privacyguides
/
privacyguides.org
mirror of https://github.com/privacyguides/privacyguides.org.git
1
0
Fork 0
Code Issues Activity

Transition to mkdocs (#829) 

Co-authored-by: Jonah Aragon <jonah@triplebit.net>
This commit is contained in:
Daniel Gray 2022-04-01 19:29:18 +00:00
parent 78b49b2f4e
commit 8ef8e2a263
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
742 changed files with 4489 additions and 6624 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.github/actions/build/action.yml vendored
View File

@ -1,11 +0,0 @@
name: 'Build'
description: 'Builds Jekyll Site'
runs:
using: "composite"
steps:
- shell: bash
run: |
sed -i "s/^ date:.*$/ date: $(TZ=UTC date "+%Y-%m-%d")/" _config.yml
sed -i "s/^ time:.*$/ time: $(TZ=UTC date "+%H:%M:%S %Z")/" _config.yml
- shell: bash
run: npm run build

53
.github/workflows/build.yml vendored Normal file
View File

@ -0,0 +1,53 @@
name: Build Website
on:
pull_request:
branches:
- main
env:
PYTHON_VERSION: 3.x
jobs:
build:
name: Build website
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up Python runtime
uses: actions/setup-python@v3
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Cache files
uses: actions/cache@v2
with:
key: ${{ github.ref }}
path: .cache
- name: Install Python dependencies
run: |
pip install 'mkdocs>=1.3.0'
- name: Install mkdocs-material Insiders build
if: github.event.repository.fork == false
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: |
git clone --depth 1 https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
pip install -e mkdocs-material-insiders
- name: Build website
run: |
mkdocs build --config-file mkdocs.production.yml
mv .well-known site/
tar cvf site.tar site
mkdocs --version
- name: Package website
uses: actions/upload-artifact@v2
with:
name: generated-site
path: site.tar

73
.github/workflows/deploy.yml vendored Normal file
View File

@ -0,0 +1,73 @@
name: Deploy Website
on:
push:
branches:
- main
env:
PYTHON_VERSION: 3.x
jobs:
build:
name: Build website
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up Python runtime
uses: actions/setup-python@v3
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Cache files
uses: actions/cache@v2
with:
key: ${{ github.ref }}
path: .cache
- name: Install Python dependencies
run: |
pip install 'mkdocs>=1.3.0'
- name: Install mkdocs-material Insiders build
if: github.event.repository.fork == false
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: |
git clone --depth 1 https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
pip install -e mkdocs-material-insiders
- name: Build website
run: |
mkdocs build --config-file mkdocs.production.yml
mv .well-known site/
tar cvf site.tar site
mkdocs --version
- name: Package website
uses: actions/upload-artifact@v2
with:
name: generated-site
path: site.tar
deploy:
name: Rsync Deploy
runs-on: ubuntu-latest
environment: production
needs: build
steps:
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Copy built site to production
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa
chmod 700 ~/.ssh/id_rsa
ssh-keyscan -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts
rsync -azP --delete site/ ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }}:${{ secrets.SSH_PATH }}

62
.github/workflows/production.yml vendored
View File

@ -1,62 +0,0 @@
name: Production Deploy
concurrency:
group: Production
cancel-in-progress: true
on:
push:
branches: [ main ]
env:
FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
jobs:
build:
name: Jekyll Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/setup-node@v3
with:
node-version: '14'
- name: Cache Jekyll build
uses: actions/cache@v3
with:
path: |
.jekyll-cache
.sass-cache
key: ${{ runner.os }}-jekyll-${{ hashFiles('**/*.??m[ld]') }}
- name: Install dependencies
run: npm install
- name: Build website
uses: ./.github/actions/build
- run: tar cvf site.tar _site
- name: Upload generated Jekyll site
uses: actions/upload-artifact@v2
with:
name: generated-site
path: site.tar
deploy:
name: Rsync Deploy
runs-on: ubuntu-latest
environment: production
needs: build
steps:
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Copy built site to production
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa
chmod 700 ~/.ssh/id_rsa
ssh-keyscan -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts
rsync -azP --delete _site/ ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }}:${{ secrets.SSH_PATH }}

238
.github/workflows/tests.yml vendored
View File

@ -1,238 +0,0 @@
name: Code tests
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
jobs:
deps:
name: "Dependency Install"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Cache node modules
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-npm-
- uses: actions/setup-node@v3
with:
node-version: '14'
- run: npm install
- run: tar cvf node_modules.tar node_modules
- name: Upload node_modules for Jekyll build
uses: actions/upload-artifact@v2
with:
name: node_modules
path: node_modules.tar
build:
name: "Jekyll Build"
runs-on: ubuntu-latest
needs: deps
steps:
- uses: actions/checkout@v3
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: actions/setup-node@v3
with:
node-version: '14'
- name: Cache Jekyll build
uses: actions/cache@v3
with:
path: |
.jekyll-cache
.sass-cache
key: ${{ runner.os }}-jekyll-${{ hashFiles('**/*.??m[ld]') }}
restore-keys: |
${{ runner.os }}-jekyll-
- name: Set Date and Time
run: |
sed -i "s/^ date:.*$/ date: $(TZ=UTC date "+%Y-%m-%d")/" _config.yml
sed -i "s/^ time:.*$/ time: $(TZ=UTC date "+%H:%M:%S %Z")/" _config.yml
- name: Download node_modules
uses: actions/download-artifact@v2
with:
name: node_modules
- run: tar xvf node_modules.tar
- name: Generate Website
run: npm run build
- run: tar cvf site.tar _site
- name: Upload generated Jekyll site
uses: actions/upload-artifact@v2
with:
name: generated-site
path: site.tar
link:
name: "Broken Hyperlinks (Internal)"
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Copy built site to production
run: |
mv ${{ github.workspace }}/_site /tmp/
mkdir -p /tmp/src
mv ${{ github.workspace }}/* /tmp/src/
mkdir -p ${{ github.workspace }}/src
mv /tmp/src/* ${{ github.workspace }}/src/
mv /tmp/_site ${{ github.workspace }}/
- name: Internal link checker
uses: untitaker/hyperlink@0.1.21
with:
args: _site/ --sources src/
extlink:
name: "Broken Hyperlinks (External)"
runs-on: ubuntu-latest
needs: [build, link]
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Cache HTMLProofer
id: cache-htmlproofer
uses: actions/cache@v3
with:
path: tmp/.htmlproofer
key: ${{ runner.os }}-htmlproofer-${{ hashFiles('_site/**.html') }}
restore-keys: |
${{ runner.os }}-htmlproofer-
${{ runner.os }}-htmlproofer
- name: Check External Links (Informational, Soft-Fail)
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --external_only --internal-domains privacyguides.org,www.privacyguides.org --timeframe 30d --url-ignore '/https:\/\/developers\.cloudflare\.com\//,/https:\/\/github\.com\/privacyguides\/privacyguides\.org\/(edit|tree|blob)\/main/,/https:\/\/support\.(startmail|yubico)\.com\//'
continue-on-error: true
https:
name: "Require HTTPS Internal Images"
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Check Images
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --check-img-http --internal-domains privacyguides.org,www.privacyguides.org --disable-external --checks-to-ignore LinkCheck,ScriptCheck
scripts:
name: "Script Reference Checks"
runs-on: ubuntu-latest
needs: [build, link]
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Check HTML
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --check-html --disable-external --check-sri --report-script-embeds --internal-domains privacyguides.org,www.privacyguides.org --checks-to-ignore LinkCheck,ImageCheck,HtmlCheck
tags:
name: "HTML Tag Test"
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Validate HTML
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --check-html --disable-external --allow-hash-href --internal-domains privacyguides.org,www.privacyguides.org --report-invalid-tags --report-eof-tags --report-mismatched-tags --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
entity:
name: "HTML Entity Names Test"
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Validate HTML
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --check-html --disable-external --allow-hash-href --internal-domains privacyguides.org,www.privacyguides.org --report-missing-names --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
misc:
name: "Misc HTML Test"
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Validate HTML
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --check-html --disable-external --internal-domains privacyguides.org,www.privacyguides.org --report-missing-doctype --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
opengraph:
name: "OpenGraph Test"
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- name: Download generated Jekyll site
uses: actions/download-artifact@v2
with:
name: generated-site
- run: tar xvf site.tar
- name: Check OpenGraph
uses: chabad360/htmlproofer@v1.1
with:
directory: ${{ github.workspace }}/_site
arguments: --assume-extension --disable-external --check-opengraph --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck

15
.gitignore vendored
View File

@ -1,13 +1,2 @@
_site/
.sass-cache/
.jekyll-metadata
.DS_Store
font/assets/
font/_sass/
font/.fontcustom-manifest.json
assets/webfonts/ptio-font-preview.html
vendor
node_modules
.bundle
.jekyll-cache
.nova
site
.cache

2
.npmrc
View File

@ -1,2 +0,0 @@
@fortawesome:registry=https://npm.fontawesome.com/
//npm.fontawesome.com/:_authToken=${FONTAWESOME_NPM_AUTH_TOKEN}

1
.ruby-version
View File

@ -1 +0,0 @@
3.0.0

21
404.html
View File

@ -1,21 +0,0 @@
---
layout: default
---
<div class="container text-center">
<div class="position-absolute top-50 start-50 translate-middle">
<h1 class="display-1">404</h1>
<p><strong>We couldn't find that :(</strong></p>
<p>Maybe you were looking for one of these pages?</p>
<div class="row">
<div class="col">
<ul class="list-unstyled">
<li><i class="fas fa-home"></i> <a href="/">Back to our Homepage</a></li>
</ul>
</div>
</div>
</div>
<div class="position-absolute bottom-0 start-50 translate-middle-x">
<p class="text-danger text-center"><i class="fas fa-exclamation-circle"></i> If you believe you reached this page in error, please <a href="https://github.com/privacyguides/privacyguides.org/issues/new/choose">contact us</a>!</p>
</div>
</div>

20
Gemfile
View File

@ -1,20 +0,0 @@
source "https://rubygems.org"
gem "jekyll", "~> 4.2"
group :jekyll_plugins do
gem "jekyll-feed", "~> 0.16"
gem "jekyll-brotli", "~> 2.3"
gem "jekyll-sitemap", "~> 1.4"
end
# Jekyll 3.9.0 now requires this explicitly installed, apparently
gem "kramdown-parser-gfm", "~> 1.1"
gem "webrick", "~> 1.7"
gem 'eventmachine', '1.3.0.dev.1', git: 'https://github.com/eventmachine/eventmachine', branch: 'master'
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby]
# Performance-booster for watching directories on Windows
gem "wdm", "~> 0.1.0" if Gem.win_platform?

