps similarly share location data?
-
-Seven years after this dataset was examined, and in a world where data is being collected from users exponentially more, how many dating apps have simply normalized this practice entirely?
-
-This isn't a new problem, and this [isn't just about location data](https://www.vice.com/en/article/shady-data-brokers-are-selling-online-dating-profiles-by-the-millions/). But this problem is getting increasingly worse, and users must be properly informed on how their intimate data is used and shared.
-
-With the advancements in computer performance over the years, collecting and storing data is cheaper than ever. Corporations and governments alike are eager to access this data for advertising and surveillance purposes. The same is true for special interest and criminal groups of all kinds.
-
-**The data broker industry is thriving on exploiting our data without consent**, even in our most intimate activities.
-
-### They monetize data for advertising
-
-Data brokers and ad-tech companies are working together in similar ways to extract values from every data point they can find about you online. They feed each other in some sort of twisted exploitative synergy.
-
-Dating apps are working with them as well.
-
-In 2021, [Grindr was fined](https://www.bbc.com/news/technology-59651703) €6.5m by the Norwegian Data Protection Authority for sharing users' data without prior explicit consent. The data shared with advertisers included age, gender, advertising ID, IP address, GPS location, and the fact that someone used Grindr. This makes the data even more sensitive, potentially revealing a user's sexual orientation (which is a special category under the [GDPR Article 9](https://gdpr-info.eu/art-9-gdpr/)).
-
-Last year, Grindr was sued for allegations of [sharing users' HIV status](https://www.bbc.com/news/articles/cj7mxnvz42no) with advertisers, in violation of UK's data privacy laws. Two years before, Grindr was [reprimanded](https://ico.org.uk/media2/migrated/4023128/grindr-reprimand.pdf) by the UK's Information Commissioner's Office (ICO) for its data protection (mal)practices.
-
-In 2020, the CPO Magazine [reported](https://www.cpomagazine.com/data-privacy/many-of-the-major-dating-apps-are-leaking-personal-data-to-advertisers/) about tests conducted by the Norwegian Consumer Council that found some of the most popular dating apps sharing sensitive personal information with advertisers. Tinder, Grindr (again), and OkCupid were all found to share age, gender, device information, IP address, and GPS location with advertising and analytics platforms owned by Google, Facebook, Twitter (X), Amazon, and more.
-
-Worse, it was also found that some of these apps sometime shared users' data related to their sexual orientation and dating interests. OkCupid even shared users data related to drug use and political views.
-
-The same year, Tinder announced a partnership with the app Noonlight to implement a "panic button" feature to connect users with help in case of emergency. This seems great at first, but the problem is, it is yet another app that hasn't done its privacy homework properly to protect users. Gizmodo [found](https://gizmodo.com/tinders-new-panic-button-is-sharing-your-data-with-ad-t-1841184919) the partnering app was sharing users' data with major ad-tech businesses *every minute*, including with Facebook and Google.
-
-Even your safety is being monetized and shared with Facebook.
-
-### They don't safeguard data properly
-
-In addition to collecting and monetizing a *large* amount of very sensitive data on every user, many dating apps have the unfortunate tendency to not take securing this data seriously enough.
-
-Data breaches and leaks of all sorts are rampant with dating apps. Assume all data you upload there might become public, sooner than later. If you are not out publicly, be aware **a dating app data breach could out you against your will**.
-
-Here are a few examples of past incidents:
-
-- 2025: [Grindr, Tinder data breach](https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/?guccounter=1)
-
-- 2025: [Translove, Pink, Brish data leak](https://cybernews.com/security/ios-dating-apps-leak-private-photos/)
-
-- 2025: [Gay Daddy data leak](https://cybernews.com/security/gay-daddy-ios-app-exposes-users/)
-
-- 2025: [Raw data leak](https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information/)
-
-- 2025: [Headero data leak](https://beyondmachines.net/event_details/headero-dating-app-leaks-data-exposing-4-million-user-records-5-n-4-z-a/gD2P6Ple2L)
-
-- 2023: [Coffee Meets Bagel data breach](https://www.bleepingcomputer.com/news/security/coffee-meets-bagel-says-recent-outage-caused-by-destructive-cyberattack/)
-
-- 2023: [419 Dating, Meet You, Speed Dating App For American data leak](https://ciso.economictimes.indiatimes.com/news/data-breaches/dating-app-that-claims-50-million-users-suffer-data-breach/101910331)
-
-- 2021: [MeetMindful data breach](https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/)
-
-- 2019: [Coffee Meets Bagel data breach](https://www.independent.co.uk/tech/coffee-meets-bagel-dating-app-hack-a8781176.html)
-
-- 2019: [Heyyo data leak](https://www.zdnet.com/article/heyyo-dating-app-leaked-users-personal-data-photos-location-data-more/)
-
-- 2019: [MobiFriends data breach](https://www.infosecurity-magazine.com/news/data-breach-exposes-four-million/)
-
-These are only a few examples, and from all the examples of data exposure out there, it's important to remember these are likely only *a fraction* of the data breaches truly happening. The small fraction that actually gets detected and reported.
-
-While nothing is ever 100% secure, **application developers must do much more** to protect users data adequately.
-
-The constant news about data breaches and leaks is demonstrating how better security and better privacy is urgently needed, especially for such sensitive information.
-
-### They can make deleting data difficult
-
-One excellent practice every dating app should adopt is data minimization. Applications should only require users to *provide the absolute minimum* information necessary to run the service.
-
-Then, as soon as this data is no longer required, data should be *thoroughly and permanently deleted*. For example, data should be *thoroughly deleted* when a user deletes it on their end, officially requests to have their data or their account deleted, or when an account becomes inactive after a certain period of time.
-
-This practices greatly reduces the risk of data breaches and leaks, and releases the company from this legal responsibility. **You cannot endanger the data you do not have.**
-
-Every organization and software developer *should* follow the [wise advice](https://www.schneier.com/blog/archives/2016/03/data_is_a_toxic.html) from renown cryptographer Bruce Schneier, and treat data like it's a toxic asset.
-
-#### Data retention practices
-
-It's difficult to know for sure for how long certain dating apps retain data behind the scene. Many lack transparency about their data retention practices.
-
-Data retention periods should always be the shortest possible to provide the service. Sadly, many businesses might be tempted to retain it for much longer, especially in the age of AI-training datasets.
-
-#### Data deletion practices
-
-Additionally, not all dating apps have adopted proper data deletion practices.
-
-The ideal practice is to empower users to be able to delete the data they wish to delete from within their account (e.g. being able to delete one message or one conversation). But also, companies should provide an option to request a *complete* and *permanent* account and data deletion from within the account, *without requiring additional information* from a user, and without requiring to email the company.
-
-Many applications have implemented data deletion processes similar to the model described above to manage user's requests, but not all of them (yet).
-
-Of course, organizations *must* also follow through, and *properly* delete this data in the *backend* as well as in the frontend.
-
-This has important legal implications, because even for organizations lacking transparency and honesty, users could soon find out the truth in the next data breach. If the data was not fully deleted after a deletion request was made, this could have *severe* legal and financial consequences.
-
-#### Investigating an app's data deletion process *before* creating an account
-
-Unfortunately, some dating apps seem to have neglected this important process in their relationship with users.
-
-Some applications and services are requiring *more* data to submit a data deletion request than what was even required to create the account in the first place. **This is bad.**
-
-Despite being rated the best (or perhaps the "least bad") on [Mozilla's Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/), the queer dating app Lex seems to require users to fill a *Google Form* that mandates providing first and last name, date of birth, email, phone number, and even a *home address*. One of the form seems to imply an official piece of ID might also be required. This is *extremely* intrusive.
-
-Moreover, this practice would be directly sharing this personal information *with Google,* outing that this person (with this legal name, and at this home address) is queer and uses or used Lex.
-
-Google Forms aren't a private way to share sensitive data. This isn't a great data privacy practice, to say the least.
-
-It's also [unclear](https://help.lex.lgbt/article/69-how-can-i-delete-my-data) if Lex respond to data deletion requests from users located outside the protection of the GDPR (Europe) or the CCPA (California US) at all. Despite a number of regions worldwide benefiting from privacy laws granting rights similar to the [GDPR's Article 17](https://gdpr-info.eu/art-17-gdpr/).
-
-Even if you have been careful to provide only minimal information when creating your account, it seems a simple data deletion request once you are done using the app would require you to share all this *extremely sensitive and identifying information* with Lex (and Google!).
-
-At the time of this article's publication, Lex's current [privacy policy](https://help.lex.lgbt/article/51-privacy-policy) links to these two forms required from users to fill for [GDPR's Right to Erasure requests](https://docs.google.com/forms/d/e/1FAIpQLSdhK2fkBounO1PeN75s7OU0Ey1tmMpGEQYd9lD8EQWAH8DPKA/viewform) and [CCPA's Right to Delete requests](https://docs.google.com/forms/d/e/1FAIpQLScz7bDrVbjvB4uSiWjJky0JeePyv4Q-g3Cejz6pCCHiXlUEVw/viewform).
-
-It goes without saying that you shouldn't email a copy of your passport to anyone, and you should never have to provide *more* information than the app already has on you to get your data deleted. This is especially true if all the data mentioned above gets shared with a third-party advertising company like Google, through the use of Google Forms.
-
-Privacy Guides has reached out to Lex for clarification on its data deletion practices, but has not received any response at the time of this publication. This article will be updated with new information once we receive an answer.
-
-Before creating an account with a dating app (or any other app for that matter), it's important to find information on what will be the process to delete your data and account once you are done with the app.
-
-That way, you can choose to only use applications that will thoroughly respect your privacy rights, and your rights to delete your own data.
-
-## Queer dating apps can be targeted
-
-At this time, almost all popular dating apps are *horrible* for data privacy. But queer dating apps (or queer people using any dating app) are especially vulnerable targets for malicious actors.
-
-Unfortunately, hateful groups, criminals, and even governments have been weaponizing dating apps to harass, exploit, arrest, or even attack queer people.
-
-Dating app companies are partly responsible for facilitating this harm by selling users' data to data brokers and advertisers, and by repeatedly missing opportunities for improvements to secure their users' data.
-
-Additionally, each time there is a new dating app data leak, whether from negligence, incompetence, greed, or malice, this leak risks [outing people against their will](importance-of-privacy-for-the-queer-community.md/#being-outed-against-ones-will). This alone can have devastating consequences, from feeling violated to getting arrested, or even killed.
-
-In Morocco, where being gay is still illegal, a social media influencer [asked](https://www.levantx.com/series-source/violence-in-lockdown-sofia-talouni-and-gay-male-outings-in-morocco-under-covid) people in 2020 to join dating apps to out gay men around them. This resulted in a violent online harassment campaign with many gay men being outed against their will, chased from their homes, shunned by their family, and horrifyingly even led to some suicides.
-
-Regrettably, even in countries where being queer is legal and generally accepted, [targeted harassment](privacy-means-safety.md/#trans-and-queer-activists) and attacks can happen.
-
-For people who aren't out publicly, data revealed about their dating life could potentially out them immediately. But even for people who are out publicly, making details about their dating life public could trigger online hate, targeted harassment, and endanger them in many ways.
-
-Queer dating apps have an even greater responsibility to protect their users' data.
-
-Data related to one's sexual orientation is categorized as especially sensitive information by many privacy laws, generally requiring additional protections. For example, GDPR's [Article 9](https://gdpr-info.eu/art-9-gdpr/) specifies special conditions for handling data related to a "person's sex life or sexual orientation".
-
-Companies and software developers must take this responsibility much more seriously.
-
-### Hateful groups tracking users
-
-In 2023, the Washington Post [revealed](https://www.pcmag.com/news/a-catholic-group-spent-millions-on-dating-app-data-to-out-gay-priests) that an American Catholic group based in Colorado had bought data brokers datasets from queer dating apps.
-
-The religious group spent millions of dollars to access data from Grindr, Scruff, Growlr, Jack'd, and OkCupid in an attempt to out gay and bisexual priests. The group used these datasets to cross-reference locations with church residences. This level of hate and insidious spying seems quite ungodly.
-
-Tragically, dating apps selling users' data to brokers and advertisers makes this type of targeting by hateful groups easily accessible to anyone willing to pay.
-
-### Governments and authorities prosecuting users
-
-In countries where homosexuality and transgender people are criminalized, even governments are guilty of these cruel practices.
-
-In 2017, Human Rights Watch [reported](https://www.hrw.org/news/2017/05/01/south-koreas-military-sodomy-law-should-go) allegations of the South Korean army cracking down on gay service members using published screenshots from dating app chats. Although homosexuality isn't illegal for civilians in South Korea, same-sex intercourse is illegal in the military. This oppressive rule is aggravated by the fact that South Korean men are [obligated to enroll](https://en.wikipedia.org/wiki/LGBTQ_rights_in_South_Korea) for a mandatory period of service under the conscript system.
-
-In 2018, organization Article 19 [completed](https://www.article19.org/resources/apps-arrests-abuse-egypt-lebanon-iran/) an investigation on the risk of dating apps usage by the LGBTQ+ community in Egypt, Lebanon, and Iran. The report demonstrates how authorities in Egypt used the geolocation feature of dating apps to entrap and arrest gay and transgender users.
-
-In 2022, Article 19 supported another report [focusing](https://www.article19.org/wp-content/uploads/2022/03/Digital-Crime-Scenes-Report-3.pdf) on the persecution of queer people in Egypt, Lebanon, and Tunisia. The report explains how authorities in these regions used dating apps to set up trap meetings with users, and to collect digital "evidences" to charge queer users.
-
-In 2025, Human Rights Watch [published](https://www.hrw.org/news/2025/05/26/uganda-anti-lgbt-law-unleashed-abuse-0) a report documenting the actions of authorities in Uganda following the 2023 enactment of the Anti-Homosexuality Act. In addition to spreading misinformation and hatred against LGBTQ+ people, leading to harassment and attacks, authorities have started to use dating apps to extort, entrap, and arrest queer people.
-
-Sadly, if LGBTQ+ rights continue to regress like we have observed in the past months, this sort of government-sanctioned persecution might even become normalized in the UK and the US as well.
-
-### Criminals blackmailing and attacking users
-
-Along with hateful groups and authoritarian regimes, criminals are also targeting the queer community on dating apps. This type of crime is exponentially worse for users located in regions where being queer is criminalized, but it is still a danger for anyone worldwide.
-
-Criminals have been [targeting](https://www.bleepingcomputer.com/news/security/lgbtq-plus-community-warned-of-extortionists-abusing-dating-apps/) users on queer dating apps for extortion scams. According to a report from the US Federal Trade Commission, criminals pose as potential dates sending explicit photos, then request users to reciprocate. If they get a reply, they blackmail the victim under threat of revealing this information. This type of extortion can have devastating consequences.
-
-Dating apps are worsening this problem when requesting users to provide legal identification such as facial scans, official IDs, or home addresses. If this information leaks in the future, criminals will have an even easier time to extort and attack their victims, regardless of if they're still on the app or not.
-
-## Reducing the risks when using dating apps
-
-Despite how bad dating apps are for your privacy (and maybe also your safety), your social, sexual, and romantic needs are important to consider as well.
-
-The best alternative for your data privacy is probably to favor in-person meetups and venues, whenever possible.
-
-However, if this isn't accessible to you, and you decide using a dating app is worth the risks, here are a few things to keep in mind that can help to improve your privacy and to reduce the dangers when using a dating app.
-
-### Investigating before creating an account
-
-Before creating an account on a dating app (or any other apps), it's a good idea to take a look at its privacy policy (or privacy notice) and terms of service.
-
-#### Researching privacy policy and terms of service
-
-Most people *hate* doing this, but it can really help to discern which apps are better than others.
-
-You don't have to read it all, but make sure to at least check the sections on what data they collect, with whom they share it, and how they use it.
-
-Important pro-tip: Using your browser, search the page for an "@" sign to verify if the privacy policy includes a contact email address. It *should* have one. Sometimes, it will be a link to a contact page instead. If you cannot find any way to contact anyone at this organization by email, be suspicious.
-
-If you decide to use this dating app, keep a local copy of its privacy policy and terms of service using the "Save to PDF" function from your browser. This *can* help legally by keeping a proof in time of what were the terms when you signed up (of course, they might change later, but that's a start).
-
-#### Investigating usage of AI systems
-
-Look in the privacy policy and terms of service for any mention of AI systems. Sometimes, it's not named directly and might be called something else like "automated system" or other expressions.
-
-Be especially vigilant to check if the company **might use your content data to train these systems**. Make sure you have a way to at least opt out, or deactivate of any such training. AI systems training on your data is *atrocious* for your privacy.
-
-#### Confirming data deletion processes and retention periods
-
-Again usually through the app's policies, look at what the process will be when you'll want to get your data and account with this app fully deleted.
-
-This is important because deleting your data once you are done using the app will greatly improve your data privacy and security, by protecting it from potential data breaches and undisclosed usage in the future (if the deletion is done thoroughly).
-
-Additionally, deleting your data and account once you no longer need it minimizes the risk of an abandoned-account takeover by a criminal.
-
-When you abandon an account without closing it and deleting its data properly, criminals might break in and start using your account and data without your knowledge. The longer the account sits there, the greater the risk.
-
-Make sure the app describes a clear process you can manage yourself *from within* the account to fully delete your data and account, and that **it doesn't require more information** to delete your account than you had to provide to create it in the first place.
-
-#### Evaluating reputation from history of data breaches
-
-Finally, conduct a short research on the history of security practices for this dating app.
-
-Look for trustworthy third-party reviews and information about the app. Always assume information and promises from the company itself are biased.
-
-Check the news for reports of data breaches and leaks. Checks what security researchers and privacy professionals have to say about this app. Make sure to find trustworthy sources, and remain vigilant about AI-generated articles and review articles that are advertising in disguise.
-
-### Choosing a dating app
-
-As stated at length in this article, there aren't any *good* dating apps for your privacy, sadly. There are only "slightly less horrible" dating apps.
-
-For more details on each, you can take a look at Mozilla's [Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/) for dating apps. Check the details for each app you are interested in, not just the rating. However, keep in mind that even Lex, the first app listed there, doesn't seem to have great practices in regard to [data deletion](#investigating-an-apps-data-deletion-process-before-creating-an-account), and you might be unable to delete your account data fully if you decide to use this app. This might also be the case for some other apps listed there.
-
-Alternatively, there are a few free dating apps that might offer a different approach with open source code. Applications that are open-source have the benefit of full transparency to examine its code, and potentially detecting any undisclosed data collection.
-
-That being said, open-source applications aren't magically secure, and don't necessarily grant better privacy either. But code transparency helps to audit the application, and to detect any false claim related to privacy and security. The German dating app Alovoa is an example of this. You can take a look at its [code](https://github.com/Alovoa/Alovoa/) on GitHub.
-
-However, the downside of any dating app that isn't massively popular is it will have fewer users, possibly making finding matches more difficult.
-
-Nevertheless, using a niche dating app that fits better your values *could* potentially increase the chances of finding a match that also fit better your values.
-
-Specifically to data privacy however, privacy-conscious people looking for a date online might have to wait for a truly privacy-respectful app to be developed, and to get more popular in the future.
-
-### Minimizing the data shared
-
-When using any dating app, you should always be careful with the information you share, not just for data privacy, but also for your physical safety.
-
-Using a dating app still means talking with a lot of strangers online, and these strangers might have different intentions and goals than yours.
-
-Of course, to find genuine matches, you also do need to share at least some information about yourself, and you shouldn't lie to potential partners.
-
-The idea isn't to use fake information, the idea is simply to *minimize* the information you share, to increase your data privacy with the app, and your safety when interacting with strangers.
-
-Once you have developed a certain level of trust with a dating app match, then you can [move to safer channels](stay-safe-but-stay-connected.md/#private-messaging-one-on-one-and-group-chats) to share more with them (if you wish) in a more secure and more private environment. You could share your Signal username with them to chat in an end-to-end encrypted environment, for example.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Warning: Only share when you fully trust!</p>
-
-Remember that there will be no content moderation in this end-to-end encrypted environment, because it is *truly private*. You should **never share any intimate details with someone you do not trust fully**, even on Signal (or any other end-to-end encrypted apps).
-
-</div>
-
-#### Sign up credentials
-
-When signing up for a dating app, **never use a social media account**. Many applications now gives the option to sign up or sign in using your Google, Facebook, or Instagram account.
-
-While this might seem convenient at first, it allows the applications to exchange data, and this is *incredibly bad for your privacy*.
-
-Instead, always sign up for a dating service using new credential information that you have not used anywhere else before (new username, new email, new password). This will reduce the risk of your other accounts being linked with your dating app data, and vice versa.
-
-#### Email address
-
-To use a unique email address, you might want to create a proxy address known as an alias.
-
-Email aliasing is a great technique to improve your privacy online. It allows you to register for services using a unique email address for each. You can also use these unique email addresses to give to your dating prospects to communicate with them. For email aliasing, SimpleLogin is a great service that we [recommend](https://www.privacyguides.org/en/email-aliasing/).
-
-#### Phone number
-
-Using a unique phone number is much more complicated, unfortunately.
-
-From some countries, you might be able to find a trustworthy phone number proxy service, but those aren't always accepted to sign up for new accounts.
-
-Generally, it's much harder to use proxy for a phone number, and account requiring phone numbers to sign up aren't the best for privacy.
-
-A phone number is an identifier that most people rarely change, and that is strongly attached to your legal identity. If this data leaks in the future, your dating data could be linked to your legal identity, and to your other accounts in all sorts of ways.
-
-Additionally, using a phone number or a verification code sent to your phone through SMS to log in makes your account vulnerable to [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). Avoid apps that are requiring a phone number to sign up if you can.
-
-If you absolutely cannot avoid it, then consider getting a secondary phone number on a spare phone that you only use for dating.
-
-#### IP address
-
-Your IP address is an identifier attached to the internet service you use, and can reveal your location (more or less accurately). Additionally, an IP address can potentially reveal your legal identity, and be linked to your other internet activities.
-
-Any online services and websites you use and visit will know your IP address, including dating apps.
-
-To protect from this, you would need to use a [trustworthy Virtual Private Network (VPN)](https://www.privacyguides.org/en/vpn/) provider. However, know that using a VPN is only a transfer of trust, from your Internet Service Provider (ISP) to your VPN provider.
-
-If using a queer dating app could be dangerous in your country, keep in mind that your VPN provider would know you have visited one. You would need additional protections to go around this, such as using a service like [Tor](https://www.privacyguides.org/en/advanced/tor-overview/) (which might not be possible with some services).
-
-Moreover, some dating services might not allow connection from a VPN server at all, or could trigger additional security checks and requirements to log in.
-
-#### Mobile app permissions
-
-After installing a dating app on a mobile device, make sure to go through your phone's settings to disable all the permissions you can.
-
-Keep it at the absolute *minimum* required for you to use the app. **Don't give permissions for the app to access your contacts or photos.**
-
-If enabled by default, disable accesses. Also disable accesses to your location, if you do not use this feature with the app. Ideally, enter your broad location instead (e.g. city only), and never allow precise geolocation from your phone.
-
-#### Privacy settings and opting out
-
-Before adding any information to your dating profile, go through the app's settings to select the strongest options available to protect your privacy.
-
-Sometimes, apps make it hard to find where to opt out data sharing and AI training, but *be persistent* and look everywhere you can. This is worth the effort!
-
-#### Account security
-
-Securing your account is also important to protect your privacy. If you do not use a [strong and unique password](https://www.privacyguides.org/en/basics/passwords-overview/), a criminal could easily snoop in or even takeover your account.
-
-In addition to choosing a long, complex, and unique password, make sure to enable multifactor authentication. Ideally, use an [authenticator app](https://www.privacyguides.org/en/multi-factor-authentication/) or [security key](https://www.privacyguides.org/en/security-keys/) for this.
-
-If the only option you have is to enable multifactor authentication with a phone number, *and you have already signed up for the app using a phone number*, then this is better than nothing. If you have *not* signed up with the app using a phone number, then it might be better to not use this at all. It's preferable to not give your phone number to the app, if you can avoid it.
-
-#### Name, nickname, and full name
-
-Be careful with the name you choose to publish. Avoid sharing your last name with anyone until you have met them, trust them, and are discussing on safer channels with them.
-
-Perhaps only use a nickname on the app, your fist name only, or a shortened version of your name if you can. **Do not lie, but avoid providing your complete legal identity from the app.**
-
-#### Photos and videos
-
-For photos, try to keep an awareness of whom will be able to see them. Some apps make your main profile picture visible to the entire internet!
-
-If this is true for the app you use, perhaps choose a photo hiding your features a little as your main photo. Then, add more detailed photos inside your profile, if photos have more restricted visibility there.
-
-No matter which photos you upload in a dating app, **do not ever use the same photos you have used on social media!**
-
-This could allow *anyone* to cross-reference your dating profile with your social media accounts using this photo (or other accounts and websites where you used the same photo). Depending on your situation, this can be incredibly dangerous.
-
-Ideally, only upload photos on the dating app that are new, or that you have only used with dating services.
-
-Additionally, be extremely careful about which *other* information is visible in the photos you share.
-
-Remain mindful of anything that could identify your home or work location, such as street signs, bus stops, street addresses, city landscapes, etc. Pay special attention to reflections in glasses, windows, mirrors, and other reflective surfaces.
-
-#### Photo metadata
-
-Furthermore, make sure to **[remove the metadata](https://www.privacyguides.org/en/data-redaction/)** from the photos and videos you want to upload, *before* you uploaded them in the dating app.
-
-Photo metadata can reveal a lot about you. This includes device models as well as the precise date, time, and geolocation where a photo was taken, or a video was filmed. Any metadata attached to images and videos uploaded to the app, is likely to be collected by the app.
-
-#### Intimate photos
-
-Finally, if you trust a match enough to start sharing more intimate pictures, consider the dating app might not be the safest space for this.
-
-Dating apps do not use end-to-end encryption, and *all* the data you upload there can be accessed by the company, and could be stolen in a data breach. Some dating apps were already [called out](https://www.techradar.com/pro/security/major-dating-app-data-breach-may-have-exposed-1-5-million-private-user-images-online) for this earlier this year.
-
-Moreover, keep in mind that criminals are regularly hunting for victims on dating apps, requesting intimate pictures for [nefarious purposes](https://www.bbc.co.uk/news/articles/cyvjy0871dqo). Students and younger people are a growing target for extortion, [sextortion](https://www.tandfonline.com/doi/full/10.1080/01639625.2024.2317904), and even [sex trafficking](https://www.investigatewest.org/investigatewest-reports/a-washington-teen-was-trafficked-by-a-man-she-met-on-tinder-she-says-two-years-later-shes-still-waiting-for-justice-17706687) on dating apps.
-
-*Always* keep in mind this risk when sharing intimate photos and videos with someone, *even on end-to-end encrypted platforms*.
-
-#### Private conversations
-
-When chatting in private with matches, remember that this conversation might not be as private as it feels.
-
-As explained above, the company can technically still **read and collect all of your private conversations**, and this data could also leak in a data breach.
-
-Additionally, nothing prevents anyone you are talking with from taking screenshots and publishing this information online. Unfortunately, this despicable practice isn't that uncommon.
-
-Make sure you trust the person you are chatting with enough before sharing any details that strongly identifies you, your location, or your work location. Consider moving to safer encrypted channels when the conversation becomes more personal.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">A note on anonymity</p>
-
-Keep in mind that all these measures will *not* make you completely anonymous on a dating app.
-
-It will only *reduce* the data you expose to the company and its advertisers, to potential data breaches and leaks, as well as to criminal and governmental non-consensual accesses.
-
-Achieving total anonymity online is very difficult. But following these privacy-enhancing practices will effectively help to reduce the risks, and keep you safer online.
-
-</div>
-
-## Let's hope for better dating apps in the future
-
-It's disheartening to discuss a topic such as dating apps when the reality is there **aren't any good alternatives** to propose.
-
-Dating *offline* is the best data privacy-preserving solution so far, but dating apps, moreover queer dating apps, exist for a reason: It's hard to find occasions to meet people to date in-person these days.
-
-Many opportunities for this have slowly disappeared from our society in the past years. Online dating does provide a solution to meet people looking to date as well.
-
-The even sadder truth is, technically, we *could* have great privacy-respectful dating apps.
-
-However, the for-profit business model of most applications (not just dating apps) has incentive everyone to share and monetize users' data in horribly intrusive and abusive ways. This isn't a problem limited to dating apps.
-
-Nonetheless, dating apps should be built with much greater protections for users' privacy. The unavoidable sensitive data they collect warrants exemplary security and privacy measures.
-
-Let's hope that one day we will see a trustworthy dating-app developer come with a *truly* privacy-respectful dating app. One that uses serious security measures, data minimization practices, proper data deletion processes, code transparency, honest and complete policies, fully end-to-end encrypted private chat, and that doesn't sell nor share users' data with anyone.
-
-Until then, stay safe out there. And keep in mind your privacy and safety when using queer dating apps.
-
-## Additional resources
-
-### Helplines
-
-If you are feeling isolated, depressed, or suicidal, do not hesitate to reach out for help. These helplines are here to listen:
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): Confidential support helpline for people who identify as trans, agender, gender-fluid or non-binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support (Phone number US: 877-565-8860 / Canada: 877-330-6366)
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 (Phone number: 988)
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.
diff --git a/content/blog/posts/real-name-policies.md b/content/blog/posts/real-name-policies.md
deleted file mode 100644
index b1d85ecd7..000000000
--- a/content/blog/posts/real-name-policies.md
+++ /dev/null
@@ -1,422 +0,0 @@
----
-date:
-    created: 2025-10-15T03:50:00Z
-categories:
-    - Explainers
-authors:
-    - em
-    - jordan
-description:
-    Real-name policies have existed for over a decade, but these problems have become exponentially harmful in today's world. It's time to fight back against this unsafe and discriminatory privacy-invasive practice.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/real-name-policies/realname-cover.webp
----
-
-# Real-Name Policies: The War Against Pseudonymity
-
-![Filtered photo of a "Hello my name is" name-tag sticker on a street post. Over the space for the name is a black graffiti tag.](../assets/images/real-name-policies/realname-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Marija Zaric / Unsplash</small>
-
-Real-name policies have existed for well over a decade already, and the problems they cause aren't new. But these problems have become exponentially harmful in today's world, where real-name policies are coupled with monopolistic platforms, increased mass surveillance, AI technologies, and facial recognition capabilities. It's time to fight back against this unsafe and discriminatory privacy-invasive practice.<!-- more -->
-
-Pseudonymity, or the use of a nickname or fictitious name online, has always been deeply valued on the internet. It grants people protections and freedoms that are often impossible to benefit from offline.
-
-Women, and especially women who are part of male-dominated online communities, have regularly used pseudonyms to hide their gender online in order to protect themselves from sexual harassment, stalking, and physical violence even.
-
-Transgender and gender-diverse people also regularly use pseudonyms for protection, or use new chosen names to explore their gender identity online.
-
-Victims of domestic violence, victims of stalkers, activists, and even journalists often use pseudonyms to protect themselves from aggressors or oppressive regimes.
-
-**Pseudonymity saves lives.** And yet, it is constantly under attack.
-
-## What are real-name policies exactly?
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Increasingly more platforms demand that users provide their legal name and official identifications in order to keep using a platform.</p></div>
-
-So called "real-name" policies are platform policies requiring users and subscribers to sign up and display their "real name," often equated to a *legal* name.
-
-Facebook for example claims not to require a legal name, but only the "real" name a person uses in their daily life. Yet, the social media giant regularly demands official IDs to verify this "real" name, effectively requiring people associate their account with their *legal* identity.
-
-Facebook has even repeatedly taken the liberty to decide which name was "real", and changed the displayed name of users based on verification processes **without any prior consent from users**. For people in vulnerable situations, this can be a *very* dangerous practice.
-
-Facebook is perhaps the most infamous platform implementing such discriminatory and intrusive policy, but sadly, it's not the only one.
-
-<span class="pullquote-source">Increasingly more platforms demand that users provide their legal name and official identifications in order to keep using a platform.</span> And this will likely be aggravated significantly by the recent trend for [age-verification](https://www.privacyguides.org/videos/2025/08/15/age-verification-is-a-privacy-nightmare/) policies.
-
-### Explicit and implicit policies
-
-There is always two levels of real-name policies: The name displayed publicly to everyone (explicitly required), and the name the platform has associated with the account in its database (implicitly associated).
-
-While a requirement to expose one's legal name publicly has clear privacy risks, storing legal names without displaying it to other users is also problematic.
-
-For explicit requirements, users who are obligated to display their legal name publicly are not only forced to create a permanent association of this account with their legal identity (with all the problems this can bring), but are also potentially exposing their identity and account to current or future attackers.
-
-For example, this can and does enable stalkers to find their victims online (and offline) to cause them harm.
-
-For implicit associations, as soon as a legal name is collected and associated with an account in the backend, whether from providing official documentation for age verification, account recovery, payment, or any other processes; this data is at risk of getting leaked or breached, and eventually shared publicly as well.
-
-Once this data is [exposed](https://discuss.privacyguides.net/t/discord-data-breach-customers-personal-data-and-scanned-photo-ids-leaked/31904), this account now also becomes permanently associated with a legal identity, publicly.
-
-Even without having an openly stated real-name policy, platforms collecting official documentation—or otherwise storing legal names associated with accounts—can effectively end up exposing their users to similar risks.
-
-### What is a real name anyway?
-
-Of course, your true *real* name is whatever you decide others should call you. Only *you* can decide this, and others should be respectful of your choice.
-
-Your *legal* name, however, is a **data marker attached to your person that can be used to trace many of your activities online and offline**, with a high degree of precision going as far back as when you were born.
-
-For everyone, but especially for vulnerable communities, exposing legal names on certain platforms can represent a significant risk. The [use of pseudonymity](https://www.techradar.com/pro/vpn/using-your-real-name-on-social-media-heres-why-you-should-think-twice) is a critical part of online safety, and people should be able to continue using this protective measure without raising suspicion.
-
-## Who is impacted the most by real-name policies?
-
-Everyone is impacted by real-name policies, but groups that are at higher risk of discrimination, violence, and online harassment are disproportionally harmed by them.
-
-Moreover, anyone who for various reasons uses a name that doesn't match their official ID; has a legal name that doesn't match an expected American name pattern; needs to conceal their gender online for safety; or has to protect their identity online due to their work as an activist, journalist, dissident, or whistleblower can be severely impacted, silenced, and even endangered by requirements to provide a legal name online.
-
-### Victims of domestic violence
-
-For many people, using pseudonyms isn't just a good privacy practice, but it can be a matter of life and death.
-
-For anyone who is experiencing or has experienced domestic violence, creating a new online identity hidden from the perpetrator can be essential for survival, to prepare a safe escape, or to keep having access to essential support and resources.
-
-When people are forced to only use one identity online, an identity attached to their legal identity, this empowers aggressors to find their victims, to silence them, to control them, and to harm them.
-
-**Technologies and policies are never neutral.** When policies and features make it difficult or impossible for vulnerable people to use these technologies safely, they are effectively excluding vulnerable people from the platforms.
-
-Even if this might seem minor from the outside, when Big Tech becomes so monopolistic that it's almost impossible to fully avoid it in our daily lives, when someone cannot access social groups and support without a Facebook account, and can't find a new job without LinkedIn, then it's not just a minor problem anymore, it's a major problem.
-
-**Platforms and online services should be safely accessible to everyone.** And this includes allowing the use of protective pseudonymity without requiring legal identification that could put the most vulnerable in life-threatening situations.
-
-### Victims of stalking
-
-Similarly to victims of domestic violence, victims of stalking must protect their identity online to stay safe from their stalkers. When platforms obligate people to use their legal names, explicitly or implicitly, they directly endanger these victims.
-
-If a stalker or an aggressor knows a victim's legal name (which is often the case), then it's trivial to find their account on any platforms and services, regardless of if they have blocked them on one.
-
-A good protection to prevent severe harassment is to create alternative accounts using a different name or different pseudonym unknown to the aggressor. This can give victims the peace of mind of knowing their stalker will not be able to find them there.
-
-For anyone tempted to argue real-name policies reduce the number of perpetrators, this isn't the case.
-
-Stalkers and predators of all kind feel generally quite comfortable using their own legal names, this isn't a problem for them. They feel confident knowing that victims generally have little recourses and support, and that there will be no consequences for them even when their legal name is known.
-
-Despite the claims, removing pseudonymity doesn't remove misbehavior online, this has been demonstrated [again](https://theconversation.com/online-abuse-banning-anonymous-social-media-accounts-is-not-the-answer-170224), and [again](https://theconversation.com/online-anonymity-study-found-stable-pseudonyms-created-a-more-civil-environment-than-real-user-names-171374), and [again](https://allabouteve.co.in/harassment-of-women-on-linkedin/). Real-name policies don't reduce crime, it only restricts the victims' ability to protect themselves from such crime.
-
-### Activists and political dissidents
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Pseudonyms are hardly modern phenomena, and it's fair to say democracy wouldn't exist without it.</p></div>
-
-For activists and political dissidents around the world, using pseudonymity online can be a way to reclaim freedom of speech and criticize power in a safer way. Under oppressive regimes, online privacy can mean life or death.
-
-This is another example showing how essential privacy rights are to democracy. **Real-name policies facilitate censorship, discrimination, and political repression.**
-
-A Honduran blogger using the pseudonym [La Gringa](https://lagringasblogicito.blogspot.com/2011/10/my-ripples-will-continue.html) used her blog and Facebook page to criticize the Central American government for years.
-
-Protecting her legal identity is essential to allow her to speak freely and stay safe from state repression. This isn't an exaggeration, Honduras is one of the most dangerous country for journalists. The Committee to Protect Journalists (CPJ) [recorded](https://latamjournalismreview.org/articles/almost-five-years-after-murder-of-honduran-journalist-gabriel-hernandez-authorities-still-waiting-for-results-of-their-investigations/) that 37 press workers were killed in the country between 1992 and 2023. Of these murders, 90% were unpunished.
-
-But Facebook silenced La Gringa with its real-name policy, requiring her to provide a copy of her official ID to continue advocating on the platform. Evidently, this request is asking her to put her life in danger and cannot be compromised on.
-
-Facebook's policy is essentially silencing any dissident and marginalized voices in oppressive regimes.
-
-By letting the community report infractions to Facebook's real-name policy, this effectively allows Facebook's rules to be weaponized against marginalized groups already plagued with constant discrimination.
-
-It also empowers abusers to silence their victims, and sides with oppressive regimes around the world to censor any critics they might have.
-
-As reporter Kevin Morris [commented](https://www.dailydot.com/news/la-gringa-facebook-ban-real-id-dangerous-honduras/) in his Daily Dot piece on the topic: <span class="pullquote-source">"Pseudonyms are hardly modern phenomena, and it's fair to say democracy wouldn't exist without it."</span>
-
-### Women
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">A site which requires real/verified names is automatically flagging itself as a potentially/probably unsafe space for women, or for anyone else at risk of harassment, violence, job discrimination, and the like.</p></div>
-
-Women have long used pseudonyms on the internet in order to conceal their gender online, and spare themselves from the sexual harassment and discrimination omnipresent on some platforms. This is even more common in male-dominated communities like online gaming, for example.
-
-It's not rare to hear some people claiming that "there aren't any women in their online community." Well, there probably is.
-
-Platforms allowing pseudonyms foster a culture of inclusivity where everyone can participate free from discrimination, regardless of their gender. Real-name policies encourage the opposite: platforms where participants are forced to either endure the abuse and compromise their physical safety, or be excluded entirely.
-
-As pseudonymous author *skud* [wrote](https://geekfeminismdotorg.wordpress.com/2010/06/10/hacker-news-and-pseudonymity/) for the *Geek Feminism* blog in 2010:
-
-> [...] women online are regularly admonished to use pseudonyms to protect themselves. Many websites with a culture of pseudonymity [...] have a very high proportion of female members, perhaps in part because of the sense of privacy and security that pseudonymity brings. <span class="pullquote-source">A site which requires real/verified names is automatically flagging itself as a potentially/probably unsafe space for women, or for anyone else at risk of harassment, violence, job discrimination, and the like.</span>
-
-Women aren't exactly a minority group. While platforms should be inclusive to everyone of course, including minority groups, enforcing a policy that obligates roughly 50% of the population to lower its safety protections in order to participate should be obviously unacceptable.
-
-### Indigenous people
-
-Notwithstanding its own policy, Facebook has regularly suspended accounts with legal names wrongly targeted as fake, based on criteria rooted in colonialism. Indigenous communities have been exceedingly impacted by Facebook's real-name policy, despite following all the platform's rules as requested.
-
-In 2009, Facebook abruptly [cut off account access](https://ictnews.org/archive/facebook-no-friend-to-american-indian-names/) to an Indigenous American woman named Robin Kills The Enemy, wrongly accusing her of registering under a false name. But her name was authentic, and indeed her *legal* name.
-
-Facebook eventually reinstated her account, but only after a long process where she had to modify the spelling.
-
-The burden shouldn't be on Indigenous people to have to prove their identity just because a US-based corporation can't seem to understand the global diversity of naming conventions.
-
-Following Kills The Enemy's experience, a journalist started a Facebook group called "Facebook: don't discriminate against Native surnames!!!" that was joined by over a thousand people only a few days after its creation. Many users shared similar experiences and questioned the platform's treatment of Indigenous surnames.
-
-Another woman named Melissa Holds The Enemy described a month-long process to recover her account.
-
-An Indigenous man named Oglala Lakota Lance Brown Eyes had his account [suspended](https://colorlines.com/article/native-americans-say-facebook-accusing-them-using-fake-names/) by Facebook demanding his "real" name.
-
-After Brown Eyes sent all the required proofs, Facebook decided without warning to Americanize his displayed name to "Lance Brown." **This is blatant racism.**
-
-His name was eventually corrected and Facebook apologized, but only after Brown Eyes threatened the company with a class action lawsuit.
-
-Dana Lone Hill also got her account suspended because of her Indigenous surname, and was forced to go through Facebook's intrusive verification process in order to recover her account.
-
-The list goes on and on. Indigenous people have been forced by Facebook to modify and Americanize their *actual legal names*.
-
-Many were forced to add hyphens, change the alphabet used, smash words together, or even remove parts of their legal name in order to please Facebook's arbitrary preferences, ignoring its own "real-name" policy.
-
-This is yet another demonstration of systemic racism perpetrated by a monopolistic corporation quick to ignore the human rights and diversity of its users.
-
-### People with non-Anglophone names
-
-In another case, a woman from Japan named Hiroko Yoda [wasn't able to sign up](https://www.telegraph.co.uk/news/newstopics/howaboutthat/2632170/Woman-called-Yoda-blocked-from-Facebook.html) for a Facebook account due to her surname.
-
-Despite being a common surname in Japan, it seems Facebook judged it more important to ban anyone trying to "impersonate" the popular Star Wars character.
-
-Of course, the Star Wars character uses a Japanese name because its creator has drawn [inspiration](https://en.wikipedia.org/wiki/Yoda#Creation) from the Japanese culture. But Facebook still seems to somehow think that Star Wars comes first, and Japanese people must pay the price for daring to share a surname with the American Jedi.
-
-A Facebook user from Hawaii named Chase Nahooikaikakeolamauloaokalani Silva also had his account suspended despite using his legal name.
-
-As a proud Hawaiian, it was important for him to be able to display his Hawaiian given name. But Facebook just didn't like his *legal* name.
-
-Silva reported to [HuffPost](https://www.huffpost.com/entry/facebook-chase-nahooikaikakeolamauloaokalani-silva_n_5833248) that "Facebook should not be able to dictate what your name is, what you go by, what you answer to," and he's right.
-
-More broadly, Facebook's policy [prohibits](https://en.wikipedia.org/wiki/Facebook_real-name_policy_controversy) name with "too many" words, capital letters, or first names with initials. This assumes the default for names is the Americanized format of one first name, one (short) middle name, and one last name.
-
-But this isn't a reality for most of the world. This extremely narrow vision of what a name should look like and how it should be formatted isn't compatible with many if not most cultures.
-
-It's unbelievable (and unacceptable) that a platform with an estimated 2.28 billion active users, who seems to want to eat even more of the world every year, is being so ignorant of non-American cultures and global naming conventions in its policies and practices.
-
-### The transgender community
-
-For transgender and gender-diverse individuals, their legal name may be a "[dead name](https://en.wikipedia.org/wiki/Deadnaming)." A dead name is a name that they were assigned at birth but no longer identify with. Commonly, transgender people change their name as part of their gender transition.
-
-In many countries around the world, there can be many bureaucratic hurdles required to change one's name, meaning that many trans people are unable to update their legal name to reflect their gender identity. Because they no longer identify with their dead name, keeping it private is of great importance for their mental health and safety.
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">23% of LGBTQ+ young people reported that they have been physically threatened or harmed in the past year due to either their sexual orientation or gender identity.</p></div>
-
-Referring to a trans person with their dead name is considered offensive and often involves misgendering someone too. For transgender people, being called a name that they no longer identify with invokes feelings of depression, anxiety, gender dysphoria, and lack of acceptance.
-
-Using someone's dead name signals that you don't respect their identity and that you don't care about them enough to use their new name.
-
-Unfortunately, transgender people still face widespread discrimination, that's why "dead naming" can be incredibly dangerous. Revealing someone's gender identity or sexuality without their consent is called "outing". By calling someone by their dead name, you may be inadvertently revealing someone is transgender. This can be not only traumatizing and frightening for the individual, but can also lead to violence or put this person in a dangerous situation.
-
-The Trevor Project, a non-profit LGBTQ+ organization, conducts a yearly [survey](https://www.thetrevorproject.org/survey-2024/?_hsmi=305272848) on LGBTQ+ youth across the United States. In their 2024 release, they found that <span class="pullquote-source">"23% of LGBTQ+ young people reported that they have been physically threatened or harmed in the past year due to either their sexual orientation or gender identity."</span>
-
-This is why when real-name policies come in, requiring transgender people to use their legal name for their social media accounts, this could force them to "come out" by displaying a name that they no longer identify with, therefore revealing they are transgender. The National LGBTQ Institute on Intimate Partner Violence [describes](https://lgbtqipvinstitute.org/coming-out-safely/) "coming out" as an "ongoing process, by which a person shares aspects of their identity with others."
-
-Having aspects of their identity shared without their consent can put this person in significant physical danger because of unsupportive family members, friends, colleagues, and strangers. This is especially the case with LGBTQ+ youth, who are at heightened risk of online, verbal, physical harassment, or violence due to their identity.
-
-Coming out can be a very daunting and scary process, particularly for transgender and gender-diverse people, and often can be an ongoing process over many years. In many cases, LGBTQ+ people choose instead to [hide their identity](https://www.stonewall.org.uk/news/new-research-shows-almost-40-of-lgbtq-employees-still-hide-their-identity-at-work) at social and work gatherings.
-
-Platforms that enforce real-name policies take away the essential ability to control when and how that process plays out are nothing short of abusive. This might sound hyperbolic, however, "outing" is often used as a mean of control in abusive relationships to coerce an LGBTQ+ individual. The fact that social media platforms are exhibiting similar behavior is alarming.
-
-Unfortunately, many websites don't allow updating the name attached to an account easily, often requiring to provide legal documentation showing proof that the name has been legally changed.
-
-Having to provide your identification documents to use a website is not only terrible for your privacy, as it links your real life identity to your online account, it also puts your identity at risk.
-
-Companies that process and verify identity documents are at a much higher risk of being targeted by malicious actors, because of the sensitive information they store and process.
-
-One of the worst offenders of this is Facebook. They require everyone that signs up to use their legal name for their profile, and claim that this is to ensure safety on the platform so that everyone knows who they are talking to is who they say they are.
-
-Many transgender and gender-diverse people use aliases on social media platforms to protect their identities and the identities of those around them, because they are more likely to be harassed or doxxed. Facebook's real-name policy has unforeseen consequences for these people, as one transgender Facebook user [found out](https://www.dailydot.com/news/facebook-real-names-cracking-down-transgender/):
-
-> I woke up to find my Facebook account deleted. [...] I have had a Facebook since about 2007 or 2008. Other than when I was a kid and was afraid my parents would find out about my account (causing me to use an alias for a little while), my profile always bore my legal name. A week or so ago, however, I changed my display name to "Arc Angel."
-
-Finally, because of the discrimination and danger that transgender people face in the real world, they often find refuge in online and internet communities. According to a report by [Hopelab](https://assets.hopelab.org/wp-content/uploads/2025/03/2025-Without-It-I-Wouldnt-Be-Here.pdf) of LGBTQ+ youth:
-
-> Transgender young people more often agree that their online communities and friendships were important or very important (84%) when they began to explore their sexuality or gender compared to cisgender LGBQ+ young people (71%).
-
-This is why it’s so important that they are able to freely express themselves with a pseudonymous or anonymous identity. If every online platform required these users to use their legal name, this would be extremely dangerous for transgender and gender-diverse people who often rely on online spaces for community, friendship, and support.
-
-### LGBTQ+ people
-
-Moreover, real-name policies disproportionately affect LGBTQ+ people, as they often prefer to not associate their legal name with their online activities. This is especially important for people living in countries where LGBTQ+ identities are [criminalized by law](https://en.wikipedia.org/wiki/Criminalization_of_homosexuality), meaning they can be jailed (or worse) if they associate their online activities with their real life identity.
-
-Unfortunately, it gets even worse: harassers and trolls have weaponized Facebook's real-name policy, and are using it to silence their victims by mass reporting them as using a fake name.
-
-In an [open letter](https://www.eff.org/document/open-letter-facebook-about-its-real-names-policy) to Facebook about its real-name policy in 2015, many LGBTQ+ and digital rights organizations warned Facebook that this was being used to silence LGBTQ+ people:
-
-> Facebook users in the global LGBTQ community, South and Southeast Asia and the Middle East report that groups have deliberately organized (sometimes even coordinating via Facebook) to silence their targets using the "Report Abuse" button.
-
-Despite all the recommendations and warnings by LGBTQ+ organizations and digital rights groups more than ten years ago, Facebook is still standing strong in its intention to keep the platform a "real name" only space.
