mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2026-05-26 13:21:20 +00:00
refactor: Follow Hugo leaf vs branch conventions
This commit is contained in:
+13
-13
@@ -27,9 +27,9 @@ The options listed here are available on multiple platforms and great for creati
|
||||
### Cryptomator (Cloud)
|
||||
|
||||
<small>Protects against the following threat(s):</small>
|
||||
[{{< badge content="Passive Attacks" color="amber" >}}](../../../wiki/basics/common-threats/_index.md#security-and-privacy)
|
||||
[{{< badge content="Passive Attacks" color="amber" >}}](../../../wiki/basics/common-threats/index.md#security-and-privacy)
|
||||
|
||||
**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](../../../wiki/basics/common-threats/_index.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
|
||||
**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](../../../wiki/basics/common-threats/index.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
|
||||
|
||||
{{< cards >}}
|
||||
{{< card link="https://cryptomator.org" title="Homepage" icon="home" >}}
|
||||
@@ -55,7 +55,7 @@ Cryptomator's documentation details its intended [security target](https://docs.
|
||||
### VeraCrypt (Disk)
|
||||
|
||||
<small>Protects against the following threat(s):</small>
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/_index.md#attacks-against-specific-individuals)
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals)
|
||||
|
||||
**VeraCrypt** is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file, encrypt a partition, or encrypt the entire storage device with pre-boot authentication.
|
||||
|
||||
@@ -77,9 +77,9 @@ TrueCrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
|
||||
## Operating System Encryption
|
||||
|
||||
<small>Protects against the following threat(s):</small>
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/_index.md#attacks-against-specific-individuals)
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals)
|
||||
|
||||
Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](../../../wiki/basics/hardware/_index.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
|
||||
Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](../../../wiki/basics/hardware/index.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
|
||||
|
||||
<details class="warning" markdown>
|
||||
|
||||
@@ -100,11 +100,11 @@ Powering off your devices when they’re not in use provides the highest level o
|
||||
|
||||
BitLocker is [officially supported](https://support.microsoft.com/en-us/windows/bitlocker-overview-44c0c61c-989d-4a69-8822-b95cd49b1bbf) on the Pro, Enterprise, and Education editions of Windows. The Home edition only supports automatic [Device Encryption](https://support.microsoft.com/en-us/windows/device-encryption-in-windows-cf7e2b6f-3e70-4882-9532-18633605b7df) and must meet specific hardware requirements. If you’re using the Home edition, we recommend [upgrading to Pro](https://support.microsoft.com/en-us/windows/upgrade-windows-home-to-windows-pro-ef34d520-e73f-3198-c525-d1a218cc2818), which can be done without reinstalling Windows or losing your files.
|
||||
|
||||
Pro and higher editions also support the more secure pre-boot [TPM+PIN](https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/faq#what-is-the-difference-between-a-tpm-owner-password--recovery-password--recovery-key--pin--enhanced-pin--and-startup-key) feature, configured through the appropriate [group policy](../../../wiki/os/windows/group-policies/_index.md#bitlocker-drive-encryption) settings. The PIN is rate limited and the TPM will panic and lock access to the encryption key either permanently or for a period of time if someone attempts to brute force access.
|
||||
Pro and higher editions also support the more secure pre-boot [TPM+PIN](https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/faq#what-is-the-difference-between-a-tpm-owner-password--recovery-password--recovery-key--pin--enhanced-pin--and-startup-key) feature, configured through the appropriate [group policy](../../../wiki/os/windows/group-policies/index.md#bitlocker-drive-encryption) settings. The PIN is rate limited and the TPM will panic and lock access to the encryption key either permanently or for a period of time if someone attempts to brute force access.
|
||||
|
||||
### FileVault
|
||||
|
||||
**FileVault** is the on-the-fly volume encryption solution built into macOS. FileVault takes advantage of the [hardware security capabilities](../../../wiki/os/macos/_index.md#hardware-security) present on an Apple Silicon SoC or T2 Security Chip.
|
||||
**FileVault** is the on-the-fly volume encryption solution built into macOS. FileVault takes advantage of the [hardware security capabilities](../../../wiki/os/macos/index.md#hardware-security) present on an Apple Silicon SoC or T2 Security Chip.
|
||||
|
||||
{{< cards >}}
|
||||
{{< card link="https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac" title="Documentation" icon="document-text" >}}
|
||||
@@ -151,7 +151,7 @@ udisksctl unlock -b /dev/loop0
|
||||
## Command-line
|
||||
|
||||
<small>Protects against the following threat(s):</small>
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/_index.md#attacks-against-specific-individuals)
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals)
|
||||
|
||||
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
|
||||
|
||||
@@ -180,9 +180,9 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
|
||||
## OpenPGP
|
||||
|
||||
<small>Protects against the following threat(s):</small>
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/_index.md#attacks-against-specific-individuals)
|
||||
[{{< badge content="Passive Attacks" color="amber" >}}](../../../wiki/basics/common-threats/_index.md#security-and-privacy)
|
||||
[{{< badge content="Service Providers" color="indigo" >}}](../../../wiki/basics/common-threats/_index.md#privacy-from-service-providers)
|
||||
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals)
|
||||
[{{< badge content="Passive Attacks" color="amber" >}}](../../../wiki/basics/common-threats/index.md#security-and-privacy)
|
||||
[{{< badge content="Service Providers" color="indigo" >}}](../../../wiki/basics/common-threats/index.md#privacy-from-service-providers)
|
||||
|
||||
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
|
||||
|
||||
@@ -221,7 +221,7 @@ When encrypting with PGP, you have the option to configure different options in
|
||||
|
||||
### GPG Suite
|
||||
|
||||
**GPG Suite** provides OpenPGP support for [Apple Mail](../email-clients/_index.md#apple-mail-macos) and other email clients on macOS.
|
||||
**GPG Suite** provides OpenPGP support for [Apple Mail](../email-clients/index.md#apple-mail-macos) and other email clients on macOS.
|
||||
|
||||
We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge Base](https://gpgtools.tenderapp.com/kb) for support.
|
||||
|
||||
@@ -236,7 +236,7 @@ Currently, GPG Suite does [not yet](https://gpgtools.com/sequoia) have a stable
|
||||
|
||||
### OpenKeychain
|
||||
|
||||
**OpenKeychain** is an implementation of GnuPG for Android. It's commonly required by mail clients such as [Thunderbird](../email-clients/_index.md#thunderbird), [FairEmail](../email-clients/_index.md#fairemail-android), and other Android apps to provide encryption support.
|
||||
**OpenKeychain** is an implementation of GnuPG for Android. It's commonly required by mail clients such as [Thunderbird](../email-clients/index.md#thunderbird), [FairEmail](../email-clients/index.md#fairemail-android), and other Android apps to provide encryption support.
|
||||
|
||||
{{< cards >}}
|
||||
{{< card link="https://openkeychain.org" title="Homepage" icon="home" >}}
|
||||
Reference in New Issue
Block a user