89
Gemfile.lock
View File

@ -1,89 +0,0 @@
GIT
remote: https://github.com/eventmachine/eventmachine
revision: df4ab0068e5e9f504096584093a74510d0dac6c8
branch: master
specs:
eventmachine (1.3.0.dev.1)
GEM
remote: https://rubygems.org/
specs:
addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
brotli (0.2.3)
colorator (1.1.0)
concurrent-ruby (1.1.9)
em-websocket (0.5.3)
eventmachine (>= 0.12.9)
http_parser.rb (~> 0)
ffi (1.15.5)
forwardable-extended (2.6.0)
http_parser.rb (0.8.0)
i18n (1.10.0)
concurrent-ruby (~> 1.0)
jekyll (4.2.2)
addressable (~> 2.4)
colorator (~> 1.0)
em-websocket (~> 0.5)
i18n (~> 1.0)
jekyll-sass-converter (~> 2.0)
jekyll-watch (~> 2.0)
kramdown (~> 2.3)
kramdown-parser-gfm (~> 1.0)
liquid (~> 4.0)
mercenary (~> 0.4.0)
pathutil (~> 0.9)
rouge (~> 3.0)
safe_yaml (~> 1.0)
terminal-table (~> 2.0)
jekyll-brotli (2.3.0)
brotli (~> 0.2.0)
jekyll (>= 3.0, < 5.0)
jekyll-feed (0.16.0)
jekyll (>= 3.7, < 5.0)
jekyll-sass-converter (2.2.0)
sassc (> 2.0.1, < 3.0)
jekyll-sitemap (1.4.0)
jekyll (>= 3.7, < 5.0)
jekyll-watch (2.2.1)
listen (~> 3.0)
kramdown (2.3.1)
rexml
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
liquid (4.0.3)
listen (3.7.1)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
mercenary (0.4.0)
pathutil (0.16.2)
forwardable-extended (~> 2.6)
public_suffix (4.0.6)
rb-fsevent (0.11.1)
rb-inotify (0.10.1)
ffi (~> 1.0)
rexml (3.2.5)
rouge (3.28.0)
safe_yaml (1.0.5)
sassc (2.4.0)
ffi (~> 1.9)
terminal-table (2.0.0)
unicode-display_width (~> 1.1, >= 1.1.1)
unicode-display_width (1.8.0)
webrick (1.7.0)
PLATFORMS
ruby
DEPENDENCIES
eventmachine (= 1.3.0.dev.1)!
jekyll (~> 4.2)
jekyll-brotli (~> 2.3)
jekyll-feed (~> 0.16)
jekyll-sitemap (~> 1.4)
kramdown-parser-gfm (~> 1.1)
tzinfo-data
webrick (~> 1.7)
BUNDLED WITH
2.2.5

20
README.md
View File

@ -1,6 +1,6 @@
<div align="center">
<a href="https://privacyguides.org">
<img src="/assets/img/layout/privacy-guides-logo.svg" width="500px" alt="Privacy Guides" />
<img src="/docs/assets/img/layout/privacy-guides-logo.svg" width="500px" alt="Privacy Guides" />
</a>
<p><em>Your central privacy and security resource to protect yourself online.</em></p>
@ -44,17 +44,7 @@
## Developing
1. Install the version of [Ruby](https://www.ruby-lang.org/en/downloads/) currently specified by [`.ruby-version`](.ruby-version)
* With [rbenv](https://github.com/rbenv/rbenv) (**recommended!**): `rbenv install`
* With [RVM](https://rvm.io): `rvm install "ruby-$(cat .ruby-version)"`
* [Manually](https://www.ruby-lang.org/en/downloads/)
1. Install node.js and npm
1. Install [Bundler](https://bundler.io/) v2.2.5:
* `gem install bundler:2.2.5`
1. Install the required dependencies:
* `bundle install`
* `npm install`
1. Build the website (the output can be found in the `_site` directory):
* `npm run build`
1. Serve the website locally with live reloading:
* `npm run serve`
1. [Install mkdocs](https://www.mkdocs.org/user-guide/installation/): `pip install mkdocs`
2. [Install mkdocs-material](https://squidfunk.github.io/mkdocs-material/getting-started/): `pip install mkdocs-material`
3. Serve the site locally: `mkdocs serve`
- The site will be available at `http://localhost:8000/`.

36
_config.yml
View File

@ -1,36 +0,0 @@
title: Privacy Guides
email: jonah@privacyguides.org
description: >- # this means to ignore newlines until "baseurl:"
Massive organizations are monitoring your online activities.
Privacy Guides is your central privacy and security resource to protect yourself online.
baseurl: "" # the subpath of your site, e.g. /blog
url: "https://www.privacyguides.org" # the base hostname & protocol for your site, e.g. http://example.com
sass:
sass_dir: _sass
permalink: pretty
excerpt_separator: <!--more-->
collections_dir: collections
collections:
evergreen:
output: true
permalink: /:slug/
pages:
output: true
permalink: /:path/
posts:
permalink: /blog/:year/:month/:day/:title/
people:
permalink: /blog/authors/:path/
build:
date:
time:
kramdown:
auto_ids: true
# Build settings
plugins:
- jekyll-brotli
- jekyll-sitemap
exclude: [privacytools.io/]

249
_data/country.yml
View File

@ -1,249 +0,0 @@
AF: Afghanistan
AX: 'Åland Islands'
AL: Albania
DZ: Algeria
AS: 'American Samoa'
AD: Andorra
AO: Angola
AI: Anguilla
AQ: Antarctica
AG: 'Antigua & Barbuda'
AR: Argentina
AM: Armenia
AW: Aruba
AU: Australia
AT: Austria
AZ: Azerbaijan
BS: Bahamas
BH: Bahrain
BD: Bangladesh
BB: Barbados
BY: Belarus
BE: Belgium
BZ: Belize
BJ: Benin
BM: Bermuda
BT: Bhutan
BO: Bolivia
BA: 'Bosnia & Herzegovina'
BW: Botswana
BV: 'Bouvet Island'
BR: Brazil
IO: 'British Indian Ocean Territory'
VG: 'British Virgin Islands'
BN: Brunei
BG: Bulgaria
BF: 'Burkina Faso'
BI: Burundi
KH: Cambodia
CM: Cameroon
CA: Canada
CV: 'Cape Verde'
BQ: 'Caribbean Netherlands'
KY: 'Cayman Islands'
CF: 'Central African Republic'
TD: Chad
CL: Chile
CN: China
CX: 'Christmas Island'
CC: 'Cocos (Keeling) Islands'
CO: Colombia
KM: Comoros
CG: 'Congo - Brazzaville'
CD: 'Congo - Kinshasa'
CK: 'Cook Islands'
CR: 'Costa Rica'
CI: 'Côte dIvoire'
HR: Croatia
CU: Cuba
CW: Curaçao
CY: Cyprus
CZ: Czechia
DK: Denmark
DJ: Djibouti
DM: Dominica
DO: 'Dominican Republic'
EC: Ecuador
EG: Egypt
SV: 'El Salvador'
GQ: 'Equatorial Guinea'
ER: Eritrea
EE: Estonia
SZ: Eswatini
ET: Ethiopia
FK: 'Falkland Islands'
FO: 'Faroe Islands'
FJ: Fiji
FI: Finland
FR: France
GF: 'French Guiana'
PF: 'French Polynesia'
TF: 'French Southern Territories'
GA: Gabon
GM: Gambia
GE: Georgia
DE: Germany
GH: Ghana
GI: Gibraltar
GR: Greece
GL: Greenland
GD: Grenada
GP: Guadeloupe
GU: Guam
GT: Guatemala
GG: Guernsey
GN: Guinea
GW: Guinea-Bissau
GY: Guyana
HT: Haiti
HM: 'Heard & McDonald Islands'
HN: Honduras
HK: 'Hong Kong SAR China'
HU: Hungary
IS: Iceland
IN: India
ID: Indonesia
IR: Iran
IQ: Iraq
IE: Ireland
IM: 'Isle of Man'
IL: Israel
IT: Italy
JM: Jamaica
JP: Japan
JE: Jersey
JO: Jordan
KZ: Kazakhstan
KE: Kenya
KI: Kiribati
KW: Kuwait
KG: Kyrgyzstan
LA: Laos
LV: Latvia
LB: Lebanon
LS: Lesotho
LR: Liberia
LY: Libya
LI: Liechtenstein
LT: Lithuania
LU: Luxembourg
MO: 'Macao SAR China'
MG: Madagascar
MW: Malawi
MY: Malaysia
MV: Maldives
ML: Mali
MT: Malta
MH: 'Marshall Islands'
MQ: Martinique
MR: Mauritania
MU: Mauritius
YT: Mayotte
MX: Mexico
FM: Micronesia
MD: Moldova
MC: Monaco
MN: Mongolia
ME: Montenegro
MS: Montserrat
MA: Morocco
MZ: Mozambique
MM: 'Myanmar (Burma)'
NA: Namibia
NR: Nauru
NP: Nepal
NL: Netherlands
NC: 'New Caledonia'
NZ: 'New Zealand'
NI: Nicaragua
NE: Niger
NG: Nigeria
NU: Niue
NF: 'Norfolk Island'
KP: 'North Korea'
MK: 'North Macedonia'
MP: 'Northern Mariana Islands'
'NO': Norway
OM: Oman
PK: Pakistan
PW: Palau
PS: 'Palestinian Territories'
PA: Panama
PG: 'Papua New Guinea'
PY: Paraguay
PE: Peru
PH: Philippines
PN: 'Pitcairn Islands'
PL: Poland
PT: Portugal
PR: 'Puerto Rico'
QA: Qatar
RE: Réunion
RO: Romania
RU: Russia
RW: Rwanda
WS: Samoa
SM: 'San Marino'
ST: 'São Tomé & Príncipe'
SA: 'Saudi Arabia'
SN: Senegal
RS: Serbia
SC: Seychelles
SL: 'Sierra Leone'
SG: Singapore
SX: 'Sint Maarten'
SK: Slovakia
SI: Slovenia
SB: 'Solomon Islands'
SO: Somalia
ZA: 'South Africa'
GS: 'South Georgia & South Sandwich Islands'
KR: 'South Korea'
SS: 'South Sudan'
ES: Spain
LK: 'Sri Lanka'
BL: 'St. Barthélemy'
SH: 'St. Helena'
KN: 'St. Kitts & Nevis'
LC: 'St. Lucia'
MF: 'St. Martin'
PM: 'St. Pierre & Miquelon'
VC: 'St. Vincent & Grenadines'
SD: Sudan
SR: Suriname
SJ: 'Svalbard & Jan Mayen'
SE: Sweden
CH: Switzerland
SY: Syria
TW: Taiwan
TJ: Tajikistan
TZ: Tanzania
TH: Thailand
TL: Timor-Leste
TG: Togo
TK: Tokelau
TO: Tonga
TT: 'Trinidad & Tobago'
TN: Tunisia
TR: Turkey
TM: Turkmenistan
TC: 'Turks & Caicos Islands'
TV: Tuvalu
UM: 'U.S. Outlying Islands'
VI: 'U.S. Virgin Islands'
UG: Uganda
UA: Ukraine
AE: 'United Arab Emirates'
GB: 'United Kingdom'
US: 'United States'
UY: Uruguay
UZ: Uzbekistan
VU: Vanuatu
VA: 'Vatican City'
VE: Venezuela
VN: Vietnam
WF: 'Wallis & Futuna'
EH: 'Western Sahara'
YE: Yemen
ZM: Zambia
ZW: Zimbabwe