-
-Their help center still [states](https://www.facebook.com/help/229715077154790/Names+allowed+on+Facebook/) that you can only use a name that appears on your official identification documents:
-
-> The name on your profile should be the name that your friends call you in everyday life. This name should also appear on a form of ID or document from our ID list.
-
-Many platforms have been trying to improve the way they handle this and allow for users to select a preferred name that is displayed instead of their legal name. This is an improvement, however it isn't without issues.
-
-Platforms shouldn't require you to provide your legal name to begin with.
-
-### Stage performers and small businesses
-
-In 2014, Facebook made the news for ramping up its real-name policy and suspending hundreds of accounts from marginalized and vulnerable people (more on this in the [next section](#facebook)). The platform was heavily criticized, and Facebook eventually reinstated many banned accounts.
-
-At the time, drag performers were [severely impacted](https://www.cnn.com/2014/09/16/living/facebook-name-policy/) by the policy purge. Drag queen and activist Sister Roma reported having to change her Facebook profile to a legal name she had not used publicly for 27 years.
-
-Retired burlesque dancer Blissom Booblé explained that using a pen name on Facebook was essential to continue her advocacy for LGBTQ+ homeless youth and to raise HIV awareness while staying free from discrimination at her workplace.
-
-Drag queen Ruby Roo reluctantly complied with Facebook's policy in order to keep contact with his friends, but expressed concerns that people would not recognize him under his legal name. If nobody ever calls you by your legal name, does this still even count as your "real" name?
-
-During an earlier purge in 2009, small-business entrepreneur Alicia Istanbul [suddenly lost access](https://www.sfgate.com/business/article/Real-users-caught-in-Facebook-fake-name-purge-3231397.php) to both her personal Facebook account and her jewelry design business page. Once this happens, the burden falls on users to carry on the lengthy and intrusive verification process to restore their accounts.
-
-**There is no innocent until proven guilty with Big Tech.** This can represent significant losses in time and money for small businesses.
-
-Additionally, many professionals such as teachers, doctors, therapists, and social workers regularly use pseudonyms so that clients and patients will not be able to find their personal accounts.
-
-Everyone should have the right to separate their professional lives from their personal lives, and [using pseudonyms is a great practice](stay-safe-but-stay-connected.md/#pseudonymity) to this effect.
-
-### Everyone else
-
-Finally, everyone can be impacted negatively by real-name policies, not only marginalized or vulnerable groups.
-
-Everyone should be able to choose the protections necessary for themselves, according to their own and unique [threat model](https://www.privacyguides.org/en/basics/threat-modeling/). If someone decides it's safer or more comfortable for them to use a platform under a pseudonymous account, they should be able to do so freely.
-
-Privacy is a basic human right, and it should be accessible to all without requiring any justification.
-
-The normalization of real-name policies online, aggravated by the growing identity and age verification industry, will have devastating consequences for everyone, and for democracies everywhere. **Real-name policies are authoritarian in nature and have a chilling effect on freedom of speech and other civil liberties.**
-
-If we value privacy as a human right, we must push back against real-name policies, especially on social media.
-
-## Where are real-name policies?
-
-About ten years ago, pseudonymity became a heated news topic during the so-called [Nymwars](https://en.wikipedia.org/wiki/Nymwars), the wars against pseudo*nyms*.
-
-The term mostly refers to a series of conflicts related to real-name policies in the 2010s. It emerged in relation to waves of policy enforcement from Facebook, Google, and the video-game giant Blizzard.
-
-With the increasing push for age verification and "human authentication" online, the Nymwars are sadly likely to make a comeback very soon. And for some platforms, the war just never stopped.
-
-Sometimes, your legal name might be required online of course. For example, for governmental and financial services. But way too many platforms and services collect legal names when there really isn't any strong justifications for it.
-
-While Facebook was mentioned abundantly in previous examples, this problem isn't limited to Meta's social media. You've probably encountered real-name policies everywhere already, but here are some platforms (and even countries) that have been infamous for it:
-
-### Facebook
-
-In 2014, Facebook [made the news](https://www.aclunc.org/blog/my-name-why-aclu-facebook-today) (again) for enforcing a [horrible policy](https://www.zdnet.com/article/facebook-nymwars-disproportionately-outing-lgbt-performers-users-furious/) (again) that was [hurting](https://www.eff.org/deeplinks/2014/09/facebooks-real-name-policy-can-cause-real-world-harm-lgbtq-community) marginalized and vulnerable groups the most ([again](https://www.hrc.org/news/metas-new-policies-how-they-endanger-lgbtq-communities-and-our-tips-for-staying-safe-online)).
-
-Several human rights groups, including the Electronic Frontier Foundation, Human Rights Watch, and Access Now even joined the [Nameless Coalition](https://www.accessnow.org/nameless-coalition-calls-on-facebook-to-change-its-real-name-policy/) to demand changes to Facebook's policy.
-
-Facebook presented this ramping up of their real-name policy enforcement as something important for "authenticity" online. Despite this dubitable claim, Facebook was in all likelihood simply worried about protecting its financial assets, as ever.
-
-Back in 2012, Facebook's share price plummeted after a quarterly filing with the Securities and Exchange Commission [revealed](https://www.theguardian.com/technology/2012/aug/02/facebook-share-price-slumps-20-dollars) that an estimated 8.7% of accounts on the platform may be fake, and 5% of active accounts were duplicates (numbers that aren't really that alarming, actually). But this backlash from investors evidently scared Facebook enough to justify intensifying its policy enforcement for accounts using pseudonyms, or suspected of being fake, presumably in an attempt to soothe shareholders.
-
-Despite the unpopularity of these policies, the real customer for Facebook isn't its users, but its advertisers (who demand access to your data, Facebook's true product).
-
-Advertisers want some assurance that they are paying for *real* humans to see their ads, otherwise this diminishes Facebook's value to them. **It's important to remember that Facebook is, and has always been, an advertising company.**
-
-Despicably, Facebook even [encouraged](https://thenextweb.com/news/facebook-now-wants-snitch-friends-arent-using-real-name) people to "snitch on [their] friends if they are not using their real name."
-
-> Please help us understand how people are using Facebook. Your response is anonymous and won't affect your friend's account. Is this your friend's real name?
-
-This kind of prompt fosters mistrust and allows users to weaponize policies against people they simply don't like. Victims of these "report attacks" are often the most vulnerable and the most marginalized in our society. **Real-name policies have nothing to do with safety, in fact, they're horrible for safety.**
-
-A decade later, Facebook still encourages and enforces its real-name policy in order to protect its most valuable asset to sell: Your personal data.
-
-### LinkedIn
-
-LinkedIn is another well-known platform that enforces a real-name policy.
-
-The employment-oriented social media states in its [User Agreement](https://www.linkedin.com/help/linkedin/answer/a1337288/names-allowed-on-profiles) that "LinkedIn does not allow members to use pseudonyms, fake names, business names, associations, groups, email addresses, or special characters that do not reflect your real or preferred professional name."
-
-It's unclear how LinkedIn would enforce or verify what is an allowed "preferred professional name."
-
-Although this might make slightly more sense on a platform focused on employment, the policy still excludes some professionals and industries that regularly work using pseudonyms, such as performers, writers, visual artists, activists, and privacy advocates even.
-
-Additionally, the platform uses the same colonialist discrimination as Facebook, assuming that all names worldwide are composed of "first, middle, and last names" only.
-
-### Google, Quora, and Blizzard abandoned their policies
-
-Google made the news in 2011 when it started implementing and enforcing its own real-name policy for its (now defunct) social media platform Google+, and by proxy for YouTube accounts when Google [migrated](https://www.theguardian.com/technology/2014/jul/16/youtube-trolls-google-real-name-commenter-policy) YouTube comments to a Google+ system in 2013.
-
-The policy was [largely criticized](https://www.eff.org/deeplinks/2011/07/case-pseudonyms) after a wave of account suspensions, where some famous accounts were banned. In July 2014, Google [abandoned](https://en.wikipedia.org/wiki/Nymwars#Google) the policy altogether and removed restrictions on account names.
-
-The question-answering social platform Quora also enforced a real-name policy for a long time.
-
-Verification wasn't required, but names deemed "false" could be reported by the community. Again, this kind of reporting system facilitates abuse by allowing the weaponization of platform policies against marginalized groups.
-
-Thankfully, Quora [eliminated](https://quorablog.quora.com/Allowing-everyone-to-contribute-to-Quora) the requirement to use a "real" name in 2021, and now allows users to register with protective pseudonyms.
-
-The video-game developer Blizzard Entertainment spawned strong criticism online when the company [announced](https://en.wikipedia.org/wiki/Blizzard_Entertainment#Privacy_controversy_and_Real_ID) in 2010 that it would be implementing a real-name policy for Blizzard's forums.
-
-Gamers were not amused. The community came together to fight back in force against the announced policy. Game magazines and forums were inundated with replies and condemnations.
-
-At one point, a Blizzard employee trying to demonstrate that the policy "wasn't a big deal" willingly shared his real name on a public post. After this revelation, forum members started to post the employee's personal information, including his phone number, age, picture, home address, and even information related to his family members.
-
-Other members were quick to share their own experiences and show how [unsafe](https://web.archive.org/web/20100628055329/http://ve3d.ign.com/articles/news/55728/Is-Blizzards-Real-ID-Safe-Or-A-Playground-For-Sexual-Deviants) a real-name policy would be. Following the powerful community backlash, Blizzard decided to cancel its plan for the invasive policy.
-
-### South Korea
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Despite the enforcement of the system, the number of illegal or malicious postings online has not decreased.</p></div>
-
-Terrifyingly, whole countries have enforced real-name policies online. In 2007, South Korea [implemented](https://www.koreatimes.co.kr/southkorea/20120823/online-real-name-system-unconstitutional) a name registration system for internet users in compliance with the country's Information Communications Law.
-
-The law was initially enforced in an attempt to reduce malicious comments online, but **was later ruled unconstitutional and revoked in 2012**.
-
-The Constitutional Court said in its verdict that "the system does not seem to have been beneficial to the public. <span class="pullquote-source">Despite the enforcement of the system, the number of illegal or malicious postings online has not decreased.</span>"
-
-### China
-
-Sadly, not every country implementing such a system came to the same conclusion.
-
-In China, the [Internet real-name system](https://en.wikipedia.org/wiki/Internet_real-name_system_in_China) obligates all internet service providers and online platforms to collect users' legal names, ID numbers, and more. This affects services such as internet access, phone service, social media, instant messaging, microblogging, and online gaming.
-
-In 2023, large Chinese platforms announced that they would make public the legal names of any accounts with over 500,000 followers.
-
-In July 2025, China centralized this control further with the launch of the [national online identity authentication](https://en.wikipedia.org/wiki/National_online_identity_authentication) system, which requires citizens to submit their personal information in order to receive an "Internet certificate" to access online accounts.
-
-This effectively imposes a real-name policy on *all* internet services in the country, and makes this information accessible at all time by the government.
-
-The new national cyber ID system has been [criticized](https://www.scmp.com/tech/tech-trends/article/3318302/china-rolls-out-voluntary-cyber-id-system-amid-concerns-over-privacy-censorship) over privacy and censorship concerns.
-
-So far, it is not mandatory to share identity through the national online identity authentication (although services are still obligated to identity their users in other ways).
-
-However, in a country where freedom of speech and access to information is increasingly restricted, it's easy to imagine the national real-name system could become obligatory everywhere soon.
-
-## Real-name policies don't make the web safer
-
-It has been demonstrated again and again that real-name policies do not reduce abuse and misbehavior online, and only end up harming the most vulnerable.
-
-Despite the evidence and failed attempts, platform owners and policymakers obstinately continue to push for the implementation of these dangerous, authoritarian systems.
-
-Platforms will often claim these policies are to protect users from harassment, but when action is required to truly protect users they refuse to act. Facebook, the most infamous platform for enforcing its real-name policy, [ranks the *worst* for online harassment](https://www.theverge.com/news/713976/online-harassment-meta-social-media-environmental-activists).
-
-So, who are these real-name policies truly protecting?
-
-It's clear that, as is the case for other oppressive policies such as [Age Verification](age-verification-wants-your-face.md) and [Chat Control](chat-control-must-be-stopped.md), "safety" is only an excuse for people to accept what this is truly about: **Corporate profit and government control.**
-
-Unfortunately, as long as these platforms' business model is to sell users' data to advertisers and other stakeholders, there is no incentive for them to protect our privacy and our right to use protective pseudonyms, as the EFF's Director of Cybersecurity Eva Galperin aptly pointed out in her [talk](https://www.youtube.com/watch?v=d5czLwsa-wE) at the HOPE conference in 2012. **More data just means more money to them.**
-
-When governments impose similar invasive practices, it's a **dangerous and slippery slope towards totalitarianism**.
-
-Citizens need to be able to express their views freely online and criticize their government and its leaders without fear of reprisal. Real-name policies (explicit and implicit) are only a tool for censorship, and there is no democracy and no freedom under government censorship.
-
-Fighting against policies attacking online pseudonymity, such as real-name policies, age-verification policies, and Chat Control proposals, isn't just a banal fight to keep using silly nicknames online. It's a battle for democracy, for civil liberties, and for human rights.
-
-## What you can do about real-name policies
-
-- [**Choose better platforms**](https://news.elenarossini.com/my-fediverse-starter-guide) that do not require you to share your legal name and official IDs, such as [Mastodon](mastodon-privacy-and-security.md) or other platforms connected to the Fediverse.
-
-- [**Inform yourself**](https://safetycrave.com/why-should-not-use-real-names-online/) on the dangers related to using legal names online, and share this information with others.
-
-- [**Say no**](you-can-say-no.md) to sharing official documentation with commercial platforms when it isn't strictly required and when you can avoid it.
-
-- [**Understand the difference**](https://www.privacyguides.org/videos/2025/03/14/stop-confusing-privacy-anonymity-and-security/) between privacy, security, anonymity, and pseudonymity.
-
-- [**Use pseudonyms**](stay-safe-but-stay-connected.md/#practices-and-tools-that-help-in-various-contexts) on platforms where you can. Use a pseudonym persistent across platforms if you want these accounts to be linked together for trust, or use different pseudonyms to keep them separated.
-
-- **Make your voice heard!** Contact your government representatives to let them know that privacy is important to you, and explain to them that pseudonymity is essential for safety, democracy, and free speech online. Complain against platforms using these invasive and exclusionary practices. Citizen action matters, and abusive policies can be reversed.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Remember that pseudonymity isn't anonymity</p>
-
-Keep in mind that only using a pseudonym isn't enough to make you anonymous online. There are many other ways to tie an identity together, such as IP addresses, [browser fingerprinting](https://www.privacyguides.org/videos/2025/09/12/what-is-browser-fingerprinting-and-how-to-stop-it/), photo comparison, facial recognition, and so on and so forth. Pseudonymity is a great practice to *improve* your privacy and safety online, but alone it does have limitations.
-
-</div>
diff --git a/content/blog/posts/red-and-green-privacy-flags.md b/content/blog/posts/red-and-green-privacy-flags.md
deleted file mode 100644
index 8fb091e2f..000000000
--- a/content/blog/posts/red-and-green-privacy-flags.md
+++ /dev/null
@@ -1,448 +0,0 @@
----
-date:
-    created: 2025-09-03T19:30:00Z
-categories:
-    - Tutorials
-authors:
-    - em
-description:
-    Being able to distinguish facts from marketing lies is an essential skill in today's world. Despite all the privacy washing, there are clues we can look for to help.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/red-and-green-privacy-flags/dontcare-cover.webp
----
-
-# &ldquo;We [Don't] Care About Your Privacy&rdquo;
-
-![Filtered photo of a metal container left on the street, with on it the painted sentence "We've updated our privacy policy." with three faded happy face icons around it. On and around the container are icons of hidden red flags.](../assets/images/red-and-green-privacy-flags/dontcare-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Lilartsy / Unsplash</small>
-
-They all claim "Your privacy is important to us." How can we know if that's true? With privacy washing being normalized by big tech and startups alike, it becomes increasingly difficult to evaluate who we can trust with our personal data. Fortunately, there are red (and green) flags we can look for to help us.<!-- more -->
-
-If you haven't heard this term before, [privacy washing](privacy-washing-is-a-dirty-business.md) is the practice of misleadingly, or fraudulently, presenting a product, service, or organization as being trustworthy for data privacy, when in fact it isn't.
-
-Privacy washing isn't a new trend, but it has become more prominent in recent years, as a strategy to gain trust from progressively more suspicious prospect customers. Unless politicians and regulators start getting much more serious and severe about protecting our privacy rights, this trend is likely to only get worse.
-
-In this article, we will examine common indicators of privacy washing, and the "red" and "green" flags we should look for to make better-informed decisions and avoid deception.
-
-## Spotting the red flags
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">Marketing claims can be separated from facts by an abysmally large pit of lies</p></div>
-
-It's important to keep in mind that it's not the most visible product that's necessarily the best. More visibility only means more marketing. <span class="pullquote-source">Marketing claims can be separated from facts by an abysmally large pit of lies</span>.
-
-Being able to distinguish between facts and marketing lies is an important skill to develop, doubly so on the internet. After all, it's difficult to find a single surface of the internet that isn't covered with ads, whether in plain sight or lurking in the shadows, disguised as innocent comments and enthusiastic reviews.
-
-So what can we do about it?
-
-There are some signs that should be considered when evaluating a product to determine its trustworthiness. It's unfair this burden falls on us, but sadly, until we get better regulations and institutions to protect us, we will have to protect ourselves.
-
-It's also important to remember that evaluating trustworthiness isn't binary, and isn't permanent. There is always at least some risk, no matter how low, and trust should always be revoked when new information justifies it.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Examine flags collectively, and in context</p>
-
-It's important to note that each red flag isn't necessarily a sign of untrustworthiness on its own (and the same is true for green flags, in reverse). But the more red flags you spot, the more suspicious you should get.
-
-Taken into account *together*, these warning signs can help us estimate when it's probably reasonably safe to trust (low risk), when we should revoke our trust, or when we should refrain from trusting a product or organization entirely (high risk).
-
-</div>
-
-### :triangular_flag_on_post: Conflict of interest
-
-Conflict of interest is one of the biggest red flag to look for. It comes in many shapes: Sponsorships, affiliate links, parent companies, donations, employments, personal relationships, and so on and so forth.
-
-#### Content sponsorships and affiliate links
-
-Online influencers and educators regularly receive offers to "monetize their audience with ease" if they accept to overtly or subtly advertise products within their content. If this isn't explicitly presented as advertising, then there is obviously a strong conflict of interest. The same is true for affiliate links, where creators receive a sum of money each time a visitor clicks on a link or purchase a product from this link.
-
-It's understandable that content creators are seeking sources of revenue to continue doing their work. This isn't an easy job. But a trustworthy content creator should always **disclose** any potential conflicts of interest related to their content, and present paid advertising explicitly as paid advertising.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Before trusting content online, try to examine what the sources of revenue are for this content. Look for affiliate links and sponsorships, and try to evaluate if what you find might have influenced the impartiality of the content.
-
-</div>
-
-#### Parent companies
-
-This one is harder to examine, but is extremely important. In today's corporate landscape, it's not rare to find conglomerates of corporations with a trail of ownership so long it's sometimes impossible to find the head. Nevertheless, investigating which company owns which is fundamental to detect conflicts of interest.
-
-For example, the corporation [Kape Technologies](https://en.wikipedia.org/wiki/Teddy_Sagi#Kape_Technologies) is the owner of both VPN providers (ExpressVPN, CyberGhost, Private Internet Access, and Zenmate) and websites publishing [*VPN reviews*](https://cyberinsider.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/). Suspiciously, their own VPN providers always get ranked at the top on their own review websites. Even if there were no explicit directive for the websites to do this, which review publisher would dare to rank negatively a product owned by its parent company, the one keeping them alive? This is a direct and obvious conflict of interest.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Look at the *Terms of Service* and *Privacy Policy* (or *Privacy Notice*) for declarations related to a parent company. This is often stated there. You can also examine an organization's *About* page, Wikipedia page, or even the official government corporate registries to find out if anyone else owns an organization.
-
-</div>
-
-#### Donations, event sponsorships, and other revenues
-
-When money is involved, there is always a potential for conflict of interest. If an organization receives a substantial donation, grant, or loan from another, it will be difficult to remain impartial about it. Few would dare to talk negatively about a large donor.
-
-This isn't necessarily a red flag in every situation of course. For example, a receiving organization could be in a position where the donor's values are aligned, or where impartiality isn't required. Nevertheless, it's something important to consider.
-
-In 2016, developer and activist Aral Balkan [wrote](https://ar.al/notes/why-im-not-speaking-at-cpdp/) about how he refused an invitation to speak at a panel on Surveillance Capitalism at the [Computers, Privacy, & Data Protection Conference](http://www.cpdpconferences.org) (CPDP). The conference had accepted sponsorship from an organization completely antithetical to its stated values: [Palantir](https://www.independent.co.uk/news/world/americas/us-politics/trump-doge-palantir-data-immigration-b2761096.html).
-
-Balkan wrote: "The sponsorship of privacy and human rights conferences by corporations that erode our privacy and human rights is a clear conflict of interests that we must challenge."
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">How could one claim to defend privacy rights while receiving money from organizations thriving on destroying them?</p></div>
-
-This is a great example of how sponsors can severely compromise not only the impartiality of an organization, but also its credibility and its values. How could the talks being put forward at such a conference be selected without bias? <span class="pullquote-source">How could one claim to defend privacy rights while receiving money from organizations thriving on destroying them?</span>
-
-It's worth nothing that this year's CPDP 2025 sponsors [included](https://www.cpdpconferences.org/sponsors-partners) Google, Microsoft, TikTok, and Uber.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Examine who sponsors events and who donates to organizations. Try to evaluate if an organization or event received money from sources that could be in contradiction with its values. Does this compromise its credibility? If a sponsor or donor has conflicting values, what benefit would there be for the sponsor supporting this event or organization?
-
-</div>
-
-#### Employment and relationships
-
-Finally, another important type of conflicts of interest to keep in mind are the relationships between the individuals producing the content and the companies or products they are reporting on.
-
-For example, if a content creator is working or previously worked for an organization, and the content requires impartiality, this is a potential conflict of interest that should be openly disclosed.
-
-The same can be true if this person is in a professional or personal relationship with people involved with the product. This can be difficult to detect of course, and is not categorically a sign of bias, but it's worth paying attention to it in our evaluations.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Look for disclaimers related to conflict of interest. Research the history of an organization to gain a better understanding of the people involved. Wikipedia can be a valuable resource for this.
-
-</div>
-
-### :triangular_flag_on_post: Checkbox compliance and copy-paste policies
-
-Regrettably, many organizations have no intention whatsoever to genuinely implement privacy-respectful practices, and are simply trying to get rid of these "pesky privacy regulation requirements" as cheaply and quickly as possible.
-
-They treat privacy law compliance like an annoying list of annoying tasks. They think they can complete this list doing the bare *cosmetic* minimum, so that it will all *look* like it's compliant (of course, it is not).
-
-A good clue this mindset might be ongoing in an organization is when it uses a very generic privacy policy and terms of service, policies that are often simply copy-pasted from another website or AI-generated (which is kind of the same thing).
-
-Not only this is *extremely unlikely* to truly fulfill the requirements for privacy compliance, but it also almost certainly infringes on *copyright* laws.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-If you find few details in a privacy policy that are specific to the organization, try copying one of its paragraph or long sentence in a search engine (using quotation marks around it to find the exact same entry). This will help detect where other websites are using the same policy.
-
-Some might be using legitimate templates of course, but even legal usable policy templates need to be customized heavily to be compliant. Sadly, many simply copy-paste material from other organizations without permission, or use generative AI tools doing the same.
-
-If the whole policy is copied without customization, it's very unlikely to describe anything true.
-
-</div>
-
-### :triangular_flag_on_post: Meaningless privacy compliance badges
-
-Many businesses and startups have started to proudly display privacy law "[compliance badges](https://www.shutterstock.com/search/compliance-badge)" on their websites, to reassure potential clients and customers.
-
-While it can indeed be reassuring at first glance to see "GDPR Compliant!", "CCPA Privacy Approved", and other deceitful designs, there is no central authority verifying this systematically. At this time, anyone could decide to claim they are "GDPR Compliant" and ornate their website with a pretty badge.
-
-Moreover, if this claim isn't true, this is fraudulent of course and likely to break many laws. But some businesses bet on the assumption that no one will verify or report it, or that data protection authorities simply have better things to do.
-
-While most privacy regulations adopt principles similar to the European General Data Protection Regulation (GDPR) [principle of accountability](https://commission.europa.eu/law/law-topic/data-protection/rules-business-and-organisations/obligations/how-can-i-demonstrate-my-organisation-compliant-gdpr_en) (where organizations are responsible for compliance and for demonstrating compliance), organizations' assertions are rarely challenged or audited. Because most of the time there isn't anyone verifying compliance unless there's an individual complaint, organizations have grown increasingly fearless with false claims of compliance.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Never trust a claim of privacy compliance at face value, especially if it comes in the shape of a pretty website badge.
-
-Examine organizations' privacy policies, contact them and ask questions, look for independent reviews, investigate to see if an organization has been reported before. Never trust a first-party source to tell you how great and compliant the first-party is.
-
-</div>
-
-### :triangular_flag_on_post: Fake reviews
-
-Fake reviews are a growing problem on the internet. And this was only aggravated by the arrival of generative AI. There are so many review websites that are simply advertising in disguise. Some fake reviews are [generated by AI](https://apnews.com/article/fake-online-reviews-generative-ai-40f5000346b1894a778434ba295a0496), some are paid for or [influenced by sponsorships and affiliate links](the-trouble-with-vpn-and-privacy-review-sites.md), some are in [conflict of interest](https://cyberinsider.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/) from parent companies, and many are biased in other ways. Trusting an online review today feels like trying to find the single strand of true grass through an enormous plastic haystack.
-
-Genuine reviews are (were?) usually a good way to get a second opinion while shopping online and offline. Fake reviews pollute this verification mechanism by duping us in believing something comes from an independent third-party, when it doesn't.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Train yourself to spot fake reviews. There are [many signs](https://www.bbb.org/all/spot-a-scam/how-to-spot-a-fake-review) that can help with this, such as language that suspiciously uses the complete and correct product and feature brand each time, reviewers who published an unnatural quantity of reviews in a short period of time, excessively positive review, negative reviews talking about how great this *other* brand is, etc. Make sure to look for potential conflicts of interest as well.
-
-</div>
-
-### :triangular_flag_on_post: Fake AI-generated content
-
-Sadly, the internet has been infected by a new plague in recent years: AI-generated content. This was mentioned before, but truly deserves its own red flag.
-
-Besides AI-generated reviews, it's important to know there are also now multiple articles, social media posts, and even entire websites that are completely AI-generated, and doubly fake. This affliction makes it even harder for readers to find genuine sources of reliable information online. [Learning to recognize this fake content](https://www.cnn.com/interactive/2023/07/business/detect-ai-text-human-writing/) is now an internet survival skill.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-If you find a blog that publishes 5 articles per day from the same author every day, be suspicious. Look for publication dates, and if they are inhumanly close to each other, this can be a sign of AI-generated content.
-
-When reading an article, AI-generated text will often use very generic sentences, you will rarely find the colorful writing style that is unique to an author. AI-writing is generally bland with no personality shinning through. You might also notice the writing feels circular. It will seems like it's not really saying anything specific, except for that one thing, that is repeated over and over.
-
-</div>
-
-### :triangular_flag_on_post: Excessive self-references
-
-When writing an article, review, or a product description, writers often use text links to add sources of information to support their statements, or to provide additional resources to readers.
-
-When **all** the text links in an article point to the same source, you should grow suspicious. If all the seemingly external links only direct to material created from the original source, this can give the impression of supporting independent evidences, when in fact there aren't any.
-
-Of course, organizations will sometimes refer back to their own material to share more of what they did with you (we certainly do!), but if an article or review *only* uses self-references, and these references also only use self-references, this could be a red flag.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Even if you do not click on links, at least hover over them to see where they lead. Usually, trustworthy sources will have at least a few links pointing to *external* third-party websites. A diversity of supporting resources is important when conducting impartial research, and should be demonstrated there whenever relevant.
-
-</div>
-
-### :triangular_flag_on_post: Deceptive designs
-
-Deceptive design can be difficult to spot. Sometimes it's obvious, like a cookie banner with a ridiculously small <small>"reject all"</small> button, or an opt-out option hidden under twenty layers of menu.
-
-Most of the time however, deceptive design is well-planned to psychologically manipulate us to pick the option most favorable to the company, at the expense of our privacy. The Office of the Privacy Commissioner of Canada has produced this informative [web page](https://www.priv.gc.ca/en/privacy-topics/technology/online-privacy-tracking-cookies/online-privacy/deceptive-design/gd_dd-ind/) to help us recognize better deceptive design.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Favor tools and services that are built for privacy from the ground up, and always default to privacy first. Train yourself to spot deceptive patterns and be persistent to choose the most privacy-protective option.
-
-Don't be afraid to [say no](you-can-say-no.md), to reject options and products, and to also report them when deceptive design becomes fraudulent or infringes privacy laws.
-
-</div>
-
-### :triangular_flag_on_post: Buzzword language
-
-Be suspicious of buzzword language, especially when it becomes excessive or lacks any supportive evidences. **Remember that buzzwords aren't a promise, but only marketing to get your attention.** These words don't mean anything on their own.
-
-Expressions like "military-grade encryption" are usually designed to inspire trust, but there is [no such thing](https://www.howtogeek.com/445096/what-does-military-grade-encryption-mean/) that grants better privacy. Most military organizations likely use industry-standard encryption from solid and tested cryptographic algorithms, like any trustworthy organizations and privacy-preserving tools do.
-
-Newer promises like "AI-powered" are completely empty, if not *scary*. Thankfully, many "AI-powered" apps aren't really AI-powered, and this is a good thing because "AI" is more often [a danger to your privacy](https://www.sciencenewstoday.org/the-dark-side-of-ai-bias-surveillance-and-control), and not an enhancement at all.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Remain skeptical of expressions like "privacy-enhancing", "privacy-first approach", "fully-encrypted", or "fully compliant" when these claims aren't supported with evidences. Fully encrypted means nothing if the encryption algorithm is weak, or if the company has access to your encryption keys.
-
-When you see claims of "military-grade encryption", ask which cryptographic algorithms are used, and how encryption is implemented. Look for evidences and detailed information on technological claims. Never accept vague promises as facts.
-
-</div>
-
-### :triangular_flag_on_post: Unverifiable and unrealistic promises
-
-Along the same lines, many businesses will be happy to promise you the moon. But then, they become reluctant to explain how they will get you the moon, how they will manage to give the moon to multiple customers at once, and what will happen to the planet once they've transported the moon away from its orbit to bring it back to you on Earth... Maybe getting the moon isn't such a good promise after all.
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">companies promising you software that is 100% secure and 100% private are either lying or misinformed themselves</p></div>
-
-Similarly, <span class="pullquote-source">companies promising you software that is 100% secure and 100% private are either lying or misinformed themselves</span>.
-
-No software product is 100% secure and/or 100% private. Promises like this are unrealistic, and (fortunately for those companies) often also *unverifiable*. But an unverifiable claim shouldn't default to a trustworthy claim, quite the opposite. Trust must be earned. If a product cannot demonstrate how their claims are true, then we must remain skeptical.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Same as for buzzwords and compliance claims, never trust at face value. If there are no ways for you to verify a claim, remain skeptical and aware this promise could be empty.
-
-Be especially suspicious with organizations repeating exaggerated guarantees such as 100% secure. Organizations that are knowledgeable about security and privacy will usually restrain from such binary statement, and tend to talk about risk reduction with nuanced terms like "more secure", or "more private".
-
-</div>
-
-### :triangular_flag_on_post: Flawed or absent process for data deletion
-
-Examining an organization's processes for data deletion can reveal a lot on their privacy practices and expertise. Organizations that are knowledgeable about privacy rights will usually be prepared to respond to data deletion requests, and will already have a process in place, a process that [doesn't require providing more information](queer-dating-apps-beware-who-you-trust.md/#they-can-make-deleting-data-difficult) than they already have.
-
-Be especially worried if:
-
-- [ ] You don't find any mentions of data deletion in their privacy policy.
-
-- [ ] From your account's settings or app, you cannot find any option to delete your account and data.
-
-- [ ] The account and data deletion process uses vague terms that make it unclear if your data will be truly deleted.
-
-- [ ] You cannot find an email address to contact a privacy officer in their privacy policy.
-
-- [ ] The email listed in their privacy policy isn't an address dedicated to privacy.
-
-- [ ] You emailed the address listed but didn't get any reply after two weeks.
-
-- [ ] Their deletion process requires to fill a form demanding more information than they already have on you, or uses a privacy-invasive third-party like Google Forms.
-
-- [ ] They argue with you when you ask for legitimate deletion.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-If this isn't already explicitly explained in their policies (or if you do not trust their description), find the privacy contact for an organization and email them *before* using their products or services, to ask about their data deletion practices.
-
-Ask in advance which information will be required from you in order to delete your data. Also ask if they keep any data afterward, and (if they do) what data they keep. Once data is shared, this could be much harder to deal with. It's best to verify data deletion processes *before* trusting an organization with our data.
-
-</div>
-
-### :triangular_flag_on_post: False reassurances
-
-The goal of privacy washing is to reassure worried clients, consumers, users, patients, and investors into using the organization's products or services. But making us *feel* more secure doesn't always mean that we are.
-
-#### Privacy theaters
-
-You might have heard the term "security theater" already, but there's also "[privacy theater](https://slate.com/technology/2021/12/facebook-twitter-big-tech-privacy-sham.html)". Many large tech organizations have mastered this art for decades now. In response to criticisms about their dubious privacy practices, companies like Facebook and Google love to add seemingly "privacy-preserving" options to their software's settings, to give people the impression it's possible to use their products while preserving their privacy. But alas, it is not.
-
-Unfortunately, no matter how much you "harden" your Facebook or Google account for privacy, these corporations will keep tracking everything you do on and off their platforms. Yes, enabling these options *might* very slightly reduce exposure for *some* of your data (and you should enable them if you cannot leave these platforms). However, Facebook and Google will still collect enough data on you to make them billions in profits each year, otherwise they wouldn't implement these options at all.
-
-#### Misleading protections
-
-The same can be said for applications that have built a reputation on a supposedly privacy-first approach like [Telegram](https://cybersecuritycue.com/telegram-data-sharing-after-ceo-arrest/) and [WhatsApp](https://insidetelecom.com/whatsapp-security-risk-alert-over-privacy-concerns/). In fact, the protections these apps offer are only partial, often poorly explained to users, and the apps still collect a large amount of data and/or metadata.
-
-#### When deletion doesn't mean deletion
-
-In other cases, false reassurance comes in the form of supposedly deleted data that isn't truly deleted. In 2019, Global News [reported](https://globalnews.ca/news/5463630/amazon-alexa-keeps-data-deleted-privacy/) on Amazon's Alexa virtual assistant speaker that didn't always delete voice-recorded data as promised. Google was also found [guilty](https://www.cnet.com/tech/services-and-software/google-oops-did-not-delete-street-view-data-as-promised/) of this, even after receiving an order from UK's Information Commissioner's Office.
-
-This can also happen with cloud storage services that display an option to "delete" a file, when in fact the file is [simply hidden](https://www.consumersearch.com/technology/cloud-storage-privacy-concerns-learn-permanently-delete-data) from the interface, while remaining available in a bin directory or from version control.
-
-How many unaware organizations might have inadvertently (or maliciously) kept deleted data by misusing their storage service and version control system? Of course, if a copy of the data is kept in backups or versioning system, then it's **not** fully deleted, and doesn't legally fulfill a data deletion requirement.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Do not simply trust a "privacy" or "opt-out" option. Look at the overall practices of an organization to establish trust. Privacy features have no value at all if we cannot trust the organization that implemented them.
-
-Investigate to find an organization's history of data breaches and how they responded to it. Was this organization repeatedly fined by data protection authorities? Do not hesitate to ask questions to an organization's privacy officer about their practices. And look for independent reviews of the organization.
-
-</div>
-
-### :triangular_flag_on_post: New and untested technologies
-
-Many software startups brag about how revolutionary their NewTechnology™ is. Some even dare to brag about a "unique" and "game-changing" novel encryption algorithm. You should not feel excited by this, you should feel *terrified*.
-
-For example, any startups serious about security and privacy will know that **you should never be ["rolling your own crypto"](https://www.infosecinstitute.com/resources/cryptography/the-dangers-of-rolling-your-own-encryption/)**.
-
-Cryptography is a complex discipline, and developing a robust encryption algorithm takes a lot of time and transparent testing to achieve. Usually, it is achieved with the help of an entire community of experts. Some beginners might think they had the idea of the century, but until their algorithm has been rigorously tested by hundreds of experts, this is an unfounded claim.
-
-The reason most software use the same few cryptographic algorithms for encryption, and usually follow strict protocols to implement them, is because this isn't an easy task to do, and the slightest mistake could render this encryption completely useless. The same can be true for other types of technology as well.
-
-Novel technologies might sound more exciting, but *proven* and *tested* technologies are usually much more reliable when it comes to privacy, and especially when it comes to encryption.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-If a company brags about its new technology, investigate what information they have made available about it. Look for a document called a *White Paper*, which should describe in technical details how the technology works.
-
-If the code is open source, look at the project's page and see how many people have worked on it, who is involved, since how long, etc.
-
-More importantly, look for independent audits from trustworthy experts. Read the reports and verify if the organization's claims are supported by professionals in the field.
-
-</div>
-
-### :triangular_flag_on_post: Critics from experts
-
-<div class="admonition quote inline end" markdown>
-<p class="admonition-title">if you find multiple reports of privacy experts raising the alarm about it, consider this a dark-red red flag</p></div>
-
-No matter how much an organization or product claims to be "privacy-first", <span class="pullquote-source">if you find multiple reports of privacy experts raising the alarm about it, consider this a dark-red red flag</span>.
-
-If a company has been [criticized by privacy commissioners](sam-altman-wants-your-eyeball.md/#privacy-legislators-arent-on-board), data protection authorities, privacy professionals, and consumer associations, especially if this has happened repeatedly, you should be *very* suspicious.
-
-Sometimes, criticized corporations will use misleading language like "we are currently working with the commissioner", this *isn't* a good sign.
-
-The marketing department will try to spin any authority audits into something that sounds favorable to the corporation, but this is only privacy washing. They would not be "working with" the privacy commissioner if they hadn't been forced to in the first place. And **they wouldn't have been forced to if they truly had privacy-respectful practices**.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">What to do?</p>
-
-Use a search engine to look for related news using keywords such as the company's name with "data breach", "fined", or "privacy".
-
-Check the product's or corporation's Wikipedia page, sometimes there will be references to previous incidents and controversies listed there. Follow trustworthy sources of privacy and security news to stay informed about reported data leaks and experts raising the alarm.
-
-</div>
-
-## Looking for the green(ish) flags
-
-Now that we have discussed some red flags to help us know when we should be careful, let's examine the signs that *can* be indicator of trustworthiness.
-
-Like for red flags, green flags should always be taken into context and considered together. One, or even a few green flags (or greenish flags) aren't on their own a guarantee that an organization is trustworthy. Always remain vigilant, and be ready to revoke your trust at any time if new information warrants it.
-
-### :custom-green-flag: Independent reviews
-
-Independent reviews from trustworthy sources can be a valuable resource to help to determine if a product is reliable. This is never a guarantee of course, humans (even experts) can also make mistakes (less than AI, but still) and aren't immune to lies.
-
-However, an impartial review conducted by an expert in the field has the benefit of someone who has likely put many hours investigating this topic, something you might understandably not always have the time to do yourself. But be careful to first evaluate if this is a genuine unbiased assessment, or simply marketing content disguised as one.
-
-### :custom-green-flag: Independent audits
-
-Similarly, independent audits from credible organizations are very useful to assess a product's claims. Make sure the company conducting the audit is reputable, impartial, and that you can find a copy of the audit's report they produced, ideally from a source that *isn't* the audited company's website (for example, the auditing organization might [provide](https://cure53.de/#publications) access to it transparently).
-
-### :custom-green-flag: Transparency
-
-Transparency helps a lot to earn trust, and source code that is publicly available helps a lot with transparency. If a piece of software publishes its code for anyone to see, this is already a significant level of transparency above any proprietary code.
-
-Open source code is never a guarantee of security and privacy, but it makes it much easier to verify any organization assertions. This is almost impossible to do when code is proprietary. Because no one outside the organization can examine the code, they must be trusted on their own words entirely. Favor products with code that is transparently available whenever possible.
-
-### :custom-green-flag: Verifiable claims
-
-If you can easily verify an organization's claims, this is a good sign. For example, if privacy practices are explicitly detailed in policies (and match the observed behaviors), if source code is open and easy to inspect, if independent audits have confirmed the organization's claims, and if the organization is consistent with its privacy practices (in private as much as in public), this all helps to establish trust.
-
-### :custom-green-flag: Well-defined policies
-
-Trustworthy organizations should always have well-defined, unique, and easy to read privacy policies and terms of service. The conditions within it should also be fair. **You shouldn't have to sell your soul to 1442 marketing partners just to use a service or visit a website.**
-
-Read an organization's privacy policy (or privacy notice), and make sure it includes:
-
-- [x] Language unique to this organization (no copy-paste policy).
-
-- [x] Disclosure of any parent companies owning this organization (if any).
-
-- [x] A dedicated email address to contact for privacy-related questions and requests.
-
-- [x] Detailed information on what data is collected for each activity. For example, the data collected when you use an app or are employed by an organization shouldn't be bundled together indistinctly with the data collected when you simply visit the website.
-
-- [x] Clear limits on data retention periods (when the data will be automatically deleted).
-
-- [x] Clear description of the process to follow in order to delete, access, or correct your personal data.
-
-- [x] A list of third-party vendors used by the organization to process your information.
-
-- [x] Evidences of accountability. The organization should demonstrate accountability for the data it collects, and shouldn't just transfer this responsibility to the processors it uses.
-
-### :custom-green-flag: Availability
-
-Verify availability. Who will you contact if a problem arises with your account, software, or data? Will you be ignored by an AI chatbot just repeating what you've already read on the company's website? Will you be able to reach out to a competent human?
-
-If you contact an organization at the listed privacy-dedicated email address to ask a question, and receive a thoughtful non-AI-generated reply within a couple of weeks, this can be a good sign. If you can easily find a privacy officer email address, a company's phone number, and the location where the organization is based, this also can be encouraging signs.
-
-### :custom-green-flag: Clear funding model
-
-If a *free* service is provided by a *for-profit* corporation, you should investigate further. The old adage that if you do not pay for a product you are the product is sadly often true in tech, and doubly so for big tech.
-
-Before using a new service, try to find what the funding model is. Maybe it's a free service run by volunteers? Maybe they have a paid tier for businesses, but remain free for individual users? Maybe they survive and thrive on donations? Or maybe everyone does pay for it (with money, not data).
-
-Look for what the funding model is. If it's free, and you can't really find any details on how it's financed, this could be a red flag that your data might be used for monetization. But if the funding model is transparent, fair, and ethical, this *can* be a green flag.
-
-### :custom-green-flag: Reputation history
-
-Some errors are forgivable, but others are too big to let go. Look for an organization's track record to help to evaluate its reputation overtime. Check if there was any security or privacy incidents, or expert criticisms, and check how the organization responded to it.
-
-If you find an organization that has always stuck to its values (integrity), is still run by the same core people in recent years (stability), seems to have a generally good reputation with others (reputability), and had few (or no) incidents in the past (reliability), this *can* be a green flag.
-
-### :custom-green-flag: Expert advice
-
-Seek expert advice before using a new product or service. Look online for reliable and independent sources of [recommendations](https://www.privacyguides.org/en/tools/) (like Privacy Guides!), and read thoroughly to determine if the description fits your privacy needs. No tool is perfect to protect your privacy, but experts will warn you about a tool's limitations and downsides.
-
-There's also added value in community consensus. If a piece of software is repeatedly recommended by multiple experts (not websites or influencers, *experts*), then this *can* be a green flag that this tool or service is generally trusted by the community (at this point in time).
-
-## Take a stand for better privacy
-
-Trying to evaluate who is worthy of our trust and who isn't is an increasingly difficult task. While this burden shouldn't fall on us, there are unfortunately too few institutional protections we can rely on at the moment.
-
-Until our governments finally prioritize the protection of human rights and privacy rights over corporate interests, we will have to protect ourselves. But this isn't limited to self-protection, our individual choices also matter collectively.
-
-Each time we dig in to thoroughly investigate a malicious organization and expose its privacy washing, we contribute in improving safety for everyone around us.
-
-Each time we report a business infringing privacy laws, talk publicly about our bad experience to get our data deleted, and more importantly refuse to participate in services and products that aren't worthy of our trust, this all helps to improve data privacy for everyone overtime.
-
-Being vigilant and reporting bad practices is taking a stand for better privacy. We must all take a stand for better privacy, and expose privacy washing each time we spot it.
diff --git a/content/blog/posts/relisting-startpage.md b/content/blog/posts/relisting-startpage.md
deleted file mode 100644
index fac44b53d..000000000
--- a/content/blog/posts/relisting-startpage.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-date:
-    created: 2020-05-03T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - contributors
-links:
-    - Search Engines: https://www.privacyguides.org/en/search-engines/
-tags:
-    - Search Engines
-description: Startpage has been relisted in our search engine recommendations following their open communications with the Privacy Guides community.
-schema_type: NewsArticle
-preview:
-  cover: blog/assets/images/relisting-startpage/cover.webp
----
-# Relisting Startpage.com
-
-!["Relisting Startpage" cover image](../assets/images/relisting-startpage/cover.webp)
-
-<small aria-hidden="true">Illustration: Privacy Guides</small>
-
-Dear *Privacy Guides* Community,
-
-In October 2019, we learned that System1 had become the majority shareholder in Startpage.com via a new System1 subsidiary, Privacy One Group. Due to the uncertainty surrounding the acquisition and the initial lack of clear communication from the Startpage team towards the privacy community, we were forced to delist Startpage from our [search engine recommendations](https://www.privacyguides.org/en/search-engines/).<!-- more --> In an [explanatory blog post](delisting-startpage.md), we asked for more clarity surrounding the situation, stating:
-
-> ...there are still so many unanswered questions, we can no longer recommend the service with good confidence. If Startpage aims to be re-considered, they will have to answer the questions above, preferably along with an explanation of why it took them so long to get proper answers out to the public.
-
-Shortly after this, the *Privacy Guides* team was able to get an open line of communication with Startpage.com CEO Robert Beens, who vocalized his regret for not answering our questions more quickly and providing more clarity to the community from the start. From their perspective nothing fundamental had changed due to the acquisition, except that they would now have the resources to market Startpage efficiently thanks to System1. Unfortunately, Startpage failed to put themselves in the place of their users, and understand that their lack of transparency at the beginning would erode the trust they shared with the privacy community.
-
-By December, Startpage had [responded](https://code.privacyguides.dev/privacyguides/privacytools.io/issues/1562#issue-737) to our questions. More recently they also clarified that [System1's privacy policy](https://web.archive.org/web/20201110100140/https://system1.com/terms/privacy-policy) does not relate to Startpage; Startpage's privacy policy remains [unchanged](https://web.archive.org/web/20201110100140/https://www.startpage.com/en/privacy-policy/):
-
-> Having a new shareholder in the company will not change any aspect of the privacy we offer. We are a Dutch company and will continue to be so, fully complying with Dutch and EU privacy regulations (GDPR). We don’t store or share any personal data. No change either. Our clear privacy policy will stay the same. Management / founders (including myself) continue to have an important stake in the company and will continue to be fully committed to our privacy mission!
-
-They also created new support pages clarifying the privacy implications of System1's relationship with Startpage:
-
-- [Startpage CEO Robert Beens discusses the investment from Privacy One / System1](https://web.archive.org/web/20201110100140/https://support.startpage.com/index.php?/Knowledgebase/Article/View/1277/0/startpage-ceo-robert-beens-discusses-the-investment-from-privacy-one--system1)
-- [What is Startpage's relationship with Privacy One/System1 and what does this mean for my privacy protections?](https://web.archive.org/web/20201110100140/https://support.startpage.com/index.php?/Knowledgebase/Article/View/1275/0/what-is-startpages-relationship-with-privacy-onesystem1-and-what-does-this-mean-for-my-privacy-protections)
-- [What is the Startpage privacy-guarding data flow?](https://web.archive.org/web/20201110100140/https://support.startpage.com/index.php?/Knowledgebase/Article/View/1276/0/what-is-the-startpage-privacy-guarding-data-flow)
-
-Additionally, Beens joined an [interview](https://invidio.us/watch?v=h-3fW0w2ayg) with Techlore in February answering his questions and further questions from the privacy community.
-
-We prepared a [merge request](https://code.privacyguides.dev/privacyguides/privacytools.io/pulls/1592) in December for relisting Startpage in case we decided to do so, but did not have plans to merge it until the whole team felt confident (which we knew would take time). 5 months later, we sync'd up as a team, and decided to re-list them (with a warning explaining these events) which you can now find on our website [here](https://web.archive.org/web/20201110100140/https://www.privacytools.io/providers/search-engines). Our confidence and trust in Startpage has grown, and we're appreciative of Startpage's cooperation and willingness to address the concerns of our community.
-
-We also hope this encourages any services that may end up being delisted for one reason or another to take action and improve themselves in this same fashion. We don't like delisting the services we've previously trusted and recommended, and we are always happy to see when steps are taken to regain community trust.
-
----
-
-**2023-10-23:** This post has been edited to reflect the team's move from [PrivacyTools](https://www.privacyguides.org/en/about/privacytools/) to Privacy Guides.
diff --git a/content/blog/posts/restrict-act.md b/content/blog/posts/restrict-act.md
deleted file mode 100644
index 7b3fb9a80..000000000
--- a/content/blog/posts/restrict-act.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-date:
-    created: 2023-04-01T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - jonah
-tags:
-    - Government
-    - VPN
-    - United States
-links:
-    - posts/hide-nothing.md
-canonical: https://www.jonaharagon.com/posts/restrict-act/
-description: The RESTRICT Act would grant the government broad powers to restrict access to any site or service they claim could pose a threat to national security, akin to China's Great Firewall.