23
_data/dns/adguard.yml
View File

@ -1,23 +0,0 @@
title: AdGuard
homepage: 'https://adguard.com/en/adguard-dns/overview.html'
source: 'https://github.com/AdguardTeam/AdGuardDNS/'
privacy_policy:
link: 'https://adguard.com/en/privacy/dns.html'
type:
name: Commercial
logs:
policy: true
text: Some
link: 'https://adguard.com/en/privacy/dns.html'
tooltip: >-
We store aggregated performance metrics of our DNS server, namely the number of complete requests to a particular server, the number of blocked requests, the speed of processing requests.
We keep and store the database of domains requested in the last 24 hours. We need this information to identify and block new trackers and threats.
We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters.
protocols:
- name: Cleartext
- name: DoH
- name: DoT
- name: DNSCrypt
ecs:
status: false
filtering: Based on server choice. Filter list being used can be found here.

21
_data/dns/cloudflare.yml
View File

@ -1,21 +0,0 @@
title: Cloudflare
homepage: 'https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/'
privacy_policy:
link: 'https://www.cloudflare.com/privacypolicy/'
type:
name: Commercial
logs:
policy: true
text: Some
link: 'https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/'
tooltip: >-
"Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver.
The 1.1.1.1 resolver service does not log personal data,
and the bulk of the limited non-personally identifiable query data is only stored for 25 hours."
protocols:
- name: Cleartext
- name: DoH
- name: DoT
ecs:
status: false
filtering: Based on server choice.

19
_data/dns/controld.yml
View File

@ -1,19 +0,0 @@
title: ControlD
homepage: 'https://controld.com/'
privacy_policy:
link: 'https://controld.com/privacy'
type:
name: Commercial
logs:
policy: true
text: Optional
tooltip: >-
Neither free nor premium service have logging enabled by default. Premium users can enable logging/analytics at will.
color: info
protocols:
- name: Cleartext
- name: DoH
- name: DoT
ecs:
status: false
filtering: Based on server choice

17
_data/dns/mullvad.yml
View File

@ -1,17 +0,0 @@
title: MullvadDNS
homepage: 'https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/'
source: 'https://github.com/mullvad/dns-adblock'
privacy_policy:
link: 'https://mullvad.net/en/help/privacy-policy/'
tooltip: >-
"Our public DNS service offers DNS over HTTPS (DoH) and DNS over TLS (DoT), with QNAME minimization and basic ad blocking. It has been audited by the security experts at Assured. You can use this privacy-enhancing service even if you don't use Mullvad."
type:
name: Commercial
logs:
policy: false
protocols:
- name: DoH
- name: DoT
ecs:
status: false
filtering: Based on server choice. Filter list being used can be found here.

22
_data/dns/nextdns.yml
View File

@ -1,22 +0,0 @@
title: NextDNS
homepage: 'https://www.nextdns.io/'
privacy_policy:
link: 'https://www.nextdns.io/privacy'
type:
name: Commercial
logs:
policy: true
text: Optional
tooltip: >-
NextDNS can provide insights and logging features on an opt-in basis.
Users can choose retention times and log storage locations for any logs they choose to keep.
color: info
protocols:
- name: Cleartext
- name: DoH
- name: DoT
- name: DNSCrypt
ecs:
status: true
text: Optional
filtering: Based on server choice

17
_data/dns/quad9.yml
View File

@ -1,17 +0,0 @@
title: Quad9
homepage: 'https://quad9.net/'
privacy_policy:
link: 'https://quad9.net/service/privacy'
type:
name: Non-Profit
logs:
policy: false
protocols:
- name: Cleartext
- name: DoH
- name: DoT
- name: DNSCrypt
ecs:
status: true
text: Optional
filtering: Based on server choice, Malware blocking by default

31
_data/nav/1_providers.yml
View File

@ -1,31 +0,0 @@
type: dropdown
title: Providers
items:
- type: link
title: Cloud Storage
icon: fad fa-cloud
file: _evergreen/cloud.md
- type: link
title: DNS Servers
icon: fad fa-map-signs
file: _evergreen/dns.md
- type: link
title: Email Providers
icon: fad fa-envelope
file: legacy_pages/providers/email.html
- type: link
title: Search Engines
icon: fad fa-search-location
file: _evergreen/search-engines.md
- type: link
title: Social Networks
icon: fad fa-thumbs-up
file: legacy_pages/providers/social-networks.html
- type: link
title: Social News Aggregators
icon: fad fa-newspaper
file: legacy_pages/providers/social-news-aggregator.html
- type: link
title: VPN Services
icon: fad fa-network-wired
file: legacy_pages/providers/vpn.html

52
_data/nav/2_software.yml
View File

@ -1,52 +0,0 @@
type: dropdown
title: Software
items:
- type: link
title: Browsers
icon: fad fa-browser
file: _evergreen/browsers.md
- type: divider
- type: link
title: Calendar/Contacts Sync Tools
icon: fad fa-calendar-day
file: legacy_pages/software/cal-card.html
- type: link
title: Digital Notebooks
icon: fad fa-edit
file: legacy_pages/software/notebooks.html
- type: link
title: Email Clients
icon: fad fa-envelope-open-text
file: legacy_pages/software/email.html
- type: link
title: File Encryption Tools
icon: fad fa-file-certificate
file: legacy_pages/software/file-encryption.html
- type: link
title: File Sharing and Sync
icon: fad fa-file-user
file: legacy_pages/software/file-sharing.html
- type: link
title: Metadata Removal Tools
icon: fad fa-file-times
file: legacy_pages/software/metadata-removal-tools.html
- type: link
title: Password Managers
icon: fad fa-user-lock
file: legacy_pages/software/passwords.html
- type: link
title: Productivity Tools
icon: fad fa-briefcase
file: legacy_pages/software/productivity.html
- type: link
title: Real-Time Communication
icon: fad fa-comments-alt
file: _evergreen/real-time-communication.md
- type: link
title: Self-Contained Networks
icon: fad fa-chart-network
file: legacy_pages/software/networks.html
- type: link
title: Video Streaming
icon: fad fa-video
file: _evergreen/video-streaming.md

19
_data/nav/3_operating_systems.yml
View File

@ -1,19 +0,0 @@
type: dropdown
title: Operating Systems
items:
- type: link
title: Android
icon: fab fa-android
file: _evergreen/android.md
- type: link
title: Linux Desktop
icon: fab fa-linux
file: _evergreen/linux-desktop.md
- type: link
title: Qubes OS
icon: pg-qubes
file: _evergreen/qubes.md
- type: link
title: Router
icon: fa-duotone fa-circle-nodes
file: _evergreen/router.md

7
_data/nav/4_privacy.yml
View File

@ -1,7 +0,0 @@
type: dropdown
title: Privacy
items:
- type: link
title: Threat Modeling
icon: fad fa-bullseye-arrow
file: _evergreen/threat-modeling.md

3
_data/nav/5_blog.yml
View File

@ -1,3 +0,0 @@
type: link
title: Blog
file: blog.html

24
_data/operating-systems/android-applications/1_orbot.yml
View File

@ -1,24 +0,0 @@
title: Orbot
type: Recommendation
logo: /assets/img/android/orbot.svg
description: |
**Orbot** is a free proxy app that routes your connections through the Tor Network.
Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN killswitch (⚙️ Settings → Network & internet → VPN → ⚙️ → Block connections without VPN).
For resistance against traffic analysis attacks, consider enabling *Isolate Destination Address* ( ⁝ →Settings → Connectivity). This will use a completely different Tor Circuit (different middle relay and exit nodes) for every domain you connect to.
#### Notes
Orbot is often outdated on the Guardian Project's [F-Droid repository](https://guardianproject.info/fdroid) and [Google Play](https://play.google.com/store/apps/details?id=org.torproject.android) so consider downloading directly from the [GitHub repository](https://github.com/guardianproject/orbot) instead.
All versions are signed using the same signature so they should be compatible with each other.
website: 'https://orbot.app/'
downloads:
- icon: pg-f-droid
url: 'https://guardianproject.info/fdroid'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=org.torproject.android'
- icon: fab fa-github
url: 'https://github.com/guardianproject/orbot'
- icon: fab fa-gitlab
url: 'https://gitlab.com/guardianproject/orbot'

25
_data/operating-systems/android-applications/2_shelter.yml
View File

@ -1,25 +0,0 @@
title: Shelter
type: Recommendation
logo: /assets/img/android/shelter.svg
description: |
**Shelter** is an app that helps you leverage the Android work profile to isolate other apps.
Shelter supports blocking contact search cross profiles and sharing files across profiles via the default file manager ([DocumentsUI](https://source.android.com/devices/architecture/modular-system/documentsui)).
#### Notes
As CalyxOS includes a device controller, we recommend using their built in work profile instead.
Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular/) and [Island](https://github.com/oasisfeng/island) as it supports [contact search blocking](https://secure-system.gitlab.io/Insular/faq.html).
When using Shelter, you are placing complete trust in its developer as Shelter would be acting as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) for the work profile and has extensive access to the data stored within it.
website: 'https://gitea.angry.im/PeterCxy/Shelter'
downloads:
- icon: pg-f-droid
url: 'https://f-droid.org/en/packages/net.typeblog.shelter'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=net.typeblog.shelter'
- icon: fab fa-github
url: 'https://github.com/PeterCxy/Shelter'
- icon: fab fa-git
url: 'https://gitea.angry.im/PeterCxy/Shelter'