-schema_type: OpinionNewsArticle
----
-# Worried About TikTok? The RESTRICT Act Is Not the Answer Americans Are Looking For
-
-Privacy advocates have been calling for the United States to adopt strong consumer privacy protection laws along the lines of the EU's GDPR for a long time now, but the proposed *Restricting the Emergence of Security Threats that Risk Information and Communications Technology* (RESTRICT) *Act* isn't the answer we're looking for.<!-- more -->
-
-Terrible acronym aside, the RESTRICT Act claims to...
-
-> empower the United States government to prevent certain foreign governments from exploiting technology services operating in the United States in a way that poses risks to Americans’ sensitive data and our national security. ([whitehouse.gov](https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/07/statement-from-national-security-advisor-jake-sullivan-on-the-introduction-of-the-restrict-act/))
-
-In reality, this act would grant the government broad powers to restrict access to any site or service they claim could pose a threat to national security, akin to China's "[great firewall](https://en.wikipedia.org/wiki/Great_Firewall)."
-
-Currently, if you go on the internet and try and find out what the RESTRICT Act *actually does*, you'll find a lot of confusing and conflicting information. This is by design, not from a lack of analysis. Simply put, the RESTRICT Act has been interpreted in so many ways because the wording is so broad that it *can* be interpreted in so many ways. This is obviously a problematic form of government overreach.
-
-So what does it actually do? Well, nothing! For now anyway: Like many bills lately, this bill has no immediate effects, but it does grant the White House power to create rules and regulations which will have the power of law. Section 8 grants the Secretary of Commerce the power to "establish such rules, regulations, and procedures as the Secretary considers appropriate." These rules can include almost anything as long as they are targeting an entity covered by the bill.
-
-To give it a little credit, the specific activities this bill targets are *relatively* narrow. Section 2 of the bill mainly defines the affected entities in terms of corporate ownership and funding in relation to specific "foreign adversaries." It would be difficult for a company to violate this bill without *actually* being a front for a foreign government. However, once a targeted company *is* identified, the powers the White House then gains to prevent their operation and access within the United States are wildly expansive.
-
-## How might this affect VPN providers?
-
-This is the question on a lot of people's mind, and the answer is of course a bit complicated.
-
-Right now, this bill is mainly focused on TikTok, despite them not being mentioned specifically within the bill text, so let's focus on them. If the White House determines that TikTok is covered by this act, they could implement "mitigation measures" including ordering Internet Service Providers to block access to TikTok entirely. At this point, the Act grants very broad power to block **circumvention** of those mitigation measures as well. Now, any service "which is designed or intended to evade or circumvent the application of this Act" falls under the scope of this regulation.
-
-> No person may cause or aid, abet, counsel, command, induce, procure, permit, or approve the doing of any act prohibited by, or the omission of any act required by any regulation, order, direction, mitigation measure, prohibition, or other authorization or directive issued under, this Act. (Section 11(a)(2))
-
-A reading of this could certainly include VPN providers. Even if the White House does not declare VPN companies to be directly violating this act, they could certainly deem their services to be aiding and abetting violators, and the end result is the same: Regulations which ban the operation of VPNs entirely.
-
-Even more worryingly—especially for myself at [Privacy Guides](https://www.privacyguides.org)—a stricter reading of the quoted section above could make it illegal to even *share advice* (i.e. "counsel") on how to run a VPN or sideload TikTok! And all of these violations *can* be punished with criminal charges including up to 20 years in jail or up to $1,000,000 in fines.
-
-So what do we actually know?
-
-- Does this bill ban VPNs? **No.**
-- Does this bill give the White House executive power to ban VPNs? **Yes!**
-
-Ultimately, the provisions in this bill are so broad that it is inconceivable that they will *not* be eventually abused by the White House, it would only be a matter of time. Any law like this which gives the government broad authority to ban all sorts of tools if they are even tangentially related to a foreign country they deem a threat is simply unacceptable in a purportedly free country, and we need to make sure it does not pass.
-
-## Is this good privacy regulation?
-
-Absolutely not. Fundamentally, the RESTRICT Act does nothing to address the actual privacy concerns of American citizens, it only ensures that the digital data of Americans is exploited *exclusively* by America-friendly companies. If Congress was legitimately concerned about data collection in America, they could implement strong consumer protections that enhance individuals' control and rights over their personal data on *every* platform instead of playing whack-a-mole with every foreign technology entity.
-
-You may still be thinking that this bill would only really impact large, foreign entities like China/TikTok, but we've seen time and time again how bills like this that are sold as attacks on huge, nebulous entities like "terrorists" and "foreign state adversaries" wind up mainly used to attack the little guy with minor infractions.
-
-Just like with the post-9/11 Patriot Act, the government is trying to whip people up into a panic to pass a bill under false pretexts that only serves to expand their police powers over us. Call your legislators and demand that they vote against the RESTRICT Act, don't let them take away even more freedoms.
diff --git a/content/blog/posts/sam-altman-wants-your-eyeball.md b/content/blog/posts/sam-altman-wants-your-eyeball.md
deleted file mode 100644
index 8107de8f4..000000000
--- a/content/blog/posts/sam-altman-wants-your-eyeball.md
+++ /dev/null
@@ -1,380 +0,0 @@
----
-date:
-    created: 2025-05-10T15:00:00Z
-    updated: 2025-05-10T15:45:00Z
-categories:
-    - News
-authors:
-    - em
-description: Last week, OpenAI's CEO Sam Altman announced in San Francisco that the World project he co-founded, formerly known as Worldcoin, is opening six stores across the United States, allowing users of the project's app to scan their eyeballs. This is worrisome, to say the least.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp
----
-
-
-# Sam Altman Wants Your Eyeball
-
-![Image of a red circle of light that resembles a human iris over a black background.](../assets/images/sam-altman-wants-your-eyeball/orb-cover.webp)
-
-<small aria-hidden="true">Photo: Flyd / Unsplash</small>
-
-Last week, OpenAI's CEO Sam Altman announced in San Francisco that the World project he co-founded, formerly known as Worldcoin, is opening six stores across the United States, allowing users of the project's app to scan their eyeballs.
-
-Simply put, the premise is this: scan your eyeball, get a biometric tag, verify yourself, buy our apps (and cryptocurrency). The scary part is the for-profit company developing the project has now gathered millions in venture capital investment, powerful partners, and is ready to expand and impose its [Minority Report](https://en.wikipedia.org/wiki/Minority_Report_(film)) style technology everywhere. **Welcome to Dystopialand.**<!-- more -->
-
-The World(coin) project is an initiative from the startup Tools for Humanity, co-founded by its CEO Alex Blania. Despite its friendly name, the for-profit corporation has been on the radar of many critics through the years already. From experts to journalists to privacy commissioners around the world, not everyone shares Blania's enthusiasm for his biometric-based technology.
-
-## What is the World App?
-
-The World project, recently rebranded from the Worldcoin project (possibly to convey better its expansionist ambitions) presented its plan for the World App to Americans this week. The project is now expanding well beyond the cryptocurrency it started from.
-
-The World App is an everything app, providing users with a *World ID*, that can be verified through the collection of biometric data in the form of an iris scan.
-
-The scan is then filtered and hashed to create a unique identifier that is stored as a so-called "proof of personhood" on the *World Network*, a blockchain-based protocol.
-
-The World App itself contains a collection of "Mini Apps", where users can manage their cryptocurrencies, chat together, play games, receive their paychecks even, and ultimately live their whole life within the closed "verified" ecosystem of the app.
-
-For a company constantly praising decentralization, it sure looks like they want to make sure they are the center of it all.
-
-To obtain this coveted verification code, users *must* be ready to share their precious eyeball data with the Orb.
-
-The Orb is a piece of hardware designed by Tools for Humanity to perform iris scans. It is available to access in the United States at one of the currently six locations in Austin, Atlanta, Los Angeles, Miami, Nashville and San Francisco (more to come soon), like some sort of biometrics collection ATM.
-
-The World project has for ambition to expand its reach across the United States to install 7,500 Orbs by the end of this year, so be prepared to see this dystopian technology everywhere soon.
-
-The San Francisco [presentation last week](https://www.theregister.com/2025/05/04/sam_altman_startup_world/) was clearly prepared to impress investors with its Apple announcement vibe. The promise of a quickly growing startup that everyone will soon want to work with, was repeated over and over in different flavors.
-
-Tools for Humanity bragged about many large partnerships that should make any privacy advocates shiver in dread: the Match Group dating apps conglomerate (Tinder, OkCupid, Hinge, Plenty of Fish), Stripe, and Visa are some of them.
-
-If they succeed in convincing enough people, many of us could soon have little choice but to unwillingly have to enroll.
-
-## World(coin) isn't new, you might have heard of its unethical practices already
-
-The project [claims](https://techcrunch.com/2025/04/30/sam-altmans-world-unveils-a-mobile-verification-device/) to have onboarded 26 million people already, including 12 million "users" who are verified (had their biometric data collected).
-
-These "users" are largely located in Latin America, Africa, and Asia. This is because the company started testing for its project there a few years ago, in regions where people often have fewer legal protections.
-
-In 2022, MIT Technology Review produced [an extensive investigation](https://www.technologyreview.com/2022/04/06/1048981/worldcoin-cryptocurrency-biometrics-web3/) on the startup's debut in an article titled: *Deception, exploited workers, and cash handouts: How Worldcoin recruited its first half a million test users.*
-
-The investigation revealed a collection of unethical practices to pressure the most vulnerable populations in signing up for Worldcoin, and **have their eyeball scanned in exchange for money** they desperately needed.
-
-Some participants had to provide much more personal information than the company says is required, such as emails, phone numbers, and even photos of official ID. Many people who gave their biometric data to Worldcoin were rushed and misinformed. Some who signed up didn't even have an email and had to create one. The "Orb operators" hired to perform the scans locally were often poorly trained, poorly informed, and unable to answer the questions asked by participants.
-
-So much so that [Kenya suspended the company's operations](https://techcrunch.com/2023/08/02/kenya-suspends-worldcoin-scans-over-security-privacy-and-financial-concerns/) in 2023 over concerns for privacy, security, and financial service practices.
-
-Some people who signed up never received the promised money. Some officials were bribed to give the impression to participants these operations were official and supported by the government.
-
-As Ruswandi, one of the persons targeted by this early campaign [remarked](https://www.technologyreview.com/2022/04/06/1048981/worldcoin-cryptocurrency-biometrics-web3/): "why did Worldcoin target lower-income communities in the first place, instead of crypto enthusiasts or communities?"
-
-Exploiting people in situations of poverty in order to test a biometric identification technology isn't a great way to start a project developed by a company called "Tools for Humanity".
-
-## Creating the problem, selling the solution
-
-Why develop such a technology in the first place?
-
-Sam Altman himself has [expressed concern](https://www.wired.com/story/sam-altman-orb-eyeball-scan-launch-us/) about the problem this alleged solution solves: the avalanche of fake accounts and pretend persons online caused by the new AI tools unleashed everywhere.
-
-The proposed use of a "proof of personhood" claims to solve this problem by allocating a unique identifier to each human, a personal code supposedly impossible to duplicate or cheat. Of course, this has [already been proven wrong](https://gizmodo.com/worldcoin-black-market-iris-data-identity-orb-1850454037).
-
-No one will miss the irony of the CEO of OpenAI, responsible for creating the largest share of this problem, expressing such concern **while continuing to feed the fire**.
-
-This is a classic case of creating a problem and selling the solution. Well, in this case it is more like ***selling* the problem and selling the solution**. As researcher and cryptocurrency critic [Molly White pointed out](https://www.citationneeded.news/worldcoin-a-solution-in-search-of/) in 2023:
-
-"That's right, the guy who's going to sell us all the solution to a worsening AI-powered bot infestation of the Internet and to AI-induced mass unemployment is the same guy who's making the AI in question."
-
-Sadly, this proposed solution also isn't really a solution, or at least it isn't a *good* solution. Indeed, this will **create a whole collection of new problems**, many much worse than a bot infestation.
-
-## The risks of sharing biometric data
-
-Biometric data is incredibly sensitive data, because it's irrevocably attached to a person. Whether it's from a face scan, palm scan, fingerprint, keystroke pattern, or iris scan, this data is part of our bodies and **cannot be changed like a password** if it gets compromised.
-
-For this reason, a growing number of legislations around the world now include special categories for such data collection, and require extra protections and supervision for it.
-
-There are many dangers in collecting and potentially endangering biometric data. First, if this data gets stolen, criminals can impersonate a victim much more convincingly, because they will have the "proof" to "verify" this is really you.
-
-While straight-up stealing your eyeball or face might still belong to science-fiction, the risk of getting the data produced *from* the scan stolen is very real.
-
-When the World project claims it is secure because biometric data isn't stored anywhere, even if that was true, the iris *code* derivative of this data is indeed stored and processed somewhere, and this can potentially be stolen.
-
-How hard will it be for a victim to recover an account from a biometric thief when everything is reinforcing the false narrative shared with investors that this technology can't be cheated?
-
-Then, there is the loss of pseudonymity protections online.
-
-If every social media account becomes tied to a unique biometric-based identifier, whether directly or indirectly, there is no pseudonymity anymore.
-
-Further, if only one account is allowed by "verified human", then no one can create separate accounts for their work life and personal life anymore. Creating separate accounts for separate purposes is an excellent privacy-preserving practice.
-
-Even if the identifier isn't tied to a legal name directly, accounts on different platforms using the same identifier could potentially get linked together. To be fair, it does seem Tools for Humanity worked to prevent different platforms from having access to the same code, but how well will this hold the test of time? Will platforms increasingly escalate privacy-invasive requests from this point, like they often do?
-
-**Pseudonymity saves lives.** It is an essential tool for the safety of the most vulnerable online. Killing pseudonymity by requiring unique biometric identification could endanger millions.
-
-This is a serious problem coming up with [age verification](age-verification-wants-your-face.md) processes as well, which World ID will soon also be a part of when [testing](https://www.engadget.com/cybersecurity/sam-altmans-eyeball-scanning-id-technology-debuts-in-the-us-130032856.html) its implementation for Tinder in Japan.
-
-Biometric data should never be used lightly. It should be reserved for the most extreme cases only.
-
-The regions who have adopted stronger regulations for biometric data collection are moving in the right direction. But will protective legislation be enough to resist the pressure from a for-profit VC-backed corporation with a valuation at billions?
-
-## Flipping the coin
-
-Tools for Humanity seems to be well aware of its creepiness factor, and of the criticisms brought by privacy commissioners around the world.
-
-Its recent Orb redesign from the previous cold (Black)mirror finish clearly tries hard to replace creepiness with cuteness.
-
-The company has also evidently invested a lot in presenting a pro-privacy image, likely in an attempt to reassure users (and investors).
-
-Unfortunately, many of these privacy-preserving claims are inaccurate. Some claims promoting "features" that might sound impressive to a neophyte's ear are actually just the baseline, and others sadly are misleading *at best*.
-
-While a few privacy-preserving efforts are indeed positive, most of the focus on privacy relates to marketing much more than any serious protections.
-
-## How privacy-preserving is it?
-
-Most people are still put off by the idea of having their eyeball scanned, and the company has evidently invested a lot in promoting a "privacy-preserving" image, possibly as an attempt to reassure unconvinced humans and [privacy commissioners](#privacy-legislators-arent-on-board) alike.
-
-But how much can we trust those claims?
-
-### Flawed assumption about what constitutes personal data
-
-The largest assumption about why this technology is "privacy-preserving" seems to come from the fact that the World App doesn't collect names, official IDs ([unless it does](https://www.toolsforhumanity.com/legal/privacy-notice#6-2-credentials-)), emails ([unless it does](https://www.toolsforhumanity.com/legal/privacy-notice#annex-i-%E2%80%93-legal-grounds/purposes-for-tools-for-humanity-data-processing-activities-)), phone numbers ([unless it does](https://www.toolsforhumanity.com/legal/privacy-notice#5-1-data-you-provide-to-us)), date of birth ([unless it does](https://world.org/blog/announcements/worldcoin-new-world-id-unverify-option-increases-personal-control-over-data)), or other identifiers.
-
-This assumption however neglects the fact that 1) even data that isn't attached to a legal name can be personal data, and 2) the iris code it produces from the iris scan *is* indeed personal data.
-
-While there are variations, most privacy regulations have similar definitions of what constitute personal data. The European General Data Protection Regulation (GDPR) [defines](https://gdpr-info.eu/art-4-gdpr/) it as "any information relating to an identified or identifiable natural person". An iris code derived from an iris scan of course fits this definition.
-
-Moreover, to create a World ID, the company also collects a face image. Together, the original iris scan and face photo are referred to as *Image Data*. For "privacy-preserving" purposes, Image Data of course never leaves the Orb device ([unless it does](https://world.org/legal/biometric-data-consent-form)).
-
-While it seems some effort has been made to protect the Image Data in some ways, the idea that derivative data from the scans isn't still sensitive personal information anymore is wrong.
-
-If there is a way for a person to scan their iris again and generate the same code, then this data relates to their identifiable person. This also means that *someone else* could scan their iris and generate the same code.
-
-As whistleblower [Edward Snowden rightfully pointed out](https://x.com/Snowden/status/1451990496537088000) in a 2021 tweet:
-
-“This looks like it produces a global (hash) database of people's iris scans (for 'fairness'), and waves away the implications by saying 'we deleted the scans!' Yeah, but you save the *hashes* produced by the scans. Hashes that match *future* scans. Don't catalogue eyeballs.”
-
-### Questionable reassurance about local data
-
-One of the biggest reassurances relates to the claim that sensitive biometric data (Image Data) is only stored locally. But this isn't completely accurate either, and there seems to be conflicting information about it from the company's own documentation.
-
-The World [white paper](https://whitepaper.world.org/#enrollment-process) specifies that:
-
-"The Orb verifies that it sees a human, runs local fraud prevention checks, and takes pictures of both irises. The iris images are converted on the Orb hardware into the iris code. Raw biometric data does not leave the device (unless explicitly approved by the user for training purposes)."
-
-However, according to the [Biometric Data Consent Form](https://world.org/legal/biometric-data-consent-form) users have to sign prior to data collection, if a user needs a fully verified World ID. Inevitably this sensitive biometric data will be sent to their phone, therefore leaving the Orb.
-
-After a user agrees to the form, they can keep the option for *Data Custody* disabled to have their biometric data deleted from the Orb "later", and have it uploaded to their phone (with all the risk that this entails).
-
-The other option users have is to enable Data Custody (if allowed in the user's country) and have this sensitive data sent to both their phone *and* to Tools for Humanity.
-
-This means the Orb inevitably sends this sensitive data to a mobile device. Then, this data is only as secure as the mobile device is. Which isn't so reassuring.
-
-The documentation does maintain this biometric data is sent as an "end-to-end encrypted data bundle", but this doesn't mean the data never leaves the Orb. It just means it leaves it while encrypted (which is really just the basics), and copies it to the user's device.
-
-Furthermore, future users are *strongly* incentivized to share their Image Data with Tools for Humanity, for algorithm improvement purposes. Pressure to opt in is even presented as a *convenience* option, because it would be cumbersome to have to come over for another scan after every update.
-
-As [stated](https://world.org/legal/biometric-data-consent-form) in the Biometric Data Consent Form:
-
-"This will likely help you avoid some inconvenience because, if we have your Image Data, then you will not need to return to an Orb to re-verify your digital identity when we update the software."
-
-The company continues to repeat they have a "privacy by default and by design approach". But **you can't keep your privacy-preserving cake and eat it, too**.
-
-### What does the white paper say
-
-In tech, a white paper is usually a research-based document produced by the developers that presents more technical details on an application, product, or process. It is especially valuable for products like the Orb and the World App, where security and privacy *should* be paramount, and therefore examined closer.
-
-Because it isn't an independent review, a white paper can also not be worth much more than a marketing pamphlet.
-
-To its credit, Tools for Humanity does [warn](https://whitepaper.world.org/#nature-of-the-whitepaper) in its white paper that this information is "intended for general informational purposes and community discussion only and do not constitute a prospectus, an offer document, an offer of securities, a solicitation for investment, or any offer to sell any product, item or asset (whether digital or otherwise)."
-
-Furthermore, the company makes sure to specify that "circumstances may change and that the Whitepaper or the Website may become outdated as a result; and the [World] Foundation is not under any obligation to update or correct this document in connection therewith."
-
-The document is also described as a "crypto-asset white paper".
-
-We have been warned.
-
-In its Privacy section, the white paper [states](https://whitepaper.world.org/#image-custody-opt-in) that "no data collected, including images taken by the Orb has or will ever be sold. Nor will it be used for any other intent than to improve World ID."
-
-However, its [Privacy Notice also states](https://world.org/legal/privacy-notice#8--when-we-share-your-data) that they may "share your personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company."
-
-If this happens, many regretful users might find themselves in [the same shoes as 23andMe users this year](https://www.techradar.com/health-fitness/23andme-is-bankrupt-and-about-to-sell-your-dna-heres-how-to-stop-that-from-happening), where the DNA collecting company started to look for buyers of its biometric data assets after filling for bankruptcy.
-
-Additionally, the Face Authentication section of the white paper [describes](https://whitepaper.world.org/#face-authentication) a process where encrypted facial biometrics collected from the Orb are used for authentication in the World App.
-
-Even if this data is stored on-device, it is still biometric data getting collected by the Orb then processed by the phone app. There is no question this is sensitive and personal biometric data, and it is indeed kept outside the Orb.
-
-Tools for Humanity lacks consistency in the various claims and statements found through its documentation and promotion material. It becomes difficult to know which version to trust, and if it is to be trusted at all.
-
-### No deletion on the blockchain
-
-Tools for Humanity's Privacy Policy declares that the company will delete all account data (when laws allow it) one month after it is closed (this is good). They also state they will delete entirely any inactive account after 2 years, and this is actually a great policy.
-
-But what happens to the World ID, transactions, and other data stored on the blockchain?
-
-While some thoughts have been put into deletion and some good mechanisms seem to have been implemented, unfortunately data stored on the blockchain might be "deletion-resistant".
-
-There's a possibility that **what happens on the blockchain stays on the blockchain, forever**.
-
-The policy [notes](https://www.toolsforhumanity.com/legal/privacy-notice#11--how-long-do-we-keep-your-data-) that:
-
-"Due to the public and immutable nature of blockchain technology, we cannot amend, erase, or control the disclosure of data that is stored on blockchains."
-
-So that is something to keep in mind if you value your right to delete.
-
-## Data security considerations
-
-Even if some thoughtful security features seem to have been implemented for the World App and its Orbs, nothing processing sensitive data at such a large scale should be left in the hands of a single for-profit, largely unregulated, organization.
-
-This would be like putting 8 billion eggs in a very fragile basket, held by someone paid to make the basket pretty and convince as many people as possible to put their precious single egg in it, with no incentive whatsoever to ensure the basket doesn't break. I would not want to put my egg in there, especially with how much it costs now.
-
-The idea of using one single *for-profit* app worldwide for "human verification", identity verification, age verification, money transactions, and storing official IDs (and so on and so forth) makes this application a *huge* target for criminals and hostile governments alike.
-
-It's good that the app had [security audits](https://github.com/trailofbits/publications/blob/master/reviews/2023-08-worldcoin-orb-securityreview.pdf), made some [code available](https://github.com/worldcoin) as open source, and reportedly [plans](https://whitepaper.world.org/#why-custom-hardware-is-needed) to open a bug bounty program.
-
-However, there are still problems that remain. For example, the phone in this case becomes a single point of failure. The easiest way to steal someone's identity and money (all at once) will be to steal their phone data (whether physically or remotely). Even without criminal intent, what happens when someone just loses their phone? Or accidentally drop it in the pool? Or step on it?
-
-With **everything relying on a single app and a single device**, risk is greatly amplified.
-
-Outside the user's responsibility, Orb operators and Orb stores are susceptible to various attacks. This will increase exponentially with the number of users of course, as the target becomes bigger. In fact, Orb operators have [already been hacked](https://techcrunch.com/2023/05/12/hackers-stole-passwords-of-worldcoin-orb-operators/).
-
-Then, there is the appeal of fake identities and money fraud for criminals. Already, there is a [black market](https://gizmodo.com/worldcoin-black-market-iris-data-identity-orb-1850454037) for iris data in China, where people buy iris data (or verified World ID according to World) from people in Cambodia, Kenya, and other countries for a few dollars only. The vulnerability allowing this was reportedly fixed, but it is doubtful this is the last one we hear about.
-
-The Orb itself is also an important potential attack surface. With Tools for Humanity's ambition to fill the world with Orbs everywhere, will Orbs become the next version of the sketchy ATM? Where you might wonder if this funny-looking Orb is trustworthy enough to pay your bar tab without risking emptying your crypto wallet?
-
-## Privacy legislators aren't on board
-
-Despite all its privacy promotion material, the World project has failed to convince privacy commissioners around the world of their supposedly good intentions. Perhaps in this case actions speak louder than words, and privacy commissioners aren't so gullible.
-
-With the expansion the project plans this year, we can expect even more experts will examine the company's claims and challenge its "privacy-preserving" assumptions.
-
-There are many reasons to remain skeptical about these promises of privacy. Indeed, numerous countries have already suspended, fined, or called for investigation on the company's (mal)practices.
-
-### The company was fined for personal data violation
-
-In 2024, the company was [fined](https://cointelegraph.com/news/south-korea-fines-worldcoin-personal-data-violations) 1.1 billion Korean won for violating South Korea's Personal Information Protection Act (PIPA). The Worldcoin Foundation was also imposed corrective orders and recommendations. Organizations that are truly "privacy-first" rarely reach this point.
-
-The Data Custody feature, which allows (and encourages) users to share their biometric data with Tools for Humanity is now unavailable in South Korea.
-
-### Brazil has banned Worldcoin in the country
-
-In January this year, the National Data Protection Authority (ANPD) [banned](https://decrypt.co/305639/brazilian-regulator-denies-worldcoin-appeal-ban) Worldcoin's operations in Brazil, after the company's appeal was rejected.
-
-The ban comes from regulation stating that consent to process biometric data must be "free, informed, and unequivocal", which cannot be the case with the World project paying users in cryptocurrency in exchange for their iris scans. Data deletion concerns were also raised by the regulator.
-
-The World project tried again to appeal the decision, in vain.
-
-### Kenya and Indonesia suspended its operations
-
-In 2023, Kenya, one of the first countries where Worldcoin was available, [suspended](https://techcrunch.com/2023/08/02/kenya-suspends-worldcoin-scans-over-security-privacy-and-financial-concerns/) Worldcoin's operations citing concerns over the "authenticity and legality" of its activities related to privacy, security, and financial services.
-
-The worse part is that months before, the Office of the Data Protection Commissioner (ODPC) of the country had ordered Tools for Humanity to stop collecting personal information from its citizens. The company simply [ignored the ODPC order](https://techcrunch.com/2023/08/15/worldcoin-in-kenya/) and continued to collect biometric data from Kenyans. It only stopped after Kenya's ministry of interior and administration gave the suspension order later on.
-
-This again is quite far from the behavior of a company who genuinely values privacy.
-
-More recently on May 4th, 2025, Indonesia also [suspended](https://en.antaranews.com/news/353861/indonesia-suspends-worldcoin-world-id-operations-over-public-concerns) the World project's operation in the country over concerns related to user privacy and security. The Ministry of Communication and Digital will be summoning the project's local operators to clarify the operations and determine potential violation of the Indonesia's electronic system regulation.
-
-### German regulator ordered GDPR compliance following investigation
-
-In December 2024, the German regulator, the Bavarian State Office for Data Protection Supervision (BayLDA), [issued an order](https://decrypt.co/298090/german-watchdog-cracks-down-on-worldcoin-over-biometric-data) to obligate providing deletion procedures that comply with the GDPR within one month. Additionally, the BayLDA ordered the complete deletion of certain data records that were previously collected without sufficient legal basis.
-
-Again, the World Foundation is fighting the order and will [appeal](https://cointelegraph.com/news/german-watchdog-order-worldcoin-delete-data) the decision. The company tries to argue the data collected was "anonymized", a common strategy to try evading GDPR compliance, which does not regulate anonymized data.
-
-### Data protection authorities around the world are investigating
-
-In 2023, France's data protection authority the CNIL [investigated](https://www.reuters.com/technology/worldcoin-paris-office-checked-by-french-data-watchdog-2023-08-31/) Worldcoin's activities in the country. The same year, UK's privacy watchdog started its own [inquiry](https://www.reuters.com/technology/uk-data-watchdog-make-enquiries-worldcoin-crypto-project-2023-07-25/) into the company's operations.
-
-In 2024, Hong Kong's Office of the Privacy Commissioner for Personal Data [raided](https://www.scmp.com/news/hong-kong/law-and-crime/article/3250480/hong-kong-eye-scan-cryptocurrency-scheme-probed-citys-privacy-watchdog) six Worldcoin offices citing personal information privacy and security concerns.
-
-There is no doubt more countries and regions will follow with similar investigations and bans as the World project expands to its ambition.
-
-### In the United States, the app is restricted in some states
-
-Even in the US where the company is headquartered, the app is [restricted](https://www.wired.com/story/sam-altman-orb-eyeball-scan-launch-us/) in some states. The announcement for its event this month carried a warning that the World is “not available for distribution via World App to people, companies or organizations who are residents of, or are located or incorporated in the State of New York or other restricted territories.”
-
-We can also expect the project will encounter roadblocks in states that have passed [regulations specific to the collection of biometric data](https://www.huschblackwell.com/2024-state-biometric-privacy-law-tracker). This includes states like Illinois, Texas, Washington, and Colorado.
-
-### Some regions have special regulations for biometric data
-
-Around the world the number of biometric-specific regulations is growing. Even without a regulation specific to this type of data, many privacy laws have started to include special categories and requirements to govern the collection and processing of sensitive biometric data. As companies are increasingly requesting such collection, legislations to protect users are essential.
-
-For example, the province of Quebec in Canada has recently implemented [strong protections for biometric data](https://www.cai.gouv.qc.ca/protection-renseignements-personnels/sujets-et-domaines-dinteret/biometrie?%2F) with its new privacy law, the Law 25. Consent isn't sufficient to collect biometric data, as the law requires organizations to explicitly justify the necessity for such collection in the first place. Importantly, any violation of Law 25 comes with fines as hefty as the GDPR's.
-
-More privacy laws should implement such protections quickly, as corporations collecting biometric information carelessly are multiplying fast.
-
-## Welcome to full dystopia
-
-The most concerning part of the World project's recent expansion isn't its cryptocurrency grift as much as stepping out of it.
-
-If cryptocurrency enthusiasts wish to share their personal data to get into a special cryptocurrency club, they might (although privacy regulations should still protect them). But using financial coercion to get new users by exploiting vulnerable communities living in poverty is **absolutely despicable**.
-
-Further, the fact that the World project has partnered with powerful players in the financial, gaming, and even dating sectors *should terrify everyone*.
-
-Beyond cryptocurrency, if platforms start to demand users everywhere to verify they are a human and verify they are an adult through the World ID system, then **everyone will soon be subjected to this**.
-
-The amount of money invested in the project means there will be an incredible pressure to spread it everywhere soon, and *monetize* it. There will be a *strong* incentive to monetize our data and to monetize our proof of humanity. This isn't trivial.
-
-The well-known dating app Tinder has already partnered with World ID to verify the age of users in Japan. If this experiment works well, and if users comply without objection, this could be soon mandatory for *all* dating apps.
-
-Let's not stop at dating apps. The World project has already announced last week they will also be working with Razer to verify humanity of online gamers. How far can this go in the age of age verification? Will every online games with mature content soon require a World ID to play?
-
-What about social media? Tools for Humanity's team have insisted the age of AI made us incapable of detecting if we are interacting with bots online. Therefore, they must valiantly come to our rescue to verify our humanity scanning our eyeballs (which bots tragically lack). What if this human verification is expanded to all our social media accounts? Certainly, regulators pushing for authoritarian age verification online would be delighted by such a product.
-
-Then, it comes for our money. The everything app of course offers payment and money management features. This is the app where you can keep your whole wallet, containing all your official IDs, your cryptocurrencies of all kind, and even connect with your less hyped regular bank accounts.
-
-Imagine a single app, owned by a single for-profit corporation, that collects and processes all the data from all your transactions online, all your communications online, that you absolutely have to continue using for your other social media accounts, your gaming life, and your dating life.
-
-There could soon be no way to escape the grasp of World's everything app. Actually, [some governments](https://www.theregister.com/2025/05/04/sam_altman_startup_world/) (Taiwan and Malaysia) have already started using it for official services, because why not.
-
-**The ways this could degenerate fast into full dystopia are infinite**, and very real.
-
-The company even plans to ship next year the Orb Mini, a pocket-size personal spy-device with which users will be able to scan their own eyeballs on the go!
-
-But why stop there? Why not scan other people's eyeballs as well? Maybe all government officials could carry one? Maybe every payment terminal could have one too?
-
-We will find out soon, in one or two years.
-
-Tools for Humanity also bragged about the numerous utilities its new technology could make possible. For example, for event tickets! Order a concert ticket with your "proof of personhood" then maybe confirm you are the owner by having your eyeballs scanned to assist to a Rage Against the Machine concert?
-
-The only fun part in this is the irony.
-
-Tools for Humanity with its expansionist dream is without a doubt hungry enough to eat the whole World™️.
-
-### A new world of wealth inequalities
-
-The company brings up a few times the mention of Universal Basic Income (UBI) in its documentation, it even mentions it briefly in its [white paper](https://whitepaper.world.org/#ubi).
-
-While puzzling, it appears Tools for Humanity might consider its cryptocurrency bribe to sign up and subsequent token giveaways as some form of UBI? Or perhaps this is only one of its other ambition to control all the financial systems in the entire world. Why UBI is even mentioned at all in this context is unclear.
-
-Regardless, it's worth mentioning a for-profit company giving cash back in exchange for biometric data isn't UBI at all, it's just a **creepy membership card points**, at best.
-
-While the World project works hard to present the idea this is a tool for the people, where everyone is equal, wealth will definitely [not be distributed evenly](https://whitepaper.world.org/#wld-token-allocation) in this new World order.
-
-Already, 11.1% of World's cryptocurrency tokens (WLD) have been distributed to the World's team, 13.6% to investors, and 0.3% are reserved for Tools for Humanity. This means these entities would share together 25% of the wealth, while 75% of the world's population (according the Tools for Humanity's ambition) would have to share 75% of what's left.
-
-In the new "human" world this corporation envisions, Tools for Humanity and its investors would own 1 quarter of the entire world's wealth. There is nothing equitable or communal in a system like this.
-
-It's important not to forget this everything app will do everything to pressure its users in eventually using Worldcoins, its ultimate goal.
-
-From Tinder's mandatory age verification to cryptocurrency financial ruin in one single move.
-
-## The normalization of surveillance
-
-Even if this process was perfectly secure and perfectly private (which it is definitely not), the problem remains the normalization of surveillance.
-
-This isn't limited to Tools for Humanity, although the way the company tries to advertise itself as a privacy-first organization makes it even more important to scrutinize.
-
-But anyone else with a similar approach to biometric data collection for verifying humanity or age or legal names should be on our radar. Moreover if it's a for-profit corporation with the power to impose this technology on us everywhere in the world.
-
-One company should never have such power.
-
-Further, biometric data should never be used for trivial purposes like "proof of personhood" or age verification. No amount of supposedly "privacy-preserving" features can change this.
-
-The premise itself is flawed from the start to respect privacy rights.
-
-While the problem of proving identity can still be an important one to solve in *some* context, the solution to this can never be monopolized by for-profit corporations.
-
-Regardless of Tools for Humanity's intentions and efforts to convince us to trust them, any similar technology is just another step towards a global system of mass surveillance, where ultimately privacy rights and human rights are lost.
-
-So, should you scan your eyeball to get a verified World ID?
-
-**No.**
-
-**No, you really shouldn't.**
diff --git a/content/blog/posts/secure-data-erasure.md b/content/blog/posts/secure-data-erasure.md
deleted file mode 100644
index 02714e94d..000000000
--- a/content/blog/posts/secure-data-erasure.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-date:
-    created: 2022-05-25T19:00:00Z
-categories:
-    - Tutorials
-authors:
-    - mfwmyfacewhen
-    - contributors
-links:
-    - 'Encryption<br><small>OS Full Disk Encryption</small>': https://www.privacyguides.org/encryption#os-full-disk-encryption
-tags:
-    - Linux
-license: BY-SA
-description: Erasing data from your computer may seem like a simple task, but if you want to make sure the data is truly unrecoverable, there are some things you should consider.
-schema_type: AnalysisNewsArticle
----
-# Erasing Data Securely From Your SSD or HDD
-
-**Erasing data** from your computer may seem like a simple task, but if you want to make sure the data is truly unrecoverable, there are some things you should consider.<!-- more -->
-
-!!! tip
-
-    You should use [full disk encryption](https://www.privacyguides.org/encryption#os-full-disk-encryption) on your storage devices. If your device is stolen or needs to be returned under warranty your privacy may be at risk.
-
-To erase a storage device **thoroughly**, you should securely erase the whole device and not individual files.
-
-## Erasing Your Entire Drive
-
-When you delete a file, the operating system marks the space where the deleted file was as "empty." That "empty" space can be fairly easily undeleted, yielding the original file.
-
-### Magnetic storage
-
-If the disk is a magnetic storage device, such as a spinning hard disk, we suggest using [`nwipe`](https://en.wikipedia.org/wiki/Nwipe). `nwipe` can be installed in most Linux distributions. If you wish to use a complete boot environment on a system, consider using [ShredOS Disk Eraser](https://github.com/PartialVolume/shredos.x86_64). ShredOS boots straight into `nwipe` and allows you to erase available disks. To install it to a flash USB stick see the [installation methods](https://github.com/PartialVolume/shredos.x86_64/blob/master/README.md#obtaining-and-writing-shredos-to-a-usb-flash-drive-the-easy-way-).
-
-Once you have your boot media, enter your system's UEFI settings and boot from the USB stick. Commonly used keys to access UEFI are ++f2++, ++f12++, or ++del++. Follow the on-screen prompts to wipe your data.
-
-![ShredOS](../assets/images/data-erasure/shredos.png)
-
-### Flash Storage
-
-For [flash memory](https://en.wikipedia.org/wiki/Flash_memory) (SSD, NVMe, etc.) devices we suggest the ATA Secure Erase command. Methods such as `nwipe` should not be used on flash storage devices as it may damage their performance. The "Secure Erase" feature is often accessible through the UEFI setup menu. NVMe storage can be erased using the [`nvme-cli`](https://github.com/linux-nvme/nvme-cli) tools. For that see:
-
-```text
-nvme format /dev/nvme0 -s 2 -n 1
-```
-
-It is also possible to complete a Secure Erase using the [`hdparm`](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase) command, or [Microsoft Secure Group Commands](https://docs.microsoft.com/en-us/windows-hardware/drivers/storage/security-group-commands).
-
-Physical destruction may be necessary to securely erase devices such as memory cards, USB sticks and unusable hard disks.
-
-## Erasing Specific Files
-
-Securely shredding **individual files** is difficult if not impossible. Copies can exist in a variety of ways such as through manual, or automatic backups, [wear leveling](https://en.wikipedia.org/wiki/Wear_leveling) (on modern [flash storage](https://en.wikipedia.org/wiki/Solid-state_drive)), caching and filesystem [journaling](https://en.wikipedia.org/wiki/Journaling_file_system).
-
-Wear leveled devices do not guarantee a fixed relationship between [logical blocks addressed](https://en.wikipedia.org/wiki/Logical_block_addressing) through the interface. This means that the physical locations in which the data is stored may be different to where it is actually located, so shredding may not provide adequate security.
diff --git a/content/blog/posts/security-privacy-anonymity.md b/content/blog/posts/security-privacy-anonymity.md
deleted file mode 100644
index 68d682f23..000000000
--- a/content/blog/posts/security-privacy-anonymity.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-date:
-    created: 2021-02-23T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - natebartram
-links:
-    - 'Threat Modeling<br><small>Creating Your Threat Model</small>': https://www.privacyguides.org/basics/threat-modeling/
-    - posts/choosing-the-right-messenger.md
-tags:
-    - Security
-license: BY
-description: Privacy, security, and anonymity often complement each other, but they are not always dependent on each other, and they are definitely not the same thing.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/security-privacy-anonymity/cover.jpeg
----
-# Security, Privacy, and Anonymity
-
-![](../assets/images/security-privacy-anonymity/cover.jpeg)
-
-<small aria-hidden="true">Image: Unsplash</small>
-
-We may think that we know the differences between privacy, security and anonymity, however we often mix them up. People will often criticize a product or service as “not private” when they really mean “not anonymous.” Privacy, security, and anonymity often complement each other, but they are not always dependent on each other, and they are definitely not the same thing. A service can be private without being anonymous, or even secure without being private. Which one should you prioritize?<!-- more --> To some extent, there are no wrong answers. It really comes down to your threat model and what your desired goal is. It is perfectly fine to pick a product that provides privacy even though it doesn't provide anonymity. Furthermore, it's okay to pick a product that doesn't provide security if it does provide one of the other features. The important thing is that you need to be aware what these products and services are and aren’t offering you so that you can use them correctly.
-
-There’s lots of ways to define privacy, security, and anonymity. Someone showed me [this](https://code.privacyguides.dev/privacyguides/privacytools.io/issues/1760#issuecomment-10452) definition and I really liked it. It seems to pretty much hit the nail on the head when applying these terms specifically to data privacy and cybersecurity:
-
-**Anonymity**: *The sender and/or recipient's real ID is unknown*
-
-In the real world this could be a secret admirer sending a Valentine's Day card. Online this could be when ones "footprints" cannot lead back to the poster: e.g. Tor.
-
-**Privacy**: *The contents of the message can only be seen/heard by the intended recipient(s)*
-
-In the real world this could be a whispered conversation between two people in the middle of Siberia. Online this could be a Signal message, which is end-to-end encrypted and only the recipient & sender can read the contents.
-
-**Security** (in the context of privacy/anonymity): *The parties involved are who they say they are*
-
-In the real world this could be something unique and verifiable such as a passport or fingerprints. Online this could be certificates or PGP signatures.
-
-These topics often overlap: Privacy can help your security because if people don't know information about you, they can't effectively target you. For example, an attacker that doesn't know who you bank with cannot know which bank to target. Security can protect your privacy by forcibly controlling who has access to that information about you. Let’s take a few examples:
-
-## Security without Privacy or Anonymity
-
-The most obvious example of this that comes to mind is Google. Google has had almost no major data breaches in all their years of existence, yet they know almost everything about everyone to the point that the former CEO Eric Schmidt remarked "[We can more or less know what you're thinking about.](https://web.archive.org/web/20210729190743/https://www.zdnet.com/article/google-even-knows-what-youre-thinking/)" Google offers world-class security with zero privacy or anonymity.
-
-## Security and Some Privacy without Anonymity
-
-Consider the renowned encrypted messaging app Signal. Because your phone number is required, you can be unmasked by a court order or even a web search depending on the phone number you use. However, Signal is renowned for having some of the best security in the world, and the content of your messages and the information you transfer will be protected and controlled even if your identity is not. Top-notch security and privacy over the content of your messages, but anonymity cannot be guaranteed.
-
-## Anonymity without Security
-
-Cash is a great example of this. Paying for a product in cash preserves your anonymity - unless the business requires it, you don't have to give any kind of information at all. Yet, you have no security if the seller doesn't deliver the item (unless you have a receipt). You have no protection from fraud or anything like that.
-
-## Security with Privacy and Anonymity
-
-XMPP is arguably the best example of this. XMPP allows you to sign up without any real information, over a VPN or Tor connection for total anonymity. Additionally, the conversations can be protected by OMEMO encryption, meaning the data itself is also private. When used properly, this is as closed to perfect as you can get, if a bit user-unfriendly. (**Editor's note**: XMPP is not officially endorsed by Privacy Guides for the reasons listed [here](https://code.privacyguides.dev/privacyguides/privacytools.io/issues/1854).)
-
-## Closing Thoughts
-
-These three concepts are not necessarily dependent on each other. A secure product does not guarantee privacy, a private product does not guarantee security, and anonymity does not guarantee either. As I said before, there is nothing wrong with valuing one facet over another.  It's also okay to use Signal even though it doesn't give you total anonymity. Just be sure you understand how a product is meant to be used and where it both shines and falls short. It would be awful to use Google thinking that it will give your communications total privacy and then your financial details get stolen by a [rogue employee](https://web.archive.org/web/20210729190743/https://nypost.com/2020/09/23/shopify-says-rogue-employees-may-have-stolen-customer-data/). Or if you used a service like Signal to organize protests in a hostile country only to be arrested once your phone number is unmasked. Know the limitations of the services you choose and decide what features are important to you. It’s also important to know that privacy and security are sliding scales. This could be an entire blog post on its own. Think of passwords. Any password – even “password” - is technically more secure than no password at all. But a 16-character randomly-generated password is even more secure than “password.” Sometimes it’s okay to find a solution that offers a blend – less privacy in one area in exchange for more security in another, or vice versa. Once again, it all comes back to your threat model, your needs, and your resources.
-
----
-
-*Originally published on [The New Oil](https://web.archive.org/web/20210729190743/https://thenewoil.xyz/privsecanon.html).*
diff --git a/content/blog/posts/selling-surveillance-as-convenience.md b/content/blog/posts/selling-surveillance-as-convenience.md
deleted file mode 100644
index 0bbd08a4f..000000000
--- a/content/blog/posts/selling-surveillance-as-convenience.md
+++ /dev/null
@@ -1,127 +0,0 @@
----
-date:
-    created: 2025-06-07T17:35:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: Increasingly, surveillance is being normalized and integrated in our lives. Under the guise of convenience, applications and features are sold to us as being the new better way to do things. But this convenience is a Trojan horse.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp
----
-
-# Selling Surveillance as Convenience
-
-![Stylized and colorized photo of a large wooden horse standing over a blue sky.](../assets/images/selling-surveillance-as-convenience/surveillance-cover.webp)
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Zeki Okur / Unsplash</small>
-
-Increasingly, surveillance is being normalized and integrated in our lives. Under the guise of convenience, applications and features are sold to us as being the new better way to do things. While some might be useful, **this convenience is a Trojan horse**. The cost of it is the continuous degradation of our privacy rights, with all that that entails.<!-- more -->
-
-As appalling as it is, the truth is the vast majority of software companies do not consider privacy rights and data minimization practices strongly enough, if at all. Most fail to implement the principles of [Privacy by Design](https://en.wikipedia.org/wiki/Privacy_by_design) that should guide development from the start.
-
-Whether this comes from ignorance, incompetence, greed, or malicious intent can be debated. It matters little, because the result is the same: Technologies collecting (and monetizing) a shameful amount of data from everyone.
-
-This horrifying trend ends up facilitating and normalizing surveillance in our daily lives. It is the opposite direction of where we should be going.
-
-**The more we accept this normalized surveillance, the harder it becomes to fight back.** It is critical that we firmly and loudly object to this banalized invasion of our privacy.
-
-There are countless examples of this growing issue, but for now let's focus on three of them: Airport face scans, parking apps, and AI assistants.
-
-## Face scans in airports (and elsewhere)
-
-Some airports and airlines around the world have started to [install face scanning stations](https://www.huffpost.com/entry/why-you-can-and-should-opt-out-of-tsa-facial-recognition-right-now-goog_l_680a673ae4b0b1be33560c93) to screen travelers. This is supposedly a quick and *convenient* way to verify your identity when passing through airport security lines.
-
-Facial scans and facial recognition data are biometric data. Biometric data is especially sensitive because once it's collected, there is no way for you to modify it later, ever.
-
-Imagine having a password stolen a thousand times, yet there is no way for you to change it. This is the security system that biometric data collectors are building. When their database eventually leaks, and someone steals it to impersonate you, you cannot simply get a new face like you would generate a new password.
-
-Moreover, facial data is the perfect tool to track you around without your consent. Systems using facial recognition are being installed in schools, sport stadiums, and other venues around the world.
-
-Everyone should be extremely worried about sharing any biometric data with others, and should never do so simply for "convenience".
-
-Sadly, many people do not know they might have a right to refuse.
-
-**Refusing to provide biometric data everywhere we can is crucial.**
-
-If people never refuse and simply accept surveillance without objection, we will soon lose any right we had to refuse. Without changes, this is the dystopia we are running towards.
-
-If everyone said no instead of complying for convenience, these intrusive technologies would stop being imposed on us. We have a duty to **say no** when we can.
-
-## Parking apps
-
-Parking applications might feel like a boring but necessary sacrifice. With the slow disappearance of parking meters and cash money, more parking facilities now require parking apps for registration and payment.
-
-The problem is, these applications collect lots of sensitive information. Necessarily, they collect parking location, parking duration, license plate number, phone number, email, payment information, and often even your full legal name. This information can be shared across multiple applications and organizations (partners) to track a car's location even beyond the parking facility.
-
-Despite how sensitive this data is, it's very likely most applications have not invested the time and effort to protect it properly. Inevitably, [data breaches](https://www.classaction.org/blog/parkmobile-data-breach-class-action-heres-what-you-need-to-know) have already occurred.
-
-Once this data is exposed, it can be challenging or impossible to change or delete it. People in vulnerable situations can be put in grave danger when such data becomes accessible to anyone looking for it.
-
-Even without criminal breaches, security researcher Inti De Ceukelaire [revealed](https://www.dailydot.com/debug/parking-apps-track-car-privacy-gdpr/) in 2022 that some parking apps could allow anybody to track a car around. This is due to poor security practices which allowed anyone to register and track any car's license plate, whether it's their car or not.
-
-Despite repeated [warnings](https://www.cbc.ca/news/canada/hamilton/hamilton-parking-app-privacy-concerns-1.5689209) from privacy experts, parking applications remain largely under-regulated.
-
-## AI assistants and note-takers
-
-Last but not least, AI assistant and note-taking applications have spawned in every corner of our lives for the past few years. Unfortunately, these **AI applications are an absolute nightmare for data privacy**.
-
-Very few AI systems of this type provide data without also *taking in* data.
-
-Most fresh AI startups simply utilize a subscription to OpenAI under the hood. This means it is likely any data you input into an AI assistant or note-taker will be shared back with OpenAI in the end. This includes any personal information you type and any photos you upload.
-
-Some applications offer options to opt out of input sharing, but given the track record of tech companies asking for forgiveness rather than permission, can this really be trusted?
-
-Additionally, regardless of the stated purpose for this data collection, nothing stops these companies from using it for another purpose down the road, or selling it to someone else.
-
-AI note-taking applications that seem to be all the rage in remote meetings these days are no exception.
-
-To provide a transcript then a summary, these applications [will record](https://www.zscaler.com/cxorevolutionaries/insights/privacy-security-concerns-ai-meeting-tools) the whole meeting, often including both audio and video. This data will be stored by the AI note-taking company, and maybe also shared with at least OpenAI, potentially with other third-parties as well.
-
-This is **incredibly intrusive**, not to say straight out *creepy*.
-
-Besides, it can even be *illegal*. If you use this kind of application with someone living in a region with a [two-party consent law](https://acclaws.com/can-you-record-a-conversation-legally/), recording without prior consent of all participants is criminal.
-
-Even without this, any personal information collected by an AI system is still **subject to the privacy regulation protecting its data subject**. Nobody should take lightly the legal and moral obligations they have when using or developing such invasive technology.
-
-Even if you don't care about sending *your own* personal data to these companies, **you are still responsible** for [the data of others](the-privacy-of-others.md) you input in these systems.
-
-For organizations, using AI doesn't remove any legal obligations to **[comply with privacy laws](https://iapp.org/news/a/how-privacy-and-data-protection-laws-apply-to-ai-guidance-from-global-dpas)**. You are still responsible for any personal data collected by your usage of AI systems, even when delegating the task to OpenAI or any other subcontractor.
-
-## How to opt out?
-
-There are multiple ways to opt out of surveillance disguised as convenience. The first thing of course is to avoid using any such technology whenever possible.
-
-Before taking a plane, spend some time researching if your citizenship and the region you are visiting grant you opt-out rights. If it does, print this documentation and be ready to politely ask for a traditional identify verification instead of a face scan.
-
-If you own a car, try to find a parking application that has been more thoughtful regarding security and privacy. Report any parking apps which infringe on your local privacy laws to your local Data Protection Authority or equivalent. If you go somewhere that could put you in danger if tracked — for example, because you are victim of domestic violence or stalking — consider renting a car with a different license plate, sharing a ride with a trusted friend, or parking at another location you can safely walk from.
-
-**Do NOT use any AI note-taker!** This technology might seem *convenient* at first, but it is completely unnecessary (and also unreliable). If you use this technology carelessly without providing proper privacy notice, you could run into serious legal risks. Additionally, you risk eroding the trust of everyone communicating with you when the *inevitable* data breach occurs.
-
-If someone invites you to a meeting using an AI note-taker, do not hesitate to refuse being recorded, and share your discomfort about this technology.
-
-If you must use an AI assistant, try to find one that can run *offline,* and does not upload your inputs back to the company's server. When this isn't possible, make sure at least to never share any personal information with these systems. Be especially vigilant not to share any data related to other people, and especially children. This could lead to severe legal consequences for you down the road.
-
-## Why it is crucial to oppose everywhere we can
-
-If we all do everything we can to opt out every time we can, it will become harder and harder to implement mass surveillance systems in our society.
-
-The response provided when privacy experts raise the alarm is often to minimize concerns saying "it's only optional, and people can opt out".
-
-But for **how long will we keep the right to opt out** if we never exercise this right? How many dark patterns and intimidation techniques are used to pressure people into saying yes, or to make sure they never know about their right to opt out?
-
-Furthermore, write to your representatives about your concerns related to privacy rights and the rise of surveillance systems in our society. Discuss this with your family and your friends. Post about it on social media. Share your experience of surveillance with the press.
-
-The more we are talking about this problem, the stronger the opposition becomes, and the more chances we have to **keep our privacy rights alive**.
-
-If we do not stand firm to defend our rights, even when it's inconvenient to do, we might soon lose them.
-
-## Additional resources
-
-- [Facial scan at airport (United States): Protect Your Face Data](https://www.ajl.org/campaigns/fly)
-
-- [Information on parking apps vulnerabilities: Not My Plate](https://notmyplate.com/)
-
-- [Information on AI note-takers](https://www.fisherphillips.com/en/news-insights/ai-notetaking-tools-should-you-use-them.html)
-
-- [How to remove/disable Microsoft's Windows Recall](https://www.microsoftrecall.com/)
diff --git a/content/blog/posts/signal-configuration-and-hardening.md b/content/blog/posts/signal-configuration-and-hardening.md
deleted file mode 100644
index 4d6884a2c..000000000
--- a/content/blog/posts/signal-configuration-and-hardening.md
+++ /dev/null
@@ -1,240 +0,0 @@
----
-date:
-    created: 2022-07-07T19:00:00Z
-    updated: 2025-05-24T14:00:00Z
-authors:
-    - contributors
-    - matchboxbananasynergy
-    - dngray
-categories:
-    - Tutorials
-tags:
-    - Signal
-    - Molly
-    - Instant Messengers
-license: BY-SA
-description: This guide details actions you can take to configure and harden Signal in accordance with your threat model.
-schema_type: AnalysisNewsArticle
----
-# Signal Configuration and Hardening Guide
-
-[Signal](https://www.privacyguides.org/en/real-time-communication#signal) is a widely regarded instant messaging service that is not only easy to use but is also private and secure. Signal's strong end-to-end encryption implementation and metadata protections provide a level of assurance that only you and your intended recipients are able to read communications.<!-- more -->
-
-This guide details actions you can take to configure and harden Signal in accordance with your [threat model](https://www.privacyguides.org/en/basics/threat-modeling/).
-
-## Signal Configuration
-
-### Signal PIN
-
-When you register for Signal with your phone number, you will be asked to set up a Signal PIN. This PIN can be used to recover your profile, settings, contacts, and blocked users in case you ever lose or switch devices.
-
-Additionally, your Signal PIN can also double as a registration lock that prevents others from registering with your number.
-
-!!! attention "Registration Lock"
-
-    The server will not enforce the registration lock after 7 days of inactivity. After that, someone will be able to reset the PIN at registration and register with your phone number. This will wipe the data stored in your Signal account, as it is encrypted by the PIN, but it won't prevent someone from registering with your number provided that they can receive a text on it.
-
-**Important update**: Since this blog post was published, there have been changes to the registration flow for Signal. You should read about this [here](signal-number-registration-update.md).
-
-If you haven't set up a Signal PIN, or have previously opted out of setting one up, follow these steps on Android/iOS:
-
-- Select → **Settings** → **Account** → **Signal PIN**
-- Select **Create new PIN**
-
-Signal will prompt you to enter a PIN. We suggest using a strong, alphanumeric PIN that can be stored in a [password manager](https://www.privacyguides.org/en/passwords/).
-
-Once you have done that, or if you already have set up a PIN, make sure that **Registration Lock** is also enabled.
-
-- Select → **Settings** → **Account** → **Signal PIN**
-- [x] Turn on **Registration Lock**
-
-!!! Important
-
-    If you forget the PIN and have enabled a registration lock, you may be locked out of your account for up to 7 days.
-
-You can learn more about Signal PIN on [Signal's website](https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN).
-
-### Safety Numbers
-
-Safety numbers are a feature in Signal that allows you to ensure that messages are delivered securely between verified devices.
-
-It is best practice to always compare safety numbers with your contacts. This can be done in a couple of ways:
-
-- Scanning your contact's QR code while viewing their safety number.
-- Comparing the safety numbers on both ends, be it visually or audibly.
-
-!!! Important
-
-    In order for safety numbers to also verify that the intended recipient has access to the device you're verifying, you need a secondary communication channel where you can authenticate the person that is holding the device. For example, an in-person meeting or a video call.
-
-To view the safety number for a particular contact, you need to follow these steps within Signal:
-
-- Go to a chat with a contact.
-- Select the chat header or → **View Safety Number**
-
-Once you've compared the safety numbers on both devices, you can mark that contact as **Verified**.
-
-A checkmark will appear in the chat header by your contact's name when the safety number is marked as verified. It will remain verified unless the safety number changes, or you manually change the verification status.
-
-After doing that, any time the safety number changes, you'll be notified.
-
-If the safety number with one of your contacts changes, we recommend asking the contact what happened (if they switched to a new device or re-installed Signal, for example) and verifying the safety numbers again.
-
-For more demanding threat models, you should agree on a protocol with your contacts in advance on what to do in case the safety number ever changes.
-
-You can learn more about safety numbers on [Signal's website](https://support.signal.org/hc/en-us/articles/360007060632-What-is-a-safety-number-and-why-do-I-see-that-it-changed-).
-
-### Disappearing Messages
-
-While communication in Signal is E2EE, the messages are still available on the devices, unless they are manually deleted.
-
-It is good practice to set up disappearing messages in Signal's settings so that any chats you start will disappear after a specified amount of time has passed.
-
-On Android/iOS:
-
-- Select → **Settings** → **Privacy**
-- Under **Disappearing messages**, select **Default timer for new chats**
-    - Select the desired amount of time and select **Save**
-
-!!! tip "Override the global default for specific contacts"
-
-    - Go to a chat with a contact
-    - Select on the top right
-    - Select **Disappearing messages**
-    - Select the desired amount of time and select **Save**
-
-We recommend setting up a reasonable timer by default, such as one week, and adjusting it per contact as you see fit.
-
-!!! tip "Snapchat-like Functionality"
-
-    Signal allows you to send "view-once" media that are automatically removed from the conversation after they have been viewed.
-
-### Disable Link Previews
-
-Signal offers the ability to retrieve previews of webpages linked within a conversation.
-
-This means that when you send a link, a request will be sent to that website so that a preview of the website can be displayed alongside the link. Thus, we recommend disabling link previews.
-
-Your recipient doesn't make any requests unless they open the link on their end.
-
-On Android/iOS:
-
-- Select → **Settings** → **Chats**
-- [ ] Turn off **Generate link previews**
-
-### Screen Security
-
-Signal allows you to prevent a preview of the app being shown (i.e., in the app switcher) unless you explicitly open it. This option can be found in → **Settings** → **Privacy**.
-
-=== "Android"
-
-    - [x] Turn on **Screen Security**
-
-=== "iOS"
-
-    - [x] Turn on **Hide Screen in App Switcher**
-
-### Screen Lock
-
-If someone gets a hold of your device while it is unlocked, you run the risk of them being able to open the Signal app and look at your conversations.
-
-To mitigate this, you can leverage the Screen Lock option to require additional authentication before Signal can be accessed.
-
-On Android/iOS:
-
-- Select → **Settings** → **Privacy**
-- [x] Turn on **Screen Lock**
-
-### Notification Privacy
-
-Even when your phone is locked, anyone who can lay eyes on the device can read messages and sender names from your lock screen.
-
-On Signal, you have the ability to hide message content and sender name, or just the message content itself. This option can be found in → **Settings** → **Notifications** → **Show**.
-
-=== "Android"
-
-    - Select **No name or message** or **Name only**, respectively.
-
-=== "iOS"
-
-    - Select **No name or Content** or **Name Only**, respectively.
-
-### Call Relaying
-
-Signal allows you to relay all calls (including video calls) through the Signal server to avoid revealing your IP address to your contact. This may reduce call quality.
-
-On Android/iOS:
-
-- Select → **Settings** → **Privacy** → **Advanced**
-- [x] Turn on **Always Relay Calls**
-
-For incoming calls from people who are not in your Contacts app, the call will be relayed through the Signal server regardless of how you've set it up.
-
-### Bypass Internet Censorship
-
-If Signal is blocked in your country, it has a built-in "Censorship Circumvention" feature that uses domain fronting to bypass restrictions.
-
-On Android/iOS:
-
-- Select → **Settings** → **Privacy** → **Advanced**
-- [x] Turn on **Censorship Circumvention**
-
-Additionally, Signal allows you to set up a proxy to bypass censorship.
-
-!!! Warning
-
-    All traffic remains opaque to the proxy operator. However, the censoring party could learn that you are using Signal through a proxy because the app [fails to route all the IP connections to the proxy](https://community.signalusers.org/t/traffic-not-routed-to-tls-proxies-can-expose-users-to-censors/27479).
-
-You can learn more about Signal's proxy support on their [website](https://support.signal.org/hc/en-us/articles/360056052052-Proxy-Support).
-
-### Disable Signal Call History (iOS only)
-
-Signal allows you to see your call history from your regular phone app. This allows your iOS device to sync your call history with iCloud, including whom you spoke to, when, and for how long.
-
-If you use iCloud and you don’t want to share call history on Signal, confirm it’s turned off:
-
-- Select → **Settings** → **Privacy**
-- [ ] Turn off **Show Calls in Recents**
-
-## Signal Hardening
-
-### Avoid Device Linking
-
-While it may be tempting to link your Signal account to your desktop device for convenience, keep in mind that this extends your trust to an additional and potentially less secure operating system.
-
-Avoid linking your Signal account to a desktop device to reduce your attack surface if your threat model calls for protecting against [Passive Attacks](https://www.privacyguides.org/en/basics/common-threats/#security-and-privacy){ .pg-orange }.
-
-### Molly (Android)
-
-If you use [Molly](https://www.privacyguides.org/en/real-time-communication/#molly-android) on Android to access the Signal network, below is an overview of the many privacy- and security-enhancing features that you may want to explore. You can find a full list of Molly's [features](https://github.com/mollyim/mollyim-android#features) on the project's repository.
-
-#### Data Encryption at Rest
-
-Molly has implemented database encryption at rest, which means that you can encrypt the app's database with a passphrase to ensure that none of its data is accessible without it.
-
-!!! note
-
-    As long as Molly is locked, you will not receive notifications for any incoming messages or calls until you unlock it again.
-
-Once enabled, a configurable lock timer can be set, after which point Molly will lock itself if you haven't unlocked your device for that specific time period. Alternatively, you can manually lock the app whenever you want.
-
-For the database encryption feature to be useful, two conditions must be met:
-
-1. Molly has to be locked at the time an attacker gains access to the device. This can include a physical attack in which the attacker seizes your device and manages to unlock the device itself, or a remote attack, in which the device is compromised and manages to elevate privileges to root.
-2. If you become aware that your device has been compromised, you should not unlock Molly's database.
-
-If both of the above conditions are met, the data within Molly is safe as long as the passphrase is not accessible to the attacker.
-
-#### RAM Wiper
-
-To supplement the database encryption feature, Molly securely wipes your device's RAM once the database is locked to defend against forensic analysis.
-
-While Molly is running, your data is kept in RAM. When any app closes, its data remains in RAM until another app takes the same physical memory pages. That can take seconds or days, depending on many factors. To prevent anyone from dumping the RAM to disk and extracting your data after Molly is locked, the app overrides all free RAM memory with random data when you lock the database.
-
-#### Calls and Contacts
-
-There is also the ability to configure a SOCKS proxy in Molly to route its traffic through the proxy or [Tor via Orbot](https://www.privacyguides.org/en/alternative-networks/#orbot). When enabled, all traffic is routed through the proxy and there are no known IP or DNS leaks. When using this feature, [call relaying](#call-relaying) will always be enabled, regardless of the setting.
-
-Signal adds everyone who you have communicated with to its database. Molly allows you to delete those contacts and stop sharing your profile with them.
-
-To supplement the feature above, as well as for additional security and to fight spam, Molly offers the ability to block unknown contacts whom you've never been in contact with or those who are not in your contact list without you having to manually block them.
diff --git a/content/blog/posts/signal-number-registration-update.md b/content/blog/posts/signal-number-registration-update.md
deleted file mode 100644
index d85fb234a..000000000
--- a/content/blog/posts/signal-number-registration-update.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-date:
-    created: 2022-11-10T19:00:00Z
-categories:
-    - News
-authors:
-    - matchboxbananasynergy
-tags:
-    - PSA
-    - Signal
-    - Instant Messengers
-links:
-    - posts/signal-configuration-and-hardening.md
-    - Real-Time Communication: https://www.privacyguides.org/real-time-communication/
-license: BY-SA
-description: Signal has changed how it handles registration. This primarily affects people who are using a number for Signal that they don't have exclusive access to.
-schema_type: ReportageNewsArticle
----
-# Important Changes to Signal Registration and Registration Lock
-
-**EDIT: This change has been temporarily rolled back after discussions that took place in the [Signal community](https://community.signalusers.org/t/phone-numbers-can-be-hogged-or-hijacked-permanently-using-registration-lock/6907/62). It will likely be the way things work in the future, but it seems that the old behavior is now back in place for the time being.**
-
-Signal has changed how it handles registration. This primarily affects people who are using a number for Signal that they don't have exclusive access to.<!-- more -->
-
-## How It Used to Work
-
-As outlined in our [Signal Configuration & Hardening Guide](signal-configuration-and-hardening.md#signal-pin), if you registered, set up Registration Lock, and checked into the app at least once every 7 days, nobody could use the number you'd claimed and try to re-register it for themselves without knowing your Registration Lock PIN.
-
-## How It Works Now
-
-As outlined in this [issue](https://github.com/signalapp/Signal-Android/issues/12595#issuecomment-1310752097) on the Signal-Android GitHub repository, if someone tries to register with that number and is able to get the SMS code, they can kick you out of your Signal account. At that point, you have to re-register by receiving an SMS for that number, and inputting your Signal PIN. If you are unable to do this, the Registration Lock is not enforced after 7 days. Someone who tries to register after that will be prompted to enter the Signal PIN once more. If the correct PIN is not entered, the app will prompt you to create a new PIN, and the account is wiped allowing the number to be claimed by a person who can receive an SMS code for it.
-
-You can find the relevant changes in the code [here](https://github.com/signalapp/Signal-Server/commit/80a3a8a43c8698be9f561a42762ffafe2db1409b#diff-c99f1a5184455de55e73623642ad010e2269a2d217a911e6bcf8f6bc8a79f6eaR484).
-
->If Alice registers number X and enables reglock, but Bob later proves ownership of number X (by registering and completing the SMS code), then Alice will be unregistered. However, if a reglock is present, Bob still won't be able to register immediately if he does not know the reglock code. This allows reglock to still function as a way to prevent someone else from taking over your account.
->
->However, by unregistering Alice, this starts a 7-day timer. After 7 days, if Alice doesn't re-register, then the reglock is removed and Bob will be free to register the number without needing to know the reglock. But if Alice still truly does own the number, she can simply re-prove ownership and things should go back to normal for her.
->
->This is important because phone number can (and are) re-used among cell carriers. If someone gets a new phone number from their carrier, they should not be prevented from registering with Signal indefinitely because the previous owner has reglock.
->
->The intention of reglock is to prevent hijacking of numbers you actually own, not to guarantee the number for yourself for life.
-
-While this change makes sense from the perspective of making it so you cannot "hold a number hostage" as long as you keep checking in, it is particularly important for people who've used disposable phone numbers to know this.
-
-We recommend migrating to a phone number that you own and will be able to own for the foreseeable future in order to avoid getting locked out of your account and losing your contacts.
-
----
-
-*Special thanks to the [Molly](https://molly.im) community who made us aware of this change soon after it went live.*
diff --git a/content/blog/posts/staff-announcement.md b/content/blog/posts/staff-announcement.md
deleted file mode 100644
index 4f64dcccf..000000000
--- a/content/blog/posts/staff-announcement.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-date:
-    created: 2024-08-20T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - niek-de-wilde
-tags:
-    - Privacy Guides
-license: BY-SA
-description: Privacy Guides has reached a significant milestone with today's hire of our first employee, Project Director Jonah Aragon.
-schema_type: NewsArticle
----
-
-# Jonah Aragon Hired as Project Director
-
-We are thrilled to announce a significant milestone for Privacy Guides: the addition of our first paid staff member, Jonah Aragon. This achievement is a testament to the unwavering support and generous donations from our incredible community. Another major donation came from [Power Up Privacy](https://powerupprivacy.com/){ rel=nofollow }, a privacy advocacy group that funds privacy-related research and development, which helped us achieve this goal earlier than expected!<!-- more -->
-
-Jonah Aragon is no stranger to Privacy Guides. As a founding member, Jonah has been instrumental in shaping our organization and its mission. With his extensive background in privacy and cybersecurity, Jonah brings a wealth of knowledge and experience to his new role.
-
-## A Community-Driven Success
-
-The journey of Privacy Guides has always been fueled by the passion and contributions of our community. From the very beginning, our mission has been to provide reliable, independent information on privacy and security. Thanks to your donations, we are now able to take a significant step forward by bringing Jonah on board as our Project Director.
-
-In this new position, Jonah will be working 20 hours a week to manage our day-to-day operations. His responsibilities will include overseeing various projects, ensuring smooth coordination among team members, and maintaining the high standards of our content and resources.
-
-One of Jonah’s focuses will be restarting *This Week in Privacy*, our weekly podcast providing updates on the latest developments in our community and the privacy world. After our initial trial run of this project, we heard your positive feedback, so we will be bringing it back!
-
-Another crucial aspect of Jonah’s role will be fundraising. Our goal is to make this position self-sustaining, ensuring that Privacy Guides can continue to grow and thrive. Jonah’s efforts in fundraising will help secure the necessary resources to support our ongoing projects and initiatives.
-
-## Thank You for Your Support
-
-This exciting development would not have been possible without the incredible support of our community. Your donations have made it possible for us to bring Jonah on board and continue our mission of promoting privacy and security. We are deeply grateful for your trust and generosity.
-
-As we embark on this new chapter, we look forward to the positive impact Jonah will have on Privacy Guides. Together, we will continue to advocate for privacy, educate the public, and provide valuable resources to help everyone protect their digital lives.
-
-Thank you for being a part of our journey. Stay tuned for more updates and exciting developments!
diff --git a/content/blog/posts/stay-safe-but-stay-connected.md b/content/blog/posts/stay-safe-but-stay-connected.md
deleted file mode 100644
index 44afb45b8..000000000
--- a/content/blog/posts/stay-safe-but-stay-connected.md
+++ /dev/null
@@ -1,357 +0,0 @@
----
-date:
-    created: 2025-06-10T17:00:00Z
-categories:
-    - News
-tags:
-    - Pride Month
-authors:
-    - em
-description: Balancing data protection and online connection can be difficult. Nevertheless, it's an essential skill to be able to stay safe online while staying connected.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp
----
-
-# Stay Safe, but Stay Connected
-
-![Photo of a rainbow heart with each color made of a neon light.](../assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp)
-
-<small aria-hidden="true">Photo: Jiroe Matia Rengel / Unsplash</small>
-
-In data privacy, we often talk about the dangers of data collection and exposed data. It can get overwhelming to learn more about all the information that is collected on us, especially at the beginning. As a coping mechanism, some people react by downplaying concerns, disregarding dangers, and ignoring precautions altogether. Others react the opposite way: by isolating themselves, and no longer sharing anything with anyone. But neither is a viable solution.<!-- more -->
-
-Staying isolated to avoid *all* data exposure risks other dangers. Dangers that might not seem related to data privacy directly, but are nevertheless worth mentioning here: Suicide and depression are very real dangers that we cannot ignore.
-
-Keeping our data safe shouldn't mean staying alone, and isolation is [especially dangerous for LGBTQ+ people](https://www.thetrevorproject.org/resources/article/facts-about-lgbtq-youth-suicide/).
-
-The better approach is to adopt a **segmental perspective on data privacy**.
-
-While not ignoring nor minimizing the risks, it's important to develop an awareness of which exposed data represents the biggest danger to us, which we have no control over, and which we can actually protect better.
-
-This is the balanced way out of this Orwellian nightmare.
-
-There are ways to stay together, to support each other, and to stay connected while also protecting our data and becoming an informed advocate for privacy rights.
-
-## How to stay connected while staying safe
-
-Numerous practices and tools can help to participate in online communities while also protecting one's data. There might be some sacrifices necessary of course, and each sacrifice should be weighted carefully for its benefit.
-
-It's important to remember that the best approach to data privacy isn't an [all-or-nothing mindset](privacy-is-not-dead.md). This only leads to either giving up entirely, or getting disconnected from our communities.
-
-The better mindset is to try to *improve* one's data privacy gradually, to *reduce* digital footprints where possible, and to continue to *advocate* for better legal and technical protections for the things we have no direct control over.
-
-Here are some steps you can take to stay connected, while improving your digital safety:
-
-## Practices and tools that help in various contexts
-
-There are a number of practices that can be applied in various contexts, and will help reduce or separate your digital traces. These practices are all good to keep in mind with any platforms, accounts, and information you share.
-
-If this is new to you, implementing *one* improvement at the time is a great way to avoid getting overwhelmed. Every small improvement will help, and add together over time.
-
-You do not have to do all of this, only pick what works well for you and what you can realistically implement in your life. Remember that this will not make you fully anonymous online, but *reducing* your digital footprints still gives a lot of benefits.
-
-### Pseudonymity
-
-Pseudonymity is the practice of using a fictitious name (a pseudonym) when creating accounts to detach, even slightly, one's online presentation from their full legal identity.
-
-There are different levels to this. It could mean sharing a first name but not a last name, using the name of a fictional character, or using an entirely made up name.
-
-Using a pseudonym and a profile picture that isn't a self-portrait can help significantly to reduce digital footprints and improve online safety. It can also help to detach different accounts from each other, for example by using a certain name for a work account and a pseudonym for a personal alt account.
-
-Remember that that this will not make you anonymous online, however. It will only help hide or separate your legal identity from your public-facing profile.
-
-If you want to use more serious pseudonymity online, you will also need to consider using different email addresses to sign up, different phone numbers if required, different photos of course, but also different IP addresses, and so on and so forth.
-
-### Virtual Private Network (VPN)
-
-Using a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) can also help to reduce the data identifying you online, and improve your pseudonymity.
-
-Regardless of the name you choose for a profile, services (and sometimes other users even) can see your IP address. Your IP address can reveal your location more or less accurately, and can be used to identify the owner of the internet service account you use.
-
-If you do not protect this information, services and authorities have the capacity to link all your accounts and online activities together, regardless of the name and profile picture you use.
-
-You can mitigate this by using a *trustworthy* VPN (yes, trust is crucial here) that will act as a proxy for your IP address (and allow you to use different IP addresses for different accounts).
-
-Your VPN provider however will still know what your real IP address is, this is why trusting your VPN provider is so important. To protect from this, you could use another method, such as the [Tor Network](in-praise-of-tor.md).
-
-<div class="admonition info" markdown>
-<p class="admonition-title">VPN blocks and security checks</p>
-
-Keep in mind that connecting to an account or website while using a VPN could trigger additional security checks, or even trigger blocks for certain websites and services.
-
-Sometimes, it's simply a CAPTCHA to solve, but it could also be an alert or additional check for a social media account you usually connect to without a VPN.
-
-In some situations, this can be resolved by selecting a different VPN server, choosing a server in the same region you are, or you might need to disable your VPN entirely to access some services.
-
-</div>
-
-### Browser fingerprinting
-
-Limiting browser fingerprinting is important to reduce the data capable of identifying who you are from your browsing activity.
-
-Even when using a pseudonym, fictitious profile picture, and trustworthy VPN, your activity could still be linked back to you simply based on how unique your system and browser configurations are.
-
-Some [browsers](https://www.privacyguides.org/en/desktop-browsers/) offer increased protections against this type of tracking, such as Mullvad Browser and Tor Browser.
-
-### File metadata
-
-To protect your privacy online, it's important to remember to [delete metadata](https://www.privacyguides.org/en/data-redaction/) from the photos and files you share online. Even if you take care to not include identifying information in the photos, videos, and documents you share, you can still sometimes be easily re-identified from hidden file metadata alone.
-
-Photos, PDF, images, and files of all sorts usually contain hidden metadata about your device, location, and more. Removing metadata before sharing photos or files is an important consideration to improve your privacy and safety online, especially when sharing files and photos publicly.
-
-### Mobile applications
-
-Limiting the mobile apps you keep on your devices is important, not only to improve privacy but also for device security.
-
-Many mobile app developers use tracking technologies to collect information on users, sometimes well beyond their own app's usage. Additionally, each installed application increases the risk of potential vulnerabilities that could lower your system security.
-
-Whenever possible, choose to use a secure browser instead of the application to access a service (unless this is an application you trust more than your browser application). If you use an Apple device, check the App Privacy section in the App Store to know what data each of your installed apps collects.
-
-Delete all the apps you no longer need, as soon as you do not need them anymore.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Deleting the app does not delete the account</p>
-
-Remember that just deleting an app from your device will not necessarily delete your account and data. Depending on the service, even after deleting the app, your account might still be accessible through a web browser.
-
-If you no longer need an account, it's important to first delete the data within it, then delete the account through the internal process, and, once this is completed, delete the application.
-
-Otherwise, your abandoned account could still sit there and risk getting taken over by someone else, or expose your data in other ways.
-
-</div>
-
-### Photo sharing
-
-When sharing photos online, especially on social media, it's essential for both privacy and safety to develop an awareness of what the information within this photo can reveal about you.
-
-Even from a well-protected pseudonymous account, posting a photo from your home that reveals outside details could identify your location and identity. Sometimes, even details *inside* your home could pinpoint your location. Be particularly careful about reflections in glasses, mirrors, windows, and other reflective surfaces.
-
-And of course, never share photos of others online without *their* prior consent.
-
-## What to improve in each context
-
-### Social media: Improving, deleting, replacing
-
-While social media now occupies an immense role in our lives, it's unfortunately very difficult to protect one's privacy while using any corporate social media platforms.
-
-Large commercial platforms like Facebook, Instagram, Threads, YouTube, TikTok, and X (Twitter) are fundamentally advertising businesses, and their only goal is to make more money. They achieve this goal by collecting data points on users that they sell as a feature to advertisers.
-
-#### How to improve what you can
-
-If you decide staying on a corporate platform is important to you, then it is crucial to harden all the settings available to improve privacy as much as allowed. Keep in mind however that this isn't a guarantee, and some platforms have already been caught [again](https://www.aa.com.tr/en/economy/facebook-to-pay-5bn-fine-for-violating-users-privacy/1540472) and [again](https://bgr.com/tech/facebook-whatsapp-privacy-fine/) not respecting their users' preferences.
-
-Furthermore, to implement the protections discussed above, some commercial platforms are worse than others. For example, Facebook doesn't allow the use of pseudonyms anymore.
-
-Moderation is also a safety issue to consider. If you want to choose and compare corporate platforms, the non-profit GLAAD has developed a yearly [Social Media Safety Index & Platform Scorecard](https://glaad.org/smsi/social-media-safety-index-2025/) to evaluate six major social platforms for safety for the LGBTQ+ community.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">AI training on social media platforms</p>
-
-In addition to the privacy settings you should pay attention to, make sure to **turn off or opt out of any AI feature** you can on social media.
-
-Unfortunately, many platforms have started to use and sell users content to train AI algorithms. This is very concerning for data privacy, and could make a lot of information about you impossible to delete from these systems afterward.
-
-Again, remember however that there is no guarantee platforms will respect your preferences on this, and deleting and leaving corporate platforms might be the safest option.
-
-</div>
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Disclaimer for external resources</p>
-
-Privacy Guides does not necessarily endorse these linked websites. Links are provided as suggestions of external guides to follow for this specific purpose. We do not necessarily approve the other recommendations or guides presented on these external resources.
-
-</div>
-
-- [Improving privacy settings on X (formerly Twitter)](https://beconnected.esafety.gov.au/topic-library/social-media-apps/introduction-to-twitter/controlling-your-x-privacy-settings)
-- [Improving privacy settings on Facebook](https://www.consumerreports.org/electronics-computers/privacy/facebook-privacy-settings-a1775535782/)
-- [Improving privacy settings on Instagram](https://www.consumerreports.org/electronics-computers/privacy/instagram-privacy-settings-a3036233134/)
-- [Improving privacy settings on Threads](https://www.myprivacy.blog/threads-privacy-setup-a-2025-technical-guide-for-users-under-25/)
-- [Improving privacy settings on YouTube](https://www.groovypost.com/howto/manage-your-youtube-privacy-settings/)
-- [Improving privacy settings on TikTok](https://www.maketecheasier.com/tiktok-privacy-settings/)
-- [Improving privacy settings on Reddit](https://www.myprivacy.blog/reddit-privacy-guide-securing-your-presence-in-2025/)
-- [Improving privacy settings on LinkedIn](https://www.presencesecure.com/linkedin-privacy-settings-guide/)
-
-Additionally, with [the proliferation of age verification](age-verification-wants-your-face.md) regulations, more commercial platforms might soon not only require a legal name, but also require providing an official ID in order to continue using the platform, severely damaging online privacy for everyone.
-
-In light of this, it might be a better idea to leave these intrusive and data exploitative platforms altogether, while deletion is still an option.
-
-#### How to delete corporate social media accounts
-
-[Deleting the accounts](https://www.privacyguides.org/en/basics/account-deletion/) you no longer use is an essential habit to adopt in order to improve both privacy and security online.
-
-Unused accounts leave a data trail that can get exploited by platforms unchecked, for example with the recent addition of terms of service to allow [using all content for AI-training purposes](https://www.pcworld.com/article/2343263/facebook-wants-to-use-your-posts-for-ai-training-how-to-object.html). Moreover, keeping abandoned accounts increases significantly the risk of account takeover and data leak.
-
-A healthy privacy habit is to request account and data deletion as soon as an account is no longer needed, rather than leaving the account abandoned.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Remember before deleting!</p>
-
-Before deleting any account, always make sure to:
-
-1. Deactivate any sign-in option you might have used this account with. For example, if you use the sign in with Google or Facebook option with other accounts, make sure to log in these accounts and select another way to connect that doesn't rely on the account you are about to delete.
-
-2. If you need to keep a copy of your own data, make sure to download and verify it before you delete the account.
-
-3. In some situations, it can help to delete information within the account first. Go through your profile and delete or modify what you can manually.
-
-4. If you want to stay in contact, inform the people you usually contact through this account of an alternative way to contact you.
-
-</div>
-
-- [Deleting X (formerly Twitter) posts](https://cyd.social/download/)
-- [Deleting X (formerly Twitter) account](https://lifehacker.com/how-to-delete-your-x-account)
-- [Deleting Facebook](https://lifehacker.com/tech/how-to-delete-your-facebook-account)
-- [Deleting Instagram](https://lifehacker.com/tech/how-to-deactivate-or-delete-your-instagram)
-- [Deleting Threads](https://www.pcmag.com/how-to/how-to-delete-threads-without-getting-rid-of-your-instagram-account)
-- [Deleting YouTube (Google)](https://www.tech2geek.net/how-to-delete-your-youtube-account-2025-step-by-step-guide/)
-- [Deleting TikTok](https://www.techlifeunity.com/delete-tik-tok-account)
-- [Deleting Reddit](https://lifehacker.com/tech/how-to-delete-your-reddit-account)
-- [Deleting LinkedIn](https://www.maketecheasier.com/how-to-delete-linkedin-account/)
-
-#### Which better platforms to use to stay connected
-
-While any data publicly accessible online can technically be collected by anyone, using alternative platforms that aren't advertising businesses can still greatly improve your data privacy online.
-
-For example, platforms that are part of the Fediverse social network are predominantly non-profit, open-source software using a collection of connected servers generally run by volunteers.
-
-The incentive isn't to monetize users data at all, the goal is simply to support the community. This is a *crucial* difference.
-
-When moving to non-corporate platforms, you should also adopt all the good privacy practices listed above. The good news is you will not encounter resistance to do so there. These platforms will not endlessly exploit your data internally, like big tech social media does.
-
-Fediverse-connected platforms tend to value users privacy and security much more. Because **their goal isn't to make profit from your data**.
-
-You will still need to go through the settings to adjust and harden your privacy preferences, but you'll see already that almost no personal data is required to sign up, and there will be no advertising profile tracking you around (and no ads!).
-
-- [Replacing X and Threads with Mastodon](https://joinmastodon.org/)
-- [Replacing Facebook with Friendica](https://friendi.ca/)
-- [Replacing Instagram with Pixelfed](https://pixelfed.org/)
-- [Replacing YouTube with PeerTube](https://joinpeertube.org/)
-- [Replacing TikTok with Loops](https://joinloops.org/)
-- [Replacing Reddit with Lemmy](https://join-lemmy.org/)
-- [Replacing Meetup or Facebook Groups with Mobilizon](https://mobilizon.org/)
-
-### Private messaging: One-on-one and group chats
-
-Many of the dangers described for social media also exist for messaging services.
-
-When it comes to private messaging, you cannot trust any software that does not protect your communication with solid *end-to-end encryption*.
-
-End-to-end encryption is a protection that will prevent third parties (including the platform itself) from having access to your messages. When well implemented, only the intended sender(s) and recipient(s) will have access to the messages your send using end-to-end encryption.
-
-Popular messaging services and platforms such as [regular SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why/), Discord, Slack, and most social media direct messages unfortunately do not offer this protection, and are horrible for data privacy.
-
-Even messaging apps like WhatsApp, Facebook Messenger, Snapchat, and Telegram, that *can* be used with *some* end-to-end encryption, have other important data privacy problems that make them difficult to trust.
-
-#### Signal
-
-One of the best free end-to-end encrypted messenger you can use at this time for one-on-one and group conversations is [Signal](https://signal.org/).
-
-While Signal requires a phone number to sign up, it will not collect any other data from you. Once installed, [activating the usernames feature](https://support.signal.org/hc/en-us/articles/6712070553754-Phone-Number-Privacy-and-Usernames) and adjusting phone number privacy is important to prevent sharing your phone number with others. That way, you will be able to simply share your *username* to start communicating with anyone.
-
-Moreover, the [disappearing messages feature](https://support.signal.org/hc/en-us/articles/360007320771-Set-and-manage-disappearing-messages) will greatly help to reduce your data trail. Remember however that this will not prevent a malicious recipient from downloading or taking screenshots of the sensitive information you share with them. This is true for any service with disappearing messages. Only send sensitive information and photos to people you trust, even when using disappearing messages on encrypted platforms.
-
-#### Other end-to-end encrypted messengers
-
-While Signal might be the most popular and easier to use, there are many other instant messaging apps that offer solid end-to-end encryption features.
-
-Some will not even require a phone number to sign up. However, because they are less popular, it might be more difficult to find other users willing to use them with you to communicate.
-
-They also offer different features and experiences, that you might prefer, or not. If you prefer to use a different application, you can have a look at our other [recommended instant messaging](https://www.privacyguides.org/en/real-time-communication/) applications.
-
-#### Matrix with Element
-
-[Matrix](https://matrix.org/) is an open network for decentralized communication. This network uses a collection of connected servers, and can be accessed using different [client applications](https://matrix.org/ecosystem/clients/). Matrix clients will offer different experiences and features, and be available on different systems.
-
-Using Matrix with the open-source client [Element](https://element.io/) is a good alternative to Slack and Discord's chat rooms. The Matrix protocol allows chat rooms to use end-to-end encryption.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Not all rooms are end-to-end encrypted</p>
-
-Remember that not every room uses end-to-end encryption on Matrix. You can verify this in Element, from the detailed room information panel, by the "Encrypted" or "Not encrypted" badge under a room's name.
-
-</div>
-
-Again, because this open-source protocol is developed by a non-profit organization, the goal isn't to collect data on users. There is no incentive to monetize users' data, and because of this, choosing these better alternatives will greatly improve your data privacy compared to using commercial platforms.
-
-#### End-to-end encrypted emails
-
-For email communication, moving away from large providers such as Google and Microsoft can improve your communication's privacy immensely.
-
-Large providers of free email services tend to collect a lot of data on their users, sometimes including the content of their communications. Moving to a service that uses end-to-end encryption and better practices around metadata offers significant benefits.
-
-Proton Mail and Tuta are two services implementing end-to-end encryption to protect the content of users' messages. For more details and options, you can look at our recommended [email services providers](https://www.privacyguides.org/en/email/) page.
-
-Of course, when using any of these services, you will still have to take into account to whom you are sending the email. For end-to-end encryption to properly protect data both in transit and at rest, the sender needs to use a service *compatible* with the recipient.
-
-There are methods and third-party applications that can be used to encrypt and decrypt a message from a provider that does not offer end-to-end encryption, but this adds additional steps casual users might not feel comfortable getting into.
-
-That being said, if you use a Proton Mail address to email another Proton Mail user, by default all communication's content will be fully encrypted, and only accessible to you and the intended recipient. Similarly, if you use Tuta to email another Tuta user, communication will be fully end-to-end encrypted.
-
-Communications between different providers will likely require additional steps, however, or will not benefit from end-to-end encryption on the server where the message is sent. For example, when sending an email from a Proton Mail to a Gmail account, if no additional protections are used, the content of this message will still be accessible to Google on the recipient's side.
-
-All of this to say, be mindful when using email communication to exchange sensitive data, and make sure to verify inter-service compatibility to stay fully protected.
-
-Even considering this, using a Tuta or Proton Mail account to communicate even with people using unencrypted services still has the benefit that your communication will at least be stored fully encrypted on *your* side.
-
-### Online dating: Balancing authenticity and caution
-
-Unfortunately, it is still extremely difficult to protect sensitive data while using dating apps. Very few dating apps are careful about protecting user's data properly, and many breaches have already happened to confirm this.
-
-Moreover, using a dating app cannot be done completely anonymously. Inevitably, at least some photos or some personal information need to be shared. Pseudonymity on dating app can come at the cost of authenticity, which is very important when dating.
-
-While not sharing someone's last name and address is certainly a recommended and cautious measure, not sharing any photos or any personal information isn't really an option in this context.
-
-What can be done to improve privacy while not impacting authenticity and truthfulness when dating?
-
-Sharing only a first name is a good start. Remaining mindful of selecting photos that do not reveal someone's exact home location is also a good safety measure.
-
-Additionally, once a partner is trusted enough, moving to a more secure and more private end-to-end encrypted channel before sharing more intimate information or pictures can be a good idea.
-
-Some dating apps might soon require official IDs or other sensitive identifiers for age verification purposes. This can be a dangerous practice if there is a risk of data leak, which, well, there always is. Choosing applications that prioritize their users' privacy and safety, and moving away from the ones who don't, is fundamental.
-
-Before investing time in a dating app, make sure to review properly what personal information will be collected, how it can be deleted after (once you've found the love(s) of your life at last), and what data will remain or be requested for the deletion request.
-
-Make sure to browse trustworthy sources to check which apps have better privacy practices, and which ones have been exposed for their bad behaviors. Then, choose accordingly an application you trust enough to share your intimate details with.
-
-### In person: Groups and events
-
-Many people still use commercial platforms such as Facebook Groups, Eventbrite, and Meetup to organize events and groups.
-
-Regrettably, requiring attendees to provide information to a commercial platform collecting their data can put people at severe risk of harm, and completely exclude the most vulnerable.
-
-When organizing events and groups for your community, select platforms that will *not* collect your attendees' data instead.
-
-Sometimes, a good old static website to advertise an event is enough. Then, link to this page on social media to increase visibility. This method has worked for decades before, when people met in person even more.
-
-The need to collect RSVP from attendees is rarely justified. It negatively impacts data privacy, risks endangering attendees in vulnerable situations (such as victims of domestic violence and stalking), and is usually greatly misleading anyway.
-
-You will significantly improve your event's accessibility and safety by not requiring attendees leave a digital trace of where they will be physically.
-
-If you want a service more structured than a static website, **[Mobilizon](https://mobilizon.org/) is an excellent free and open replacement to commercial platforms for groups and events**.
-
-It was developed by the French non-profit Framasoft, and has no incentive to collect users' data. Accounts can be created from multiple [instances](https://instances.joinmobilizon.org/instances), and instances can even be self-hosted if group and event organizers wish more control over their data.
-
-Finally, do not neglect the power of a good old paper poster for your local events. Posting in the streets, local libraries, and on school billboards is still an excellent and efficient way to invite locals to join your event, without the need for any data collection.
-
-## Stay connected
-
-Reaching out for connection can be difficult at time, but it's essential.
-
-While using measures to protect your privacy and your safety, staying connected with your queer community is vital to find the support you need and to find a space where you can be yourself.
-
-Peer support is a fundamental need for anyone. While protecting our data is also important, using a balanced approach to stay connected *while* staying safe is not just important to survive, but also to live and to thrive.
-
-If you are feeling isolated, reach out for connections. You are not alone 💛
-
-## Resources to help
-
-If you are feeling isolated, depressed, or suicidal, do not hesitate to reach out for help. These helplines are here to listen:
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): Confidential support helpline for people who identify as trans, agender, gender-fluid or non-binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support (Phone number US: 877-565-8860 / Canada: 877-330-6366)
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 (Phone number: 988)
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
diff --git a/content/blog/posts/the-dangers-of-end-to-end-encryption.md b/content/blog/posts/the-dangers-of-end-to-end-encryption.md
deleted file mode 100644
index fb21c2bb9..000000000
--- a/content/blog/posts/the-dangers-of-end-to-end-encryption.md
+++ /dev/null
@@ -1,99 +0,0 @@
----
-date:
-    created: 2025-04-01T05:40:00Z
-categories:
-    - Opinion
-tags:
-    - April Fools
-authors:
-    - aprilfools
-license: BY-SA
-description: Privacy Guides is formally taking a stand against dangerous and frightening technologies.
-schema_type: SatiricalArticle
-preview:
-  logo: blog/assets/images/the-dangers-of-end-to-end-encryption/fire.svg
----
-# The Dangers of End-to-End Encryption
-
-![An image showing a burning car](../assets/images/the-dangers-of-end-to-end-encryption/cover.webp)
-
-<small aria-hidden="true">Photo: Flavio / Unsplash</small>
-
-In the digital age, nothing is more important than convenience and easy access to data. Unfortunately, there has been an alarming trend among technologists to implement **End-to-End Encryption** (E2EE) in their applications, to the detriment of all the important work being done by countless organizations, including the best and brightest intelligence agencies and big tech companies.<!-- more -->
-
-<div class="admonition tip inline" markdown>
-<p class="admonition-title">April Fools!</p>
-
-This article was published on April 1st, 2025.
-
-Privacy Guides supports strong encryption as a cornerstone of digital security and personal freedom. End-to-end encryption ensures that **your** communications remain **yours**, which is a principle worth preserving.
-
-</div>
-
-Security-focused developers and misguided "advocates" have long attempted to convince those involved in privacy and security that E2EE is an advanced security measure designed to protect your sensitive data, and *Privacy Guides* has stood by for far too long not setting the record straight.
-
-In this article, we are going to explore how these "protections" actually endanger you and pose critical threats to society at large. Threats that are so grave that numerous government agencies around the world insist that we immediately limit or eliminate E2EE entirely, before our world as we know it falls apart.
-
-*Privacy Guides* is acutely aware of these serious concerns, and believes privacy should always be a conditional right, used *responsibly*.
-
-## E2EE hampers *legitimate* government surveillance
-
-Every day, intelligence agencies carry out perfectly legitimate surveillance activities against both their own citizens and foreigners. There is no question that these agencies are crucial to the upkeep of our national security, and it is our moral obligation to assist them in these warrantless activities, whether we know it or not.
-
-When services like [Signal](https://www.privacyguides.org/en/real-time-communication/) or [Tuta](https://www.privacyguides.org/en/email/) keep all of their users messages locked in an impenetrable vault, how are they supposed to keep tabs on potential criminals using their services?
-
-The reality is that if the government is not allowed to read *every* message being sent, they might never encounter the *one* that actually warrants suspicion.
-
-It's true that end-to-end encryption also protects the lives of journalists, whistleblowers, and human-rights activists from those few governments which are *actually* oppressive, but these edge-cases should not be used as an excuse to hinder legitimate governments like in the US or the UK.
-
-## E2EE encourages crime
-
-With end-to-end encryption, criminals are granted a free pass for unlimited criminal activity. *Nobody* can read their messages besides them! Shocking, isn't it?
-
-If platforms simply removed all forms of encryption from their services, we could solve cybercrime, illegal drug dealing, dangerous hacking attempts, child exploitation, and terrorism overnight... right?
-
-There is plenty of historical precedent here. Platforms like Snapchat which *don't* utilize end-to-end encryption have bravely been [involved in noble arrests](https://www.bbc.com/news/world-europe-68099669), stopping criminals in their tracks before they had a chance to act.
-
-Users of these platforms who aren't criminals do benefit a bit from end-to-end encryption. It protects them from identity theft, surveillance, and data breaches every day. With any sort of trade-off like this, this is certainly a factor to consider. We believe it is very clear that giving up minor protections like this is a small price to pay to potentially intercept the next dangerous joke in a group text.
-
-## It prevents *helpful* backdoors
-
-Many tech companies have tried to [introduce backdoors into their end-to-end encrypted platforms](https://www.eff.org/deeplinks/2021/08/apples-plan-think-different-about-encryption-opens-backdoor-your-private-life), only to be lambasted by the legion of completely unreasonable "privacy advocates" out there. Our stance on privacy is far more principled, and we believe there is a middle-ground to be found in the laws of mathematics.
-
-The solution proposed by companies like Apple and agencies like the FBI is a sound one. They will protect your messages, *unless* they encounter something suspicious. At that point, keys to decrypt your data will be given **only to the good guys**, so that they can enforce the law.
-
-This approach makes a lot of sense. By carefully controlling access to these skeleton keys, it's trivial for companies to make sure they only fall into the right hands. The notion that they might be leaked, or that someone with enough resources could replicate that access, is so far into slippery slope territory that it borders on nonsense. Let's stick with what we know about the security capabilities of these companies today, instead of imagining ridiculous scenarios where they are breached.
-
-## It harms innovation
-
-Think about all the services you use online every day. The companies behind those services *rely* on collecting as much of your personal data as possible in order to constantly produce exciting new innovations. Without mass data collection, how would you get personalized ads for weeks about different new sneakers, because you bought that pair on Amazon yesterday? How else would companies emulate the real-life experience of constantly being hounded by a salesperson in a store selling you the exact thing you desperately need?