26
_data/operating-systems/android-applications/3_auditor.yml
View File

@ -1,26 +0,0 @@
title: Auditor
type: Recommendation
logo: /assets/img/android/auditor.svg
logo_dark: /assets/img/android/auditor-dark.svg
description: |
**Auditor** is an app which leverages hardware security features to provide device integrity monitoring for [supported devices](https://attestation.app/about#device-support). It currently works with GrapheneOS and the stock operating system. It performs attestation and intrusion detection by:
* Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
* The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
* The *auditor* records the current state and configuration of the *auditee*.
* Should tampering with the operating system of the *auditee* after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
* The user will be alerted to the change.
No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
If your [threat model](/threat-modeling/) requires privacy you could consider using Orbot or a VPN to hide your IP address from the attestation service.
To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
website: 'https://attestation.app'
privacy_policy: 'https://attestation.app/privacy-policy'
downloads:
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=app.attestation.auditor'
- icon: fab fa-github
url: 'https://github.com/GrapheneOS/Auditor'

23
_data/operating-systems/android-applications/4_secure_camera.yml
View File

@ -1,23 +0,0 @@
title: Secure Camera
type: Recommendation
logo: /assets/img/android/secure_camera.svg
logo_dark: /assets/img/android/secure_camera-dark.svg
description: |
**Secure Camera** is an camera app focused on privacy and security which can capture images, videos, and QR codes. CameraX vendor extensions (Portrait, HDR, Night Sight, Face Retouch, and Auto) are also supported on available devices.
Main privacy features include
- Auto removal of [Exif](https://en.wikipedia.org/wiki/Exif) metadata (enabled by default)
- Use of the new [Media](https://developer.android.com/training/data-storage/shared/media) API, therefore [storage permissions](https://developer.android.com/training/data-storage) are not required
- Microphone permission not required unless you want to record sound
### Notes
Metadata is not currently deleted from video files but that is planned.
The image orientation metadata is not deleted. If you enable location (in Secure Camera) that **won't** be deleted either. If you want to delete that later you will need to use an external app such as [Scrambled Exif](https://gitlab.com/juanitobananas/scrambled-exif/).
website: 'https://github.com/GrapheneOS/Camera'
downloads:
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=app.grapheneos.camera.play'
- icon: fab fa-github
url: 'https://github.com/GrapheneOS/Camera/releases'

15
_data/operating-systems/android-applications/5_secure_pdf_viewer.yml
View File

@ -1,15 +0,0 @@
title: Secure PDF Viewer
type: Recommendation
logo: /assets/img/android/secure_pdf_viewer.svg
logo_dark: /assets/img/android/secure_pdf_viewer-dark.svg
description: |
**Secure PDF Viewer** is a PDF viewer based on [pdf.js](https://en.wikipedia.org/wiki/PDF.js) that doesn't require any permissions. The PDF is fed into a [sandboxed](https://en.wikipedia.org/wiki/Sandbox_(software_development)) [webview](https://developer.android.com/guide/webapps/webview). This means that it doesn't require permission directly to access content or files.
[Content-Security-Policy](https://en.wikipedia.org/wiki/Content_Security_Policy) is used to enforce that the JavaScript and styling properties within the WebView are entirely static content.
website: 'https://github.com/GrapheneOS/PdfViewer'
downloads:
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=app.grapheneos.pdfviewer.play'
- icon: fab fa-github
url: 'https://github.com/GrapheneOS/PdfViewer/releases'

16
_data/operating-systems/android-applications/6_privacyblur.yml
View File

@ -1,16 +0,0 @@
title: PrivacyBlur
type: Recommendation
logo: /assets/img/android/privacyblur.svg
description: |
**PrivacyBlur** is a free app which can blur sensitive portions of pictures before sharing them online.
### Notes
You should **never** use blur to redact [text in images](https://bishopfox.com/blog/unredacter-tool-never-pixelation). If you want to redact text in an image, draw a box over the text. For this we suggest [Pocket Paint](https://github.com/Catrobat/Paintroid) or [Imagepipe](https://codeberg.org/Starfish/Imagepipe).
website: 'https://privacyblur.app/'
downloads:
- icon: pg-f-droid
url: 'https://f-droid.org/en/packages/de.mathema.privacyblur/'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=de.mathema.privacyblur'
- icon: fab fa-github
url: 'https://github.com/MATHEMA-GmbH/privacyblur'

12
_data/operating-systems/android-fdroid/1_droid-ify.yml
View File

@ -1,12 +0,0 @@
title: Droid-ify
type: Recommendation
logo: /assets/img/android/droid-ify.png
description: |
**Droid-ify** is a modern F-Droid client made with MaterialUI, forked from [Foxy Droid](https://github.com/kitsunyan/foxy-droid).
Unlike the official F-Droid client, Droid-ify supports seamless updates on Android 12 and above without the need for a privileged extension. If your Android distribution is on Android 12 or above and does not include the [F-Droid privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged/), it is highly recommended that you use Droid-ify instead of the official client.
downloads:
- icon: fab fa-android
url: 'https://android.izzysoft.de/repo/apk/com.looker.droidify'
- icon: fab fa-github
url: 'https://github.com/Iamlooker/Droid-ify'

20
_data/operating-systems/android/1_grapheneos.yml
View File

@ -1,20 +0,0 @@
title: GrapheneOS
type: Recommendation
logo: /assets/img/android/grapheneos.svg
logo_dark: /assets/img/android/grapheneos-dark.svg
description: |
**GrapheneOS** is the best choice when it comes to privacy and security.
GrapheneOS provides additional [security hardening](https://en.wikipedia.org/wiki/Hardening_(computing)) and privacy improvements. It has a [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), network and sensor permissions, and various other [security features](https://grapheneos.org/features). GrapheneOS also comes with full firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
Notably, GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play). Google Play Services can be run fully sandboxed like a regular user app and contained in a work profile or user [profile](/android/#android-security-privacy) of your choice. This means that you can run apps dependant on Play Services, such as those that require push notifications using Google's [Firebase Cloud Messaging](https://firebase.google.com/docs/cloud-messaging/) service. GrapheneOS allows you to take advantage of most [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) whilst having full user control over their permissions and access.
Currently, only [Pixel phones](https://grapheneos.org/faq#device-support) meet its hardware security requirement and are supported.
#### Notes
GrapheneOS's "extended support" devices do not have full security patches (firmware updates) due to the original equipment manufacturer (OEM) discontinuing support. These devices cannot be considered completely secure.
website: 'https://grapheneos.org/'
privacy_policy: 'https://grapheneos.org/faq#privacy-policy'
downloads:
- icon: fab fa-github
url: 'https://github.com/GrapheneOS'

22
_data/operating-systems/android/2_calyxos.yml
View File

@ -1,22 +0,0 @@
title: CalyxOS
type: Recommendation
logo: /assets/img/android/calyxos.svg
description: |
**CalyxOS** is a decent alternative to GrapheneOS.
It has some privacy features on top of AOSP, including [Datura firewall](https://calyxos.org/docs/tech/datura-details), [Signal](https://signal.org) integration in the dialer app, and a built in panic button. CalyxOS also comes with firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
To accomodate users who need Google Play Services, CalyxOS optionally includes [MicroG](https://microg.org/). With MicroG, CalyxOS also bundles in the [Mozilla](https://location.services.mozilla.com/) and [DejaVu](https://github.com/n76/DejaVu) location services.
Currently, CalyxOS only supports [Pixel phones](https://calyxos.org/docs/guide/device-support/).
#### Notes
CalyxOS's "extended support" does not have full security patches due to the original equipment manufacturer (OEM) discontinuing support; therefore, they cannot be considered completely secure.
website: 'https://calyxos.org'
privacy_policy: 'https://calyxinstitute.org/legal/privacy-policy'
downloads:
- icon: fab fa-github
url: 'https://github.com/CalyxOS'
- icon: fab fa-gitlab
url: 'https://gitlab.com/calyxos'

25
_data/operating-systems/android/3_divestos.yml
View File

@ -1,25 +0,0 @@
title: DivestOS
type: Recommendation
logo: /assets/img/android/divestos.svg
description: |
**DivestOS** is a [soft-fork](https://en.wikipedia.org/wiki/Fork_(software_development)#Forking_of_free_and_open-source_software) of [LineageOS](https://lineageos.org/).
DivestOS inherits many [supported devices](https://divestos.org/index.php?page=devices&base=LineageOS) from LineageOS. It has signed builds, making it possible to have [verified boot](https://source.android.com/security/verifiedboot) on some non-Pixel devices.
DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, a custom [hosts](https://divested.dev/index.php?page=dnsbl) file, and [F-Droid](https://www.f-droid.org) as the app store. It includes [UnifiedNlp](https://github.com/microg/UnifiedNlp) for network location and some hardening with [Mulch Webview](https://gitlab.com/divested-mobile/mulch). Users can also select the [Bromite SystemWebView](https://www.bromite.org/system_web_view) in ⚙️ Settings → Developer options → Webview implementation. DivestOS also includes kernel patches from GrapheneOS and enables security features in [defconfig](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L698).
DivestOS 16.0, 17.1, and 18.1 implements GrapheneOS's [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) permission toggle and [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc).
#### Notes
DivestOS firmware update [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) varies across the devices it supports. For Pixel phones, we still recommend using GrapheneOS or CalyxOS. For other supported devices, DivestOS is a good alternative.
Not all of the supported devices have [verified boot](https://source.android.com/security/verifiedboot), and some perform it better than others.
website: 'https://divestos.org'
website_tor: 'http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion'
privacy_policy: 'https://divestos.org/index.php?page=privacy_policy'
downloads:
- icon: fab fa-github
url: 'https://github.com/divested-mobile'
- icon: fab fa-gitlab
url: 'https://gitlab.com/divested-mobile'

16
_data/operating-systems/linux-desktop-immutable/1_fedora-silverblue.yml
View File

@ -1,16 +0,0 @@
title: Fedora Silverblue (and Kinoite)
type: Recommendation
logo: /assets/img/linux-desktop/fedora-silverblue.svg
description: |
**Fedora Silverblue** and **Fedora Kinoite** are immutable variants of Fedora with a strong focus on container workflows. Silverblue comes with the [GNOME](https://www.gnome.org/) desktop environment while Kinoite comes with [KDE](https://kde.org/). Silverblue and Kinoite follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
Silverblue (and Kionite) differ from Fedora Workstation as they replace the [DNF](https://fedoraproject.org/wiki/DNF) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/rawhide/system-administrators-guide/package-management/rpm-ostree/). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
After the update is complete the user will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that a user can easily rollback if something breaks in the new deployment. There is also the option to pin more deployments as needed.
[Flatpak](https://www.flatpak.org) is the primary package installation method on these distrbutions, as `rpm-ostree` is only meant to overlay packages that cannot stay inside of a container on top of the base image.
As an alternative to Flatpaks, there is the option of [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/) to create [Podman](https://podman.io) containers with a shared home directory with the host operating system and mimic a traditional Fedora environment, which is a [useful feature](https://containertoolbx.org) for the discerning developer.
website: 'https://silverblue.fedoraproject.org'
privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#Sharing_Your_Personal_Data'

17
_data/operating-systems/linux-desktop-immutable/2_nixos.yml
View File

@ -1,17 +0,0 @@
title: NixOS
type: Recommendation
logo: /assets/img/linux-desktop/nixos.svg
description: |
<strong>NixOS</strong> is an independent distribution based on the <a href="https://nixos.org">Nix package manager</a> with a focus on reproducibility and reliability.
NixOS's package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
NixOS also provides atomic updates; first it downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation; you can tell NixOS to activate it after reboot or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
Nix the package manager uses a purely functional language - which is also called Nix - to define packages.
[Nixpkgs](https://github.com/nixos/nixpkgs) (the main source of packages) are contained in a single Github repository. You can also define your own packages in the same language and then easily include them in your config.
Nix is a source-based package manager; if there's no pre-built available in the binary cache, Nix will just build the package from source using its definition. It builds each package in a sandboxed *pure* environment, which is as independent of the host system as possible, thus making binaries reproducible.
website: 'https://nixos.org'

16
_data/operating-systems/linux-desktop-tor/1_whonix.yml
View File

@ -1,16 +0,0 @@
title: Whonix
type: Recommendation
logo: /assets/img/linux-desktop/whonix.svg
description: |
**Whonix** is based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and anonymity on the internet.
Whonix is meant to run as two virtual machines: a "Workstation" and a Tor "Gateway". All communications from the Workstation has to go through the Tor gateway, and will be routed through the Tor Network.
Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
Future versions of Whonix will likely include [full system Apparmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers).
website: 'https://www.whonix.org/'
website_tor: 'http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/'

11
_data/operating-systems/linux-desktop-tor/2_tails.yml
View File

@ -1,11 +0,0 @@
title: Tails
type: Recommendation
logo: /assets/img/linux-desktop/tails.svg
description: |
**Tails** is a live operating system based on Debian that routes all communications through Tor.
It can boot on almost any computer from a DVD, USB stick, or sdcard. It aims to preserve privacy and anonymity while circumventing censorship and leaving no trace of itself on the computer it is used on.
By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.boum.org/doc/first_steps/persistence/index.en.html) can be configured to store some data.
website: 'https://tails.boum.org'

13
_data/operating-systems/linux-desktop/1_fedora-workstation.yml
View File

@ -1,13 +0,0 @@
title: Fedora Workstation
type: Recommendation
logo: /assets/img/linux-desktop/fedora-workstation.svg
labels: 'color==info::icon==fas fa-fw fa-trophy::text==Beginner friendly::tooltip==We highly recommend that new Linux users use Fedora Workstation.'
description: |
**Fedora Workstation** is our recommended distribution for users new to Linux.
It has a semi-[rolling release](https://en.wikipedia.org/wiki/Rolling_release) cycle. While some packages like [GNOME](https://www.gnome.org) are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
Fedora generally adopts newer technologies before other distributions e.g., [Wayland](https://wayland.freedesktop.org/), [PipeWire](https://pipewire.org), and soon, [FS-Verity](https://fedoraproject.org/wiki/Changes/FsVerityRPM). These new technologies often come with improvements in security, privacy, and usability in general.
website: 'https://getfedora.org'
privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#Sharing_Your_Personal_Data'

11
_data/operating-systems/linux-desktop/2_opensuse-tumbleweed.yml
View File

@ -1,11 +0,0 @@
title: openSUSE Tumbleweed
type: Recommendation
logo: /assets/img/linux-desktop/opensuse-tumbleweed.svg
description: |
**openSUSE Tumbleweed** is a stable [rolling release](https://en.wikipedia.org/wiki/Rolling_release) distribution.
Tumbleweed follows a rolling release model where each update is released as a snapshot of the distribution. When the user upgrades their system, a new snapshot is downloaded. Each snapshot is run through a series of automated tests by the [openSUSE Build Service](https://build.opensuse.org) to ensure its quality.
openSUSE Tumbleweed has a [transactional update](https://kubic.opensuse.org/blog/2018-04-04-transactionalupdates/) system that uses [Btrfs](https://en.wikipedia.org/wiki/Btrfs) and [Snapper](https://en.opensuse.org/openSUSE:Snapper_Tutorial) to ensure that snapshots can be rolled back should there be a problem.
website: 'https://get.opensuse.org/tumbleweed/'

14
_data/operating-systems/linux-desktop/3_archlinux.yml
View File

@ -1,14 +0,0 @@
title: Arch Linux
type: Recommendation
logo: /assets/img/linux-desktop/archlinux.svg
description: |
**Arch Linux** is a lightweight, do-it-yourself (DIY) distribution meaning that you only get what you install. For more information see their [FAQ](https://wiki.archlinux.org/title/Frequently_asked_questions).
Arch Linux has a rolling release cycle. There is no fixed release schedule and packages are updated very frequently.
Being a DIY distribution, the user is [expected to setup and maintain](/linux-desktop/#arch-based-distributions) their system. Arch has an [official installer](https://wiki.archlinux.org/title/Archinstall) to make the installation process a little easier.
A large portion of [Arch Linux's packages](https://reproducible.archlinux.org) are [reproducible](https://reproducible-builds.org).
website: 'https://archlinux.org'
privacy_policy: 'https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy'

11
_data/operating-systems/qubes/1_qubes.yml
View File

@ -1,11 +0,0 @@
title: Qubes OS
type: Recommendation
logo: /assets/img/qubes/qubes_os.svg
description: |
**Qubes** is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
website: 'https://www.qubes-os.org/'
website_tor: 'http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/'
privacy_policy: 'https://www.qubes-os.org/privacy/'
downloads:
- icon: fab fa-github
url: 'https://github.com/QubesOS'

14
_data/operating-systems/router/1_openwrt.yml
View File

@ -1,14 +0,0 @@
title: OpenWrt
type: Recommendation
logo: /assets/img/router/openwrt.svg
logo_dark: /assets/img/router/openwrt-dark.svg
description: |
**OpenWrt** is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc, and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers.
## Notes
Consult the [Table of Hardware](https://openwrt.org/toh/start) to check if your device is supported.
website: 'https://openwrt.org'
downloads:
- icon: fab fa-git
url: 'https://git.openwrt.org/'

11
_data/operating-systems/router/2_pfsense.yml
View File

@ -1,11 +0,0 @@
title: pfSense
type: Recommendation
logo: /assets/img/router/pfsense.svg
logo_dark: /assets/img/router/pfsense-dark.svg
description: |
pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and VPN endpoint.
website: 'https://www.pfsense.org'
privacy_policy: 'https://www.pfsense.org/privacy.html'
downloads:
- icon: fab fa-github
url: 'https://github.com/pfsense'

33
_data/providers/cloud/1_nextcloud.yml
View File

@ -1,33 +0,0 @@
title: Nextcloud
type: Recommendation
logo: /assets/img/cloud/nextcloud.svg
description: |
**Nextcloud** is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control. It also comes with experimental end-to-end encryption (E2EE).
We recommend checking if your Nextcloud provider supports E2EE, otherwise you have to trust the provider to not look at your files.
When self hosting Nextcloud, you should also remember to enable E2EE to protect against your hosting provider from snooping on your data.
website: 'https://nextcloud.com/'
privacy_policy: 'https://nextcloud.com/privacy/'
downloads:
- icon: fab fa-windows
url: 'https://nextcloud.com/install/#install-clients'
- icon: fab fa-apple
url: 'https://nextcloud.com/install/#install-clients'
- icon: fab fa-linux
url: 'https://nextcloud.com/install/#install-clients'
- icon: fab fa-freebsd
url: 'https://www.freshports.org/www/nextcloud/'
- icon: pg-openbsd
url: 'http://openports.se/www/nextcloud'
- icon: pg-netbsd
url: 'http://pkgsrc.se/www/php-nextcloud'
- icon: fab fa-android
url: 'https://f-droid.org/packages/com.nextcloud.client/'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=com.nextcloud.client'
- icon: fab fa-app-store-ios
url: 'https://apps.apple.com/app/id1125420102'
- icon: fab fa-github
url: 'https://github.com/nextcloud'

17
_data/providers/cloud/2_proton-drive.yml
View File

@ -1,17 +0,0 @@
title: Proton Drive
type: Recommendation
logo: /assets/img/cloud/protondrive.svg
description: |
**Proton Drive** is an end-to-end encrypted (E2EE) general file storage service by the popular encrypted email provider [ProtonMail](https://protonmail.com).
Proton Drive is currently in beta and only is only available through a web client.
When using a web client, you are placing trust in the server to send you proper JavaScript code to derive the decryption key and authentication token locally in your browser. A compromised server can send you malicious JavaScript code to steal your master password and decrypt your data. If this does not fit your [threat model](/threat-modeling/), consider using an alternative.
website: 'https://protonmail.com'
privacy_policy: 'https://protonmail.com/privacy-policy'
downloads:
- icon: fas fa-globe-americas
url: 'https://protonmail.com'
- icon: fab fa-github
url: 'https://github.com/ProtonMail/WebClients'

20
_data/providers/cloud/3_tahoe-lafs.yml
View File

@ -1,20 +0,0 @@
title: Tahoe-LAFS (Advanced)
type: Recommendation
logo: /assets/img/cloud/tahoe-lafs.svg
logo_dark: /assets/img/cloud/tahoe-lafs-dark.svg
description: |
**Tahoe-LAFS** is a free and open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security. The servers used as storage pools do not have access to your data.
Due to the complexity of the system and the amount of nodes needed to set it up, Tahoe-LAFS is only recommended for seasoned system administrators.
website: 'https://www.tahoe-lafs.org/'
downloads:
- icon: fab fa-windows
url: 'https://github.com/tahoe-lafs/tahoe-lafs#via-pip'
- icon: fab fa-apple
url: 'https://github.com/tahoe-lafs/tahoe-lafs#via-pip'
- icon: fab fa-linux
url: 'https://github.com/tahoe-lafs/tahoe-lafs#using-os-packages'
- icon: pg-netbsd
url: 'http://pkgsrc.se/filesystems/tahoe-lafs'
- icon: fab fa-github
url: 'https://www.tahoe-lafs.org/trac/tahoe-lafs/browser'