-
-E2EE prevents companies from truly knowing their users, stifling these massive advances in advanced user profiling!
-
-Big tech companies monetizing your personal data in ways that you don't need to understand nor consent to is what makes the internet such a magical place. If your private chats are protected with E2EE, companies won't be able to serve you the moment you even *think* about a new lawnmower. What do you think about that?
-
-## It's challenging for developers
-
-Another way E2EE slows down innovation even in the digital security realm is its complexity. Implementing robust cryptographic libraries and user-friendly key management systems is complicated, and software development is supposed to be a piece of cake.
-
-The problem of digital security has already been solved: simply store that information in a database and protect that database from anyone who isn't approved to see it. Protections beyond this tend to be complexity for the sake of complexity. If we did away with the countless developer hours wasted on protection nobody *really* needs, we'd have more time to add longer animations and innovative features like infinite scrolling to keep users happily using their apps for hours on end.
-
-## E2EE is a slippery slope!
-
-Constantly pushing E2EE sets up consumers with a wildly unreasonable expectation, that privacy should be the default. If people got comfortable communicating without tech companies and governments constantly peeking over their shoulder, it's impossible to imagine what they might start thinking next. Maybe they'd start to believe personal liberty is a right, instead of a *privilege*.
-
-End-to-end encryption is an insidious technology that has crept its way into some of the best instant messengers, [cloud storage providers](https://www.privacyguides.org/en/cloud/), and other apps. It stands in the way of law enforcement, government security agencies, data-collecting corporations, and anyone else who might need to peek into your personal life.
-
-It's time we took a stand against this technology and demand a true solution from our governments: **Sensible** regulations that allow for *partial* protections while keeping the option for these entities to decrypt it when necessary intact. The sense of security is all that truly matters to most people anyway.
-
-[Who needs *complete* privacy](https://www.privacyguides.org/en/basics/why-privacy-matters/) when you can have a half-baked version easily circumvented by the good guys? What is privacy in the first place, if not a convenient cover for wrongdoing? If we can't read all messages (just in case), how are we expected to keep society safe?
-
----
-
-This article was published on April Fools' Day. If you've made it to the end, and you haven't noticed how we buried the real benefits of end-to-end encryption in our hyperbolic worst-case scenarios, well... surprise! 😄
-
-Privacy Guides supports strong encryption as a cornerstone of digital security and personal freedom. End-to-end encryption ensures that **your** communications remain **yours**, which is a principle worth preserving.
-
-If the "dangers" of E2EE upset you, maybe it is time to reflect on how crucial privacy is to everyone: You, me, whistleblowers, activists, and everyday people who just want to live their lives. Happy April 1st, and stay secure out there!
-
-*Written by: Jonah Aragon*
diff --git a/content/blog/posts/the-fight-for-privacy-after-death.md b/content/blog/posts/the-fight-for-privacy-after-death.md
deleted file mode 100644
index f46080aea..000000000
--- a/content/blog/posts/the-fight-for-privacy-after-death.md
+++ /dev/null
@@ -1,94 +0,0 @@
----
-date:
-  created: 2025-09-16T18:00:00Z
-categories:
-  - Opinion
-authors:
-  - ptrmdn
-description: In 2020, London police failed to save two sisters in life, then violated their privacy in death. This is a call to arms for posthumous privacy rights.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/the-fight-for-privacy-after-death/cover.webp
----
-# Ghosts in the Machine: The Fight for Privacy After Death
-
-![](../assets/images/the-fight-for-privacy-after-death/cover.webp)
-
-<small aria-hidden="true">Photo: Panyawat Auitpol / Unsplash</small>
-
-In the early hours of 6 June 2020, Nicole Smallman and her sister Bibaa Henry had just finished celebrating Bibaa's birthday with friends in a park in London. Alone and in the dark, they were both [fatally and repeatedly stabbed](https://en.wikipedia.org/wiki/Murders_of_Bibaa_Henry_and_Nicole_Smallman) 36 times.<!-- more -->
-
-<div class="admonition note inline end" markdown>
-<p class="admonition-title">Guest Contributor</p>
-
-Please welcome Peter Marsden as a first-time guest contributor! Privacy Guides does not publish guest posts in exchange for compensation, and this tutorial was independently reviewed by our editorial team prior to publication.
-
-</div>
-
-But the police didn’t just fail them in life—they failed them in death too. PC Deniz Jaffer and PC Jamie Lewis, both of the Metropolitan Police, [took selfies](https://www.theguardian.com/uk-news/2021/dec/06/two-met-police-officers-jailed-photos-murdered-sisters-deniz-jaffer-jamie-lewis-nicole-smallman-bibaa-henry) with the dead bodies of the victims, posting them on a WhatsApp group. And no privacy laws prevented them from doing so.
-
-This horrific case is just one in the murky, often sinister realm of posthumous privacy. In the UK, Europe, and across the world, privacy protections for the dead are at best a rarity—and at worst, a deep moral and societal failing that we cannot and must not accept.
-
-Let’s take a step back. The case of the Smallmans starkly draws attention to the denial in death of guarantees to the living.
-
-<div class="admonition quote inline pullquote" markdown>
-<p class="admonition-title">This abrupt collapse in privacy rights leaves the deceased and their families <small>[...]</small> newly vulnerable, and at a time when they are already utterly broken.</p>
-</div>
-
-As a *Privacy Guides* reader, you are no doubt aware that the UK and Europe have firm privacy protections in *The General Data Protection Regulation* (GDPR) and Article 8 of the *European Convention on Human Rights* (ECHR).
-
-However, the picture elsewhere is less clear, with a challenging patchwork of laws and regional statutes being the only protection for those in the US and much of the rest of the world. And once you die? Almost universally, these protections [immediately cease](https://gdpr-info.eu/recitals/no-27/).
-
-Here the problem begins. <span class="pullquote-source">This abrupt collapse in privacy rights leaves the deceased and their families—like the Smallman family—newly vulnerable, and at a time when they are already utterly broken.</span>
-
-In the absence of law comes the pursuit of it, against a backdrop of flagrant privacy violations. What this pursuit means, in practical terms, is that two primary categories of posthumous privacy dominate legal debate: the medical, where the law has intervened tentatively, and the digital, where it simply hasn’t kept up.
-
-Medical protections are tentative because of piecemeal development. Typically involving legal workarounds, they offer rare precedent for what might happen to your digital ghosts now and in the future, with the only clear trend being a reluctance to protect.
-
-That said, the US is one country that has taken measures to protect the medical privacy of the dead. The *Health Insurance Portability and Accountability Act* (HIPAA) dictates that 50 years of protection must be given to your personally identifiable medical information after you die.
-
-Except there’s a catch. State laws also apply, and state laws differ. In Colorado, Louisiana, and many others, its efficacy is severely challenged by laws dictating the mandatory release of information regarded as public—including autopsy reports and even [your genetic information](http://dx.doi.org.ezp.lib.cam.ac.uk/10.1177/1073110516654124).
-
-In lieu of any protections, surviving relatives in Europe have found some success claiming that their own Article 8 rights—that ECHR right to privacy—have been violated through disclosures or inspections related to their deceased.
-
-In one case, Leyla Polat, an Austrian national, suffered the awful death of her son just two days after birth following a cerebral hemorrhage. The family refused a postmortem examination, wanting to bury their child in accordance with Muslim beliefs; but doctors insisted it take place, covertly removing his internal organs and filling the hollows with cotton wool.
-
-When this was discovered during the funeral rites, the boy had to be buried elsewhere, and without ceremony. After several court cases and appeals, The European Court of Human Rights [found](https://hudoc.echr.coe.int/rum#%7B%22itemid%22:%5B%22002-13361%22%5D%7D) that Leyla’s Article 8 and 9 rights had been violated.
-
-As an aside: Stalin’s grandson [tried the same Article 8 route](https://hudoc.echr.coe.int/eng#%7B%22itemid%22:%5B%22001-150568%22%5D%7D) in relation to reputational attacks on his grandfather, reflecting attempts to apply the workaround more widely.
-
-It’s not that there hasn’t been some progress. The fundamental problem is that protections—already sparse—are only as good as their material and geographic scopes, their interactions with other laws, and how they are interpreted in a court.
-
-Nowhere is this more apparent than in the case of the Smallman sisters. Judge Mark Lucraft KC [found](https://www.judiciary.uk/wp-content/uploads/2022/07/R-v-Jaffer-Lewis-sentencing-061221.pdf) that PCs Jaffer and Lewis, in taking selfies with the murdered victims, had:
-
-> *“…wholly disregarded the privacy of the two victims of horrific violence and their families for what can only have been some cheap thrill, kudos, a kick or some form of bragging right by taking images and then passing them to others.”*
-
-Yet this acknowledgement of privacy violation is precisely just that. The crime the officers committed was misconduct in public office; they were not convicted on the basis of privacy law. That sense of progress—that we might be beginning to recognize the importance of posthumous privacy—has all but gone out of the window.
-
-That does not leave your digital privacy in a good place. Whatever little protection you may be able to tease out for our medical privacy far, far exceeds the control you have over your virtual ghosts. And with AI just about everywhere, the prospects for your data after death are terrifying.
-
-<div class="admonition quote inline end pullquote" markdown>
-<p class="admonition-title">Account deleted or not, our ghosts will all be stuck in the machine.</p>
-</div>
-
-We’ve already established that data protections for the living—such as GDPR—expire at death. The simple reality is that dying places your data at the mercy of large technology corporations, and their dubious afterlife tools.
-
-Even if you trust such tools to dispose of or act on our data, there is a disconnect between demand and take-up. A [study of UK nationals](https://www.tandfonline.com/doi/full/10.1080/13600869.2025.2506164#abstract) found a majority that wanted their data deleted at death were unaware of the tools, with large tech companies unwilling to share any details on their uptake. Reassuring stuff.
-
-But the reality is, you shouldn’t. You’ll recall that [deletion doesn’t usually mean deletion](https://www.privacyguides.org/en/basics/account-deletion/), and after death even GDPR can’t force big tech to delete the data of those lucky enough to have benefited from it. <span class="pullquote-source">Account deleted or not, our ghosts will all be stuck in the machine.</span>
-
-Recent reports have acknowledged dire possibilities. Almost worldwide, you can [legally train AI models on the data of a deceased person](https://www.reuters.com/article/world/data-of-the-dead-virtual-immortality-exposes-holes-in-privacy-laws-idUSKBN21Z0NE/) and recreate them in digital form—all without their prior consent. Organizations exist purely to scour your social media profiles and activity for this exact purpose. Your ghost could be used to generate engagement against your will, disclosing what you tried to hide.
-
-You may ask: why should the law care? Why indeed, when it deems we [cannot be harmed](https://doi.org/10.1093/acprof:oso/9780199607860.003.0003) after death. To argue thus is to miss the point. **A lack of privacy after death harms the living, often in ways others cannot see.**
-
-The effect of [postmortem anxiety](https://www.tandfonline.com/doi/full/10.1080/17577632.2024.2438395#d1e120) is a real one that deeply troubles individuals wishing to keep a part of them hidden from public—or even family—view, whether it be it an [illicit affair](https://www.cardozoaelj.com/wp-content/uploads/2011/02/Edwards-Galleyed-FINAL.pdf) or whatever else. Revelation at the point of death can be just as harmful to those still alive.
-
-There is cause for optimism. Article 85 of the *French Data Protection Act* allows you to include [legally enforceable demands concerning your personal data](https://www.cnil.fr/fr/la-loi-informatique-et-libertes#article85) in your will. This is truly a landmark piece of legislation by the French that indicates what the global direction of travel should be, and what we should ultimately demand: protections for the dead, by the dead.
-
-But even more urgently, we must demand that governments across the world introduce even the most basic legal framework for postmortem privacy that protects you, your family, and community from egregious harm.
-
-The Smallmans deserved dignity, and so does everyone else in death. The law must catch up.
-
----
-
-*This article hasn’t even begun to scratch the surface of the complexity of postmortem privacy, and there are innumerable relevant cases and laws that simply wouldn’t fit. If the topic has caught your interest, and you’d like to dig in more, [this white paper](https://doi.org/10.1016/j.clsr.2022.105737) by Uta Kohl is a good starting point.*
diff --git a/content/blog/posts/the-future-of-privacy.md b/content/blog/posts/the-future-of-privacy.md
deleted file mode 100644
index 8d62021db..000000000
--- a/content/blog/posts/the-future-of-privacy.md
+++ /dev/null
@@ -1,150 +0,0 @@
----
-date:
-    created: 2025-02-03T19:00:00Z
-categories:
-    - News
-authors:
-    - em
-description: Privacy is intrinsically intertwined with politics. Each change in governance can have substantial effects on privacy rights and privacy tools. Using concrete examples, we examine how politics can impact the tools we use.
-schema_type: NewsArticle
-preview:
-  cover: blog/assets/images/the-future-of-privacy/cover.webp
----
-
-# The Future of Privacy: How Governments Shape Your Digital Life
-
-![Black and white photo of a street post at night. The street post has some ripped stickers on it and a stencilled graffiti saying Big Data is Watching You.](../assets/images/the-future-of-privacy/cover.webp)
-<small aria-hidden="true">Photo: ev / Unsplash</small>
-
-Data privacy is a vast subject that encompasses so much. Some might think it is a niche focus interesting only a few. But in reality, it is a wide-ranging field influenced by intricate relationships between politics, law, technology, and much more. Further, it affects **everyone** in one way or another, whether they care about it or not.<!-- more -->
-
-I routinely read articles discussing changes in politics on the advocacy side of data privacy. Then, I read articles talking about changes in regulations on the legal side of data privacy. And then, I see all the articles and guides presenting new tools and privacy features on the tech side of data privacy. Of course, all of this is linked together.
-
-Let's talk about how politics, law, and technological features are intertwined, all at once.
-
-## Privacy laws are always one election away from getting better, or worse
-
-Each change in government can have a serious effect on data privacy legislation. Privacy is a politically charged field. For example, authoritarian regimes might want to remove or weaken privacy rights to exert strict control over their population. While democratic governments generally bring more freedom and protections to its citizens, including privacy rights. It's important to keep in mind who in the past has bettered citizen rights and protections, and who has actively worked to undermine civil rights.
-
-Each time a new government takes power, its values will be put forward and influence legislation in place, or legislation not in place yet. While the Western world has benefited from some improvements in data privacy law for the past few years, we must consider these gains are fragile and protections could get removed or lessened at any time.
-
-Unfortunately, it seems there is currently a political push towards deregulation, mass surveillance, and a focus on corporate gains. This is **extremely worrisome for the future of privacy rights**, human rights, and individual liberties.
-
-Following politics and advocating for better privacy rights and legislation is essential in improving access to privacy tools and features around the world. Privacy is never politically neutral.
-
-## The tools you use might depend on government funding
-
-Many [privacy tools](https://www.privacyguides.org/en/tools/) we use depend at least partially on government funding or on other tools which depend on government funding. This is especially true for open-source nonprofit organizations needing some (usually) more stable income, in addition to donations.
-
-### Which privacy and security tools could be impacted
-
-One notable example of a privacy-related project receiving government funding is the [Tor Project](https://www.torproject.org/). If this source of funding [were cut off](https://www.eff.org/deeplinks/2025/01/executive-order-state-department-sideswipes-freedom-tools-threatens-censorship), the impact on Tor could be quite detrimental, not only to the Tor Project but to all projects relying on Tor as well. Many privacy-focus software are built around the [Tor network](https://en.wikipedia.org/wiki/Tor_(network)). To name only a few, whistleblowing software such as [Hush Line](https://hushline.app/) and [SecureDrop](https://securedrop.org/) both utilize the Tor network to harden privacy. [Briar](https://briarproject.org/), [Cwtch](https://cwtch.im/), and [SimpleX](https://simplex.chat/), are examples of messaging applications also using Tor to add a layer of security and privacy to communications. **Tor is critical infrastructure** in the world of data privacy.
-
-Another important project receiving government funding is [Let's Encrypt](https://letsencrypt.org/). Let's Encrypt is a nonprofit Certificate Authority providing [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) certificates to websites. It is run by the Internet Security Research Group (ISRG), which [receives funding](https://www.abetterinternet.org/sponsors/) from the Sovereign Tech Agency, [supported by](https://www.sovereign.tech/faq) the German Federal Ministry for Economic Affairs and Climate Action. The ISRG also receives funding from the [Open Technology Fund](https://www.opentech.fund/) (OTF), which receives the [majority](https://www.opentech.fund/about/about-our-funding/) of its funding from the United States government, through the U.S. Agency for Global Media.
-
-In current events, last month an [executive order](https://web.archive.org/web/20250131165539/https://new.nsf.gov/executive-orders) in the United States from the Trump administration led the National Science Foundation (NSF) to [freeze grant reviews](https://www.npr.org/sections/shots-health-news/2025/01/27/nx-s1-5276342/nsf-freezes-grant-review-trump-executive-orders-dei-science). This is currently impacting many important projects in the tech world, [including](https://www.linkedin.com/posts/sethmlarson_national-science-foundation-freezes-grant-activity-7290072485423656960-n2eJ/) the Python Software Foundation (PSF). **The repercussions of this freeze could be devastating for many open-source projects, in privacy and beyond.**
-
-### Government funding should support civil liberties and protections
-
-Governments funding nonprofit projects and organizations working on improving human rights, civil liberties, and technological security and safety is a good thing. This can bring an important source of stable income to nonprofit projects that could not stay afloat solely from donations.
-
-However, this dependency can become precarious when governments aren't working for the good of the people anymore, and when organizations rely too heavily on such support, making them vulnerable to change in power. Such a change of regime can have devastating repercussions on the privacy tools we use.
-
-## The GDPR gave you deletion features in your apps
-
-On the good side of regulatory influence, there are regulations like the [General Data Protection Regulation](https://gdpr-info.eu/) (GDPR). Saying the GDPR revolutionized the world of data privacy would not be an overstatement. While many privacy regulations pre-date the GDPR, in the Western world none had the scope nor the grit the GDPR has.
-
-### What is the GDPR
-
-The GDPR is a data privacy regulation that was adopted by the European Union (EU) in 2016 and became effective in May 2018. Its scope encompasses all the EU member states as well as all the countries part of the European Economic Area (EEA), which together count 30 countries to this day. The United Kingdom also uses an [amended version](https://www.gdpreu.org/differences-between-the-uk-and-eu-gdpr-regulations/) of the GDPR post-Brexit.
-
-However, the reach of the GDPR isn't limited to Europe. Every organization based *outside the EU* that is offering goods or services to, or is monitoring the behavior of, individuals located in the EU [must comply](https://commission.europa.eu/law/law-topic/data-protection/rules-business-and-organisations/application-regulation/who-does-data-protection-law-apply_en) as well. This means that **most organizations operating worldwide, regardless of where they are located in the world, must comply** with the GDPR.
-
-As is often the case with data privacy laws, it took a few years before [Data Subjects](https://www.gdprsummary.com/gdpr-definitions/data-subject/) (your legal designation under the GDPR) noticed any concrete changes. One change that has become prominent in the past few years, and is likely a direct product of the GDPR, is data deletion features within apps and accounts.
-
-### What does the GDPR have to do with data deletion features
-
-An important right granted by the GDPR to Data Subjects is the [Right to Erasure](https://gdpr-info.eu/art-17-gdpr/) (or the Right to be Forgotten). Other legislation such as the [California Consumer Privacy Act](https://www.oag.ca.gov/privacy/ccpa) (CCPA) calls for a similar right, the *Right to Delete*. This and similar rights have existed before, but through the GDPR and its enforcement it has affected technology in a much broader and impactful way.
-
-Slowly since 2018, applications requiring accounts have started to implement data deletion and account deletion features within the account itself. A probable reason for this is that due to the GDPR, and a now [growing number](https://iapp.org/resources/article/us-state-privacy-legislation-tracker/) of privacy regulations from various states in the United States, organizations are obligated to respond to Data Subject [requests](https://www.gdprsummary.com/data-subject-rights/) to get their personal data deleted. Managing this can be quite cumbersome for organizations. The burden of answering and implementing each data deletion request manually is often not worth the value of the data itself. Organizations with enough resources have simply added it as an internal product feature. This makes data deletion requests manageable by each Data Subject themselves (at least partially), freeing the organization from legally having to answer each individual request. When implemented properly, this is what we can call a win-win situation.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Request to delete</p>
-
-Unfortunately, not all applications have integrated automatic deletion features internally (yet). Additionally, some applications and accounts will allow you to delete information only partially this way.
-
-If you wish to exercise or have questions related to your Right to Erasure or Right to Delete, first consult your local privacy regulation to check if you have this right as a *Data Subject*, *Individual,* or *Consumer*. Then, you can contact the organization's *Privacy Officer* with your request. You can usually find information about an organization's designated *Privacy Officer* by reading its privacy policy or privacy notice. In any case, it never hurts to ask.
-
-</div>
-
-## Chat Control wants to break end-to-end encryption
-
-If you are not European, please bear with me. First, everyone outside of Europe should care about what is happening in Europe, regardless. But even if you don't care, you should know **this kind of mass surveillance proposition will inevitably leak west**, and if adopted will affect us all globally.
-
-### What is Chat Control
-
-In 2021, the EU [approved a derogation](https://www.patrick-breyer.de/en/chatcontrol-european-parliament-approves-mass-surveillance-of-private-communications/) to the [ePrivacy Directive](https://en.wikipedia.org/wiki/EPrivacy_Directive) to allow communication service providers to scan all exchanged messages to detect child sexual abuse material (CSAM). Although this first derogation was not mandatory, some policymakers kept pushing with new propositions.
-
-A year later, a [new regulation](https://edri.org/wp-content/uploads/2022/10/EDRi-Position-Paper-CSAR-short.pdf) (CSAR) was proposed by the European Commissioner for Home Affairs to make scanning messages for CSAM *mandatory* for all EU countries, and also allow them to **break end-to-end encryption**. In 2023, the UK passed a similar legislation called the [Online Safety Act](https://hackaday.com/2023/10/29/the-uk-online-safety-bill-becomes-law-what-does-it-mean/). These types of messaging mass scanning regulations have been called by critics *Chat Control*.
-
-### Why is Chat Control horrible for privacy, and for children
-
-Such legislation might sound like a noble cause at first, but consider this: Scanning all messages exchanged for any reason treats everyone like a criminal, no matter what. **This is not hunting criminals, this is mass surveillance.** Not only is this horrifying for privacy rights, but it also endangers democracy. Once a system to mass monitor all written communications is implemented to (supposedly) stop CSAM, new topics to detect, block, and report could be added anytime, and by any future governments. There is nothing that would prevent much less reasonable topics from being added to the list to be filtered out at a later date.
-
-Chat Control would hurt everyone, [including the children](https://digitalcommons.law.uw.edu/wlr/vol99/iss1/9/). Not only would mass scanning of all messages be [ineffective](https://volteuropa.org/news/chat-control-wont-protect-children) at reducing CSAM, but it would endanger the children even further by also scanning their communications. Because yes, children also communicate online. Parents also communicate sensitive information about their children online, with trusted family or doctors. All this data would get scanned and collected, only [one breach away](https://techcrunch.com/2025/01/28/powerschool-begins-notifying-students-and-teachers-after-massive-data-breach/) from being made public.
-
-*Protecting the children* is a pretext regularly used to implement abusive regulations undermining individual liberties and protections. Do not get fooled by this demagogic stratagem. **Chat Control is the opposite of protecting the children.**
-
-Chat Control would only lead to destroying the end-to-end encryption messaging features that are protecting us and the children so well already. Criminals exploiting children would simply move to underground channels, unbothered.
-
-### Who opposes Chat Control
-
-Thankfully, opposition from experts and advocates alike has been strong. To name only a few, Meredith Whittaker, president of the Signal Foundation which develops the messaging app [Signal](https://signal.org/), has taken [a clear stand](https://signal.org/blog/uk-online-safety-bill/) against Chat Control. The Electronic Frontier Foundation has also [firmly opposed](https://www.eff.org/deeplinks/2024/06/now-eu-council-should-finally-understand-no-one-wants-chat-control) Chat Control legislation. In the UK, the Open Rights Group has led [powerful campaigns](https://www.openrightsgroup.org/campaign/save-encryption/) to fight against the Online Safety Act. In Europe, privacy advocacy organization [noyb](https://noyb.eu/en/noyb-files-complaint-against-eu-commission-over-targeted-chat-control-ads) and former Member of the European Parliament Patrick Breyer have both been fervent defenders of privacy rights [raising relentless resistance](https://www.patrick-breyer.de/en/posts/messaging-and-chat-control/) to Chat Control.
-
-Harmful policies such as Chat Control are a direct example of how politics can affect laws that can cause **unimaginable damage** to the privacy-preserving technologies we use every day.
-
-## Age Verification wants to collect your sensitive data
-
-Another potent example of the *protecting-the-children stratagem* to undermine privacy rights is [Age Verification legislation](https://www.jonaharagon.com/posts/age-verification-is-incompatible-with-the-internet/). In the past few years, this idea of controlling which online content should be accessible to children has raised new proposals around the world.
-
-Age Verification policies generally start with the premise that some content should not be accessible to children online. Again, this could seem like a reasonable idea at first. Nobody would debate that children should be shielded from some type of content. Sadly, we have all witnessed how horrifying the internet can be at times. However, both the premise and methodology to achieve this goal are wrong.
-
-### Who will decide what content should be walled online?
-
-First, even putting aside the fact that there is plenty of disturbing content accessible *outside* the internet (newspapers, television, movies, radio, advertising, etc.), who would be [the deciders](https://www.eff.org/deeplinks/2025/01/impact-age-verification-measures-goes-beyond-porn-sites) of which specific content can be accessed by children or not? This can be extremely problematic, to say the least.
-
-There is no objective measure to decide on this, and what might be deemed appropriate by one might not be by another. More importantly in the context of our discussion, what one government might judge appropriate might be very different from the next or previous administration.
-
-This is again **a dangerous slippery slope opening the door wide to authoritarian policies**.
-
-### Age Verification undermines privacy and security
-
-Secondly, [how can age be verified online](https://www.woodhullfoundation.org/fact-checked/online-age-verification-is-not-the-same-as-flashing-your-id-at-a-liquor-store/)? Of course by collecting more data, on everyone. Age Verification policies don't affect only the children, they affect everyone who wants to access content online. If a website is deemed to display content that should not be accessed by children, the only way to enforce this rule would be to ask for some form of official identity verification from all adults who want to access it.
-
-Proponents of these regulations often refer to "age assurance processes" and suppose these processes to be undoubtedly secure. Anyone familiar with data security will understand how naive this approach is. I will not go into the details here, but you probably can already see how having each private website (or third-party processor) collect such sensitive information from each visitor is horrendous for privacy rights, and data security as well. Of course, these websites or third-party "age assurance processors" will unavoidably become a large treasure trove for thieves, and their sensitive data will be [inevitably leaked or stolen](https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/) sooner rather than later.
-
-Age Verification is one of the biggest privacy threats online. Continuing in this direction could ultimately lead to the end of pseudonymous browsing. Additionally, this could also mean the end of your official ID having any value at all. After all, what unique identification value does a piece of ID keep after it has been leaked in a thousand different data breaches? Maybe even one day bought on a [darknet market](https://en.wikipedia.org/wiki/Darknet_market) by a curious teenager in need of accessing some website...
-
-### Age Verification is already here, sadly
-
-Regrettably, this is not a hypothetical scare. Age Verification legislation has already passed in [Australia](https://www.thehindu.com/news/international/what-is-australias-online-safety-amendment-about-explained/article69026251.ece), in the [UK](https://www.ofcom.org.uk/online-safety/protecting-children/age-checks-to-protect-children-online/), as well as in [many U.S. states](https://action.freespeechcoalition.com/age-verification-resources/state-avs-laws/). It is also on the table federally in the [United States](https://www.eff.org/deeplinks/2024/10/eff-new-york-age-verification-threatens-everyones-speech-and-privacy), [Canada](https://www.eff.org/deeplinks/2024/09/canadas-leaders-must-reject-overbroad-age-verification-bill), [France](https://www.politico.eu/article/france-doubles-down-on-social-media-age-limit-at-15/), [Norway](https://www.euractiv.com/section/politics/news/norwegian-government-sets-15-year-age-limit-for-using-social-media/), and [Europe](https://digital-strategy.ec.europa.eu/en/funding/call-tenders-development-consultancy-and-support-age-verification-solution).
-
-There is some [tenacious opposition](https://www.eff.org/deeplinks/2024/12/global-age-verification-measures-2024-year-review) to Age Verification policies from digital rights and free speech advocates. Unfortunately, there is also a strong push in support of Age Verification from the rapidly growing "age assurance" and identity verification [industry](https://avpassociation.com/thought-leadership/2025-the-year-of-implementation-for-age-assurance/), and from many governments worldwide **moving towards a surveillance state**.
-
-Again, government values are deciding on digital features that impact our data privacy in disastrous ways. If you want to **take a stand against Age Verification**, you can join the [Stop Online ID Checks](https://www.stoponlineidchecks.org/) campaign from the nonprofit organization Fight for the Future.
-
-## The future of privacy
-
-There's a lot to be worrying about in today's privacy landscape. Unfortunately, recent political tendencies in the Western world make it difficult to stay optimistic. The trend toward authoritarian regimes and surveillance capitalism is bad news for the future of privacy around the globe.
-
-There is no question that privacy is intrinsically intertwined with politics, and can therefore never be politically neutral. The latest decisions taken by the new U.S. administration running full speed into deregulation and defunding, growing pressure in Europe to break end-to-end encryption in favor of a surveillance state, and invasive age verification policies to censor the web and collect even more data on every netizen is admittedly frightening.
-
-But one thing frightens me even more than all of this. One thing that could end privacy rights, forever. This threat to privacy is never far and always looming.
-
-This threat is giving up.
-
-Despite all the gloom menacing privacy rights, **privacy will never be dead as long as we stand up to defend it**. Governments might have the power to remove our privacy rights on paper and proclaim privacy features illegal. But the people have the power to keep pushing for better privacy rights and to keep developing even more robust and more accessible privacy tools.
-
-We must continue to advocate loudly for privacy rights and *all* human rights every chance we have. The fight for better privacy rights is only over when we give up.
-
-**Do not give up.**
diff --git a/content/blog/posts/the-privacy-of-others.md b/content/blog/posts/the-privacy-of-others.md
deleted file mode 100644
index 886aadbd8..000000000
--- a/content/blog/posts/the-privacy-of-others.md
+++ /dev/null
@@ -1,159 +0,0 @@
----
-date:
-    created: 2025-03-10T20:00:00Z
-categories:
-    - Explainers
-authors:
-    - em
-description: In privacy, we talk a lot about how to protect our own data, but what about our responsibility to protect the data of others? If you care about privacy rights, you must also care for the data of the people around you. Together, we must build a culture where everyone cares for the data of others.
-schema_type: NewsArticle
-preview:
-  cover: blog/assets/images/the-privacy-of-others/cover.webp
----
-# Privacy is Also Protecting the Data of Others
-
-![Illustration from a photo of two children standing in a grass field. The taller child holds a yellow umbrella protecting the smaller child.](../assets/images/the-privacy-of-others/cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: J W / Unsplash</small>
-
-In privacy, we talk a lot about how to protect our own data, but what about our responsibility to protect the data of others?
-
-If you care about privacy rights, you must also care for the data of the people around you. To make privacy work, we need to develop a culture that normalizes caring for everyone's data, not just our own. Privacy cannot solely be a personal responsibility, data privacy is team work.<!-- more -->
-
-Whatever measures and tools you use to protect your own data, you would never be able to protect it fully without the collaboration of others.
-
-In this context, the people around you might be your family or your friends, but also includes your boss, your doctor, your therapist, your school, your government, and any other person or organization that has control over some of your data.
-
-Conversely, you are also in control of other people's data.
-
-Even if you are not a boss, a doctor, or a therapist yourself, you probably have some photos of your friends, a list of contact information, and copies of sensitive conversations exchanged in private messages with your family. All of this data is under your guard too.
-
-Once you have control over someone else's data, **you become its guardian**.
-
-## Data protection is a communal responsibility
-
-Now to be clear, this isn't necessarily in relationship with the law, although it can be part of it. In this context, I am referring more to ethics. Do we have a moral obligation to care for and protect others to at least the same level we wish to be protected ourselves?
-
-As a connected society, we constantly exchange information with each other. This information is now mostly stored on digital mediums, and can be very easily duplicated and shared elsewhere. Actually, on a technical level, it's even *difficult* not to constantly involuntarily create duplicates of this data and send it elsewhere.
-
-This is why **we must increase our vigilance** about protecting the data of others.
-
-Considering the quantity of data that ends up in everyone's possession, data has become a communal responsibility.
-
-## We must develop a culture that normalizes data privacy
-
-Privacy is a human right, and a good starting point to protect any human right is legislation. Legislation is undeniably an aspect of data privacy that is in constant evolution, and we can hope that privacy laws will only get better over time. Well, let's not just hope, let's also work to make sure it does.
-
-That being said, **laws simply aren't enough**.
-
-To truly improve data privacy rights, we *must* integrate them into our *whole culture*. This might sound like an over-ambitious endeavor, but culture is flexible and evolves with people's needs.
-
-In the past few decades, our culture and customs have begun to shift *against* data privacy. Some of us are old enough to remember a time when everyone didn't have a camera in their pocket. At that time, it would have been considered unacceptable in most places to suddenly point a recording camera at a stranger in the street and start filming them without any explanation and without their consent.
-
-Now this kind of disrespectful behavior is a common occurrence, because everyone has the tool to do it. Our society evolved with technological tools, but **we neglected to course-correct our culture for it**.
-
-We have reached a point where we need to develop a culture of individual responsibility towards each other's data.
-
-This means caring not just for our own data, but **caring for everyone's data**, whether it's the data of our friends, our family, our employees, our patients, or even complete strangers in the streets, or online.
-
-This will take a lot of time and effort, but we owe it to the next generations to start now.
-
-## The principles we should consider in relation to privacy
-
-Our society already has adopted or improved many ethical principles in the past decades that are intimately linked to data privacy.
-
-Some of these principles and values have become much more prevalent in our culture recently, consent being one great example for this.
-
-**Consent** in privacy is incredibly important. What one person might feel comfortable sharing publicly might be completely different from another person, for example. Privacy cannot be established on a fixed basis without considering individuality and circumstances.
-
-Someone might be happy sharing their name on social media, and someone else might safeguard this information and only use pseudonyms. One person might feel safe sharing their home address online, yet another person could be killed for doing this.
-
-This is why *informed* and *explicit* individual consent (with true choices) should always be the center of such decisions, for any type of personal information.
-
-Other principles we must integrate in our culture of data privacy include **empathy** (my threat model isn't your threat model), **trust and respect** (secure this data properly if you must collect it), **safety** (consider someone could get severely harmed by a data breach), and **individual liberties** (sharing data must be a personal choice, even if there's no danger, it's still valid even if it's just a preference).
-
-Of course, these are only a few principles indispensable to build a culture of data privacy, but since most people are already familiar with these we'll start here.
-
-## How we can start building a better culture around data privacy
-
-So, what concrete actions can we take *right now* to improve our culture around data privacy? What can we do today at the individual level to start better protecting the data of others?
-
-Here are a few practices you can adopt in your daily life to improve the data of the people around you. However, I insist you not just demand others do this for you, but **do this for others too**. Re-shaping our culture needs to start with ourselves:
-
-### Ask for consent before sharing/posting photos
-
-Do not post photos of people online without their prior consent. Especially if there are children involved! Before sharing photos of others online, *always* ask for their consent first.
-
-### Be mindful when sharing photos of protests
-
-Be very careful when [taking pictures during a protest](https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/). There's a lot of nuance to this because it's also important to show protests and make them known (that's usually the goal!), but in some circumstances people might be put in danger if their faces are shown online associated with certain causes.
-
-Be mindful and make sure no one is singled out without consent in your pictures if you post them online. When possible, try to blur/block the faces of the people you couldn't ask for consent.
-
-### Blur license plates
-
-When taking photos in the streets and posting them online, be mindful to blur license plates. This might sound extreme but imagine a situation where someone is a victim of domestic violence and their abuser sees their car parked at a shelter, or at someone's place. This information could literally get someone killed. Always keep in mind different people have different [threat models](https://www.privacyguides.org/en/basics/threat-modeling/).
-
-### Safeguard contact information
-
-Never share the contact information of someone with someone else (or something else) without their prior explicit consent. This includes email addresses, phone numbers, legal names, locations, photos, and *especially* home addresses. This information in the wrong hands could literally get someone killed. **Always ask first!**
-
-Additionally, be vigilant when importing your contact list in a new application. This could get it shared further than you intended. Ideally, always keep your contact list in an end-to-end encrypted application only.
-
-### Be careful when sharing files from and with others
-
-If someone trusted you with a file (photo, music, video, PDF, text file, etc.), always ask for consent before sharing this file with someone else.
-
-Additionally, always keep this file only locally or stored in a secure end-to-end encrypted service. If this person gives you consent to share this file, ensure that metadata has been [removed](https://www.privacyguides.org/en/data-redaction/) from it. This person might not be aware of the metadata on this file.
-
-### Keep confidences secret
-
-If someone trusts you enough to share something personal with you, do not betray that trust by talking about it with someone else, and *especially* not on unencrypted services such as Gmail or Twitter's DM. In doing so, you would expose this secret to even more unintended recipients. Respect people's trust in you. Do not share confidences.
-
-### Safeguard and delete private messages on social media
-
-If you have private conversations on social media, be mindful not to spread this information elsewhere. If you delete your account, be mindful to also [delete](https://docs.cyd.social/docs/x/delete#delete-my-direct-messages) the information of others you have stored in your private messages. If someone wants to share sensitive information with you, always invite them to move to an end-to-end encrypted [messaging service](https://www.privacyguides.org/en/real-time-communication/) instead.
-
-### Safeguard and delete intimate pictures you received
-
-If someone trust you enough to send you intimate photos of themselves, take this responsibility *extremely* seriously. If they use an end-to-end encrypted service, do not move the photos out of there. If you do, you could inadvertently upload them to an unencrypted service and compromise the security of these pictures.
-
-If your relationship with this person ends, you *should* delete all intimate pictures you have received. This is extremely important for their safety, and also possibly for *yours*. Things could get very problematic legally if your copies were to get accidentally leaked or stolen. No matter how difficult this might be emotionally, do the right thing and delete these pictures fully.
-
-If you are still unconvinced about this one, maybe have a look at Ted Lasso season 3, [episode 8](https://screenrant.com/ted-lasso-season-3-episode-8-keeley-story-response/) which has a great story demonstrating the dangers related to this.
-
-### Avoid taking screenshot of people's posts
-
-Each time you take a screenshot of someone's post to repost it somewhere else, you are effectively removing this person's ability to delete their content later. This is horrible for privacy *and* for consent. Instead, use links to other people's posts. That way, if they decide later to delete their content, the link will simply not work anymore, but their right to deletion will remain intact.
-
-### Notify guests if you are using a smart speaker
-
-If you are using a smart speaker device in your home such as Amazon's Echo (Alexa), Apple's HomePod (Siri), Google's Nest, inform your guests about it when they enter your home. These devices have the [capacity](https://www.makeuseof.com/tag/alexa-amazon-echo-privacy-risk/) to record all conversations, and there has already been instances of accidental privacy invasion [reported](https://www.cnet.com/home/smart-home/alexa-sent-private-audio-to-a-random-contact-portland-family-says/) about this. Even if you don't mind yourself, offer your guests to *unplug* your smart speaker while they are visiting you. The same is valid for any voice assistant on your phone.
-
-### Do not use Windows Recall (or anything similar)
-
-If you are a Microsoft user, make sure to [*disable*](https://www.ytechb.com/how-to-uninstall-microsoft-recall-in-windows-11/) Windows Recall from your computer. If it's enabled, this application will [continuously](https://www.theverge.com/2024/6/3/24170305/microsoft-windows-recall-ai-screenshots-security-privacy-issues) take screenshots of your computer, including the faces of anyone video-chatting with you on Signal, the email content of anyone contacting your through Tuta Mail, the secrets of anyone chatting with you on Matrix. Windows Recall completely defeats the protections of anyone using end-to-end encryption to contact you. This is a huge breach of trust! If you somehow use this feature, at least be mindful to disable it each time you communicate with others.
-
-### Don't use Meta's Ray-Ban "AI" glasses!
-
-Don't use "smart" glasses recording people.
-
-Just don't.
-
-Ever.
-
-This is *extremely* creepy.
-
-Never buy nor use this.
-
-If you encounter someone in the street wearing this, run away.
-
-## This is only a start, but together we can do this
-
-Improving our culture around data privacy will take time and effort, but we have to start now. The best place to start is with yourself.
-
-Remember:
-
-"Be the change you wish to see in the world."
-
-**Be the data protector you wish to see in the world.**
diff --git a/content/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md b/content/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md
deleted file mode 100644
index fdf8cada5..000000000
--- a/content/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md
+++ /dev/null
@@ -1,101 +0,0 @@
----
-date:
-    created: 2019-11-20T19:00:00Z
-categories:
-    - News
-authors:
-    - jonah
-links:
-    - Choosing a VPN: https://www.jonaharagon.com/posts/choosing-a-vpn/
-    - Understanding VPNs: https://www.jonaharagon.com/posts/understanding-vpns/
-    - VPN Recommendations: https://www.privacyguides.org/vpn/
-tags:
-    - VPN
-license: BY-SA
-description: There’s a massive problem in the privacy world. Many shady companies are disguising advertisements as genuine reviews, to the detriment of real news sources like Privacy Guides and to potential buyers of these services.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp
----
-# The Trouble With VPN and Privacy Review Sites
-
-!["Unbiased Reviews" cover image](../assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash</small>
-
-There’s a massive problem in the privacy world. Websites, social media accounts, and other platforms are constantly popping up out of nowhere, telling you to buy *The Greatest Service Ever* in order to solve all your privacy woes, whatever that may be. These websites often employ marketing teams to make sure their “reviews” are what you see first when you begin your research. Some of them are even operated by VPN providers themselves, operating under anonymous business entities to hide their bias, or doing it right out in the open, hoping you’ll mistake their advertising-filled press releases and blogs as insider knowledge of the VPN space.<!-- more -->
-
-When a seemingly “unbiased review” on a site is merely a paid advertisement in disguise, that website is breaking their reader’s trust. From a consumer’s point of view, affiliate marketing and other paid promotional techniques like this make it near impossible to know when a review is genuine or not.
-
-This isn’t going to be a lengthy blog post on advertising being bad, far from it. In fact, many of the VPN providers we recommend on *Privacy Guides* engage in responsible advertising across various platforms. The key is transparency: Their advertisements should *look like advertisements*, and nothing else.
-
-I’m really looking to take the time here and identify “the bad” sites and resources that use these techniques to profit off a community just looking for reliable answers. Lots of sites like these will claim they’re acting in your best interest, but they’re just here to make money.
-
-One common thing I’ll see on these sites is a ranked list of providers that are ostensibly the best ones to choose from. These sites have supposedly done all the work for you, so you can just click and go, assured you’re making the right choices.
-
-So here’s my issue with ranking VPN providers: Let’s face it, VPN providers are all offering the same service, and they will either protect your information or they won’t. Ranking providers like this only serves as an easy way to guide users to a certain choice (in this case, the choice that will make the reviewers the most money).
-
-Let’s look at one of these “review” sites for example, which will go unnamed for the purposes of this article. On their homepage they prominently list 10 providers as the “best” VPN services, in this order:
-
-1. NordVPN
-2. Surfshark
-3. ExpressVPN
-4. PerfectPrivacy
-5. IPVanish
-6. Mullvad
-7. CyberGhost
-8. Trust.Zone
-9. ibVPN
-10. Private Internet Access
-
-To their credit, this review site also helpfully included an advertising disclosure in their footer. On this fairly well hidden away page, they note that they participate in affiliate programs from 8 providers, as follows:
-
-- NordVPN
-- SurfShark
-- ExpressVPN
-- Perfect-Privacy
-- IPVanish
-- CyberGhost
-- Trust.Zone
-- Private Internet Access
-
-*Hmm*. Look familiar? Of the 73 providers this site had reviewed at the time of writing this article, **all eight** of the VPN providers paying this review site happened to make their top 10 recommendations. In fact, you’d have to scroll down to #6 before you found a provider that wouldn’t pay them, practically buried.
-
-Furthermore, their list includes NordVPN, a company [notable for not disclosing security breaches](https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/) in a timely fashion, and ExpressVPN, a provider [notable for using weak 1024-bit encryption keys](https://www.goldenfrog.com/blog/some-providers-use-weak-1024-bit-keys-vyprvpn-explains-why-its-strong-keys-matter) to protect their users. By any objective standard, these providers do not deserve to be included in a top 10 recommendations list for securing anybody’s information. This review site in particular claims to have set criteria for their recommendations, but this just demonstrates that any criteria can be adjusted to fit any goal you may have.
-
-If these sites truly wanted to be helpful, they would consolidate all the relevant information and present it to their users without making the choice for them. A provider is going to be better or worse for every user depending on their particular situation, and encouraging making an informed choice between options presented equally is far more beneficial to putting one over the other in a largely arbitrary fashion.
-
-But that isn’t to say they should just throw all the providers in a big table and call it a day. Almost worse than the ranking scheme above is when sites provide out of context lists of providers, often just with pricing and a link. Sometimes they will link you to a full review (more on that in a bit), but for the most part these sites just expect you to follow their recommendations blindly.
-
-![Image of a review site with mostly affiliated recommendations](../assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp "Affiliate links and discounts galore! This is a different site than before, but look at the familiar faces we’re seeing…")
-
-These read like advertisements, because they usually are. Once again we see the usual suspects — NordVPN, ExpressVPN… — paraded as the gold standard in the VPN space, not out of any inherent value, but based on the value of their affiliate programs. To further this point, let’s take a look at how much each of the five providers above will pay you for a referral (on a one-month plan).
-
-1. ExpressVPN: $13 for first month
-2. NordVPN: $11.95 for first month
-3. VPNArea: $4.95 for first month
-4. VPN.ac: $2.90 for first month
-
-*Unfortunately, Perfect Privacy would not share their commission rates publicly, but if anyone has any information on that I’d be happy to receive it. What I will say is that based on the information above, I would not be surprised if it fell right between ExpressVPN and NordVPN’s rates. Their one-month plan costs $12.99, so assuming a 100% match on the first month (the standard from NordVPN and ExpressVPN) that would add up quite nicely.*
-
-Once again, we see a lineup of providers ordered in a way that *conveniently* pays the most to the website owner. And therein lies the issue with affiliate programs. Once you begin receiving financial compensation *on a per-signup basis*, you are now motivated to push the most users to the sites that pay more on a monthly basis, rather than the sites that will actually help the user.
-
-Occasionally, these recommendations are coupled with a “review” that is supposedly independent and unbiased, but in reality are simply more marketing tools to persuade you towards their opinions. In most cases, these reviewers will simply copy the VPN provider’s own press releases and even media, presenting their advertising as fact to their readers. These reviews are always hidden away as well, with main navigation links directing users towards the more affiliate-link-laden lists and tables that they’d much rather you browse. The true value of these review articles is the [Search Engine Optimization (SEO) advantage they bring](https://www.pcmag.com/news/367640/how-a-vpn-review-site-dominated-google-search-with-a-scam) in the rankings on Google, and not much more. More traffic = More clicks, at the expense of good, independent content and integrity.
-
-*Originally, this article contained a section about how ‘ThatOnePrivacySite’ was the last bastion of a hope in the VPN review world. However, that has since sold out to ‘Safety Detectives’, a site guilty of using all the affiliate tricks mentioned above. Goes to show, eh?*
-
-At [Privacy Guides](https://privacyguides.org/), we’ve developed a set list of criteria, and we make that abundantly clear when you read our list of [recommended VPN providers](https://privacyguides.org/vpn/). We also refrain from using affiliate links. As we’ve discussed, they are fundamentally flawed ways to market a service, and using them would break the trust our community has in our recommendations.
-
-We do have a sponsorship program, but all of our finances are handled in an incredibly transparent fashion. As a non-profit organization, the funding we receive cannot be used for private profit, and our community can see both where we receive money from and how it is being spent thanks to [Open Collective.](https://opencollective.com/privacyguides)  Additionally, the recommendations on our site are handled by an entirely separate team of editors and contributors than the administrative team such as myself that handles the sponsorships and finances. The editors have sole control over our recommendations and operate entirely independently and on a volunteer-basis to ensure the choices we make are for the benefit of the privacy community over one individual.
-
-Ultimately, as a matter of policy our sponsors have no say over our recommendations, or whether they are recommended or a competitor is removed. We have given our community vast access to our website and internal workings to keep us in check and ensure we’re staying true to our word. This separation of management and editors is a strategy that has served the media industry well for decades, and makes all of our team and organization a more credible and trustworthy source of information.
-
-## Summary
-
-We have a lot of points we want to get across. The current landscape of privacy reviewers and “experts” weighing in on topics regarding the very companies that pay for their reviews is morally reprehensible, and just another way for big tech companies to collect all of our data more easily.
-
-Review sites should make it abundantly clear when their reviews are paid for by the VPN companies in any fashion, whether that be via affiliate programs or good old-fashioned sponsorships. This can’t be via a hidden-away disclosure in the footer or not published at all, but *clear* and *close in proximity* to the claims published on their site. **Customers are not expecting or seeking out these disclosures** when they visit review sites, and can’t be expected to immediately discern whether you’re speaking from a place of unbiased fact, or from a place with the greatest financial incentive. Better yet, they should reconsider their entire business model. Our site is based solely on a community donation model that still keeps us sustained. It’s the more difficult way to build a site to be sure, actually working to gain the trust of a huge community, but the difference in quality and integrity is remarkable.
-
-VPN providers should consider spending less money on paid reviews, and more money on securing and validating their infrastructure. Regular security audits are one fantastic way for companies to demonstrate their dedication to keeping their users secure. We strongly believe VPN services should consider our criteria, especially in regard to the ownership of their organization. Your VPN provider should not be hiding away in Panama controlled by anonymous leadership. While you *as a user* deserve privacy, transparency should be *required* of providers if you are expected to trust them. I would not give my money to some anonymous overseas investor, why would I give all of my internet traffic to some anonymous overseas administrator?