18
_data/providers/search-engines/1_duckduckgo.yml
View File

@ -1,18 +0,0 @@
title: DuckDuckGo
type: Recommendation
logo: /assets/img/search-engines/duckduckgo.svg
description: |
**DuckDuckGo** is a popular search engine and is the default for the Tor Browser.
DuckDuckGo has a [lite](https://duckduckgo.com/lite) and [html](https://duckduckgo.com/html) only version, both of which [do not require JavaScript](https://help.duckduckgo.com/features/non-javascript) and can be used with their [Tor onion address](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion) (append [/lite](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/lite) or [/html](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/html) for the respective version).
DuckDuckGo uses a commercial Bing API and various [other sources](https://help.duckduckgo.com/results/sources) to provide its search data.
#### Notes
The company is based in the <span class="flag-icon flag-icon-us"></span> USA.
Their [Privacy Policy](https://duckduckgo.com/privacy) states they do log your search query, but not your IP or any other identifying information.
website: 'https://duckduckgo.com'
website_tor: 'https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion'
privacy_policy: 'https://duckduckgo.com/privacy'

19
_data/providers/search-engines/2_startpage.yml
View File

@ -1,19 +0,0 @@
title: Startpage
type: Recommendation
logo: /assets/img/search-engines/startpage.svg
description: |
**Startpage** is a search engine that provides Google search results. It is a very convenient way to get Google search results without experiencing dark patterns such as difficult captchas or being refused access because you used a [VPN](/providers/vpn) or [Tor](https://www.torproject.org/download/).
#### Notes
Startpage's majority shareholder is System1 who is an adtech company. We don't think that is an issue as they have their own Privacy Policy.
The Privacy Guides team reached out to Startpage [back in 2020](https://web.archive.org/web/20210118031008/https://blog.privacytools.io/relisting-startpage/) for clarification and was satisfied by the answers we received.
Startpage is based in the <span class="flag-icon flag-icon-nl"></span> Netherlands.
According to their [Privacy Policy](https://www.startpage.com/en/privacy-policy/), they only log details such as: operating system, type of browser and language. They do not log your IP address, search queries or other identifying information.
Startpage proxies Google Search so Google does have access to your search queries.
website: 'https://www.startpage.com'
privacy_policy: 'https://www.startpage.com/en/privacy-policy'

13
_data/providers/search-engines/3_mojeek.yml
View File

@ -1,13 +0,0 @@
title: Mojeek
type: Recommendation
logo: /assets/img/search-engines/mojeek.svg
description: |
**Mojeek** is another privacy friendly search engine. They use their own crawler to provide search data.
#### Notes
The company is based in the <span class="flag-icon flag-icon-gb"></span> UK.
According to their [Privacy Policy](https://www.mojeek.com/about/privacy/), they log the originating country, time, page requested, and referral data of each query. IP addresses are not logged.
website: 'https://www.mojeek.com'
privacy_policy: 'https://www.mojeek.com/about/privacy'

15
_data/providers/search-engines/4_searx.yml
View File

@ -1,15 +0,0 @@
title: Searx
type: Recommendation
logo: /assets/img/search-engines/searx.svg
description: |
**Searx** is an [open-source](https://github.com/asciimoo/searx), self-hostable, metasearch engine, aggregating the results of other search engines while not storing information about its users. There is a [list of public instances](https://searx.space/).
#### Notes
Searx is a proxy between the user and the search engines it aggregates from. Your search queries will still be sent to the search engines that Searx gets its results from.
When self-hosting, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting Searx, as other people looking up illegal content on your instance could draw unwanted attention from authorities.
When you are using a Searx instance, be sure to go read the Privacy Policy of that specific instance. Searx instances can be modified by their owners and therefore may not reflect their associated privacy policy. Some instances have Tor .onion addresses which may grant some privacy as long as your search queries don't contain PII (Personally Identifiable Information).
website: 'https://searx.me'
website_tor: 'http://searxspbitokayvkhzhsnljde7rqmn7rvoga6e4waeub3h7ug3nghoad.onion'

14
_data/schema/organization.yml
View File

@ -1,14 +0,0 @@
"@context": https://schema.org
"@type": Organization
"name": Privacy Guides
"description": "Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online."
"url": 'https://www.privacyguides.org'
"logo": 'https://www.privacyguides.org/assets/img/layout/apple-touch-icon.png'
"sameAs":
- 'https://www.wikidata.org/wiki/Q74788946'
- 'https://twitter.com/privacy_guides'
- 'https://github.com/privacyguides'
- 'https://github.com/privacytools'
- 'https://twitter.com/privacytoolsIO'
"alternateName":
- 'PrivacyTools'

63
_data/software/browsers-desktop/1_firefox.yml
View File

@ -1,63 +0,0 @@
title: Firefox Desktop
type: Recommendation
logo: /assets/img/browsers/firefox.svg
description: |
**Firefox** provides strong privacy settings such as [Enhanced Tracking Protection](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop), which can help block various [types of tracking](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop#w_what-enhanced-tracking-protection-blocks).
These options can be found in the *Privacy & Security* settings page ( ≡ → Settings → Privacy & Security).
##### **Enhanced Tracking Protection (ETP)**
<ul style="list-style-type:none;padding-left:0;">
<li>Select: <strong>Strict</strong></li>
</ul>
##### **Sanitize on Close**
<ul style="list-style-type:none;padding-left:0;">
<li>Select: <strong>Delete cookies and site data when Firefox is closed</strong></li>
</ul>
You can still stay logged into websites by allowing exceptions.
##### **Disable Search Suggestions**
*These features may not be available depending on your region.*
<ul style="list-style-type:none;padding-left:0;">
<li>Toggle off: <strong>Suggestions from the web</strong></li>
<li>Toggle off: <strong>Suggestions from sponsors</strong></li>
<li>Toggle off: <strong>Improve the Firefox Suggest experience</strong></li>
</ul>
##### **Disable Telemetry**
<ul style="list-style-type:none;padding-left:0;">
<li>Uncheck: <strong>Allow Firefox to send technical and interaction data to Mozilla</strong></li>
<li>Uncheck: <strong>Allow Firefox to install and run studies</strong></li>
<li>Uncheck: <strong>Allow Firefox to send backlogged crash reports on your behalf</strong></li>
</ul>
Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug.cgi?id=1677497#c0) in downloads from Mozilla's website and uses telemetry in Firefox to send the token. The token is **not** included in releases from the [Mozilla FTP](https://ftp.mozilla.org/pub/firefox/releases/).
##### **HTTPS-Only Mode**
<ul style="list-style-type:none;padding-left:0;">
<li>Select: <strong>Enable HTTPS-Only Mode in all windows</strong>.</li>
</ul>
#### Sync
The [Firefox sync](https://hacks.mozilla.org/2018/11/firefox-sync-privacy/) service is end-to-end encrypted.
#### Extensions
We generally do not recommend installing any extensions as they increase your [attack surface](https://en.wikipedia.org/wiki/Attack_surface); however, if you want content blocking, [uBlock Origin](/browsers/#additional-resources) might be useful to you. The extension is also a 🏆️[Recommended Extension](https://support.mozilla.org/kb/add-on-badges#w_recommended-extensions) by Mozilla.
#### Arkenfox (advanced)
The [Arkenfox project](https://github.com/arkenfox/user.js) provides a set of carefully considered options for Firefox. These options are quite strict but a few are subjective and may cause some websites to not work properly. You can easily change these settings to suit your needs. We **strongly recommend** reading through their [wiki](https://github.com/arkenfox/user.js/wiki). Arkenfox also enables [container](https://support.mozilla.org/en-US/kb/containers#w_for-advanced-users) support.
website: 'https://firefox.com'
privacy_policy: 'https://www.mozilla.org/privacy/firefox'
downloads:
- icon: fab fa-windows
url: 'https://www.mozilla.org/firefox/windows'
- icon: fab fa-apple
url: 'https://www.mozilla.org/firefox/mac'
- icon: fab fa-linux
url: 'https://www.mozilla.org/firefox/linux'
- icon: fab fa-freebsd
url: 'https://www.freshports.org/www/firefox'
- icon: fab fa-git
url: 'https://hg.mozilla.org/mozilla-central'

27
_data/software/browsers-mobile/1_bromite.yml
View File

@ -1,27 +0,0 @@
title: Bromite
type: Recommendation
logo: /assets/img/browsers/bromite.svg
description: |
**Bromite** is a [Chromium](https://en.wikipedia.org/wiki/Chromium_(web_browser))-based browser with privacy and security enhancements, built-in ad blocking, and some fingerprinting randomization.
These options can be found in *Privacy and Security* ( ⁝ → ⚙️ Settings → Privacy and Security).
##### **HTTPS-Only Mode**
<ul style="list-style-type:none;padding-left:0;">
<li>Select: <strong>Always use secure connections</strong>.</li>
</ul>
##### **Always-on Incognito Mode**
<ul style="list-style-type:none;padding-left:0;">
<li>Select: <strong>Open links in incognito tabs always</strong>.</li>
<li>Select: <strong>Close all open tabs on exit</strong>.</li>
<li>Select: <strong>Open external links in incognito</strong>.</li>
</ul>
website: 'https://www.bromite.org'
privacy_policy: 'https://www.bromite.org/privacy'
downloads:
- icon: fab fa-android
url: 'https://www.bromite.org/fdroid'
- icon: fab fa-github
url: 'https://github.com/bromite/bromite'