-
-Finally, when you’re choosing a VPN provider, do your own research.  [Understand what a VPN actually does for you](https://www.jonaharagon.com/posts/understanding-vpns/).  [Understand what it is a security audit proves](https://www.pcmag.com/article/371839/what-does-a-vpn-security-audit-really-prove), find out who owns and operates the VPN service you want to use, and make sure their policies and technologies reflect your values.  [Ultimately gathering the information yourself](https://www.jonaharagon.com/posts/choosing-a-vpn/) and making an informed decision is the only way to make sure your privacy is being respected.
diff --git a/content/blog/posts/threads-launch-twitter.md b/content/blog/posts/threads-launch-twitter.md
deleted file mode 100644
index 3ec11b7d8..000000000
--- a/content/blog/posts/threads-launch-twitter.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-date:
-    created: 2023-07-21T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - freddy
-links:
-    - posts/move-fast-and-break-things.md
-    - posts/virtual-insanity.md
-tags:
-    - Twitter
-    - Facebook
-license: BY-SA
-description: The man behind Facebook has somehow managed to make the Twitter experience worse.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/threads-launch-twitter/cover.webp
----
-# Threads Is the Perfect Twitter Alternative, Just Not for You
-
-!["Threads Cover Image" cover image](../assets/images/threads-launch-twitter/cover.webp)
-
-Silicon Valley could well be built on the principle of scrapping principles. Now Elon Musk, perhaps the ultimate tech bro, is shredding another well-regarded convention with an *original business strategy*.<!-- more -->
-
-Generally, in business, it is sensible to provide your customers with what they want. With Twitter, the meme-makers' favorite billionaire is doing the opposite. The cyber-trucker is trying his best to [cull](https://jottings.lol/2022/12/bravo-elon) his customer base. Instead of finding gaps in the market, Musk is helping to create them. Ever the [copycat](https://blog.privacyguides.org/2022/04/04/move-fast-and-break-things/), Mark Zuckerberg wants to give these innovative tactics a try. Enter the-company formerly-known-as-Facebook's rival to the birdsite: Threads.
-
-The Zuck is, by all accounts, good at making social media platforms. This doesn't mean the platforms themselves are good - they [aren't](https://blog.privacyguides.org/2021/11/01/virtual-insanity/). But they are unarguably successful: Instagram and WhatsApp have comfortably over a billion users, Facebook has nearly three. If only half of these users adopt the new platform, it would instantly eclipse Twitter. As it happens, Threads allows you to import all your followers from Instagram. Of all the Twitter alternatives, Zuckerberg's looks like the most promising.
-
-Here, however, the promise ends.
-
-The man behind Facebook has somehow managed to make the Twitter experience worse. Following people, a key part of the social media mogul's earlier ventures, is meaningless on Threads. You are beholden to its algorithm and who it reckons you will interact with. (Want to see what your mates are posting about? Tough, [here's](https://jogblog.substack.com/p/facebooks-threads-is-so-depressing) an 'Epic Meme from the official Salesforce account.') Your timeline isn't chronological either.
-
-And this is where it gets clever. Say you tire of blue-tick brands shitposting, and want to delete your account? Hard luck. Like an ill-advised tattoo, Threads accounts are effectively permanent. If you delete your Threads account, your Instagram account goes too. You're locked in this shiny pit of brand based flimflam, and your Instagram account is hostage.
-
-Threads is what would happen if Twitter and Instagram made out in a bowling alley. It's all their worst parts combined - but it may well succeed. Rocket-man Musk's changes to Twitter have not exactly made it 'brand friendly'. Threads, meanwhile, is shaping up to be a paradise for in-your-face brands - and the AdTech industry would love for you to join them. As Chris Black [put it](https://www.gq.com/story/pulling-weeds-chris-black-twitter-is-better-than-ever), Threads is just 'another marketing channel masquerading as a community.' When the site inevitably introduces ads, the scared Twitter advertisers will flock. A *TechCrunch* headline [ran](https://techcrunch.com/2023/07/06/you-cant-post-ass-threads-is-doomed-meta-instagram-twitter/) 'You can’t post ass, Threads is doomed'. It should have run: 'You can't post ass, Threads will boom'.
-
-Despite cut-and-pasting a dying social media site, the Zuck won't be worried. If anyone knows how to transform bland technology into profit it's him. Aside from providing a platform for asinine hot-takes, Threads' main purpose is to hoover up and auction off data. Unlike Twitter, Meta's microblogging venture has strict moderation. When advertisers bore of Musk's manic antics you know where they'll go.
-
-Threads' naffness won't stop its success. It's data-scraping fluffily dressed up as substandard corporate twaddle. It's a cringe-inducing privacy invasion. It's not meant for users, but that doesn't really matter: you're not a user, you're a product.
diff --git a/content/blog/posts/tor-security-slider-flaw.md b/content/blog/posts/tor-security-slider-flaw.md
deleted file mode 100644
index 5a7875d30..000000000
--- a/content/blog/posts/tor-security-slider-flaw.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-date:
-    created: 2025-05-02T11:20:00Z
-    updated: 2025-05-03T15:00:00Z
-categories:
-    - News
-authors:
-    - jonah
-tags:
-    - PSA
-    - Tor
-description: |
-  PSA: The security level slider in Tor Browser (and Mullvad Browser) does not fully apply until restarting the browser. This presents a high risk to people who switch from Standard to Safer security during a browsing session in order to protect themselves from browser exploits.
-schema_type: ReportageNewsArticle
-preview:
-  cover: blog/assets/images/tor-security-slider-flaw/cover.png
----
-# A Flaw With the Security Level Slider in Tor Browser
-
-![Illustration showing Tor's security level options with question marks next to the selected Safer level](../assets/images/tor-security-slider-flaw/cover.png)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-[Tor Browser](https://www.privacyguides.org/en/tor/#tor-browser) and [Mullvad Browser](https://www.privacyguides.org/en/desktop-browsers/#mullvad-browser) users should be aware of a flaw with the Security Level slider: Not all protections advertised by the browser are properly engaged until the browser is fully restarted.<!-- more -->
-
-This flaw was anonymously reported to *Privacy Guides* by a member of our [community](https://discuss.privacyguides.net/), and I confirmed it via the latest Tor Browser 14.5.1 on macOS. Additionally, I confirmed this behavior in Mullvad Browser 14.5.1 on macOS.
-
-~~I was unable to find any documentation or open GitLab issues with Tor regarding the need to take additional steps before security settings are fully applied, and~~ Tor Browser documentation does not note that a restart is required, nor does it prompt users to restart the browser after security changes are made. (update: see below)
-
-This presents a high risk to people who switch from Standard to Safer security during a browsing session with the goal to protect themselves from browser exploits.
-
-## Demonstration
-
-The effect can be easily demonstrated in your own Tor Browser install by running a JavaScript benchmark such as [JetStream 2.2](https://browserbench.org/JetStream/). These benchmarks rely on a technology called Just-in-Time (JIT) compilation to improve performance, but JIT is linked to numerous security vulnerabilities in modern web browsers. The "Safer" security level normally disables JIT entirely to prevent these issues, however, you can see virtually no performance impact when switching to the Safer security level in Tor Browser and running the benchmark again:
-
-<figure markdown="span">
-  ![JetStream2 benchmark results with a score of 196 and the shield indicator in the browser's toolbar indicating that Standard security level is set](../assets/images/tor-security-slider-flaw/standard-level-jetstream2.png)
-  <figcaption>JetStream 2.2 benchmark results in <strong>Standard</strong> mode</figcaption>
-</figure>
-
-<figure markdown="span">
-  ![JetStream2 benchmark results with a score of 191 and the shield indicator in the browser's toolbar indicating that Safer security level is set](../assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png)
-  <figcaption>JetStream 2.2 benchmark results in <strong>Safer</strong> mode, <em>without</em> restarting Tor Browser</figcaption>
-</figure>
-
-While the performance is virtually identical between these two runs, *after* restarting Tor Browser and re-running the test, we see drastically lower performance results, in line with what we would expect with JIT properly disabled:
-
-<figure markdown="span">
-  ![JetStream2 benchmark results with a score of 33 and the shield indicator in the browser's toolbar indicating that Safer security level is set](../assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png)
-  <figcaption>JetStream 2.2 benchmark results in <strong>Safer</strong> mode, <em>after</em> restarting Tor Browser</figcaption>
-</figure>
-
-As you can see, there is no visible indicator that anything is different between the last two runs, and there was no prompt to restart the browser after changing these settings. However, this clearly indicates that JavaScript technologies that are meant to be disabled in Safer mode can still be accessed by websites until the browser is restarted, potentially opening you up to browser exploits if you are unaware of the additional steps required to secure yourself.
-
-## Safest Mode
-
-We have not tested or verified the full extent of security features which require a browser restart. We tested whether JIT remained enabled after switching to Safer mode because it was the easiest feature to test. Safest mode disables JavaScript entirely, so the demonstration above will not demonstrate this problem exists when switching to Safest mode.
-
-However, it is possible that there are *other* features normally disabled by Safest mode which remain enabled until you restart your browser. Out of an abundance of caution, we recommend always restarting your browser after changing this setting, regardless of whether you are switching to Safer or Safest mode.
-
-## Conclusion
-
-The Tor Project advertises the security slider as a way to conveniently adjust the protections that the Tor Browser provides, but does not note additional steps necessary to ensure those settings actually go into effect.
-
-This is our public service announcement to make sure you **always completely restart Tor Browser after adjusting your security settings.** Relying on these indicators can create a false sense of security and potentially expose users relying on this security level slider to greater risk than they expect based on Tor Browser's UI and documentation.
-
-Hopefully, Tor Browser will prompt or force their users to restart the browser after adjusting these settings in a future update.
-
----
-
-**Update (5/3):** A few hours following the publication of this article, the Tor Project emailed us the following statement:
-
-> The Tor Project is aware of this issue, and it is being tracked and actively
-> addressed. Those interested can follow the discussion and progress here:
-> <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42572>. In
-> addition to a restart prompt, we’re also exploring broader improvements to the
-> security level system, including aligning it more closely with Tor Browser's
-> updated threat model\[1] and possibly delegating even more of its back-end
-> to NoScript for additional flexibility. These improvements may be part of the
-> upcoming 15.0 release cycle.
->
-> \[1]: <https://gitlab.torproject.org/tpo/applications/wiki/-/wikis/>
diff --git a/content/blog/posts/toward-a-passwordless-future.md b/content/blog/posts/toward-a-passwordless-future.md
deleted file mode 100644
index 1b7f73360..000000000
--- a/content/blog/posts/toward-a-passwordless-future.md
+++ /dev/null
@@ -1,249 +0,0 @@
----
-date:
-    created: 2025-03-08T11:00:00Z
-categories:
-    - Explainers
-authors:
-    - fria
-tags:
-    - Passkeys
-    - Passwords
-license: BY-SA
-preview:
-  cover: blog/assets/images/toward-a-passwordless-future/cover.webp
----
-# Toward a Passwordless Future
-
-![Article cover showing a rusted, broken lock on a door latch](../assets/images/toward-a-passwordless-future/cover.webp)
-
-<small aria-hidden="true">Illustration: Jordan / Privacy Guides | Photo: Gowtham AGM / Unsplash</small>
-
-Passwords are annoying, vulnerable to attack, and prone to human error. The multitude of issues with passwords has cost [millions](https://www.ibm.com/downloads/documents/us-en/107a02e94948f4ec) of dollars and forced terrible band-aid solutions in how we handle signing up for, logging in to, and securing online accounts. I'd like to break down some of these design paradigms that have entrenched themselves in our lives and how passkeys can lead to more secure and private online accounts.<!-- more -->
-
-## How did we get here?
-
-### Ancient Rome
-
-Passwords are a surprisingly old concept, dating all the way back to ancient Rome. The ancient Roman historian Polybius in his *[Histories](http://www.perseus.tufts.edu/hopper/text?doc=Perseus%3Atext%3A1999.01.0234%3Abook%3D6%3Achapter%3D34)* describes how the Roman military would pass around a wooden tablet, or *tessera*, inscribed with a "watchword" that would allow them to identify each other as friendly.
-
-### Prohibition
-
-During Prohibition in the 1920s US, speakeasies, or private, unlicensed bars selling illegal alcohol, would require a spoken [password](https://prohibition.themobmuseum.org/the-history/the-prohibition-underworld/the-speakeasies-of-the-1920s/) to gain entry. The name comes from how quietly you had to say the password, so law enforcement didn't overhear.
-
-### World War II
-
-The US military later used [countersigns](https://en.wikipedia.org/wiki/Countersign_(military)#cite_note-2), consisting of a challenge and a password to identify allies. On D-Day, they used the challenge "flash" and the password "thunder." Thunder was used specifically because it was difficult for Germans to pronounce, since the English "th" sound doesn't exist in German. This is an example of a shibboleth, or a way of distinguishing groups of people based on cultural differences.
-
-### 1960's
-
-It wasn't long after the dawn of the electronic computer that a solution for authentication was needed. Computers in the 1950s were expensive and slow, only able to handle one problem at a time.
-
-MIT's Compatible Time Sharing System (CTSS), pioneered by Fernando Corbató, aimed to solve this problem by allowing multiple users to do work at the same time, but they needed a way to authenticate specific users. "Putting a password on for each individual user as a lock seemed like a very straightforward solution" Corbató told Wired in an [interview](https://www.wired.com/2012/01/computer-password/).
-
-These passwords weren't designed to be very secure. Fred Schneider, a computer science professor at Cornell University, said in the same Wired article "nobody wanted to devote many machine resources to this authentication stuff."
-
-![Fernando Corbató standing next to the CTSS](../assets/images/toward-a-passwordless-future/ctss.webp)
-
-<small aria-hidden="true">Fernando Corbató with the CTSS | Photo: <a href="https://www.computerhistory.org/timeline/1961/">Computer History Museum</a></small>
-
-### First Password Breach
-
-The first password breach occurred not long after in 1962, detailed in a [pamphlet](https://www.multicians.org/thvv/compatible-time-sharing-system.pdf) written to commemorate the CTSS.
-
-Allan Scherr, a Ph.D. researcher at MIT, wanted more time for his detailed simulations. He knew that the passwords were stored in a plaintext file, so he requested it to be printed offline and that was that: he now had everyone's password and all the time he could ask for.
-
-A later incident in 1966 saw all users' passwords being printed at login due to the administrator accidentally swapping the master password file and the message of the day.
-
-### Early Attempts at Securing Passwords
-
-Clearly there was work to be done on securely storing passwords. A [paper](https://rist.tech.cornell.edu/6431papers/MorrisThompson1979.pdf) from 1979 by Robert Morris and Ken Thompson of Bell Laboratories outlines some requirements to bolster the security of passwords on a UNIX system.
-
-#### Hashing
-
-One of which is the need for passwords to not be stored in plaintext on the system, instead recommending storing a hash.
-
-A hash is a one-way function: you give a certain input, and it spits out data that can't be easily reversed back to the input, even knowing the algorithm that was used. But, given the same input, you'll get the same output, allowing you to compare an inputted user password to a stored one.
-
-In order to make it hard to brute force, the hashing algorithm should be fairly slow.
-
-#### Password Requirements
-
-They recommend certain requirements on the password entry program such as the classic 6-character minimum password length to prevent easily guessable passwords.
-
-#### Salting
-
-Password salting, a technique wherein a random string of characters is added to the end of the user's password before hashing, gets a mention as well. This prevents an attacker from simply pre-computing many password hashes ahead of time, and also prevents an attacker from knowing if the same password has been used on multiple systems just from comparing the hashes.
-
-These guidelines would remain mostly unchanged for decades, save for improved hashing and salting algorithms.
-
-## Unforeseen Consequences
-
-What was originally a system designed for a few people sharing a computer in an academic and research setting has somehow remained almost unchanged decades later.
-
-### Password Overload
-
-Instead of remembering a single password for your computer, you now have potentially hundreds of passwords for various online accounts. A recent [survey](https://nordpass.com/blog/how-many-passwords-does-average-person-have/) by NordPass estimates that the average person has around 168 personal accounts, with a nearly 70% increase in just the last three years since the survey was taken. This is an untenable number of passwords for a human to remember, so we don't.
-
-### Email Requirement
-
-With the ever-present threat of users forgetting their passwords and therefore losing access to their account irrevocably, there needed to be a way to recover the account.
-
-By the end of the dotcom bubble, email was fairly ubiquitous, so it made sense as a fallback way of authenticating. This had the added benefit of giving companies a way of contacting (read: spamming with ads) their customers.
-
-While it's hard to say when it started happening, major websites like eBay were requiring email addresses on signup as far back as [1999](http://web.archive.org/web/19991122073209/http://pages.ebay.com/services/registration/register.html). Amazon was doing it back in [2001](https://web.archive.org/web/20011107052853/http://www.amazon.com/exec/obidos/flex-sign-in/?opt=oa&page=recs/sign-in-secure.html&response=tg/recs/recs-post-login-dispatch/-/recs). People I interviewed said that email-based signup was commonplace by the late 90s.
-
-And so the precedent of requiring personal contact information to sign up for an account was born, at least partially due to the shortcomings of passwords.
-
-### Terrible Security
-
-#### Single Point of Failure
-
-On top of the extra personal data now required for each online account, email acts as a one-stop shop for attackers looking to hack your accounts, either by getting into your email account itself or by sending you convincing password reset emails that send you to a phishing page that looks exactly like the real page.
-
-With the advent of AI, phishing attacks have only gotten cheaper and easier.
-
-Laughably, we're told to "look for typos" or "just feel out the vibes man" in order to defend against these attacks. What hope did we ever have?
-
-This intersects a bit with how I think email is a terrible, outdated protocol that needs to be replaced, but that's a blog post for another day.
-
-What's followed as a consequence of the tech industry's refusal to adapt to the security landscape is an unprecedented cybercrime industry, stealing an estimated [$44.2 million](https://aag-it.com/the-latest-phishing-statistics/) in 2021 through phishing scams. These are people whose only contribution to society is draining grandma's bank account, and they're absolutely raking it in.
-
-#### Service Provider Negligence
-
-But even if you do everything right and never fall for a phishing email, you can still be compromised due to the negligence of any one of the hundreds of service providers you rely on. Passwords need to be stored on a server somewhere, and if a service provider doesn't hash and salt them properly, a data breach will leave your account vulnerable.
-
-Even if the *service provider* does everything right in terms of storing the password (which you have absolutely no way of verifying), in the event of a data breach the attackers will still have a hash of your password to attack.
-
-There's typically also a period between the server receiving your password from the encrypted HTTPS tunnel and storing it securely as a hash where it handles your password in plaintext in order to compare it with what it has on file. Any vulnerabilities in the hardware could be catastrophic.
-
-If you think this sounds like minor nitpicking, consider that in 2019, Facebook realized it had accidentally been storing [hundreds of millions of user passwords in plaintext](https://about.fb.com/news/2019/03/keeping-passwords-secure/).
-
-#### Human Error
-
-Even ignoring all of that, passwords rely on randomness to be secure, but they also rely on humans to generate them.
-
-Humans are very bad at generating random numbers. We're so bad at it that it's possible to [uniquely identify](https://pubmed.ncbi.nlm.nih.gov/23626943/) you based on your pattern of "random" numbers.
-
-That doesn't even matter though, since passwords, by requiring the user to type them whenever they want to log in and requiring the user to remember them, encourage minimum randomness and minimum length.
-
-Most of us, even [IT experts](https://www.hipaajournal.com/92-of-it-leaders-guilty-of-password-reuse/), reuse passwords because we are so heavily incentivized to do so by how they fundamentally work.
-
-The strategy historically has been to shame people for using bad passwords whenever their account gets hacked, which has prevented us from seeing the fundamental issues with the way we authenticate and instead making it every individual's responsibility to somehow fight the incentives of the system they rely on.
-
-Imagine if every time you connected to a website with HTTPS, you had to come up with your own encryption key. Would that be a secure system?
-
-## Band-aid Solutions
-
-A common theme with passwords, and frankly many other things in the tech world, is stapling band-aid solutions on top of them to try and make them fit a modern use case they were never meant to serve.
-
-### Password Managers
-
-Password managers solve the issue of forgetting your passwords by acting as a secure repository for of all your passwords. You can even conveniently have them autofill your information for you on the login screen. They can generate strong passwords for you as well.
-
-#### Single Point of Failure
-
-Essentially, password managers try to eliminate the human error element of passwords. But in doing so, they introduce more attack surface: you now have a repository of all your login credentials conveniently located on your device, so if your device is compromised, all your accounts are also compromised.
-
-So a user with a password manager has to worry about passwords being guessed, potential compromise of their email, or compromise of their password manager.
-
-#### Security isn't Enforced
-
-Not to mention that many of the protections of a password manager are optional. A user isn't required to generate secure passwords, many will just continue using the same passwords they always have.
-
-#### Poor Phishing Protection
-
-Although some argue autofill protects against phishing attacks, really it doesn't since as soon as it doesn't autofill, a user will simply copy and paste their password into the field. A proper anti-phishing mitigation would make it nearly impossible to authenticate with the wrong website. Autofill can introduce its own set of [vulnerabilities](https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x) as well.
-
-### Salting and Hashing
-
-Salting and hashing themselves I would consider band-aid solutions, as they were stapled on top of the existing system as security concerns grew. They rely a lot on the service providers implementing them properly and even still there are gaps in security as I previously mentioned.
-
-### Two-Factor Authentication
-
-Because of the risk of compromise with passwords, most websites implement some form of two-factor authentication.
-
-#### Email 2FA
-
-By far the most common is email 2FA, which on top of all the problems with using email as an authentication method stated before, usually only happens the first time you log in to a website on each device (until you clear your cookies that is).
-
-#### SMS 2FA
-
-SMS 2FA is also common. This method is vulnerable to [SIM swap attacks](https://www.verizon.com/about/account-security/sim-swapping) in which an attacker tricks your carrier into swapping your phone number onto a new SIM card under their control. SMS is also completely unencrypted, lacking even transport encryption.
-
-The SS7 system underlying SMS is inherently [vulnerable to interception](https://youtu.be/wVyu7NB7W6Y?si=S8yzlWWh8zwuGraq). The idea of using SMS as a security tool is, frankly, laughable.
-
-#### OTP
-
-That brings us to [OTP](https://www.onelogin.com/learn/otp-totp-hotp) or One Time Password. This 2FA method relies on two things: a shared secret between you and the website called a "seed", and a "moving factor".
-
-The moving factor changes, allowing you both to generate a temporary password based on the seed that you need to type in on login.
-
-There are two main approaches to OTP.
-
-##### HOTP
-
-Hash-based Message Authentication Code OTP, or HOTP, increments the moving factor each time you successfully log in.
-
-##### TOTP
-
-In Time-based OTP or TOTP, the moving factor is time. The generated passwords will be valid for only about 30 to 60 seconds. The amount of time they're valid for is called a *time step*.
-
-Of the two, TOTP is newer and considered more secure since the passwords are constantly expiring.
-
-##### Issues
-
-While a massive step up from SMS 2FA in terms of both privacy and security, they're still lacking in phishing resistance.
-
-If you are sent to a fake login screen and put in your HOTP or TOTP password, the attacker can simply put that in to the real login screen. At least with TOTP there's a somewhat limited timeframe they can do it in, but these days phishing operations are fully automated, so it really doesn't matter.
-
-Also since both you and the website are storing the same seed, any breach of either your device or the servers will leave you compromised. You could store your secret on a separate device or on a separate app on your phone, but this leaves the risk of either not having your phone with you to log in to your accounts or losing your TOTP codes due to the file getting corrupted or a bad update. Overall, OTP is better than SMS 2FA but still leaves a lot to be desired.
-
-### Shoulder Surfing
-
-Another oft-forgotten issue with passwords is that someone could just [watch you type it](https://www.insideedition.com/thieves-are-snatching-phones-and-stealing-personal-info-after-studying-victims-passwords-81548) in and hack your account that way. Most password fields replace the characters in your password with stars or dots to combat this, but they usually still give you the option to show your password in plaintext anyway. The screen isn't the only way you can leak your password either, someone filming or watching you type it in a keyboard or on your phone screen would have your password with little effort. A human doesn't even need to be present, AI models can now work out your password just by [listening](https://www.royalholloway.ac.uk/research-and-education/departments-and-schools/information-security/news/study-suggests-that-ai-can-detect-your-password-from-the-sound-of-keys-being-pressed/#:~:text=Artificial%20Intelligence%20can%20work%20out,Royal%20Holloway%2C%20University%20of%20London.) to you type it.
-
-All of these are attempts, with varying success, at fixing the individual flaws with passwords rather than designing a solution from the ground up with security in mind. They add complexity, more steps in the process where either you or a service provider can screw something up.
-
-## Passkeys: The Password Replacement
-
-[Passkeys](https://fidoalliance.org/passkeys/) are FIDO credentials tied to a specific app or website that let you sign in with the same method you use to unlock your device, be that biometrics or a PIN.
-
-<iframe title="Passkey Authentication" src="https://neat.tube/videos/embed/aa1e8c86-5ccb-41ca-bc20-7d1afe026759" frameborder="0" allowfullscreen="" sandbox="allow-same-origin allow-scripts allow-popups allow-forms" width="230" height="440"></iframe>
-
-As long as you can remember your phone password, you can log in to your accounts. This frees you up to set a secure password on your device, since that's the only password you'd need to remember.
-
-You may have heard of passkeys from Apple or Google and assumed they're some proprietary feature, but they're based on FIDO standards and the word "passkey" is meant to be a common noun like "password," not tied to any platform or company.
-
-### No Personal Info
-
-You also won't need to use a username or email when logging in with passkeys, although currently most implementations still require it. Passkeys can fully replace every aspect of logging in.
-
-That means no email to send phishing attacks to or hack, and no SMS to be SIM swapped.
-
-### Phishing Resistance
-
-Passkeys operate using public-key cryptography just like how HTTPS works, so your private key isn't stored on the service provider's server, completely eliminating data breach issues with passwords. They were designed from the ground up to be phishing resistant and secure.
-
-### Privacy
-
-Since a unique key pair is generated for each account, you don't have to worry about being identified between accounts either. Hopefully soon you won't need to pay for that email aliasing service just to not be tracked across accounts.
-
-### Protection Against Losing Your Account
-
-You can even generate multiple passkeys per account in case you lose one somehow. Essentially this replaces the need for a recovery method; you can just add as many as you need, and they'll be available on all your devices anyway so losing your phone won't lock you out of your account.
-
-### Anti-Shoulder Surfing
-
-Passkeys fight shoulder surfing by allowing you to use biometrics on your device to sign in. Even in the event someone got your device password, they would still need the actual private key associated with your account, either through physical possession of your device or some other compromise of your password manager. Since the private key stays in your possession and is never sent anywhere unencrypted, the risk is minimal.
-
-### Fully Syncable
-
-Passkeys can be synced across devices and in the cloud as well, so you don't have to worry about losing them. And they'll be E2EE. Many password managers support passkeys, including Apple's and Google's built-in ones, so you can likely start using them right now.
-
-### Try It Out
-
-You can test out passkeys at [webauthn.io](https://webauthn.io). Even if your passkeys aren't synced to the device you're currently using, you can still login via a QR code, allowing your phone to act as a sort of wireless security key.
-
-### Barriers
-
-The main barrier to passkey adoption currently is lack of support from websites and apps. They either don't support passkeys at all, or still force you to sign up with a password, email, etc. with no way to delete them. I encourage you to contact any website or apps that don't have passkey support and request it, with the ability to signup and login without ever setting a password.
diff --git a/content/blog/posts/uk-forced-apple-to-remove-adp.md b/content/blog/posts/uk-forced-apple-to-remove-adp.md
deleted file mode 100644
index a42d53b92..000000000
--- a/content/blog/posts/uk-forced-apple-to-remove-adp.md
+++ /dev/null
@@ -1,163 +0,0 @@
----
-date:
-    created: 2025-02-28T17:30:00Z
-categories:
-    - News
-authors:
-    - em
-description: The UK government has served a technical capability notice to Apple under the UK Investigatory Act. Apple's response was to remove the Advanced Data Protection feature from the UK this week. What does this mean for Apple users in the UK and for encryption rights worldwide?
-schema_type: ReportageNewsArticle
-preview:
-  cover: blog/assets/images/uk-forced-apple-to-remove-adp/cover.webp
----
-# The UK Government Forced Apple to Remove Advanced Data Protection: What Does This Mean for You?
-
-![Photo of a person reading a book. The book is George Orwell's 1984. In the upper left corner is an Apple logo with two bites taken off.](../assets/images/uk-forced-apple-to-remove-adp/cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Edward Eyer / Pexels</small>
-
-On February 7th this year, Joseph Menn [reported](https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/) from the *Washington Post* that officials in the United Kingdom had contacted Apple to demand the company allows them to access data from any iCloud user [worldwide](https://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/draft-investigatory-powers-bill-committee/draft-investigatory-powers-bill/written/26341.html). This included users who had activated Apple's [Advanced Data Protection](https://www.privacyguides.org/en/os/ios-overview/#icloud), effectively requesting Apple break its strong end-to-end encrypted feature.<!-- more -->
-
-Sources familiar with the matter told the *BBC* and the *Washington Post* that UK's Home Office served a [technical capability notice](https://arstechnica.com/tech-policy/2017/05/investigatory-powers-act-legal-analysis/) to Apple under the UK Investigatory Powers Act. Details are scarce about exactly what happened between the UK government and Apple because [neither Apple nor the Home Office](https://www.bbc.co.uk/news/articles/cgj54eq4vejo) have publicly commented on the notice.
-
-However, [last week](https://www.eff.org/deeplinks/2025/02/cornered-uks-demand-encryption-backdoor-apple-turns-its-strongest-security-setting) apparently in response, Apple has completely removed the opt-in Advanced Data Protection feature from the UK. As of the 21st, Apple users located in the UK cannot activate Advanced Data Protection (end-to-end encryption) for their iCloud Drive, iCloud Backup, Photos, Notes, and more.
-
-This is terrible news for anyone in the UK, and a frightening omen for everyone worldwide.
-
-## Why is end-to-end encryption so important?
-
-**End-to-end encryption is a *crucial* technology for digital privacy and security.** When data is encrypted end-to-end, this means that only the sender(s)/owner(s) and intended recipient(s) (if any) can access it.
-
-For example, if data stored on Apple's servers is end-to-end encrypted, this means that even Apple could not read this data. If a government wanted to scan all the end-to-end data stored by Apple, it would be impossible to do because even Apple does not possess the keys to decrypt (read) this data.
-
-In the same line, if a criminal were to steal end-to-end encrypted data from Apple's servers, they would not be able to decrypt it either. **End-to-end encryption is the best defense against unauthorized access**, including data stolen by criminals or negligently leaked by organizations with poor security.
-
-Any proposition to implement a "backdoor" to end-to-end encryption is *tragically misinformed*. While it might at first sound appealing and a fair way to grant access to supposedly benevolent entities only, this approach is *incredibly* naive and misguided.
-
-Governments have repeatedly tried to propose these delusive policies, but it is simply impossible to add secret access to end-to-end encryption that would only be accessed by the intended groups no matter how good the intention. This is as absurd as poking a hole in a bowl and *demanding* only apple juice leak through it but not water or any other liquid. It's just impossible.
-
-End-to-end encryption with a backdoor is simply not end-to-end anymore. As Signal Foundation's President Meredith Whittaker [said so well](https://signal.org/blog/uk-online-safety-bill/): "**Encryption is either broken for everyone, or it works for everyone. There is no way to create a safe backdoor.**"
-
-The only way to keep the benefit of end-to-end encryption with all the protections it offers is to keep it thoroughly and strictly end-to-end, for everyone.
-
-## Why some governments want to break encryption?
-
-[Some governments](https://www.zdnet.com/article/the-encryption-war-is-on-again-and-this-time-government-has-a-new-strategy/) have been pushing really hard to demand access to end-to-end encrypted data from tech companies. While the ground for this might seem reasonable at first, it fails to consider how the technology works. **Encryption isn't magical, it is mathematical.**
-
-American cryptographer Bruce Schneier [explains](https://www.schneier.com/blog/archives/2025/02/an-icloud-backdoor-would-make-our-phones-less-safe.html) this clearly, "it’s a restriction enforced by mathematics—cryptography—and not policy."
-
-No matter how good a reason a third-party might have to decrypt a single piece of end-to-end encrypted data, if there is a way to access it by an unauthorized entity, then it offers no protection at all against any other accesses, whether legal or criminal.
-
-Besides the this-is-actually-mathematically-impossible argument, let's say we were to remove end-to-end encryption protections entirely for everyone everywhere (which a backdoor would effectively do). The other problem governments and law enforcement seem to fail to understand is that **citizens' rights and safety should be the priority**.
-
-Removing the lock on everyone's entry door possibly *could* make it easier for law enforcement to catch *some* criminals, it's true. But this would also **expose *everyone* to home invasion**, theft, vandalism, physical harm, and worse.
-
-The price of removing the locks on everyone's doors is too high. Similarly, **the price of removing the locks on everyone's digital doors is also too high**.
-
-Moreover, these governments always seem to assume that they, all well-intended benevolent governments of course, are assuredly reasonable and will only use this access to monitor the worst of criminals. Even if that was undoubtedly true *now*, these supposedly benevolent governments fail to consider these conditions might not always stay true.
-
-What is a benevolent government today might very well turn into an authoritarian nightmare tomorrow.
-
-Once implemented into the system, **the tools for mass surveillance can quickly turn against its own citizens** and victimize its most vulnerable population. This threat is always only [one change of government away](the-future-of-privacy.md).
-
-## Why did Apple remove this feature from the UK?
-
-Apple first introduced Advanced Data Protection in 2022. At the time, there was already in [a potential conflict](https://www.theguardian.com/technology/2022/dec/08/privacy-changes-apple-uk-government-online-safety-bill) with the UK's forthcoming Online Safety *Bill*, which despite [strong opposition](https://www.openrightsgroup.org/campaign/online-safety-bill-campaign-hub/) became law in 2023 and is now the Online Safety *Act*.
-
-Although attacks on encryption coming from governments aren't new, policymakers in favor of mass surveillance have recently increased the pressure on tech organizations to implement and normalize systemic monitoring, even in democratic countries. This is an **extremely dangerous threat to privacy rights** and [human rights](https://www.amnesty.org/en/latest/news/2025/02/uk-encryption-order-threatens-global-privacy-rights/) around the world.
-
-The giant Apple has long complied with law enforcement around the world and offers extensive [documentation](https://www.apple.com/legal/privacy/law-enforcement-guidelines-outside-us.pdf) to facilitate legal processes. However, when law enforcement requests access to data protected by end-to-end encryption, Apple does *not* have access to this data, by definition.
-
-The only way for Apple to provide law enforcement with access to end-to-end encrypted data would be to either lie to customers and secretly break the encryption, or remove the feature entirely. Apple chose the latter this week.
-
-This is horrifying news for anyone located in the UK losing access to this great protection. Moreover, it sets a dangerous precedent for other controlling governments to follow suit.
-
-It's difficult to fully judge the situation while the notice process is shrouded in secrecy, but Apple could have certainly put more pressure against it. If there is a big tech company who can afford to fight back in defense of privacy rights it's certainly Apple. Especially with all the privacy promises Apple gave to its users.
-
-At the risk of quoting Bruce Schneier's excellent [essay](https://www.schneier.com/blog/archives/2025/02/an-icloud-backdoor-would-make-our-phones-less-safe.html) twice in this article: **"The companies need to resist, and—more importantly—we need to demand they do."**
-
-Each time a large organization like Apple gives in to oppressive requests, it increases the chance of these requests multiplying.
-
-## Which Apple applications are affected?
-
-At the moment, it's not possible for anyone located in the UK to activate Apple's opt-in Advanced Data Protection (ADP) feature anymore.
-
-For UK users who have already activated ADP [instructions](https://www.macrumors.com/2025/02/26/advanced-data-protection-uk-need-to-know/) should follow soon, but it's probably a good time to look for alternative options (see [below](#what-to-do-if-you-are-living-in-the-uk)).
-
-With ADP enabled, Apple users can benefit from end-to-end encryption on many more Apple applications. These applications include: iCloud Backup (including device and message backups), iCloud Drive, Photos, Notes, Reminders, Safari Bookmarks, Siri Shortcuts, Voice Memos, Wallet Passes, Freeform, and potentially some [third-party app data](https://support.apple.com/102651). If you cannot use ADP anymore, you will lose end-to-end encryption protections for these applications.
-
-Some Apple services that aren't part of ADP will remain end-to-end encrypted in the UK (for now). Regardless, considering the political climate, it's likely a good idea to start [moving to alternatives](https://www.privacyguides.org/en/tools/) that are perhaps less likely to get compromised or removed in the near future.
-
-Apple's applications that [still benefit](https://support.apple.com/102651) from end-to-end encryption to this day in the UK include: Passwords and Keychain, Health data, Journal data, Home data, iMessage (only if iCloud Backup is *disabled*!), Payment information, Apple Card transactions, Maps, QuickType Keyboard, Safari, Screen Time, Siri information, Wi-Fi passwords, Memoji.
-
-## What does this mean for people in the UK, and the rest of the world?
-
-For people in the UK, this is of course bad news and a very disappointing development. If this regional ADP block is maintained, it is a huge drawback for any Apple user's privacy rights, and a loss of data security as well.
-
-For people outside the UK, **this is a loud warning alarm**. The UK government isn't the only one that has repeatedly tried to undermine encryption and privacy rights. While this might sound obvious for some authoritarian regimes, it's sadly also true for other governments considered open and democratic.
-
-This push for mass surveillance seems to have gained even more force in the past few years, as end-to-end encryption features make their way more frequently into the market.
-
-For anyone who cares about human rights, privacy rights, and democracy worldwide, **it is essential to push back hard against these legal proposal to undermine encryption**.
-
-Likewise, it's not too late for UK residents to also push back and make themselves heard by their government by loudly opposing new (and old) legislation undermining encryption.
-
-**Systemic surveillance should never be normalized.** Human rights can be lost, but they can also be won back with [strong opposition](https://www.openrightsgroup.org/press-releases/org-response-to-apple-killing-its-data-protection-tools-for-uk-users-encryption/).
-
-## What to do about it?
-
-But what about concrete actions? What can a concerned netizen of the world do right now?
-
-Here are a few things that might help you protect your data better from now on, and find alternatives to the end-to-end encryption features you might have lost:
-
-### What to do if you are living in the UK
-
-- [x] Support and follow the Open Rights Group's [campaign to save encryption](https://www.openrightsgroup.org/campaign/save-encryption/).
-
-- [x] Support [the petition](https://you.38degrees.org.uk/petitions/keep-our-apple-data-encrypted) organized by [Open Rights Group](https://www.openrightsgroup.org/) to tell your representatives you care about Apple's end-to-end encryption.
-
-- [x] Replace iCloud Drive with an [end-to-end encrypted cloud service](https://www.privacyguides.org/en/cloud/).
-
-- [x] Backup your Apple device(s) *locally only* and [encrypt your backups](https://support.apple.com/108353).
-
-- [x] Stop syncing your photos with iCloud. Either use a recommended end-to-end encrypted [cloud service](https://www.privacyguides.org/en/cloud/) to sync it, or only keep your photos locally.
-
-- [x] Replace Apple Notes with another [end-to-end encryption note application](https://www.privacyguides.org/en/notebooks/).
-
-- [x] Replace Safari with a [privacy-respecting browser](https://www.privacyguides.org/en/desktop-browsers/).
-
-- [x] If you can, [disable Siri entirely](https://www.digitaltrends.com/mobile/how-to-turn-off-siri/).
-
-- [x] Go through all your Apple devices' settings, and be mindful to disable each option that could send data to Apple's servers if you do not want this data to potentially be scanned by a government or other entities.
-
-- [x] Look for more privacy-respectful alternatives to Apple's products by browsing our [recommendations](https://www.privacyguides.org/en/tools/) section.
-
-- [x] Continue to fight for privacy rights and encryption rights every chance you get! The battle isn't over.
-
-### What to do if you are living in or outside the UK
-
-Get information from and support organizations defending encryption rights like:
-
-- [Global Encryption Coalition](https://www.globalencryption.org/about/) (you can even [join the coalition](https://www.globalencryption.org/about/members/)!)
-
-- [Amnesty Tech](https://www.amnesty.org/en/tech/)
-
-- [Center for Democracy & Technology](https://cdt.org/insights/cdt-joins-global-encryption-coalition-letter-on-uk-governments-use-of-investigatory-powers-act-to-attack-end-to-end-encryption/)
-
-- [EFF](https://www.eff.org/deeplinks/2024/12/defending-encryption-us-and-abroad)
-
-- [Fight for the Future](https://www.makedmssafe.com/)
-
-- [Privacy Guides](https://donate.magicgrants.org/privacyguides) 💛
-
-Use end-to-end encryption everywhere you can:
-
-- [x] If you are an Apple user outside the UK, [activate Advanced Data Protection](https://support.apple.com/108756) on your devices.
-
-- [x] Regardless of where you are and which device you use, **use end-to-end encryption features everywhere you can.**
-
-- [x] If you cannot find a cloud service you trust, you can [locally encrypt your data](https://www.privacyguides.org/en/encryption/) before uploading it to a cloud service of your choice.
-
-- [x] Look for other privacy-respectful alternatives browsing our [recommendations](https://www.privacyguides.org/en/tools/).
-
-- [x] Fight for privacy rights and encryption rights every chance you get!
diff --git a/content/blog/posts/virtual-insanity.md b/content/blog/posts/virtual-insanity.md
deleted file mode 100644
index 1b7022496..000000000
--- a/content/blog/posts/virtual-insanity.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-date:
-    created: 2021-11-01T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - freddy
-links:
-    - posts/move-fast-and-break-things.md
-    - posts/why-i-run-a-tor-relay.md
-tags:
-    - Facebook
-license: BY-SA
-description: On Mark Zuckerberg, Facebook, and the Metaverse.
-schema_type: OpinionNewsArticle
----
-# Virtual Insanity
-
-Not so long ago, the world was predicting the end for Facebook. Now it is no more. Gone from the face of the planet – never to be seen again. Except it isn’t.
-
-Facebook has not disappeared. No, not even the damning ‘Facebook Papers’ can shut it down. Mark Zuckerberg stood up on stage, and announced that it had changed its name to: Meta.<!-- more -->
-
-A key part of this new vision for the company is the idea of the metaverse. If it sounds like something out of a sci-fi movie or novel, that’s because it is. The term was first coined by author Neal Stephenson in his 1992 book *Snow Crash*. Zuckerberg’s only problem is that novel was dystopian. Here’s a brief snippet of Stephenson’s description of the metaverse:
-
-> “Your avatar can look any way you want it to, up to the limitations of your equipment. If you’re ugly, you can make your avatar beautiful. If you’ve just gotten out of bed, your avatar can still be wearing beautiful clothes and professionally applied makeup. You can look like a gorilla or a dragon or a giant talking penis in the Metaverse. Spend five minutes walking down the Street and you will see all of these.”
-
-In fairness, that doesn’t seem unlike the sort of content you see on Facebook today. Compare this to what Zuckerberg [wrote](https://about.fb.com/news/2021/10/founders-letter/) in his 2021 Founders Letter:
-
-> “In this future, you will be able to teleport instantly as a hologram to be at the office without a commute, at a concert with friends, or in your parents’ living room to catch up. This will open up more opportunity no matter where you live. You’ll be able to spend more time on what matters to you, cut down time in traffic, and reduce your carbon footprint.”
-
-The similarities are uncanny.
-
-This wouldn’t be the first time that Facebook has been described as dystopian. One *Mashable* article [called](https://mashable.com/article/facebook-dystopia) the social media giant ‘Orwellian and Huxleyan at the same time.’ Quite a feat.
-
-The ‘Facebook Papers’ have some pretty shocking - though not entirely surprising - revelations as well. The leaked documents demonstrate the extent to which Facebook values engagement above all else (including a good experience). For instance, we learned that the algorithm is [optimized](https://www.wired.com/story/facebook-transparency-biggest-sites-pages-links/) for low quality content, [prioritizes](https://www.washingtonpost.com/technology/2021/10/26/facebook-angry-emoji-algorithm/) rage over happiness for profit, and [promotes](https://www.theatlantic.com/ideas/archive/2021/10/facebook-papers-democracy-election-zuckerberg/620478/) extremist content. Most alarming was that the firm [failed](https://apnews.com/article/the-facebook-papers-covid-vaccine-misinformation-c8bbc569be7cc2ca583dadb4236a0613) to reduce disinformation during the pandemic even when given the opportunity. Zuckerberg said no to this, presumably because it would reduce engagement and, in turn, Facebook’s advertising revenue.
-
-Let’s not forget all Facebook’s previous scandals. From the Cambridge Analytica kerfuffle to [conducting](https://www.theregister.com/2014/06/29/researchers_mess_with_facebook_users_emotions/) manipulative social experiments in secret.
-
-In light of this, the name change makes sense. It deceives you into thinking the company has evolved into a benevolent corporation, when it simply hasn’t. Zuckerberg would much prefer you to think about Meta as a playful universe where you can meet with friends across the globe in virtual reality. Where humans train themselves to sound like heavily discounted robots. Where Facebook is not a Horrid Company.
-
-Despite all this: Meta *is* Facebook, just worse. It doesn’t matter about the new name, the company has not changed. It will still be violating our privacy, daily, on an unprecedented scale. It will still be as reliably scandalous as a Carry On film. It will still be terrible. Plus it will have all the added claptrap of a sub-par holographic universe attached.
diff --git a/content/blog/posts/warning-about-signal-proxies.md b/content/blog/posts/warning-about-signal-proxies.md
deleted file mode 100644
index 1a50fd554..000000000
--- a/content/blog/posts/warning-about-signal-proxies.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-date:
-    created: 2022-10-15T19:00:00Z
-categories:
-    - News
-authors:
-    - jonah
-tags:
-    - PSA
-    - Signal
-    - Instant Messengers
-links:
-    - Signal Configuration Guide: https://www.privacyguides.org/real-time-communication/signal-configuration-hardening/
-    - Real-Time Communication: https://www.privacyguides.org/real-time-communication/
-license: BY-SA
-description: You should be aware of a number of issues with Signal’s current proxy implementation.
-schema_type: NewsArticle
----
-# A Warning About Signal Proxies in Iran and Other Oppressive Countries
-
-People looking to use [Signal Proxies](https://www.signal.org/blog/run-a-proxy/) to bypass censorship programs should be aware of a number of issues with Signal’s current proxy implementation. Currently, Signal does not tunnel all application traffic through the specified proxy, which means authorities could still track people using Signal.<!-- more -->
-
-[This has been an issue since TLS proxies were added and has not yet been fixed](https://community.signalusers.org/t/traffic-not-routed-to-tls-proxies-can-expose-users-to-censors/27479):
-
-> The latest version of the Android app (v5.3.12 at this time) fails to route all the traffic to the TLS proxy. There are DNS leaks in the app, and it’s trivial for the censors to learn what IP addresses are connecting to Signal. [...]
->
-> When the app connects to the Signal server, it first looks up the IP of the Signal servers via DNS, and immediately after, it resolves the IP of the TLS proxy, also with DNS. This is an unexpected behavior that allows the censors to discover proxies by only monitoring the DNS traffic. [...]
-
-There are also a number of other problems with their TLS proxies (such as [outdated dependencies](https://privsec.dev/apps/update-your-signal-tls-proxy/)) which have not been resolved.
-
-Currently, we believe Signal’s TLS Proxies are an incomplete solution to the problems they try to solve. Instead, we recommend using Orbot in conjunction with Molly, an alternative Signal client which natively supports SOCKS proxies, to fully tunnel your Signal traffic over the Tor network. For more information please check out our [Signal configuration guide](https://www.privacyguides.org/real-time-communication/signal-configuration-hardening/).
diff --git a/content/blog/posts/welcome-to-privacy-guides.md b/content/blog/posts/welcome-to-privacy-guides.md
deleted file mode 100644
index 2e0fda349..000000000
--- a/content/blog/posts/welcome-to-privacy-guides.md
+++ /dev/null
@@ -1,73 +0,0 @@
----
-date:
-    created: 2021-09-14T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - jonah
-    - dngray
-    - freddy
-links:
-    - 'About Privacy Guides': "https://www.privacyguides.org/about/"
-    - posts/weve-joined-the-open-collective-foundation.md
-tags:
-    - Privacy Guides
-license: CC0
-description: Today, Privacy Guides has officially launched by our long-standing volunteer team to carry on the legacy of the now-defunct PrivacyTools project.
-schema_type: NewsArticle
----
-# Welcome to Privacy Guides
-
-![Privacy Guides cover image](../assets/brand/images/png/cover.png)
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-We are excited to announce the launch of [Privacy Guides](https://www.privacyguides.org/) and [r/PrivacyGuides](https://www.reddit.com/r/PrivacyGuides/), and welcome the privacy community to participate in our crowdsourced software recommendations and share tips and tricks for keeping your data safe online. Our goal is to be a central resource for privacy and security-related tips that are usable by anybody, and to carry on the trusted legacy of PrivacyTools.<!-- more -->
-
-As we [announced](https://web.archive.org/web/20210729184422/https://blog.privacytools.io/the-future-of-privacytools/) on the PrivacyTools blog in July, we made the decision to migrate off our former privacytools.io domain for various reasons, including an inability to contact the current domain holder for over a year and [growing](http://www.thedarksideof.io/) [issues](https://fortune.com/2020/08/31/crypto-fraud-io-domain-chagos-islands-uk-colonialism-cryptocurrency/) [with the .IO top-level domain](https://code.privacyguides.dev/privacyguides/privacytools.io/issues/1324). As attempts to regain ownership of the domain have proven fruitless, we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to [www.privacyguides.org](https://www.privacyguides.org/), and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc.
-
-We chose the name Privacy Guides because it represents two things for us as an organization: An expansion beyond simple recommendation lists, and a goal of acting as the trusted guides to anyone newly learning about protecting their personal data.
-
-As a name, it moves us past recommendations of various tools and focuses us more on the bigger picture. We want to provide more *education* — rather than *direction* — surrounding privacy-related topics. You can see the very beginnings of this work in our new page on [threat modeling](https://www.privacyguides.org/basics/threat-modeling/), or our [VPN](https://www.privacyguides.org/vpn) and [Email Provider](https://www.privacyguides.org/email) recommendations, but this is just the start of what we eventually hope to accomplish.
-
-## Website Development
-
-Our project has always been community-oriented and open-sourced. The source code for PrivacyTools is currently archived at [https://code.privacyguides.dev/privacyguides/privacytools.io](https://code.privacyguides.dev/privacyguides/privacytools.io). This repository will remain online as an archive of everything on PrivacyTools up to this transition.
-
-The source code for our new website is available at [https://github.com/privacyguides/privacyguides.org](https://github.com/privacyguides/privacyguides.org). All updates from PrivacyTools have been merged into this new repository, and this is where all future work will take place.
-
-## Services
-
-PrivacyTools also runs a number of online services in use by many users. Some of these services are federated, namely Mastodon, Matrix, and PeerTube. Due to the technical nature of federation, it is impossible for us to change the domain name on these services, and because we cannot guarantee the future of the privacytools.io domain name we will be shutting down these services in the coming months.
-
-We strongly urge users of these services to migrate to alternative providers in the near future. We hope that we will be able to provide enough time to make this as seamless of a transition as possible for our users.
-
-At this time we do not plan on launching public Matrix, Mastodon, or PeerTube instances under the Privacy Guides domain. Any users affected by this transition can get in touch with [@jonah:aragon.sh](https://matrix.to/#/@jonah:aragon.sh) on Matrix if any assistance is needed.
-
-Other services being operated by PrivacyTools currently will be discontinued. This includes Searx, WriteFreely, and GhostBin.
-
-Our future direction for online services is uncertain, but will be a longer-term discussion within our community after our work is complete on this initial transition. We are very aware that whatever direction we move from here will have to be done in a way that is sustainable in the very long term.
-
-## r/PrivacyGuides
-
-PrivacyTools has a sizable community on Reddit, but to ensure a unified image we have created a new Subreddit at [r/PrivacyGuides](https://www.reddit.com/r/PrivacyGuides/) that we encourage all Reddit users to join.
-
-In the coming weeks our current plan is to wind down discussions on r/privacytoolsIO. We will be opening r/PrivacyGuides to lots of the discussions most people are used to shortly, but encouraging general “privacy news” or headline-type posts to be posted on [r/Privacy](https://www.reddit.com/r/privacy/) instead. In our eyes, r/Privacy is the “who/what/when/where” of the privacy community on Reddit, the best place to find the latest news and information; while r/PrivacyGuides is the “how”: a place to share and discuss tools, tips, tricks, and other advice. We think focusing on these strong points will serve to strengthen both communities, and we hope the good moderators of r/Privacy agree.
-
-## Final Thoughts
-
-The former active team at PrivacyTools universally agrees on this direction towards Privacy Guides, and will be working exclusively on Privacy Guides rather than any “PrivacyTools” related projects. We intend to redirect PriavcyTools to new Privacy Guides properties for as long as possible, and archive existing PrivacyTools work as a pre-transition snapshot.
-
-Privacy Guides additionally welcomes back PrivacyTools’ former sysadmin [Jonah](https://twitter.com/JonahAragon), who will be joining the project’s leadership team.
-
-We are not accepting sponsorships or donations at this time, while we work out our financial plan. We will be in touch with existing sponsors on PrivacyTools’ OpenCollective to determine what the best way forward is soon.
-
-We are all very excited about this new brand and direction, and hope to have your continued support through all of this. If you have any questions, concerns, or suggestions, please reach out to us. We are always happy to receive guidance and input from our community! ❤
-
----
-
-***Privacy Guides*** *is a socially motivated website that provides information for protecting your data security and privacy.*
-
-- [Join r/PrivacyGuides on Reddit](https://www.reddit.com/r/privacyguides)
-- [Follow @privacy_guides on Twitter](https://twitter.com/privacy_guides)
-- [Collaborate with us on GitHub](https://github.com/privacyguides/privacyguides.org)
-- [Join our chat on Matrix](https://matrix.to/#/#privacyguides:aragon.sh)
diff --git a/content/blog/posts/weve-joined-the-open-collective-foundation.md b/content/blog/posts/weve-joined-the-open-collective-foundation.md
deleted file mode 100644
index 8d6153b33..000000000
--- a/content/blog/posts/weve-joined-the-open-collective-foundation.md
+++ /dev/null
@@ -1,31 +0,0 @@
----
-date:
-    created: 2019-10-31T19:00:00Z
-categories:
-    - Announcements
-authors:
-    - jonah
-links:
-    - posts/welcome-to-privacy-guides.md
-tags:
-    - Privacy Guides
-license: CC0
-schema_type: NewsArticle
----
-# We've Joined the Open Collective Foundation 501(c)(3)
-
-![Privacy Guides cover image](../assets/brand/images/png/cover.png)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-[Privacy Guides](https://www.privacyguides.org) provides knowledge, recommendations, and services to protect you against global mass surveillance programs and encourage self-control of your data online. Our website is free of advertisements and is not affiliated with any listed providers, because we believe that our ability to recommend solutions without receiving financial kickbacks is incredibly important in remaining unbiased.<!-- more -->
-
-However, we have always accepted and solicited financial contributions from our community. Running this network of websites and services for free to the public is a time-consuming and costly endeavor. We do it because we believe it is the right thing to do, not because we are looking to make a profit. Any contributions have been either used to pay our expenses or saved in a reserve for expansion or times of need.
-
-Today we are building on our transparency efforts by joining OpenCollective, a platform which will allow us to accept contributions and create expenses completely transparently. We are being sponsored by a fiscal host, the Open Collective Foundation, a nonprofit organization whose mission is to promote access to educational resources like ours.
-
-The Open Collective Foundation is a 501(c)(3) organization that is collecting these contributions on our behalf. Because of this, contributions to Privacy Guides through OpenCollective are **tax-deductible** for US taxpayers.
-
-Your support of this project will help us keep our servers running and pay for other various expenses accrued by the team while developing this community platform. We do not operate Privacy Guides for personal profit, and all funds will be used to further our mission in one form or another.
-
-Please consider contributing at [opencollective.com/privacyguides](https://opencollective.com/privacyguides) if you like what we do.
diff --git a/content/blog/posts/where-are-all-the-mprs.md b/content/blog/posts/where-are-all-the-mprs.md
deleted file mode 100644
index db2a2b33e..000000000
--- a/content/blog/posts/where-are-all-the-mprs.md
+++ /dev/null
@@ -1,58 +0,0 @@
----
-date:
-    created: 2024-11-17T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - fria
-tags:
-    - MPR
-    - VPN
-license: BY-SA
----
-# Where are all the Multi-Party Relays?
-
-Multi-Party Relays (MPRs) are a technology that aims to provide better privacy protections than VPNs do. MPRs showed a lot of promise when they first emerged, but years later there are fewer options than ever. What happened?<!-- more -->
-
-## Traditional VPNs
-
-The original purpose of Virtual Private Networks (VPNs) was to access a network privately when you're not physically there, with encryption in between, so you can securely access your files or manage your network from wherever you are. It extends the security you'd expect from being physically at your LAN to anywhere you are.
-
-[Commercial VPNs](https://www.privacyguides.org/en/basics/vpn-overview) like Proton VPN use this technology to allow you to connect to *their* network, and then connect to your destination. This keeps sites and services you connect to from knowing your real IP address and using it as a metric to track you. But there's a problem here: you now need to fully trust your VPN provider in the same way you need to trust your ISP with all your internet traffic. This "shifting trust" problem has haunted VPNs for as long as they've been marketed as a privacy product. It's clear that a better solution is needed.
-
-## The Alternative: Tor
-
-Mix networks like [Tor](https://www.privacyguides.org/en/advanced/tor-overview) have solved this problem by decoupling the sender from the destination. No relay along the path has all the information: the entry (or *guard*) relay knows who you are but not where you're going, the middle relay knows the other two relays, and the exit relay knows the destination but not the sender. There's also separate encryption between each relay.
-
-<figure markdown>
-  ![Tor path showing your device connecting to an entry node, middle node, and exit node before reaching the destination website](https://www.privacyguides.org/en/assets/img/how-tor-works/tor-path.svg#only-light)
-  ![Tor path showing your device connecting to an entry node, middle node, and exit node before reaching the destination website](https://www.privacyguides.org/en/assets/img/how-tor-works/tor-path-dark.svg#only-dark)
-  <figcaption>Tor circuit pathway</figcaption>
-</figure>
-
-Tor provides great privacy properties, but the relays are run by volunteers, so they can be extremely slow and unreliable. Anyone who's tried to download a file while connected to Tor knows how painful it can be. Even normal browsing can be slow, with potentially minutes collectively wasted on loading times in any given browsing session. Tor is hands down the most private way to [browse the web](https://www.privacyguides.org/en/tor), and if your threat model calls for it there is no substitute. But for VPN users who want better privacy, an obvious next step is a paid solution where you have access to fast and reliable servers like on a VPN, and *also* separation between who you are and what you're connecting to.
-
-## A Solution: Multi-Party Relays
-
-Enter Multi-Party Relays. Services like iCloud Private Relay and (the unfortunately discontinued) INVISV Multi-Party Relay take inspiration from mix networks like Tor and separate the sender from the destination using two relays operated by different parties, as the name implies. There's separate encryption between each relay as well. MPRs *do* require you to trust that the two parties don't collaborate to correlate your traffic, so keep that in mind.
-
-Typically, the first relay is controlled by the provider (either Apple or INVISV in the previous examples), and the second relay is controlled by another company such as Fastly or Cloudflare. These are big names, so you won't need to worry about reliability.
-
-<figure markdown>
-  ![A diagram showing how your IP address is known to your ISP and Apple, and the server you're accessing is known to Cloudflare and the destination, in the case of iCloud Private Relay](../assets/images/where-are-all-the-mprs/icloud-private-relay.png)
-  <figcaption>source: <a href="https://blog.cloudflare.com/icloud-private-relay/">blog.cloudflare.com</a></figcaption>
-</figure>
-
-They also provide *speed*. Private Relay uses the QUIC protocol and as a result it's lightning fast. You wouldn't even know you were connecting to two servers in between your cat videos. The reliability is so good that I forget I even have it on. It even integrates with Safari and gives you a different IP address for different websites, similar to Tor's stream isolation.
-
-So why haven't MPRs taken off? INVISV's Pretty Good Phone Privacy service never seemed to make it out of [beta](https://invisv.com/pgpp/#pgpp-release-notes). INVISV [partnered](https://invisv.com/articles/vivaldi-privacy-guard) with Vivaldi, but I can't seem to find any mention of it in the Vivaldi settings or on their website outside the original [announcement](https://vivaldi.com/blog/desktop/privacy-guard-your-privacy-matters-vivaldi-browser-snapshot-3319-12/). INVISV ultimately [shut down](https://invisv.com/articles/service_shutdown.html) their service back in June. I hope to see more from them in the future because they were providing something that currently isn't possible to get anymore on Android.
-
-That leaves [iCloud Private Relay](https://support.apple.com/en-us/102602) as the only commercial offering that I'm aware of, but it's limited to Apple devices only. Great for Apple users, but everyone else is left high and dry. As is Apple's way, they didn't want any extra inconvenience from using their service, so they restrict you to your real country and timezone. You don't have the same freedom to choose a server wherever in the world you want like a [traditional VPN service](https://www.privacyguides.org/en/vpn) would allow.
-
-There is one more honorary mention: [OHTTP](https://blog.cloudflare.com/stronger-than-a-promise-proving-oblivious-http-privacy-properties). It's a new protocol with a design based on the same principles as those of MPRs: two servers, a relay and a gateway, that decouple the sender from the destination. It's already seeing use by large companies to maintain user privacy for things like Google's Safe Browsing and Apple's new Safari Highlights feature. Unfortunately, it's not quite comparable to MPRs. According to Cloudflare:
-
-> OHTTP is not a general purpose proxy protocol: it's fit for purpose, aimed at transactional interactions between clients and servers (such as app-level APIs).
-
-So it can't cover all the traffic on your device. Still, it's a promising protocol and I hope it becomes more widespread.
-
-It really is a shame to see such a promising technology go so underutilized. Perhaps VPN companies could make their own MPR product and fill the gap in the market. Only time will tell.
diff --git a/content/blog/posts/why-i-run-a-tor-relay.md b/content/blog/posts/why-i-run-a-tor-relay.md
deleted file mode 100644
index 485a7b0e8..000000000
--- a/content/blog/posts/why-i-run-a-tor-relay.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-date:
-    created: 2020-05-04T19:00:00Z
-categories:
-    - Opinion
-authors:
-    - sam-howell
-links:
-    - 'Tor Network<br><small>Relays and Bridges</small>': https://www.privacyguides.org/tor/#relays-and-bridges
-tags:
-    - Tor
-    - Self-Hosting
-license: BY-SA
-description: Each Tor relay is the direct result of an individual deciding to sacrifice money, time and effort for the cause of fighting for a freer Internet.
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/why-i-run-a-tor-relay/cover.png
----
-# Why I Decided to Run a Tor Relay
-
-![Tor graphic](../assets/images/why-i-run-a-tor-relay/cover.png)
-
-<small aria-hidden="true">Illustration: Tor Project</small>
-
-It makes me smile when I come across someone struggling with the decision of whether to get a [VPN](https://www.privacyguides.org/vpn/). It makes me smile not because of the indecision and relative lack of knowledge, but because it wasn't so long ago I was in exactly the same position—perceiving VPNs to be some kind of extreme measure only the paranoid and the criminal resorted to. How wrong I was.<!-- more -->
-
-In just a few months I've come to realize that something like a VPN is in fact a basic measure one might take in the effort to more freely roam the Internet—tainted as it is by censorship, surveillance and many other forms of state control. So where do you go from realizing these issues if you know them to be the threats that they are to democracy and freedom? You seek to *take control*.
-
-You discover the [Tor Project](https://www.torproject.org/)—or rather, you learn more about a network that's been around for years and for years has suffered the type of reputation which only blinds everyday people from its incredible potential for positive change in numerous oppressed countries around the world.
-
-At the time of writing there are over 6,300 Tor relays, and I like to think this number will continue to grow steadily. Each one—no matter its uptime, bandwidth or overall reputation, or whether it’s a Guard, Middle or Exit—each one is the direct result of an individual deciding to sacrifice money, time and effort for the cause of fighting for a freer Internet: enabling millions of users—journalists, bloggers, whistleblowers, activists and everyday people like you and I—to communicate anonymously, and therefore safely, wherever we are in the world.
-
-Like many others, at first I was unsure about running my own relay. The usual doubts and questions arose: surely it's too difficult; I don’t know much about servers, and it’s surely expensive and beyond my skill-set to configure one as a Tor relay. But then I watched this talk ([Invidious Link](https://invidious.privacyguides.net/watch?v=Wl5OQz0Ko8c), [YouTube Link](https://youtube.com/watch?v=Wl5OQz0Ko8c)) by the articulate, intelligent and passionate Tor Project developer Jacob Appelbaum (if you do nothing else today, watch it).
-
-Jacob couldn’t have made a better case for direct action, requesting of the audience:
-
-> Raise your hand if you think anonymity is something that is good, and you think is a fundamental human right that we should all have...
-> Now raise your hand if you want to do something about it...
-> Now keep your hand up if you’re going to run a Tor relay...
-> Everybody that put your hand down, why aren’t you running a Tor relay? You can do something about it right now.
-
-And this is when it struck me, as I hope it struck many others at that talk: Am I doing enough? Can I claim to take this subject seriously if I’m not willing to invest the effort to really *be a part* of the solution? Not simply to donate money—which of course is still a great way to contribute—but to truly, technologically support the Tor network.
-
-It struck me that I have enough money, time and access to the right information to run my own relay. So it begged the question: Why *wouldn’t* I?
-
-At the time of writing my relay has been flagged ‘valid’, ‘running’ and ‘fast’ and is on track to have relayed around 750 GB by the end of the month. It feels good. It feels really good.
-
----
-
-*Sam is an elearning designer and privacy advocate interested in free (libre) software and how it can protect civil liberties. This article was [originally published](https://web.archive.org/web/20200508115203/https://samhowell.uk/dark/blog/blog-Tor_Relay.html) on my personal blog at [samhowell.uk](https://samhowell.uk), on February 15th, 2019.*
diff --git a/content/blog/posts/you-can-say-no.md b/content/blog/posts/you-can-say-no.md
deleted file mode 100644
index eb6cc7acc..000000000
--- a/content/blog/posts/you-can-say-no.md
+++ /dev/null
@@ -1,149 +0,0 @@
----
-date:
-    created: 2025-06-17T18:00:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: |
-    Sometimes, it can feel like our data is collected completely outside of our control or consent. But we still have a powerful weapon to fight back: The power to say no.
-schema_type: Opinion
-preview:
-  cover: blog/assets/images/you-can-say-no/no-cover.webp
----
-
-# You Can Say NO
-
-![Black and white cutout photos of two hands over a blue background. One hand does an offering gesture and the other one a refusing gesture. The word "No!" is printed in the middle.](../assets/images/you-can-say-no/no-cover.webp)
-
-<small aria-hidden="true">Photo: Gabby K / Pexels</small>
-
-In the age of facial recognition and age verification, it might feel like our data is being harvested left and right, completely outside our control or consent. Yet, we still have a powerful weapon to fight back against surveillance: The power to say no.<!-- more -->
-
-The power to say no is one we severely underutilize. Of course, there are circumstances where it can be difficult (impossible even!) to refuse. Saying no can come at a cost, but this isn't true everywhere, and (more importantly) that cost might be worth paying.
-
-There are many occasions where we could indeed refuse to comply with privacy-invasive requests, but miss the opportunity.
-
-However, it is vital as a community and as individuals that we exercise this right every time we possibly can, if we want to stand a fighting chance against the normalization of mass surveillance.
-
-## Why people surrender
-
-Many people agree to privacy-invasive requests despite feeling uncomfortable about it. They might not necessarily agree as much as *not refuse*, but the result is the same. There are many factors responsible for this:
-
-### Time pressure
-
-Sometimes, when a new request is rushed, people do not have sufficient time to evaluate the consequences of saying yes or no.
-
-It's hard to make an informed decision when we get suddenly asked by a polite cashier "can I have your postal code?", or some airport worker instructing us to "just stand in line here to have your photo taken". We might get caught off guard and simply not process what is really happening.
-
-When we do not have enough time or energy to properly evaluate the consequences of data collection, our default response should always be no. It's much easier to add data later on if needed, than to delete it.
-
-### Default pressure
-
-Other times, we might not even know we have a right to object.
-
-There are so many instances in privacy where data collection is presented to us as just the normal way to proceed, without informing us properly about our other options. Of course, this is often by design, because people might never accept such intrusive practices otherwise.
-
-For privacy consent, like for any other types of consent, it's important to remember that lack of an explicit and informed yes should equal to a no.
-
-When we do not have sufficient information about why this data is collected and how it will be processed, our default response should always be to ask if there is an option to opt out or refuse.
-
-### Peer pressure
-
-Then, there's the peer pressure when everyone else is doing it.
-
-Everyone else is on this platform, it must be okay. Everyone else has agreed to being recorded during this meeting, it must be okay. Everyone else is sharing a photo of their face, it must be okay. Everyone else is scanning their irises, it must be okay.
-
-Do not get duped by popularity. Sometimes, the most popular things people are doing are the worst things to do. Even if it can be really hard to resist peer pressure and to swim against the tide, it's important to make informed decisions free from the influence of trends.
-
-When we know a service, platform, or product doesn't respect our privacy rights, we should feel proud to take a stand and refuse to use it ourselves, even if everyone else uses it (for now).
-
-Whether it's because we have been pressured in time, pressured by peers, or simply because we did not know we could say no, it is crucial we take the time to reflect on this preventively, in order to be prepared to say no the next time we have a chance to.
-
-## There are consequences for saying no, but worse ones for saying yes
-
-Unquestionably, saying no isn't free from consequences.
-
-When refusing to provide an official ID to recover an account, we might lose that account. When refusing to provide biometric data to register, we might lose the opportunity to use this service. When refusing to participate in a privacy-invasive social media, we might lose friends who don't want to contact us using privacy-respectful platforms instead.
-
-But what are the consequences for saying yes?
-
-If we say yes all the time, even when we clearly have an option to object, to report, or to refuse to participate, we will soon lose our right to say no.
-
-If everyone acquiesces to privacy-invasive requests and practices, companies and governments might soon think there is no point in keeping an opt-out option available at all, since most people are subserviently complying without making a fuss.
-
-At the individual level, of course this means our data will be collected, processed, compiled, shared, and monetized in ways we know little about. Each time we say yes, it's a new data point in our tracking history to observe, judge, categorize, and manipulate us.
-
-At the collective level, it's nothing less than the loss of our human rights and democracies.
-
-Collectively, we have the power to tilt the balance in favor of privacy rights when we stand firm for it by refusing to consent to intrusive requests every time we can.
-
-By refusing, we clearly express our rejection of this invasion and demand our right to privacy be respected. This sends a clear message to corporations and governments alike that the population does care about privacy rights.
-
-If we value the right to privacy, it's our collective duty to protect it.
-
-## How to say no?
-
-How can we individually and collectively work to push for privacy rights by saying no everywhere we can?
-
-Here are a few examples of practices you can adopt in your daily life that collectively will help to fight for privacy:
-
-### Stop
-
-Stop using the privacy-invasive platforms and services that you can. Move away and opt for [better social media, products, and services](https://www.privacyguides.org/en/tools/) that do respect your privacy and do not monetize your data.
-
-This will take some time of course. Be patient. Pick one change at the time. Maybe this week [delete your Facebook account](https://www.privacyguides.org/en/social-networks/), and next month [migrate your emails](https://www.privacyguides.org/en/email/) away from Gmail.
-
-Each time you stop using services from software companies that build their wealth on monetizing your data, you are saying no and taking a stand for privacy rights.
-
-### Refuse
-
-Refuse all cookies! It can be a real pain to browse the web with all these cookie banners. Of course, companies are hoping for [decision fatigue](https://en.wikipedia.org/wiki/Decision_fatigue) to manipulate you in clicking "yes, yes, yes, agree, continue, whatever!" But each time you comply in despair, you let them win against what you really want.
-
-Websites are not obligated to have cookie banners if they do not use any privacy-invasive cookies. This annoyance doesn't come from legislation, it comes from the greed and stubbornness of corporations to harvest your data. There would be no cookie banners at all if they simply stopped tracking you and collecting your data.
-
-Sabotage their plans by taking the time to find the "Reject All" button through their disingenuous button labyrinth.
-
-Similarly, many privacy-invasive features maliciously try to present as "ethical" because you can "opt out". But what good is this protection if no one uses it? Put a spoke in their wheel, look for the hidden *opt-out* option, and refuse to participate every single time.
-
-Beyond the digital realm, there are many in-person situations where you might have a right to refuse data collection as well.
-
-For example, you may have the right to refuse face scans in airports and demand a "traditional" human verification instead. Look into your local regulation to find out more about this. If everyone refused to scan their face at the airport every time they can, this practice would soon die.
-
-When you say yes to this, you are unfortunately contributing to the normalization of this invasive practice.
-
-Finally, refuse to be recorded. Depending on your local regulation, it's likely there is a legal requirement to inform you when a meeting or interview will be recorded. It's also likely that you have a right to refuse. Exercise this right every time you can. Additionally, depending on your local regulation, report instances where you couldn't and should have been able to refuse.
-
-### Report
-
-Each time you witness a practice that violates privacy laws, report it to the data protection authority for your location.
-
-Stay aware of which privacy law(s) are applicable in your region, and which official entity is responsible for enforcing the law. Your privacy protections are related to your *own* location, regardless of where the organization is based.
-
-In Europe, this entity is often called a Data Protection Authority (DPA), but outside of Europe it's often called something else. It might be a Privacy Commissioner or a Supervisory Authority, for example (but not always either). Read the law (or summary of) for your region, it will include a description of whom this entity is and how to report non-compliance.
-
-Report every infraction you see when you have the time. Sometimes, it's really as simple as sending a short email to the enforcing entity. One single complaint can trigger a full investigation sometimes. This can make an enormous difference.
-
-If you can, reporting can also mean reporting to the media.
-
-When you experience an invasive practice or witness a serious data protection violation, report it to the media if you are comfortable sharing. Personal accounts of such experience are important for collective awareness. The more people know, the more people talk, the more we stand a chance to keep our privacy rights alive. Make noise!
-
-### Advocate
-
-Talk to your friends, family, co-workers, and acquaintances about their options to opt out data collection, and their right to refuse and to say no.
-
-Tell them about how important this is with the social media, software, and services they use. Tell them about the importance of looking for the rejection options on cookie banners, finding information on how to object to face scans at the airport, and refusing the use of AI note-takers during their medical consultations.
-
-Talk about this topic on social media! Share news about privacy-invasive practices. Inform people on how they can opt out, refuse, and say no in your specific region.
-
-## Saying no is a collective and individual responsibility
-
-**Refusal is a powerful way to protest.** But like any protest, it must gather in numbers to have an impact at the collective level. The larger the number of people opting out and saying no, the stronger the message sent.
-
-That being said, do not minimize the impact your individual actions have. **Every single action matters, even the smallest one.** Movements always start at the individual level. If nobody starts, then nobody follows.
-
-By saying no each time, by stopping, refusing, reporting, and advocating, you are starting a movement. When advocating for the right to refuse privacy-invasive practices, you are growing a movement. Each of these contributions matters.
-
-The consequences for not saying no would be leaving the next generations without any protections for their privacy. It would be disastrous for their individual rights, but also disastrous for democracy, freedom of speech, and so many rights we currently take for granted.
-
-We cannot let our society slip into authoritarian mass surveillance. For ourselves and for the next generations, we must fight by saying no, every time we possibly can.
diff --git a/content/blog/posts/your-online-life-is-irl.md b/content/blog/posts/your-online-life-is-irl.md
deleted file mode 100644
index 8df593064..000000000
--- a/content/blog/posts/your-online-life-is-irl.md
+++ /dev/null
@@ -1,67 +0,0 @@
----
-date:
-    created: 2025-05-16T16:00:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: If you've been on the internet for a while, you're probably familiar with the old adage IRL (In Real Life). The acronym was used a lot when online and offline life was much more separated than it is now. Today, can we truly keep talking about our digital life as being separated from our real life?
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/your-online-life-is-irl/irl-cover.webp
----
-
-# Your Online Life Is IRL
-
-![Photo of an illuminated red street sign with the word Internet on it.](../assets/images/your-online-life-is-irl/irl-cover.webp)
-<small aria-hidden="true">Leon Seibert / Unsplash</small>
-
-If you, like myself, have been inhabiting the internet for a few decades, you're probably familiar with the old adage IRL: In Real Life.
-
-The acronym was used a lot when the distinction between online life and offline life was much greater than it is now. In today's world, can we really keep referring to our digital life as being somehow disconnected from our "real life"?<!-- more -->
-
-While it's true that pseudo-anonymity online is still alive and well, most people don't hide their real identity online because it's much different from their personality offline, but generally simply as a protection.
-
-Even when using pseudonyms, online life is still part of *real life*.
-
-The proportion of time we spend on the connected world today is also far greater than it was before. We often chat with friends online, work online, communicate with our family online, play games online, assist to events online, go to school online, watch recipe videos online, and so on and so forth.
-
-## Our offline life is happening (and tracked) online too
-
-Another thing that has changed is how much data about what we do offline ends up getting collected and stored *online*.
-
-Maybe it's the places we visit during the day getting [tracked by our phones](https://www.pcmag.com/how-to/how-to-get-google-to-quit-tracking-you) and then stored by Google in our profile.
-
-Maybe it's our [smart speaker recording](https://www.lifewire.com/can-alexa-record-conversations-5205324) an intimate conversation and sending it to Amazon.
-
-Completely outside our control, maybe it's the street cameras, cellular towers, car license readers [tracking our movement](https://www.aclum.org/en/publications/what-you-need-know-about-automatic-license-plate-readers) outside as we go about our day.
-
-Or even more dystopian, maybe it's our [doctor using an AI note-taking app](https://theconversation.com/some-clinicians-are-using-ai-to-write-health-records-what-do-you-need-to-know-237762), sending a copy of our very personal in-person medical consultation to who knows which for-profit company.
-
-## Our digital lives and IRL lives are intertwined
-
-All this data collected on what we do *offline*, can sometimes [get aggregated](https://epic.org/issues/consumer-privacy/data-brokers/) together with the data collected on us *online*, even while using pseudo-anonymity.
-
-The social media account where we use a pseudonym and cat profile picture to stay anonymous can get aggregated from the same IP address we used to log in another account using our legal name.
-
-Our offline data and our online data often get connected and bundled up together. This is especially concerning with the growing practice of [social media monitoring](https://privacyinternational.org/long-read/5337/social-media-monitoring-uk-invisible-surveillance-tool-increasingly-deployed) used by governments and companies.
-
-## What we do online have offline consequences
-
-Taking this into account, there isn't a separation between our *online* life and *offline* life anymore.
-
-What we do online affects what we do offline, and vice versa. All of our life, online and offline, is *In Real Life* now.
-
-Our digital life and communications can affect our employment, our dating life, our family life, our housing situation, and even the capacity we have to visit a country [or not](https://globalnews.ca/news/11090232/french-scientist-denied-us-entry-critical-trump-text-messages/).
-
-## The data collected on us online should be cared for even more
-
-Because there isn't much separation anymore, we should treat all data collected about us online as sensitive data intrinsically attached to our person.
-
-An invasion of online privacy, of our online life, becomes the same as an invasion of our home, our body, our IRL life. Not only because this data can be used to find our IRL location, identify our person, and have important repercussions offline, but also because all data about us is an essential part of who we are.
-
-It's not just data points, it's a part of us.
-
-Considering how the world has evolved in the past decades, and shows no sign of slowing down its greedy appropriation of every single piece of information about us, **we should defend our online lives as fiercely as we would our offline lives**.
-
-We need to fight for a future anchored in human rights, and for this, we need to firmly enforce the principle that **digital rights are fundamental human rights**.
diff --git a/content/blog/posts/yubikey-reset-and-backup.md b/content/blog/posts/yubikey-reset-and-backup.md
deleted file mode 100644
index f6c78d97b..000000000
--- a/content/blog/posts/yubikey-reset-and-backup.md
+++ /dev/null
@@ -1,1097 +0,0 @@
----
-date:
-    created: 2025-03-06T22:00:00Z
-categories:
-    - Tutorials
-authors:
-    - em
-description: This tutorial demonstrates how to reset a YubiKey close to factory defaults and create a backup of most YubiKey applications on a spare key.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/yubikey-reset-and-backup/cover.webp
----
-# How to Reset Your YubiKey and Create a Backup
-
-![Photo of YubiKey on a table between a MacBook and a phone.](../assets/images/yubikey-reset-and-backup/cover.webp)
-<small aria-hidden="true">Photo: Yubico</small>
-
-If you are not familiar with it already, a YubiKey is a physical [security key](https://www.privacyguides.org/en/security-keys/) produced by [Yubico](https://www.yubico.com/) that can be used for various authentication and security purposes. One common usage is to use it as a second factor of authentication for a [service or product](https://www.yubico.com/works-with-yubikey/catalog/). This tutorial explains how to reset a YubiKey to factory defaults and create a near copy of it for backup purposes.<!-- more -->
-
-The biggest security *advantage* to using a physical security key is that it's something you have that cannot be accessed remotely or easily emulated.
-
-The biggest security *disadvantage* of using a physical security key is the risk of losing it. This is why you should always **get two** physical security keys, to use the second one as a **backup**.
-
-There are many brands of physical security key, but this tutorial is specifically for YubiKey, one of the [most recommended brands](https://www.privacyguides.org/en/security-keys/).
-
-To follow this tutorial, you will need to have **two YubiKeys** from either the series 5, 5 FIPS, 4, or 4 FIPS. Both these keys should not be currently in use with any of your accounts, as described in [Step 1](#step-1-remove-your-keys-from-all-accounts).
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Danger! Reset is irreversible!</p>
-
-Do **not** skip Step 1 below! If one or both of your YubiKey(s) are registered with any account before starting the reset, **you must** first remove the key(s) from this account's settings.
-Once a YubiKey application is reset, this operation is irreversible and previous settings will be lost permanently. **Be very careful about this!**
-
-</div>
-
-## Why would you need to reset your YubiKey?
-
-Resetting your YubiKey *isn't* something you should be doing regularly.
-
-If you use your key with a lot of services, it can be a laborious and even dangerous task, for example if you forget to remove an account and get permanently locked out once your key is reset. However, there are a few situations where you might want to do this:
-
-### You accidentally "doxxed" yourself
-
-When using a security key regularly, it isn't rare to accidentally touch your YubiKey and inadvertently trigger its [Challenge-response](https://docs.yubico.com/yesdk/users-manual/application-otp/challenge-response.html) in an inappropriate field. If this happens in the *wrong field*, this information could get stored in a service provider's log files for example.
-
-Perhaps you also just "doxxed" yourself by unintentionally texting your key's Challenge-response to a puzzled recipient in a personal unencrypted social media Direct Message (true story).
-
-The privacy risk of this is low but, depending on your situation, leaking your YubiKey's One-Time Password (OTP) Challenge-response in a plain text field *could* technically create a link between accounts. This is because despite the second part of the string changing every time, the first 12 characters are static, meaning this part always remains the same. This static part is the [Public ID](https://docs.yubico.com/yesdk/users-manual/application-otp/yubico-otp.html) of your YubiKey. When resetting your YubiKey, you can change this static part.
-
-### Your key is compromised
-
-Another situation that could make you want to reset your YubiKey is if you are in a very high risk situation and a sophisticated malicious actor had physical access to your key, especially if your key's firmware is [older than 5.7](https://www.yubico.com/support/security-advisories/ysa-2024-03/). If this person or group were able to physically accessed your key with older firmware, under some rare conditions, they [*could*](https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/) have cloned it.
-
-If you are at risk and this happens to you, you would first need to revoke access to all the services you've used your compromised key with.
-
-Then, to re-register a key with your services, the safest course of action would be to get an entirely new set of keys. But if this isn't possible, a second option could be to reset your key and re-register it with new credentials.
-
-### You need to set up a backup
-
-This is the most common situation we will be focusing on. You might need to reset your YubiKeys' applications simply to create a clone of it so that you have a backup.
-
-Keeping a backup of your key is especially important for usages such as setting up a YubiKey as a second factor of authentication with KeePassXC, for example.
-
-Some services will allow you to register two or more *different* keys to authenticate your account, but other services might only allow you to register one. This is when you want to make sure your have a backup of this key.
-
-## Requirements and preparation
-
-For this tutorial you will need:
-
-- [x] Two YubiKeys (from series 5, 5 FIPS, 4, or 4 FIPS)
-- [x] Computer running Linux, macOS, or Windows
-- [x] Internet connection
-- [x] Ability to install software on this computer
-
-<div class="admonition success" markdown>
-<p class="admonition-title">It is recommended to follow this tutorial from a desktop computer.</p></div>
-
-### Step 1: Remove your keys from all accounts
-
-First, make sure you are *not* using these two YubiKeys with any account, service, or product. **The importance of this cannot be stressed enough.** You do not want to realize next month you are *permanently locked out* of an account because you reset your key and forgot it was set up with that account.
-
-If you are using these keys with any account, remove the keys from the setting of each account and test multiple times that you are able to log in without it. Ideally, start with fresh keys.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">YubiKey's applications can be reset independently</p>
-
-Depending on your situation, you might want to reset one of your YubiKeys' application and not all.
-
-Except for the YubiKey Bio Series Multi-protocol Edition (which we don't cover in this tutorial), each YubiKey application can be reset independently without affecting the others. You could for example reset your OTP slots without affecting your FIDO2 settings, and vice versa. For this tutorial, we will reset every application. Skip the ones you do not need to reset.
-
-</div>
-
-### Step 2: Download and install the Yubico Authenticator
-
-Go to this Yubico website [page](https://www.yubico.com/products/yubico-authenticator/#h-download-yubico-authenticator), click on the link for your specific Operating System, then download and [install](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/installation.html) the **Yubico Authenticator** application on your computer.
-
-![Screenshot of a browser showing the page to download the Yubico Authenticator.](../assets/images/yubikey-reset-and-backup/yubikey-1-download.webp)
-
-![Screenshot of the Yubico Authenticator application showing a YubiKey icon with "Insert your YubiKey".](../assets/images/yubikey-reset-and-backup/yubikey-2-yubicoapp.webp)
-
-### Step 3: Open the Yubico Authenticator and plug in your keys
-
-Open the **Yubico Authenticator** application. If you can, insert both your YubiKeys in your computer's ports. If you can't insert both keys at once, insert your main YubiKey first, then for each step unplug your main key once you are done, plug in your spare key, and repeat each step.
-
-![Screenshot of the Yubico Authenticator application showing a Home menu and 2 YubiKeys plugged in. The application window showing the main YubiKey is colored green.](../assets/images/yubikey-reset-and-backup/yubikey-3-keysplugged.webp)
-
-From the "Home" section, you can see your keys' serial number, firmware version, as well as which applications are installed on your key. You can also set labels for each key and change the interface's color to make it easier to see which key you are configuring.
-
-![Screenshot of the Yubico Authenticator application showing a Home menu with a spare YubiKey. The application window is colored teal.](../assets/images/yubikey-reset-and-backup/yubikey-4-keyspluggedspare.webp)
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">If you don't see the menu options</p>
-
-If you do not see the menu on the left (Home, Accounts, Passkeys, Certificates, Slots), make the **Yubico Authenticator** window wider or click on the 3-bar button on the upper-left. If you do not see the menu on the right (Device, Application), click on the 3-dot button on the upper-right.
-
-</div>
-
-## Resetting your YubiKey to factory defaults
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Disabling applications</p>
-
-From the "Device" menu, you can click on "Toggle applications" to enable or disable applications independently. Note that disabling a YubiKey application doesn't reset it, all credentials and settings will be [preserved](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/settings.html#toggle-yubikey-applications-on-off).
-
-</div>
-
-### Step 4: Delete your YubiKey's One-Time Password (OTP) application
-
-This step will not reset your YubiKey's OTP application to exact factory defaults, but it will emulate a factory reset very closely once you have added new credentials in the following sections.
-
-#### 4.1. From the Yubico Authenticator
-
-Click on the "Slots" button in the left-side menu. You will see 2 slots listed there labeled as "Short touch" and "Long touch" slots. If these slots are configured already, under the label you will see "Slot is configured". Click on each configured slot.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section.](../assets/images/yubikey-reset-and-backup/yubikey-5-slots.webp)
-
-#### 4.2. Delete credential
-
-This will open a new menu on the right. Click on "Delete credential" (if you cannot see this option, it could be because your program window isn't big enough, scroll down to see more options).
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the Short touch slot selected.](../assets/images/yubikey-reset-and-backup/yubikey-6-deletecredential.webp)
-
-A "Delete credential" message will pop up with a warning, click "Delete" on the lower-right.
-
-![Screenshot of the Yubico Authenticator application showing a Delete credential popup.](../assets/images/yubikey-reset-and-backup/yubikey-7-deletepopup.webp)
-
-Verify that you see both slots labeled with "Slot is empty" in the Slots section.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the two slots labeled empty.](../assets/images/yubikey-reset-and-backup/yubikey-8-slotsempty.webp)
-
-### Step 5: Reset your YubiKey's FIDO2, OATH, and PIV applications
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Compatibility:</p>
-
-This step might not work fully with models older than YubiKey 5 and 5 FIPS Series
-
-</div>
-
-#### 5.1. Reset OATH
-
-From the **Yubico Authenticator**, in the "Device" menu on the right, click on "Factory reset". On the "Factory reset" popup section, click on "OATH". You will see a checkmark appear over "OATH", then click on "Reset" on the lower-right.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Danger! This step is irreversible!</p>
-
-**Reset cannot be reversed!** Make sure you have properly unpaired all your accounts from this key before clicking "Reset".
-
-</div>
-
-![Screenshot of the Yubico Authenticator application showing a Factory reset popup with the OATH option selected.](../assets/images/yubikey-reset-and-backup/yubikey-9-reset-oath.webp)
-
-#### 5.2. Reset FIDO2
-
-From the "Device" menu, click on "Factory reset" again. This time click on "FIDO2". You will see a checkmark appear over "FIDO2", then click on "Reset" on the lower-right.
-
-![Screenshot of the Yubico Authenticator application showing Factory reset popup with the FIDO2 option selected.](../assets/images/yubikey-reset-and-backup/yubikey-10-reset-fido2.webp)
-
-You will be prompted to unplug your YubiKey from your computer. Unplug it, wait for the Status message to change with "Reinsert your YubiKey" then plug it in again.
-
-When prompted to "Touch the button on your YubiKey now", touch the gold part of your key.
-
-You will see a confirmation message saying "FIDO application reset". You can now click on "Close" on the lower-right.
-
-![Screenshot of the Yubico Authenticator application showing Factory reset popup with a warning before reset.](../assets/images/yubikey-reset-and-backup/yubikey-11-reset-fido2close.webp)
-
-#### 5.3. Reset PIV
-
-From the "Device" menu again, click on "Factory reset" again. This time click on "PIV". You will see a checkmark appear over "PIV", then click on "Reset" on the lower-right.
-
-![Screenshot of the Yubico Authenticator application showing Factory reset popup with the PIV option selected.](../assets/images/yubikey-reset-and-backup/yubikey-12-reset-piv.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Reset your spare key too!</p>
-
-If you inserted both of your keys at once, click on your spare key on the left-side key menu. Repeat the 3 steps above for your spare key. If you inserted only one key at the time, insert your second key and repeat this process.
-
-</div>
-
-### Step 6: Reset your YubiKey's OpenPGP and YubiHSM Auth applications
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Compatibility for YubiHSM Auth</p>
-
-The YubiHSM Auth application is only available for YubiKeys with firmware version 5.4 or higher. Use the **Yubico Authenticator** to determine your YubiKey's firmware version.
-
-</div>
-
-To reset the OpenPGP and YubiHSM Auth applications of your YubiKey, you will need to install a Yubico CLI program called [**ykman CLI**](https://docs.yubico.com/software/yubikey/tools/ykman/Using_the_ykman_CLI.html) and use a terminal application.
-
-You can install **ykman CLI** using a package manager such as **pip** or **brew**, or by downloading the package from the Yubico developer's website:
-
-#### 6.1. Install ykman CLI
-
-From any OS, using the **pip** package manager:
-
-Open a terminal application and type:
-
-``` console { .yaml .copy }
-pip install --user yubikey-manager
-```
-
-<div class="admonition info" markdown>
-<p class="admonition-title">For Linux users</p>
-
-Yubico makes the **ykman CLI** Python program files available on its [website](https://developers.yubico.com/yubikey-manager/Releases/) and on its [GitHub repository](https://github.com/Yubico/yubikey-manager). Consult the documentation provided to ensure you have all the programs required for the installation. Certain third-party package maintainers might also offer **ykman CLI** (also called YubiKey Manager CLI) for several Linux distributions other than Ubuntu.
-
-</div>
-
-From Linux (Ubuntu), using the Yubico developer's website:
-
-On [this page](https://developers.yubico.com/yubikey-manager/Releases/), download the latest **`tar.gz`** file and decompress it. Run the **ykman** Python program using the command line from the directory you have installed it in.
-
-From Linux (Ubuntu), using Yubico's **yubico/stable PPA** type:
-
-Open a terminal application and type:
-
-``` console title="Terminal"
-sudo apt-add-repository ppa:yubico/stable
-sudo apt update
-sudo apt install yubikey-manager
-```
-
-From macOS, using the [Homebrew](https://brew.sh/) package manager:
-
-Open a terminal application and type:
-
-``` console { .yaml .copy }
-brew install ykman
-```
-
-From macOS, using the Yubico developer's website:
-
-On [this page](https://developers.yubico.com/yubikey-manager/Releases/), download the latest **`mac.pkg`** file, then double-click on it to complete the installation.
-
-From Windows, using the Yubico developer's website:
-
-On [this page](https://developers.yubico.com/yubikey-manager/Releases/), download the latest **`win64.msi`** file, then double-click on it to complete the installation.
-
-#### 6.2. Navigate to the application directory
-
-You might need to navigate to the application's directory first:
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Installation path</p>
-
-If you have chosen a different installation path from default, you will need to navigate to this installation path instead.
-
-</div>
-
-From macOS, in the terminal navigate to:
-
-``` console { .yaml .copy }
-cd /Applications/Yubico\ Authenticator.app/Contents/MacOS/
-```
-
-From Windows, in the command prompt navigate to:
-
-64-bit Systems:
-
-``` console { .yaml .copy }
-"C:\Program Files\Yubico\YubiKey Manager CLI\ykman.exe "
-```
-
-32-bit Systems:
-
-``` console { .yaml .copy }
-"C:\Program Files (x86)\Yubico\YubiKey Manager CLI\ykman.exe "
-```
-
-#### 6.3. Reset the applications
-
-To make sure you reset both keys properly in this step, **only plug one key at the time** in your computer. Complete all the operations, unplug your main key then plug in your *spare* key and repeat.
-
-Once your main key is plugged in, in the terminal or command prompt type this line:
-
-``` console { .yaml .copy }
-ykman openpgp reset
-```
-
-When prompted with this warning, type ++y++:
-
-``` console
-"WARNING! This will delete all stored OpenPGP keys and data and restore factory settings. Proceed? [y/N]:"
-```
-
-You should see this confirmation message:
-
-``` console
-"Reset complete. OpenPGP data has been cleared and default PINs are set."
-```
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Security warning</p>
-
-This operation will set default PINs for your YubiKey's OpenPGP application.
-
-If you need to use this application later, you will need the default PINs. After reset, you should set up a new unique PIN and Admin PIN for this application, as explained on [Step 11](#step-11-generate-and-copy-an-openpgp-key-and-subkeys-to-your-yubikeys).
-
-You can see more setting commands for this application in Yubico's [documentation](https://docs.yubico.com/software/yubikey/tools/ykman/OpenPGP_Commands.html).
-
-</div>
-
-From the terminal, type this line:
-
-``` console { .yaml .copy }
-ykman hsmauth reset
-```
-
-When prompted with this warning, type ++y++:
-
-``` console
-"WARNING! This will delete all stored YubiHSM Auth data and restore factory setting. Proceed? [y/N]:"
-```
-
-You should see this confirmation message:
-
-``` console
-"Reset complete. All YubiHSM Auth data has been cleared from the YubiKey."
-```
-
-![Screenshot of a terminal window showing the two commands for the OpenPGP and HSMauth resets.](../assets/images/yubikey-reset-and-backup/yubikey-13-reset-cli.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Reset your spare key too!</p>
-
-Don't forget to unplug your *main* key, plug in your *spare* key, and repeat the process from [Step 6.3](#63-reset-the-applications) to reset your spare key as well.
-
-</div>
-
-<div class="admonition info" markdown>
-<p class="admonition-title">The ykman CLI program</p>
-
-You can use the **ykman CLI** program to do a lot more with your YubiKey. If you want to explore this program further, you can consult Yubico's [documentation](https://docs.yubico.com/software/yubikey/tools/ykman/Using_the_ykman_CLI.html).
-
-</div>
-
-## Setting up and backing up of your YubiKeys
-
-Now that you have a set of two freshly reset YubiKeys, we will set up your main key while creating a backup of each application that allows it to your spare key. The goal here is to create a spare key that you can safely keep as a backup, in the unfortunate event that you were to lose your main key.
-
-Keep in mind that your accounts and services will be only as protected as your *least* secured key. Make sure to **protect both keys** well.
-
-### Step 7: Secure your keys
-
-Before starting to use your keys, Yubico [recommends](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/piv-certificates.html) changing the default [PIN](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/piv-certificates.html#changing-the-pin), [PUK](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/piv-certificates.html#changing-the-puk), and [Management Key](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/piv-certificates.html#changing-the-management-key) from their factory values. If you are using a YubiKey from the 5 FIPS Series with firmware 5.7 or later, changing this is required to enter the [FIPS approved mode](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/settings.html#settings-home-fips-status).
-
-#### 7.1. From the Yubico Authenticator
-
-On the left-side menu, click on the "Certificates" button. You will see a section for various certificates in the center and in the right-side "Manage" menu, buttons to "Change PIN", "Change PUK", and "Management key".
-
-![Screenshot of the Yubico Authenticator application showing the Certificates section.](../assets/images/yubikey-reset-and-backup/yubikey-14-config-certificates.webp)
-
-#### 7.2. Change the default PIN
-
-Click on the "Change PIN" button and a section will pop up. Enter a new PIN that is between 6 and 8 characters long, then click "Save".
-
-![Screenshot of the Yubico Authenticator application showing a Change PIN popup.](../assets/images/yubikey-reset-and-backup/yubikey-15-config-certificatespin.webp)
-
-#### 7.3. Change the default PUK
-
-Click on the "Change PUK" button and a section will pop up. Enter a new PUK number that is between 6 and 8 characters long, then click "Save".
-
-![Screenshot of the Yubico Authenticator application showing a Change PUK popup.](../assets/images/yubikey-reset-and-backup/yubikey-16-config-certificatespuk.webp)
-
-#### 7.4. Change the default Management key
-
-Click on the "Management key" button and a section will pop up. Enter or generate a "New management key" with a maximum of 64 characters. You can also change the encryption algorithm to "TDES", "AES128", "AES192", or "AES256" and add a pin protection by clicking on "Protect with PIN". Then click "Save".