54
_data/software/browsers-mobile/2_safari.yml
View File

@ -1,54 +0,0 @@
title: Safari
type: Recommendation
logo: /assets/img/browsers/safari.svg
description: |
**Safari** is the default browser in iOS. It includes [privacy features](https://support.apple.com/guide/iphone/browse-the-web-privately-iphb01fc3c85/15.0/ios/15.0) such as Intelligent Tracking Protection, Privacy Report, isolated Private Browsing tabs, iCloud Private Relay, and automatic HTTPS upgrades.
These options can be found in *Privacy and Security* (⚙️ Settings → Safari → Privacy and Security).
##### **Cross-Site Tracking Prevention**
Toggling this setting enables WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp).
<ul style="list-style-type:none;padding-left:0;">
<li>Toggle On: <strong>Prevent Cross-Site Tracking</strong>.</li>
</ul>
##### **Privacy Report**
Privacy Report provides a snapshot of cross-site trackers currently prevented from profiling you on the website you're visiting. It can also display a weekly report to show which trackers have been blocked over time.
Privacy Report is accessible through the **Aa** icon in the URL bar.
##### **Privacy Preserving Ad Measurement**
This is WebKit's own [implementation](https://webkit.org/blog/8943/privacy-preserving-ad-click-attribution-for-the-web/) of privacy preserving ad click attribution. If you do not wish to participate, you can disable this feature.
<ul style="list-style-type:none;padding-left:0;">
<li>Toggle Off: <strong>Privacy Preserving Ad Measurement</strong>.</li>
</ul>
##### **Apple Pay**
If you do not use Apple Pay, you can toggle off the ability for websites to check for it.
<ul style="list-style-type:none;padding-left:0;">
<li>Toggle Off: <strong>Check for Apple Pay</strong>.</li>
</ul>
##### **Always-on Private Browsing**
Open Safari and press the tabs icon in the bottom right corner. Open Tab Groups, located in the bottom middle.
<ul style="list-style-type:none;padding-left:0;">
<li>Select: <strong>Private</strong>.</li>
</ul>
#### iCloud Sync
While synchronization of Safari History, Tab Groups, and iCloud Tabs is end-to-end encrypted, bookmarks are [not](https://support.apple.com/en-us/HT202303); they are only encrypted in transit and stored in an encrypted format on Apple's servers. Apple may be able to decrypt and access them.
If you use iCloud, we also recommend checking to ensure Safari's default download location is set to locally on your device. This option can be found in *General* (⚙️ Settings → Safari → General → Downloads).
#### Extensions
We generally do not recommend installing [any extensions](https://www.sentinelone.com/blog/inside-safari-extensions-malware-golden-key-user-data/) as they increase your browser's [attack surface](https://en.wikipedia.org/wiki/Attack_surface); however, if you want content blocking, [AdGuard for Safari](/browsers/#additional-resources) might be useful to you.
website: https://www.apple.com/safari/
privacy_policy: https://www.apple.com/legal/privacy/data/en/safari/
downloads:
- icon: fab fa-app-store-ios
url: https://apps.apple.com/us/app/safari/id1146562112

18
_data/software/browsers-resources/1_ublock_origin.yml
View File

@ -1,18 +0,0 @@
title: uBlock Origin
type: Recommendation
logo: /assets/img/browsers/ublock_origin.svg
description: |
**uBlock Origin** is a popular content blocker that could help you block ads, trackers, and fingerprinting scripts.
We suggest enabling all of the [filter lists](https://github.com/gorhill/uBlock/wiki/Dashboard:-Filter-lists) under the "Ads," "Privacy," and "Malware domains". The "Annoyances" and "Multipurpose" lists can also be enabled, but they may break some social media functions. The *AdGuard URL Tracking Protection* filter list makes extensions like CleanURLs and NeatURLs redundant.
We also suggest adding the [Actually Legitimate URL Shortener Tool](https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt) list and any of the regional lists that might apply to your browsing habits. To add this list, first access settings by clicking on the uBO icon, then the settings icon (⚙️). Go to the bottom of the Filter lists pane and place a checkmark next to Import under the Custom section. Paste the URL of the filter list above into the text area that appears below and click "Apply changes".
Additional filter lists do slow things down and may increase your [attack surface](https://en.wikipedia.org/wiki/Attack_surface), so only apply what you need.
uBlock Origin also has different [blocking modes](https://github.com/gorhill/uBlock/wiki/Blocking-mode). The easy mode [might not](https://www.ranum.com/security/computer_security/editorials/dumb/) necessarily keep you safe from every tracker out there, whereas the more advanced modes let you control exactly what needs to run.
website: 'https://addons.mozilla.org/firefox/addon/ublock-origin/'
privacy_policy: 'https://github.com/gorhill/uBlock/wiki/Privacy-policy'
downloads:
- icon: fab fa-github
url: https://github.com/gorhill/uBlock

18
_data/software/browsers-resources/2_adguard.yml
View File

@ -1,18 +0,0 @@
title: AdGuard for Safari
type: Recommendation
logo: /assets/img/browsers/adguard.svg
description: |
**AdGuard for Safari** is a free and open-source content-blocking extension for Safari that uses the native [Content Blocker API](https://developer.apple.com/documentation/safariservices/creating_a_content_blocker). We suggest enabling the filters labled *#recommended* under the "Ad Blocking" and "Privacy" [content blockers](https://kb.adguard.com/en/safari/overview#content-blockers). The *#recommended* filters can also be enabled for the "Social Widgets" and "Annoyances" content blockers, but they may break some social media functions.
Additional filter lists do slow things down and may increase your [attack surface](https://en.wikipedia.org/wiki/Attack_surface), so only apply what you need.
There is also [AdGuard for iOS](https://adguard.com/en/adguard-ios/overview.html) which is able to perform system-wide content blocking by means of DNS filtering.
website: 'https://adguard.com/en/adguard-safari/overview.html'
privacy_policy: 'https://adguard.com/en/privacy/safari.html'
downloads:
- icon: fab fa-safari
url: 'https://apps.apple.com/app/adguard-for-safari/id1440147259'
- icon: fab fa-app-store-ios
url: 'https://apps.apple.com/app/apple-store/id1047223162'
- icon: fab fa-github
url: 'https://github.com/AdguardTeam/AdGuardForSafari'

9
_data/software/browsers-resources/3_terms_of_service_didnt_read.yml
View File

@ -1,9 +0,0 @@
title: Terms of Service; Didn't Read
type: Recommendation
logo: /assets/img/browsers/terms_of_service_didnt_read.svg
description: |
**Terms of Service; Didn't Read** grades websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analyses and ratings are published transparently by a community of reviewers.
We do not recommend installing ToS;DR as a browser extension. The same information is provided on their website.
website: 'https://tosdr.org/'
privacy_policy: 'https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/privacy/'

26
_data/software/browsers/1_tor-browser.yml
View File

@ -1,26 +0,0 @@
title: Tor Browser
type: Recommendation
info: Provides Anonymity
logo: /assets/img/browsers/tor.svg
description: |
**Tor Browser** is the choice if you need anonymity. This browser provides you with access to the Tor Bridges and [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)), along with extensions that can be automatically configured to fit its three security levels - *Standard*, *Safer* and *Safest*. We recommend that you do not change any of Tor Browser's default configurations outside of the standard security levels.
#### Extensions
You should **never** install any additional extensions on Tor Browser, including the ones we suggest for Firefox. Browser extensions make you stand out from other Tor users and your browser easier to [fingerprint](https://support.torproject.org/glossary/browser-fingerprinting).
website: 'https://www.torproject.org/'
website_tor: 'http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/'
privacy_policy: 'https://support.torproject.org/tbb/tbb-3/'
downloads:
- icon: fab fa-windows
url: 'https://www.torproject.org/download/'
- icon: fab fa-apple
url: 'https://www.torproject.org/download/'
- icon: fab fa-linux
url: 'https://www.torproject.org/download/'
- icon: fab fa-android
url: 'https://guardianproject.info/fdroid/'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=org.torproject.torbrowser'
- icon: fab fa-git
url: 'https://trac.torproject.org/projects/tor'

15
_data/software/dns-apps/1_rethinkdns.yml
View File

@ -1,15 +0,0 @@
title: RethinkDNS
type: Recommendation
logo: /assets/img/android/rethinkdns.svg
logo_dark: /assets/img/android/rethinkdns-dark.svg
description: |
**RethinkDNS** is an open-source Android client supporting [DNS-over-HTTPS](/dns/#dns-over-https-doh), [DNS-over-TLS](/dns/#dns-over-tls-dot), [DNSCrypt](/dns/#dnscrypt) and DNS Proxy along with caching DNS responses, locally logging DNS queries and can be used as a firewall too.
website: 'https://rethinkdns.com'
privacy_policy: 'https://rethinkdns.com/privacy'
downloads:
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=com.celzero.bravedns'
- icon: pg-f-droid
url: 'https://f-droid.org/packages/com.celzero.bravedns'
- icon: fab fa-github
url: 'https://github.com/celzero/rethink-app'

12
_data/software/dns-apps/2_dnscloak.yml
View File

@ -1,12 +0,0 @@
title: DNSCloak
type: Recommendation
logo: /assets/img/ios/dnscloak.png
privacy_policy: 'https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view'
description: |
An open-source iOS client supporting [DNS-over-HTTPS](/dns/#dns-over-https-doh), [DNSCrypt](/dns/#dnscrypt), and [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy/wiki) options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can [add custom resolvers by DNS stamp](https://medium.com/privacyguides/adding-custom-dns-over-https-resolvers-to-dnscloak-20ff5845f4b5).
website: 'https://github.com/s-s/dnscloak/blob/master/README.md'
downloads:
- icon: fab fa-app-store-ios
url: 'https://apps.apple.com/app/id1452162351'
- icon: fab fa-github
url: 'https://github.com/s-s/dnscloak'

12
_data/software/dns-apps/3_dnscrypt-proxy.yml
View File

@ -1,12 +0,0 @@
title: dnscrypt-proxy
type: Recommendation
logo: /assets/img/dns/dnscrypt-proxy.svg
description: |
A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
## Note
The anonymized DNS feature does [**not**](/dns#why-shouldnt-i-use-encrypted-dns) anonymize other network traffic.
website: 'https://github.com/DNSCrypt/dnscrypt-proxy/wiki'
downloads:
- icon: fab fa-github
url: 'https://github.com/DNSCrypt/dnscrypt-proxy'

36
_data/software/messengers/1_signal.yml
View File

@ -1,36 +0,0 @@
title: Signal
type: Recommendation
logo: /assets/img/messengers/signal.svg
labels: 'color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==All communications pass through a single host. |
color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.'
description: |
**Signal** is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling.
All communications are E2EE. Contact lists are encrypted using your login PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts who add you.
Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender/) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server.
#### Notes
Signal requires your phone number as a personal identifier.
[Sealed Sender](https://signal.org/blog/sealed-sender/) is only enabled for users on your contact list but can be enabled for all recipients with the increased risk of receiving spam.
#### Technical information
The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf) in 2016. The specification for the Signal protocol can be found in their [documentation](https://signal.org/docs/).
website: 'https://signal.org'
privacy_policy: 'https://signal.org/legal'
downloads:
- icon: fab fa-windows
url: 'https://signal.org/download'
- icon: fab fa-apple
url: 'https://signal.org/download'
- icon: fab fa-linux
url: 'https://signal.org/download'
- icon: fab fa-android
url: 'https://signal.org/android/apk/#apk-danger'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms'
- icon: fab fa-app-store-ios
url: 'https://apps.apple.com/app/id874139669'
- icon: fab fa-github
url: 'https://github.com/signalapp'