-
-![Screenshot of the Yubico Authenticator application showing a Change management key popup.](../assets/images/yubikey-reset-and-backup/yubikey-17-config-certificateskey.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Secure your spare key too! Don't forget to repeat all of these steps for your spare key!</p></div>
-
-### Step 8: Create and register each key's OTP
-
-First, you will need to set up your keys' OTP and register them with [YubiCloud](https://www.yubico.com/products/yubicloud/). For security reasons, this setup [cannot be cloned](https://support.yubico.com/hc/en-us/articles/360016614880-Can-I-duplicate-a-YubiKey) on your spare key. For services using OTP, you will need to register both of your keys which each service or product.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Add both keys</p>
-
-Each time you secure a new account with your YubiKey, make sure to add both keys right at the start. This will save you the complication of going back to add your spare key to your accounts later on.
-
-</div>
-
-#### 8.1. From the Yubico Authenticator
-
-Click on the "Slots" button in the left-side menu. You will see 2 slots listed there labeled as "Short touch" and "Long touch" slots, both slots should be empty after the reset.
-
-Click on the first "Short touch" slot, then on the right-side menu, click on the "Yubico OTP" button in "Setup". A "Yubico OTP" section will pop up with three text fields.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the Yubico OTP button selected on the right.](../assets/images/yubikey-reset-and-backup/yubikey-18-config-otp.webp)
-
-![Screenshot of the Yubico Authenticator application showing a Yubico OTP popup.](../assets/images/yubikey-reset-and-backup/yubikey-19-config-otpfields.webp)
-
-#### 8.2. For the Public ID field
-
-The [**Public ID**](https://developers.yubico.com/OTP/OTPs_Explained.html) of your YubiKey will be the first 12 characters of your key's OTP string. This is the static part that *could* technically create a link between your accounts if you leak it somewhere inappropriate.
-
-You can click on the "Use serial" star button on the right to generate a [ModHex](https://docs.yubico.com/yesdk/users-manual/application-otp/modhex.html) string from your key's serial number, or you can type your own manually.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">If you decide to manually type your Public ID</p>
-
-- Remember the string must be **12-characters** long
-
-- You must only choose characters comprised within: **`bcdefghijklnrtuv`**
-
-- Because this string remains constant, to increase your privacy, favor a random string that isn't recognizable or specifically interesting. For example, resist the temptation to choose something irresistibly cool like "`vvbetterdude`" or "`vvfiercenerd`".
-
-</div>
-
-#### 8.3. For the Private ID field
-
-The [**Private ID**](https://developers.yubico.com/OTP/OTPs_Explained.html) of your YubiKey will also be 12-characters long but will not show in your key's OTP string. This **Private ID** can be used to store a private identity that can be accessed by a remote validation server holding the AES key used to encrypt the OTP.
-
-You can click on the "Generate random" circle-arrow button on the right to generate a random ID, or you can type your own manually.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">If you decide to manually type your Private ID</p>
-
-- Remember the string must be **12-characters** long
-
-- You must only choose characters comprised within: **`abcdef0123456789`**
-
-- If you want to increase your privacy, again favor a random string that isn't recognizable or specifically interesting. For example, resist the overwhelming temptation to choose something unbearably cool like "`c0de1337cafe`" or "`bada55babe42`"
-
-</div>
-
-#### 8.4. For the Secret key field
-
-The **Secret key** of your YubiKey's OTP is a 32-character long random string. Again, you can click on the "Generate random" circle-arrow button on the right to generate a random Secret key, or you can type your own manually. If you decide to use your own Secret key, characters must be comprised within the allowed **`abcdef0123456789`**.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">To remove automatic carriage return</p>
-
-Automatically once you have filled all the fields, the option "Append" will get a checkmark. This means that each time you trigger your key's OTP, a carriage return will be added so that you will not have to press ++return++ each time. If you do not wish this to happen, you can click on "Append" to disable it.
-
-</div>
-
-#### 8.5. Save your OTP credentials
-
-On the drop-down menu next to Append at the bottom, click on "No export file" and select "Select file". This will allow you to save this information locally and create a backup. You will need this information to register your keys later in [Step 8.7](#87-register-your-keys).
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Caution! Safeguard this file properly!</p>
-
-This text file contains sensitive information in plain text. Make sure to pick a location to store it that is secure and encrypted. For example, do **not** store this file in a cloud service that isn't end-to-end encrypted. Ideally, only keep this file offline on an encrypted drive.
-
-</div>
-
-![Screenshot of the Yubico Authenticator application showing a Yubico OTP popup with all text fields filled.](../assets/images/yubikey-reset-and-backup/yubikey-20-config-otpfieldsfilled.webp)
-
-![Screenshot of a popup Choose File Name window to save a file.](../assets/images/yubikey-reset-and-backup/yubikey-21-config-otpfile.webp)
-
-Once all the information is filled, click on "Save" at the lower-right. The file you save will have the following coma-separated format:
-
-``` console
-[serial_number],[public_id],[private_id],,[secret_key],[date],
-```
-
-#### 8.6. Set up the OTP credentials for your spare key
-
-To set up the OTP for your spare key, go back to the "Slots" section and click on your *spare* key listed on the upper-left key menu. If you were only able to plug one key at the time, unplug your *main* key and plug in your *spare* key. Repeat Steps 8.1 to 8.5 with your spare key. Make sure to select a different file name for [Step 8.5](#85-save-your-otp-credentials) to not overwrite your main key's credential file.
-
-#### 8.7. Register your keys
-
-Now you will need to upload your keys' OTP credentials to the YubiCloud validation service. To avoid confusion, unplug one of your key and only keep one key plugged in at the time during the registration process.
-
-Go to Yubico's [validation page](https://upload.yubico.com/) from a secure browser. Open the credentials file you have saved on [Step 8.5](#85-save-your-otp-credentials) and copy each field in the corresponding section.
-
-![Screenshot of a browser window showing the Yubico OTP key upload web page.](../assets/images/yubikey-reset-and-backup/yubikey-22-config-register.webp)
-
-For the "OTP from YubiKey" field, click on the text field and touch your key's gold part to generate it. Then click on "I'm not a robot", solve the annoying CAPTCHA, and click on "Upload".
-
-On the next page, you should see "Yubico OTP key upload" and under it the confirmation: "Success!" and "Key upload successful".
-
-Under you key's Public ID, you will see 3 steps validating your key. This can take some time, be patient and do not close this page.
-
-Once your key's OTP credentials are fully uploaded to YubiCloud's validation server, you will see a "Try it out" green button appear. Click on it.
-
-![Screenshot of a browser window showing the Yubico OTP key upload web page validating a key registration.](../assets/images/yubikey-reset-and-backup/yubikey-23-config-registersuccess.webp)
-
-On this testing page, you can verify that your key's OTP slot works properly. Click on the "Yubico OTP" text field and touch the gold part of your key. You should see a small popup message on the lower-left confirming "OTP is valid". Try it a few times, then you can close this page.
-
-![Screenshot of a browser window showing the Yubico OTP testing web page.](../assets/images/yubikey-reset-and-backup/yubikey-24-config-tryitout.webp)
-
-Finally, unplug your main key, plug in your *spare* key, and repeat this step using your spare key's saved credentials. It's important to **register both your main and spare keys**.
-
-### Step 9: Create and clone your key's Challenge-response
-
-<div class="admonition success" markdown>
-<p class="admonition-title">For use with KeePassXC</p>
-
-This step is not necessary for all services, but is important for some services and products that will only allow you to register one key. For example, this is important if you wish to use YubiKey as a second factor to unlock your KeePassXC password database.
-
-</div>
-
-#### 9.1. From the Yubico Authenticator
-
-If you can, insert both your main and spare keys at once, and start configuring your main key on the upper-left key menu.
-
-Click on the "Slots" button in the left-side menu. You will see 2 slots listed there labeled as "Short touch" and "Long touch" slots.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the Long touch slot selected and the Challenge-response button selected on the right.](../assets/images/yubikey-reset-and-backup/yubikey-25-config-challenge.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Verify configuration</p>
-
-If you have configured your keys' OTP in the previous step, the "Short touch" slot should now be labeled with "Slot is configured" and the "Long touch" slot should be empty.
-
-</div>
-
-Click on the "Long touch" slot, and on the right-side menu click on the "Challenge-response" button in "Setup". A "Challenge-response" section will pop up with a "Secret key" text field.
-
-![Screenshot of the Yubico Authenticator application showing a Challenge-response popup.](../assets/images/yubikey-reset-and-backup/yubikey-26-config-challengepopup.webp)
-
-#### 9.2. Generate a Secret key and save it
-
-Click on the "Generate random" circle-arrow button on the right to generate a key. Before clicking save, you must copy this **Secret key** at least temporarily somewhere safe. This is how you will be able to clone your key's [Challenge-response](https://docs.yubico.com/yesdk/users-manual/application-otp/challenge-response.html) to your spare key.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Caution! Safeguard this Secret key properly!</p>
-
-This **Secret key** can be used to clone your YubiKey's Challenge-response on any other keys.
-
-If you only want to create one spare key, only copy this Secret key to a local text file and delete it fully once the configuration is completed and tested.
-
-If you want to keep it to create more spare keys later on, make sure to choose a location to store it that is secure and encrypted. For example, do **not** store this Secret key in a cloud service that isn't end-to-end encrypted. Do **not** store this Secret key in the same password manager you will unlock it with. Ideally, only keep this Secret key locally, offline, on an encrypted drive.
-
-</div>
-
-Click on "Require touch" if you wish to have to touch your YubiKey each time your key's Challenge-response is solicited. This is recommended as it will limit your key's Challenge-response being triggered unintentionally. Then, click on "Save" on the lower-right.
-
-#### 9.3. Clone your key's Challenge-response to your spare key
-
-Back to the "Slots" section, click on your *spare* key in the upper-left key menu. The click on "Long touch" and on "Challenge-response" again. Make sure you have selected your *spare key* this time.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the spare key selected. The Long touch is labeled empty.](../assets/images/yubikey-reset-and-backup/yubikey-27-config-challengespare.webp)
-
-In the "Challenge-response" text field for your "Secret key", instead of generating a random one, paste the Secret key you have copied from your main key in the previous step. Click again on "Require touch" to enable it if you wish (optional), then click "Save". You should now see both your spare key's "Short touch" and "Long touch" labeled as configured.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the spare key selected. The Long touch is labeled configured.](../assets/images/yubikey-reset-and-backup/yubikey-28-config-spareconfigured.webp)
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Make a note of which application is in each slot</p>
-
-Although you can swap your YubiKey's slots, make a note of which application you have set up in which slot. If later on you need to delete an application to configure a different one, you want to make sure you delete the right one.
-
-</div>
-
-### Step 10: Register and copy your key's OATH-TOTPs, Passkeys, Static passwords, and OATH-HOTPs
-
-<div class="admonition info" markdown>
-<p class="admonition-title">YubiKey only has 2 configurable slots</p>
-
-You can only set up 2 YubiKey slot applications at the time.
-
-If you have already configured the 2 slots for the **Yubico OTP** and **Challenge-response** applications, and want to keep it that way, you will have no space to add a Static password or OATH-HOTP codes.
-
-In this case, you might want to skip the optional Steps 10.3, 10.4, and 10.5. You will still be able to add OATH-TOTP codes and Passkeys, because these applications are not stored in slots.
-
-</div>
-
-#### 10.1. Register and copy OATH Time-based One-Time Password (OATH-TOTP) codes
-
-To copy the OATH-TOTP authentication codes to your spare key, you will need to [use the same QR code](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/tips.html#oath-accounts) your were provided when originally registering an account on your main key.
-
-When you [add a new account](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/oath.html#oath-add-an-account) to your YubiKey's OATH-TOTPs, keep a copy of the QR code provided by the service or product to be able to register it again with your spare key. Ideally, register both keys at once. Make sure to **secure this QR code properly**, as it could be used to register it with any other authenticator.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">If you have already registered an account</p>
-
-If you have already registered an account and have not kept the QR code for your spare key, you can deregister your main key from this account and start the process over to add an authenticator app to this account. This time, use the QR code provided to register both keys at once, or securely keep a copy of the QR code to add it later.
-
-</div>
-
-Once you have registered a new OATH-TOTP code on your main key, you will not need to provide another time-based one-time password to this account when registering your spare key. You will only need to configure your spare key's OATH-TOTP code in the **Yubico Authenticator** application.
-
-If you successfully completed the setup for both your main and spare keys, the OATH-TOTP code generated should be the same on both keys. You will be able to see all the OATH-TOTP codes registered on your keys from the **Yubico Authenticator**. For this, click on the "Accounts" button on the left-side menu.
-
-![Screenshot of the Yubico Authenticator application showing the Accounts section.](../assets/images/yubikey-reset-and-backup/yubikey-29-config-oathtotp.webp)
-
-To keep your accounts secure, delete the copy of the QR code you have kept once you have completed the registration setup for a new OATH-TOTP account on both your main and spare key (unless you need to keep a backup for other purposes).
-
-Additionally, always make sure to note and secure well any account recovery information provided when adding a second factor of authentication. This is important to avoid getting locked out permanently of services or products.
-
-#### 10.2. Register and copy Passkeys
-
-To copy your [**Passkeys**](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/fido2.html#fido2) to your spare key, simply repeat the same setup process that was used to register the Passkey to your main YubiKey. To see a list of all the Passkeys stored on your key, in the **Yubico Authenticator** click on the "Passkeys" button on the left-side menu.
-
-![Screenshot of the Yubico Authenticator application showing the Passkeys section.](../assets/images/yubikey-reset-and-backup/yubikey-30-config-passkeys.webp)
-
-From the "Passkeys" section, you can also click on the "Set PIN" button the on right to [set up a password](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/fido2.html#creating-and-managing-the-fido2-pin) protection for your Passkeys.
-
-![Screenshot of the Yubico Authenticator application showing a Set PIN popup.](../assets/images/yubikey-reset-and-backup/yubikey-31-config-passkeyspin.webp)
-
-#### 10.3. Optional: Delete YubiKey's slot(s) to install other application(s)
-
-If you are not using the **Yubico OTP** and/or **Challenge-response** applications installed and copied in the previous steps, you might want to delete one or both slots to install either the **Static password** or the **OATH-HOTP** application instead. YubiKeys only have 2 slots, so you cannot use them all at once.
-
-To delete a slot, click on the "Slots" button on the left-side menu, then select the slot you wish to delete. On the right-side menu, scroll down the "Setup" menu and click on "Delete credential".
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the Long touch selected and the Delete credential button selected on the right.](../assets/images/yubikey-reset-and-backup/yubikey-32-deleteslot.webp)
-
-You will be prompted with a warning message, then select "Delete". **Be careful however**, once deleted, there will be no way to restore the credentials you had stored there unless you have noted it elsewhere.
-
-![Screenshot of the Yubico Authenticator application showing a Delete credential popup.](../assets/images/yubikey-reset-and-backup/yubikey-33-deleteslotpopup.webp)
-
-#### 10.4. Optional: Setup and copy Static passwords
-
-To set up the [**Static password**](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/yubico-otp.html#static-passwords) application on your key, you must first allocate a slot to it. Click on the "Slots" button on the left-side menu, select the slot you wish to use, then click on "Static password" in the right-side menu.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the Long touch slot selected, and the Static password button selected on the right.](../assets/images/yubikey-reset-and-backup/yubikey-34-config-static.webp)
-
-A section will pop up with a text field, click on the "Generate random" circle-arrow button on the right to generate a **Password**. You can click on "Append" to deselect the carriage return if you prefer it removed from the end of your Password. This means you will have to press ++return++ manually to confirm each entry.
-
-By default, the "Keyboard MODHEX" will be selected, but you can select a different "keyboard" if you prefer. This will change the type of characters used in your random Password.
-
-![Screenshot of the Yubico Authenticator application showing a Static password popup with a keyboard selection drop-down menu.](../assets/images/yubikey-reset-and-backup/yubikey-35-config-statickeyboards.webp)
-
-Before confirming, copy this Password in a secure local text file temporarily. Then click "Save". Back to the "Slots" section, click on your *spare* key in the upper-left key menu. Then click on the same slot you have used with you main key and select again "Static password" on the right. When prompted with the text field again, paste the Password you have copied (make sure to select the same "keyboard" type). Then, click on "Save".
-
-![Screenshot of the Yubico Authenticator application showing a Static Password popup with a Password field filled.](../assets/images/yubikey-reset-and-backup/yubikey-36-config-staticspare.webp)
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">If you forgot to note your Static password</p>
-
-You can trigger your **Static password** from your main key by opening a secure local text file and touch the gold part of your YubiKey. If you have configured your **Static password** in the "Short touch" slot, only touch the key for a second. If you have configured it in the "Long touch" slot, touch your key for about 3 seconds until a string is generated (make sure not to trigger a different application). You can then copy this Static password string to your spare key.
-
-</div>
-
-#### 10.5. Optional: Setup and copy OATH HMAC-based One-Time Password (OATH-HOTP) codes
-
-To set up [**OATH-HOTP**](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/yubico-otp.html#yubico-otp-hotp) 6 or 8 digits counter-based codes on your YubiKeys, you must first allocate a slot to it. Click on the "Slots" button on the left-side menu, select the slot you wish to use, then click on "OATH-HOTP" in the right-side menu.
-
-![Screenshot of the Yubico Authenticator application showing the Slots section with the Long touch slot selected, and the OATH-HOTP button selected in the right.](../assets/images/yubikey-reset-and-backup/yubikey-37-config-hotp.webp)
-
-An "OATH-HOTP" section will pop up with a "Secret key" text field. Enter a unique and secure Secret key of your choice.
-
-Make sure the Secret key you choose has:
-
-- **A maximum of 32 characters**
-
-- An **even** number of characters (ex: not 31, but 32 will work)
-
-- Only uses characters comprised within: letters from a to z, numbers from 2 to 7
-
-<div class="admonition bug" markdown>
-<p class="admonition-title">If you are asked for an Access code</p>
-
-If you type a Secret key that is longer than 32 characters, you might encounter a bug where an "Access code" window will pop up, even if your key doesn't have any access code set up. If this happens, verify that your Secret key has 32 or fewer characters, and an even number of characters.
-
-</div>
-
-![Screenshot of the Yubico Authenticator application showing an OATH-HOTP popup with a Secret key field filled.](../assets/images/yubikey-reset-and-backup/yubikey-38-config-oathhotppopup.webp)
-
-Keep a **secure copy of this Secret key in a local text file**. You will need it to register with the validation server for each account, and for your spare key.
-
-You can click on "Append" to deselect it if you prefer the carriage return not be included at the end of your Secret key. This means you will have to press ++return++ manually to confirm each entry. Select either "6 digits" or "8 digits" for your OATH-HOTP codes, then click "Save".
-
-To configure your spare key for the [OATH-HOTP](https://www.yubico.com/resources/glossary/oath-hotp/) counter-based codes, you will need to repeat this step with your *spare* key and use the [same](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/tips.html#register-a-spare-yubikey) OATH-HOTP Secret key and OTP length as your main key's configuration.
-
-### Step 11: Generate and copy an OpenPGP key and subkeys to your YubiKeys
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Default PINs</p>
-
-If you have reset the **OpenPGP application** on [Step 6.3](#63-reset-the-applications), you will need both default PINs to set up new ones. After a factory reset of the OpenPGP application, the default PIN is "123456", and the default Admin PIN is "12345678".
-
-</div>
-
-#### 11.1. Secure your YubiKeys' OpenPGP application with a new PIN and Admin PIN
-
-To secure this application after a reset, you should first set up new unique PINs for it. To do so, you will need to use the **ykman CLI** program you have installed on [Step 6.1](#61-install-ykman-cli) from a terminal application.
-
-First, navigate to the application directory as described on [Step 6.2](#62-navigate-to-the-application-directory).
-
-To change the first **default PIN**, type the following command in the terminal:
-
-``` console { .yaml .copy }
-ykman openpgp access change-pin
-```
-
-When prompted, enter the default PIN: **123456**.
-
-Then, enter a **new unique 6-127 digits PIN**, and confirm this new PIN.
-
-Your terminal should confirm with the message "User PIN has been changed." Note this new PIN somewhere secure where you will find it back easily, you will need it for the next steps.
-
-To change the **default Admin PIN**, type the following command in the terminal:
-
-``` console { .yaml .copy }
-ykman openpgp access change-admin-pin
-```
-
-When prompted, enter the default PIN: **12345678**.
-
-Then, enter a **new unique 8-127 digits PIN**, and confirm this new Admin PIN.
-
-Your terminal should confirm with the message "Admin PIN has been changed." Note this new Admin PIN somewhere secure where you will find it back easily, you will need it for the next steps.
-
-![Screenshot of a terminal window showing the commands to change the OpenPGP PIN and Admin PIN.](../assets/images/yubikey-reset-and-backup/yubikey-39-config-pgppins.webp)
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Secure your spare key as well!</p>
-
-Unplug your *main* YubiKey and plug in your *spare* YubiKey. Repeat these steps to secure your spare key as well.
-
-</div>
-
-#### 11.2. Open or install the appropriate GPG application for your OS
-
-Use the pre-installed software (Linux), or download and install a third-party software such as [GPG Suite](https://gpgtools.org/gpgsuite.html) (macOS) or [GPG4Win](https://www.gpg4win.org/download.html) (Windows) to generate and manage an OpenPGP key.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Security recommendation</p>
-
-Yubico strongly [recommends](https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) to generate OpenPGP keys on an offline system, such as a live Linux distribution.
-
-</div>
-
-#### 11.3. Generate an OpenPGP key externally
-
-Open a terminal application and type the following command:
-
-``` console { .yaml .copy }
-gpg --expert --full-gen-key
-```
-
-When prompted to select the type of key you wish to generate, enter `1` for "RSA and RSA (default)".
-
-When asked "What keysize do you want?", type `4096`. Type `4096` as well for the subkey.
-
-![Screenshot of a terminal window showing an OpenPGP key generation.](../assets/images/yubikey-reset-and-backup/yubikey-40-config-pgpgeneratekey.webp)
-
-Follow the instructions to choose an expiration date for your OpenPGP key, and confirm with ++y++.
-
-When prompted with "GnuPG needs to construct a user ID to identify your key", enter the **name** and **email address** you wish to use with this key. Finally, enter a **comment** you want associated with this key (optional), and confirm with `O` for Okay.
-
-Once confirmed, a dialogue box should pop up from your **GPG software**. Create a **passphrase** to protect your OpenPGP key.
-
-![Screenshot of a GPG software application asking to set up a passphrase.](../assets/images/yubikey-reset-and-backup/yubikey-41-config-pgppassphrase.webp)
-
-Go back to your terminal application, and type this command to find your OpenPGP key's ID:
-
-``` console { .yaml .copy }
-gpg --list-keys --keyid-format=long
-```
-
-If you have multiple keys already stored on your computer, this command will list all of your keys.
-
-Only look at the last "key block" listed, and note its **key ID**. Each "key block" starts with a **`pub`** line, followed by a **`uid`** line(s), with potentially one or more **sub** lines (for subkeys).
-
-Your OpenPGP **key ID** will be a string of numbers and uppercase letters on the **`pub`** line, after the "rsa4096" key type, and separated by a **/** character as follows:
-
-``` console
-pub rsa4096/[key_id]
-```
-
-Note this **[key_id]** for the next steps.
-
-#### 11.4. Add subkeys
-
-You do not need to have any of your YubiKeys plugged in yet for this step.
-
-<div class="admonition note" markdown>
-<p class="admonition-title">You might not need to add each subkey type</p>
-
-For this step, we will add one subkey for each of the 3 YubiKey OpenPGP application slots: **Signature key**, **Encryption key**, and **Authentication key**.
-
-Depending on your usage, you might only need a specific type and not the others. Pick and choose what you need and ignore instructions for the others, if they're not relevant to you.
-
-</div>
-
-In a terminal application, type:
-
-``` console
-gpg --expert --edit-key [key_id]
-```
-
-This will start a **`gpg`** program prompt in your terminal. From there, type:
-
-``` console { .yaml .copy }
-addkey
-```
-
-![Screenshot of a terminal window showing the command to edit and add subkeys.](../assets/images/yubikey-reset-and-backup/yubikey-42-config-pgpaddkeys.webp)
-
-When prompted with "Please select what kind of key you want" type `8`.
-
-You will be asked to toggle on or off some subkey options. Here, we will generate all 3 subkeys at once, but adjust this step to your required usage. You might also need different encryption algorithms for different subkeys (see options available from the previous **`gpg`** program question).
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">To generate subkeys separately</p>
-
-To add a **Signature subkey**: Toggle `E` to *disable* encrypt.
-
-To add an **Encryption subkey**: Toggle `S` to *disable* sign.
-
-To add an **Authentication subkey**: Toggle `S`, then toggle `E`, then toggle `A` to keep only Authenticate *enable*.
-
-</div>
-
-To generate all 3 subkeys, type ++a++ to *enable* Authenticate as well (Sign and Encrypt will already be enabled). On the line above the options, you should now see "Current allowed actions: Sign Encrypt Authenticate".
-
-The type ++q++ to confirm your selection (Finished).
-
-![Screenshot of a terminal window showing the option for subkey types.](../assets/images/yubikey-reset-and-backup/yubikey-43-config-pgp3subkeys.webp)
-
-You will then be asked to choose a keysize, type `4096`.
-
-Select an **expiration date** again (it should be the **same as the main OpenPGP key**). Confirm with ++y++ then ++y++ again.
-
-When prompted by your GPG software, enter your OpenPGP key's passphrase, then click "OK".
-
-Once the **`gpg`** prompt is back in your terminal, exit the program by typing `quit`, then save the changes with ++y++.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">For more options on subkeys</p>
-
-You might want to consult Yubico's [documentation](https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) for more information on OpenPGP keys and subkeys.
-
-</div>
-
-#### 11.5. Backup your OpenPGP Private Key and subkeys
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Security warning</p>
-
-Be careful to store your PGP Private Key securely. This information is very sensitive and should never be shared or stored on an unencrypted volume. For better security, store it externally offline on a fully encrypted USB stick.
-
-</div>
-
-If it is reasonably secure to store your private key and subkeys locally on your current device, type the following lines in your terminal (replace `[key_id]` with your specific key's ID).
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Change de default path</p>
-
-Unless you change the path, this command will create a backup of your private key located in the directory you currently are in your terminal.
-
-If you wish to store your private key backup elsewhere, navigate to another directory or add a specific path before the `backup_private_key.asc`. For example: `/Volumes/[secure_volume]/[secure_directory]/backup_private_key.asc`
-
-</div>
-
-``` console
-gpg --armor --output backup_private_key.asc --export-secret-key [key_id]
-```
-
-You will be prompted by your GPG software to enter your OpenPGP key's passphrase, enter it then click "OK".
-
-To also keep a copy of your subkeys, type the following line:
-
-``` console
-gpg --armor --output backup_private_subkeys.asc --export-secret-subkeys [key_id]
-```
-
-You will be prompted by your GPG software again to enter your OpenPGP key's passphrase, enter it then click "OK".
-
-#### 11.6. Move your OpenPGP key and subkeys to your YubiKeys
-
-**Insert your YubiKey** in your computer's port, then type:
-
-``` console
-gpg --edit-key [key_id]
-```
-
-This will show the details for the OpenPGP key (**`sec`**) you just created and its subkeys (**`ssb`**).
-
-In the terminal **`gpg`** prompt, type the command:
-
-``` console { .yaml .copy }
-keytocard
-```
-
-![Screenshot of a terminal window showing details of the OpenPGP key and its subkeys.](../assets/images/yubikey-reset-and-backup/yubikey-44-config-pgpimportsubkeys.webp)
-
-When prompted with "Really move the primary key? (y/N)" type ++y++.
-
-<div class="admonition bug" markdown>
-<p class="admonition-title">If you encounter an error</p>
-
-If you encounter a problem at this step, you might want to exit the terminal **`gpg`** program with `quit`, unplug your YubiKey from your computer, plug it in again, then start [Step 11.6](#116-move-your-openpgp-key-and-subkeys-to-your-yubikeys) over.
-
-</div>
-
-Assuming you have created all 3 subkey types in the previous step, when prompted with "Your selection?", type `1` to move the **Signature subkey** to your YubiKey:
-
-``` console title="Terminal" hl_lines="1 2 6"
-gpg> keytocard
-Really move the primary key? (y/N) y
-Please select where to store the key:
-   (1) Signature key
-   (3) Authentication key
-Your selection? 1
-```
-
-Your GPG software will pop up and require you enter your OpenPGP key's passphrase. There will then be 2 more popups requiring you enter the OpenPGP application's **Admin PIN** you have just setup on [Step 11.1](#111-secure-your-yubikeys-openpgp-application-with-a-new-pin-and-admin-pin). You will be asked for your Admin PIN *twice*.
-
-![Screenshot of a GPG software popup window requiring to enter an Admin PIN.](../assets/images/yubikey-reset-and-backup/yubikey-45-config-pgpadminpin.webp)
-
-Back to the terminal **`gpg`** prompt, type `key 1` then `keytocard` again. This time select `2` to move the **Encryption subkey** to your YubiKey:
-
-``` console title="Terminal" hl_lines="1 5 8"
-gpg> key 1
-
----- [key_information] ----
-
-gpg> keytocard
-Please select where to store the key:
-   (2) Encryption key
-Your selection? 2
-```
-
-Again, enter your OpenPGP key's passphrase and your OpenPGP application's Admin PIN when prompted by your GPG software.
-
-Back to the terminal **`gpg`** prompt, type `key 1` then `key 2` then `keytocard` again. This time select `3` to move the **Authentication subkey** to your YubiKey:
-
-``` console title="Terminal" hl_lines="1 5 9 14"
-gpg> key 1
-
----- [key_information] ----
-
-gpg> key 2
-
----- [key_information] ----
-
-gpg> keytocard
-Please select where to store the key:
-   (1) Signature key
-   (2) Encryption key
-   (3) Authentication key
-Your selection? 3
-```
-
-Enter your OpenPGP key passphrase and your OpenPGP application's Admin PIN when prompted by your GPG software.
-
-Finally, type `quit`, then ++y++ to save the changes before exiting the **`gpg`** terminal program.
-
-#### 11.7. Verify that all your subkeys are stored properly to your YubiKey
-
-From the terminal, type:
-
-``` console { .yaml .copy }
-gpg --card-edit
-```
-
-This will display the information stored inside your YubiKey's OpenPGP application.
-
-From the information displayed in the terminal, you can see your YubiKey's serial number, version, some attributes, your OpenPGP key information, and the 3 subkey slots.
-
-If you have completed the steps above properly, above "General key info" you should see the lines "Signature key", "Encryption key", and "Authentication key" all have information stored in it. Otherwise, instead of a string of uppercase letters and numbers you will see "[none]".
-
-If all 3 slots are filled as expected, type `quit` to leave this **card** program.
-
-#### 11.8. Copy your OpenPGP key and subkeys to your spare YubiKey
-
-To make this operation work, you will have to delete your local key and subkeys and restore them from your backups.
-
-First, **unplug your main YubiKey**. For the next step, you will need your OpenPGP key's and subkeys' *grip* strings. Type the following command in your terminal:
-
-``` console { .yaml .copy }
-gpg --list-secret-keys --with-keygrip
-```
-
-If you have multiple keys listed, only look at the last block for OpenPGP key and subkeys you just created.
-
-Note carefully the **Keygrip** string for each key and subkeys.
-
-For your OpenPGP key, look at the lines starting with "`sec>`" on the left. The **Keygrip** string will be just above "Card serial no".
-
-For the subkeys, look at each block starting with "`ssb>`" on the left. The **Keygrip** string will be on the second line for each. It should look something like this:
-
-``` console title="Terminal" hl_lines="3 7 9"
-sec>  rsa4096 2025-03-04 [SC] [expires: 2025-03-06]
-      ABC42ABC42ABC42ABC42ABC42[key_id]
-      Keygrip = [key_grip]
-      Card serial no. = 0000 [yubikey_serial_number]
-uid           [ultimate] Name (Comment) <email@example.org>
-ssb>  rsa4096 2025-03-04 [E] [expires: 2025-03-06]
-      Keygrip = [subkey_grip]
-ssb>  rsa4096 2025-03-04 [SEA] [expires: 2025-03-06]
-      Keygrip = [subkey_grip]
-```
-
-Send a delete command for each key and subkeys:
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Danger! Make sure to delete the right key!</p>
-
-If you have multiple keys stored on this computer, when noting the **Keygrip** make sure to note the correct one for the OpenPGP key you have just created and all its subkeys. You would not want to delete *another* important key you need.
-
-For safety, it is recommended to keep a backup of your other keys as well before running the deletion commands below.
-
-</div>
-
-You will need to send a delete command to the GPG agent in order to be able to restore and copy your subkeys to your spare YubiKey. Type the following command and replace `[key_grip]` with the string you have noted above:
-
-``` console
-gpg-connect-agent "DELETE_KEY [key_grip]" /bye
-```
-
-Once you see the "OK", type the following command for your subkeys and replace `[subkey_grip]` with the strings you have noted above.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Repeat this command for each subkey with their respective Keygrip string.</p></div>
-
-``` console
-gpg-connect-agent "DELETE_KEY [subkey_grip]" /bye
-```
-
-Restore your key and subkeys:
-
-To restore your OpenPGP key and subkeys from your backup, type the following command (add the specific directory path you used, if any):
-
-``` console { .yaml .copy }
-gpg --import backup_private_key.asc
-```
-
-Enter your OpenPGP key's passphrase when prompted by your GPG software. Then, for your subkeys type:
-
-``` console { .yaml .copy }
-gpg --import backup_private_subkeys.asc
-```
-
-Enter your OpenPGP key's passphrase again if prompted by your GPG software.
-
-Copy your OpenPGP key and subkeys to your spare YubiKey:
-
-**Plug in your *spare* YubiKey** in your computer's port. Make sure your main YubiKey is *unplugged*.
-
-Repeat all the operations from [Step 11.6](#116-move-your-openpgp-key-and-subkeys-to-your-yubikeys) for your *spare* YubiKey. Use the same OpenPGP **[key_id]** you have used with your main YubiKey.
-
-Again, verify that all your YubiKey's OpenPGP application slots have been filled properly by repeating [Step 11.7](#117-verify-that-all-your-subkeys-are-stored-properly-to-your-yubikey) with your spare YubiKey.
-
-You can now `quit` this **card** program, unplug your *spare* YubiKey, plug in your main YubiKey again, and type `gpg --card-edit` again to verity that both your main and spare YubiKeys have the exact same "Signature key", "Encryption key", and "Authentication key" registered.
-
-Following this procedure correctly, each of these subkey slots should be identical on your main and spare YubiKeys. The "General key info" should also be identical between your YubiKeys, but each "Serial number" should be different.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">The gpg-card program</p>
-
-From this command, you can change other parameters for your YubiKey's OpenPGP application if needed. To see more options, you can consult Yubico's [documentation](https://developers.yubico.com/PGP/PGP_Walk-Through.html).
-
-</div>
-
-<div class="admonition bug" markdown>
-<p class="admonition-title">Troubleshooting</p>
-
-If you need additional help to troubleshoot, reset, setup, or copy information to your spare YubiKey, you can contact Yubico's Customer Support service from [this form](https://support.yubico.com/hc/en-us/requests/new).
-
-</div>
-
-## Review your configuration
-
-Once you have fully reset and reconfigured your 2 YubiKeys, make sure that you have:
-
-- [x] Registered both keys with the YubiCloud validation server.
-
-- [x] Tested each YubiKey application you will use on both keys before registering them with any service or product.
-
-- [x] Configured properly all the protections and pins available to secure your keys.
-
-- [x] Deleted the temporary files containing secrets that you no longer need for backup purposes.
-
-- [x] Stored your spare key in a different secure location, once it's registered with your services and accounts.
-
-Finally, do not forget to register your freshly re-programmed YubiKey(s) with the services and accounts you had to remove it from. Do not leave your accounts unprotected!
-
-<div class="admonition info" markdown>
-<p class="admonition-title">More information</p>
-
-This tutorial only covers a few features and usages possible with YubiKeys, consult **Yubico Authenticator**'s [complete documentation](https://docs.yubico.com/software/yubikey/tools/authenticator/auth-guide/) and [guides](https://www.yubico.com/setup/) for more information.
-
-</div>
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
diff --git a/content/blog/tags.md b/content/blog/tags.md
deleted file mode 100644
index 98e6010a6..000000000
--- a/content/blog/tags.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Tags
-
-<!-- material/tags -->
diff --git a/hugo.yaml b/hugo.yaml
index 9fe73143f..26293c316 100644
--- a/hugo.yaml
+++ b/hugo.yaml
@@ -1,13 +1,11 @@
 # Hugo configuration file
 title: Privacy Guides
+relativeURLs: true
 
 # temporarily ignore blog content
 ignoreFiles:
   - "blog"
 
-# use relative links
-relativeURLs: true
-
 # import hextra as module
 module:
   imports:
@@ -105,8 +103,14 @@ outputs:
   section: [HTML, RSS]
 
 defaultContentLanguage: en
-defaultContentLanguageInSubdir: true
+defaultContentLanguageInSubdir: false
 languages:
   en:
+    baseURL: https://en.privacyguides.org
     languageName: English
     weight: 1
+  # fr:
+  #   baseURL: https://fr.privacyguides.org
+  #   languageName: Français
+  #   weight: 2
+  #   disabled: true
diff --git a/static/_redirects b/static/_redirects
new file mode 100644
index 000000000..e905de411
--- /dev/null
+++ b/static/_redirects
@@ -0,0 +1,124 @@
+/en/  https://en.privacyguides.org/  301
+/en/CODE_OF_CONDUCT/  https://github.com/privacyguides/privacyguides.org/blob/main/.github/CODE_OF_CONDUCT.md  301
+/en/about/  https://en.privacyguides.org/about/  301
+/en/about/contributors/  https://en.privacyguides.org/about/  301
+/en/about/criteria/  https://en.privacyguides.org/about/criteria/  301
+/en/about/donate/  https://en.privacyguides.org/about/donate/  301
+/en/about/donation-acceptance-policy/  https://en.privacyguides.org/about/donation-acceptance-policy/  301
+/en/about/executive-policy/  https://en.privacyguides.org/about/executive-policy/  301
+/en/about/jobs/  https://en.privacyguides.org/about/jobs/  301
+/en/about/jobs/content-creator/  https://en.privacyguides.org/about/jobs/  301
+/en/about/jobs/intern-news/  https://en.privacyguides.org/about/jobs/  301
+/en/about/jobs/journalist/  https://en.privacyguides.org/about/jobs/  301
+/en/about/notices/  https://en.privacyguides.org/about/notices/  301
+/en/about/privacytools/  https://en.privacyguides.org/about/privacytools/  301
+/en/about/services/  https://en.privacyguides.org/about/services/  301
+/en/about/statistics/  https://en.privacyguides.org/about/statistics/  301
+/en/activism/  https://en.privacyguides.org/activism/  301
+/en/activism/legal/dpa-directory/  https://en.privacyguides.org/activism/legal/dpa-directory/  301
+/en/activism/toolbox/  https://en.privacyguides.org/activism/toolbox/  301
+/en/activism/toolbox/tip-be-kind-to-people-but-be-relentless-with-institutions/  https://en.privacyguides.org/activism/toolbox/tip-be-kind-to-people-but-be-relentless-with-institutions/  301
+/en/activism/toolbox/tip-be-mindful-of-accessibility/  https://en.privacyguides.org/activism/toolbox/tip-be-mindful-of-accessibility/  301
+/en/activism/toolbox/tip-beware-of-privacy-snake-oil/  https://en.privacyguides.org/activism/toolbox/tip-beware-of-privacy-snake-oil/  301
+/en/activism/toolbox/tip-consider-everyones-unique-situation/  https://en.privacyguides.org/activism/toolbox/tip-consider-everyones-unique-situation/  301
+/en/activism/toolbox/tip-dont-stop-at-individual-solutions/  https://en.privacyguides.org/activism/toolbox/tip-dont-stop-at-individual-solutions/  301
+/en/activism/toolbox/tip-engage-boosts-and-contribute/  https://en.privacyguides.org/activism/toolbox/tip-engage-boosts-and-contribute/  301
+/en/activism/toolbox/tip-give-credit-where-credit-is-due/  https://en.privacyguides.org/activism/toolbox/tip-give-credit-where-credit-is-due/  301
+/en/activism/toolbox/tip-improve-your-social-media-and-build-resilient-communities/  https://en.privacyguides.org/activism/toolbox/tip-improve-your-social-media-and-build-resilient-communities/  301
+/en/activism/toolbox/tip-keep-in-mind-the-whole-landscape/  https://en.privacyguides.org/activism/toolbox/tip-keep-in-mind-the-whole-landscape/  301
+/en/activism/toolbox/tip-keep-your-posts-and-community-inclusive/  https://en.privacyguides.org/activism/toolbox/tip-keep-your-posts-and-community-inclusive/  301
+/en/activism/toolbox/tip-know-your-privacy-laws/  https://en.privacyguides.org/activism/toolbox/tip-know-your-privacy-laws/  301
+/en/activism/toolbox/tip-level-up-assemble-and-organize/  https://en.privacyguides.org/activism/toolbox/tip-level-up-assemble-and-organize/  301
+/en/activism/toolbox/tip-lift-your-allies-up/  https://en.privacyguides.org/activism/toolbox/tip-lift-your-allies-up/  301
+/en/activism/toolbox/tip-make-it-cute/  https://en.privacyguides.org/activism/toolbox/tip-make-it-cute/  301
+/en/activism/toolbox/tip-migrate-outside-the-surveillance-ecosystem/  https://en.privacyguides.org/activism/toolbox/tip-migrate-outside-the-surveillance-ecosystem/  301
+/en/activism/toolbox/tip-protect-your-allies/  https://en.privacyguides.org/activism/toolbox/tip-protect-your-allies/  301
+/en/activism/toolbox/tip-refuse-to-participate/  https://en.privacyguides.org/activism/toolbox/tip-refuse-to-participate/  301
+/en/activism/toolbox/tip-report-privacy-violations/  https://en.privacyguides.org/activism/toolbox/tip-report-privacy-violations/  301
+/en/activism/toolbox/tip-small-actions-matter/  https://en.privacyguides.org/activism/toolbox/tip-small-actions-matter/  301
+/en/activism/toolbox/tip-start-alliances-not-wars/  https://en.privacyguides.org/activism/toolbox/tip-start-alliances-not-wars/  301
+/en/activism/toolbox/tip-stay-true-to-your-principles/  https://en.privacyguides.org/activism/toolbox/tip-stay-true-to-your-principles/  301
+/en/activism/toolbox/tip-support-your-privacy-comrades/  https://en.privacyguides.org/activism/toolbox/tip-support-your-privacy-comrades/  301
+/en/activism/toolbox/tip-take-time-to-rest/  https://en.privacyguides.org/activism/toolbox/tip-take-time-to-rest/  301
+/en/activism/toolbox/tip-value-allies-with-complementary-expertise/  https://en.privacyguides.org/activism/toolbox/tip-value-allies-with-complementary-expertise/  301
+/en/activism/toolbox/tip-welcome-beginners/  https://en.privacyguides.org/activism/toolbox/tip-welcome-beginners/  301
+/en/advanced/communication-network-types/  https://en.privacyguides.org/wiki/advanced/communication-networks/  301
+/en/advanced/dns-overview/  https://en.privacyguides.org/wiki/advanced/dns-overview/  301
+/en/advanced/payments/  https://en.privacyguides.org/wiki/advanced/payments/  301
+/en/advanced/tor-overview/  https://en.privacyguides.org/wiki/advanced/tor-overview/  301
+/en/ai-chat/  https://en.privacyguides.org/tools/software/ai-chat/  301
+/en/alternative-networks/  https://en.privacyguides.org/tools/advanced/alternative-networks/  301
+/en/android/  https://en.privacyguides.org/tools/os/android/  301
+/en/android/distributions/  https://en.privacyguides.org/tools/os/android/distributions/  301
+/en/android/general-apps/  https://en.privacyguides.org/tools/os/android/general-apps/  301
+/en/android/obtaining-apps/  https://en.privacyguides.org/tools/os/android/obtaining-apps/  301
+/en/basics/account-creation/  https://en.privacyguides.org/wiki/basics/account-creation/  301
+/en/basics/account-deletion/  https://en.privacyguides.org/wiki/basics/account-deletion/  301
+/en/basics/common-misconceptions/  https://en.privacyguides.org/wiki/basics/common-misconceptions/  301
+/en/basics/common-threats/  https://en.privacyguides.org/wiki/basics/common-threats/  301
+/en/basics/email-security/  https://en.privacyguides.org/wiki/basics/email-security/  301
+/en/basics/hardware/  https://en.privacyguides.org/wiki/basics/hardware/  301
+/en/basics/multi-factor-authentication/  https://en.privacyguides.org/wiki/basics/multi-factor-authentication/  301
+/en/basics/passwords-overview/  https://en.privacyguides.org/wiki/basics/passwords-overview/  301
+/en/basics/threat-modeling/  https://en.privacyguides.org/wiki/basics/threat-modeling/  301
+/en/basics/vpn-overview/  https://en.privacyguides.org/wiki/basics/vpn-overview/  301
+/en/basics/why-privacy-matters/  https://en.privacyguides.org/wiki/basics/why-privacy-matters/  301
+/en/browser-extensions/  https://en.privacyguides.org/tools/software/browser-extensions/  301
+/en/calendar/  https://en.privacyguides.org/tools/services/calendar/  301
+/en/cloud/  https://en.privacyguides.org/tools/services/cloud/  301
+/en/cryptocurrency/  https://en.privacyguides.org/tools/software/cryptocurrency/  301
+/en/data-broker-removals/  https://en.privacyguides.org/tools/services/data-broker-removals/  301
+/en/data-redaction/  https://en.privacyguides.org/tools/software/data-redaction/  301
+/en/desktop-browsers/  https://en.privacyguides.org/tools/software/desktop-browsers/  301
+/en/desktop/  https://en.privacyguides.org/tools/os/desktop/  301
+/en/device-integrity/  https://en.privacyguides.org/tools/advanced/device-integrity/  301
+/en/dns/  https://en.privacyguides.org/tools/services/dns/  301
+/en/document-collaboration/  https://en.privacyguides.org/tools/software/document-collaboration/  301
+/en/email-aliasing/  https://en.privacyguides.org/tools/services/email-aliasing/  301
+/en/email-clients/  https://en.privacyguides.org/tools/software/email-clients/  301
+/en/email/  https://en.privacyguides.org/tools/services/email/  301
+/en/encryption/  https://en.privacyguides.org/tools/software/encryption/  301
+/en/file-sharing/  https://en.privacyguides.org/tools/software/file-sharing/  301
+/en/financial-services/  https://en.privacyguides.org/tools/services/financial-services/  301
+/en/frontends/  https://en.privacyguides.org/tools/software/frontends/  301
+/en/health-and-wellness/  https://en.privacyguides.org/tools/software/health-and-wellness/  301
+/en/language-tools/  https://en.privacyguides.org/tools/software/language-tools/  301
+/en/maps/  https://en.privacyguides.org/tools/software/maps/  301
+/en/meta/admonitions/  https://github.com/privacyguides/privacyguides.org  301
+/en/meta/brand/  https://github.com/privacyguides/brand  301
+/en/meta/commit-messages/  https://github.com/privacyguides/privacyguides.org  301
+/en/meta/git-recommendations/  https://github.com/privacyguides/privacyguides.org  301
+/en/meta/pr-comments/  https://github.com/privacyguides/privacyguides.org  301
+/en/meta/translations/  https://crowdin.com/project/privacyguides  301
+/en/meta/uploading-images/  https://github.com/privacyguides/privacyguides.org  301
+/en/meta/writing-style/  https://github.com/privacyguides/privacyguides.org  301
+/en/mobile-browsers/  https://en.privacyguides.org/tools/software/mobile-browsers/  301
+/en/mobile-phones/  https://en.privacyguides.org/tools/hardware/mobile-phones/  301
+/en/multi-factor-authentication/  https://en.privacyguides.org/tools/software/multi-factor-authentication/  301
+/en/news-aggregators/  https://en.privacyguides.org/tools/software/news-aggregators/  301
+/en/notebooks/  https://en.privacyguides.org/tools/software/notebooks/  301
+/en/office-suites/  https://en.privacyguides.org/tools/software/office-suites/  301
+/en/os/  https://en.privacyguides.org/wiki/os/  301
+/en/os/android-overview/  https://en.privacyguides.org/wiki/os/android/  301
+/en/os/ios-overview/  https://en.privacyguides.org/wiki/os/ios/  301
+/en/os/linux-overview/  https://en.privacyguides.org/wiki/os/linux/  301
+/en/os/macos-overview/  https://en.privacyguides.org/wiki/os/macos/  301
+/en/os/qubes-overview/  https://en.privacyguides.org/wiki/os/qubes/  301
+/en/os/windows/  https://en.privacyguides.org/wiki/os/windows/  301
+/en/os/windows/group-policies/  https://en.privacyguides.org/wiki/os/windows/group-policies/  301
+/en/passwords/  https://en.privacyguides.org/tools/software/passwords/  301
+/en/pastebins/  https://en.privacyguides.org/tools/software/pastebins/  301
+/en/photo-management/  https://en.privacyguides.org/tools/services/photo-backups/  301
+/en/privacy/  https://en.privacyguides.org/privacy/  301
+/en/real-time-communication/  https://en.privacyguides.org/tools/services/messengers/  301
+/en/router/  https://en.privacyguides.org/tools/os/router-firmware/  301
+/en/search-engines/  https://en.privacyguides.org/tools/services/search-engines/  301
+/en/security-keys/  https://en.privacyguides.org/tools/hardware/security-keys/  301
+/en/self-hosting/  https://en.privacyguides.org/tools/self-hosting/  301
+/en/self-hosting/dns-filtering/  https://en.privacyguides.org/tools/self-hosting/dns-filtering/  301
+/en/self-hosting/email-servers/  https://en.privacyguides.org/tools/self-hosting/email-servers/  301
+/en/self-hosting/file-management/  https://en.privacyguides.org/tools/self-hosting/file-management/  301
+/en/social-networks/  https://en.privacyguides.org/tools/software/social-networks/  301
+/en/tools/  https://en.privacyguides.org/tools/  301
+/en/tor/  https://en.privacyguides.org/tools/software/tor/  301
+/en/vpn/  https://en.privacyguides.org/tools/services/vpn/  301