40
_data/software/messengers/2_element.yml
View File

@ -1,40 +0,0 @@
title: Element
type: Recommendation
logo: /assets/img/messengers/element.svg
labels: 'color==info::icon==fas fa-fw fa-wifi::text==Federated::tooltip==Your communications pass through one of a network of hosts that intercommunicate. |
color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==One-on-one voice and video calls are peer-to-peer (option can be disabled). |
color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.'
description: |
**Element** is the reference client for the [Matrix](https://matrix.org/docs/guides/introduction) protocol, an [open standard](https://matrix.org/docs/spec) for secure decentralized real-time communication.
Messages and files shared in private rooms (those which require an invite) are by default E2EE as are 1 to 1 voice and video calls.
#### Notes
Profile pictures, reactions, and nicknames are not encrypted.
Group voice and video calls are [not](https://github.com/vector-im/element-web/issues/12878) E2EE, and use Jitsi, but this is expected to change with [Native Group VoIP Signalling](https://github.com/matrix-org/matrix-doc/pull/3401). Group calls have [no authentication](https://github.com/vector-im/element-web/issues/13074) currently, meaning that non room participants can also join the calls. We recommend that you do not use this feature for private meetings.
When using [element-web](https://github.com/vector-im/element-web), you must trust the server hosting the Element client. If your [threat model](/threat-modeling) requires stronger protection, then use a desktop or mobile client instead.
#### Technical information
The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last) in 2016. The specification for the Matrix protocol can be found in their [documentation](https://spec.matrix.org/latest/). The [Olm](https://matrix.org/docs/projects/other/olm) cryptographic ratchet used by Matrix is an implementation of Signal's [Double Ratchet algorithm](https://signal.org/docs/specifications/doubleratchet/).
website: 'https://element.io'
privacy_policy: 'https://element.io/privacy'
downloads:
- icon: fab fa-windows
url: 'https://element.io/get-started'
- icon: fab fa-apple
url: 'https://element.io/get-started'
- icon: fab fa-linux
url: 'https://element.io/get-started'
- icon: fab fa-android
url: 'https://f-droid.org/packages/im.vector.app/'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=im.vector.app'
- icon: fab fa-app-store-ios
url: 'https://apps.apple.com/app/vector/id1083446067'
- icon: fas fa-globe-americas
url: 'https://app.element.io'
- icon: fab fa-github
url: 'https://github.com/vector-im/element-web'

26
_data/software/messengers/3_briar.yml
View File

@ -1,26 +0,0 @@
title: Briar
type: Recommendation
logo: /assets/img/messengers/briar.svg
labels: 'color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==Senders and recipients connect directly with no middlemen (can be disabled). |
color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together (can be disabled).'
description: |
**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works/) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar's local mesh mode can be useful when internet availability is a problem.
#### Notes
To [add a contact](https://briarproject.org/manual/) on Briar, you must both add each other first. You can either exchange `briar://` links or scan a contact's QR code if they are nearby.
#### Technical information
The client software was independently [audited](https://briarproject.org/news/2017-beta-released-security-audit/) and the anonymous routing protocol uses the Tor network which has also been audited.
Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec).
Briar supports perfect forward secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
website: 'https://briarproject.org'
privacy_policy: 'https://briarproject.org/privacy-policy'
downloads:
- icon: fab fa-android
url: 'https://f-droid.org/packages/org.briarproject.briar.android'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=org.briarproject.briar.android'
- icon: fab fa-git
url: 'https://code.briarproject.org/briar/briar'

34
_data/software/messengers/4_session.yml
View File

@ -1,34 +0,0 @@
title: Session
type: Recommendation
logo: /assets/img/messengers/session.svg
labels: 'color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together.'
description: |
**Session** is an encrypted instant messenger that uses three random [service nodes](https://getsession.org/blog/onion-requests-session-new-message-routing-solution) to route messages anonymously on the [Oxen Network](https://oxen.io).
Session allows for E2EE in one-to-one or closed rooms that allow up to 100 members.
Open rooms have no restriction on the number of members, but anyone can join.
#### Notes
Session does [not](https://getsession.org/blog/session-protocol-technical-information) support forward secrecy. The key pair for each conversation is not rotated.
#### Technical information
Session was independently [audited](https://getsession.org/session-code-audit/) in 2020. The protocol is described in a [whitepaper](https://arxiv.org/abs/2002.04609).
website: 'https://getsession.org/'
privacy_policy: 'https://getsession.org/privacy-policy'
downloads:
- icon: fab fa-windows
url: 'https://getsession.org/windows'
- icon: fab fa-apple
url: 'https://getsession.org/mac'
- icon: fab fa-linux
url: 'https://www.getsession.org/linux'
- icon: fab fa-android
url: 'https://fdroid.getsession.org/'
- icon: fab fa-google-play
url: 'https://play.google.com/store/apps/details?id=network.loki.messenger'
- icon: fab fa-app-store-ios
url: 'https://apps.apple.com/app/id1470168868'
- icon: fab fa-github
url: 'https://github.com/oxen-io/session-desktop'

22
_data/software/video-streaming-clients/1_freetube.yml
View File

@ -1,22 +0,0 @@
title: FreeTube
type: Recommendation
logo: /assets/img/video-streaming/freetube.svg
description: |
**FreeTube** is a free and open source desktop application for [YouTube](https://youtube.com). When using FreeTube, your subscription list and playlists are saved locally on your device.
FreeTube also features [SponsorBlock](https://sponsor.ajay.app) to help you skip sponsored advertisements. All YouTube advertisements are also blocked by default.
#### Notes
When using Freetube, your IP address is still known to YouTube, [Invidious](https://instances.invidious.io) and the SponsorBlock instances that you use. Consider using a [VPN](/providers/vpn) or [Tor](https://www.torproject.org) if your [threat model](/threat-modeling) requires hiding your IP address.
website: 'https://freetubeapp.io'
privacy_policy: 'https://freetubeapp.io/privacy.php'
downloads:
- icon: fab fa-windows
url: 'https://freetubeapp.io/#download'
- icon: fab fa-apple
url: 'https://freetubeapp.io/#download'
- icon: fab fa-linux
url: 'https://freetubeapp.io/#download'
- icon: fab fa-github
url: 'https://github.com/FreeTubeApp/FreeTube/'

28
_data/software/video-streaming-clients/2_lbry.yml
View File

@ -1,28 +0,0 @@
title: LBRY
type: Recommendation
logo: /assets/img/video-streaming/lbry.svg
description: |
**The LBRY network** is a decentralized video sharing network. It uses a [BitTorrent](https://wikipedia.org/wiki/BitTorrent)-like network to store the video content, and a [blockchain](https://wikipedia.org/wiki/Blockchain) to store the indexes for those videos. The main benefit of this design is censorship resistance.
**The LBRY desktop client** helps you stream videos from the LBRY network and stores your subscription list in your own LBRY wallet.
#### Notes
We recommend **against** synchronizing your wallet with LBRY Inc., as synchronizing encrypted wallets is not supported yet. If you synchronize your wallet with LBRY Inc., you have to trust them to not look at your subscription list, [LBC](https://lbry.com/faq/earn-credits) funds, or take control of your channel.
Only the **LBRY desktop client** is recommended. The [Odysee](https://odysee.com) website and the LBRY clients in F-Droid, Play Store, and the AppStore have mandatory synchronization and telemetry.
While watching and hosting videos, your IP address is visible to the LBRY network. Consider using a [VPN](/providers/vpn) or [Tor](https://www.torproject.org) if your [threat model](/threat-modeling) requires hiding your IP address.
You can also disable *Save hosting data to help the LBRY network* option (⚙️ Settings → Advanced Settings) to avoid exposing your IP address and watched videos when using LBRY for a prolonged period of time.
website: 'https://lbry.com/'
privacy_policy: 'https://lbry.com/privacypolicy'
downloads:
- icon: fab fa-windows
url: 'https://lbry.com/get'
- icon: fab fa-apple
url: 'https://lbry.com/osx'
- icon: fab fa-linux
url: 'https://lbry.com/linux'
- icon: fab fa-github
url: 'https://github.com/lbryio'

16
_data/software/video-streaming-clients/3_newpipe.yml
View File

@ -1,16 +0,0 @@
title: NewPipe
type: Recommendation
logo: /assets/img/video-streaming/newpipe.svg
description: |
**NewPipe** is a free and open source Android application for [YouTube](https://youtube.com), [SoundCloud](https://soundcloud.com), [media.ccc.de](https://media.ccc.de), [FramaTube](https://framatube.org), and [Bandcamp](https://bandcamp.com).
Your subscription list and playlists are saved locally on your Android device.
#### Notes
NewPipe is available on the main [F-Droid](https://www.f-droid.org)'s repository. We recommend that you use the NewPipe's own [F-Droid repository](https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo) instead to get faster updates.
website: 'https://newpipe.net'
privacy_policy: 'https://newpipe.net/legal/privacy'
downloads:
- icon: fab fa-android
url: 'https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo'
- icon: fab fa-github
url: 'https://github.com/TeamNewPipe/NewPipe'

14
_data/software/video-streaming-clients/4_newpipe-x-sponsorblock.yml
View File

@ -1,14 +0,0 @@
title: NewPipe x SponsorBlock
type: Recommendation
logo: /assets/img/video-streaming/newpipe.svg
description: |
**NewPipe x SponsorBlock** is a fork of [NewPipe](https://newpipe.net) with [SponsorBlock](https://sponsor.ajay.app) integrated to help you skip sponsored advertisements.
It also has some experimental settings such as the ability to use the built-in player for local playback, an option to force fullscreen on landscape mode, and an option to disable error reporting prompts.
#### Notes
This fork is not endorsed by or affiliated with the upstream project. The NewPipe team has [rejected](https://github.com/TeamNewPipe/NewPipe/pull/3205) integration with SponsorBlock and thus this fork is created to provide this functionality.
downloads:
- icon: fab fa-android
url: 'https://apt.izzysoft.de/fdroid/index/apk/org.polymorphicshade.newpipe'
- icon: fab fa-github
url: 'https://github.com/polymorphicshade/NewPipe'

23
_data/software/video-streaming-front-ends/1_invidious.yml
View File

@ -1,23 +0,0 @@
title: Invidious
type: Recommendation
logo: /assets/img/video-streaming/invidious.svg
logo_dark: /assets/img/video-streaming/invidious-dark.svg
description: |
**Invidious** is a free and open source front end for YouTube that is also self-hostable. There are list of [public instances](https://instances.invidious.io). Some instances have [Tor](https://www.torproject.org) onion services support.
#### Use case
Invidious is useful if you want to disable JavaScript in your browser, such as [Tor Browser](https://www.torproject.org/) on the Safest security setting. It does not provide privacy by itself and we dont recommend logging into any accounts.
#### Notes
Invidious does not proxy the video stream through its server by default. Videos watched through Invidious will still make direct connections to Google's servers (googlevideo.com); however, some instances support video proxying. This can be enabled by adding `&local=true` to the URL.
When self-hosting, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting Invidious, as other peoples' usage will be linked to your hosting.
When you are using an Invidious instance, be sure to go read the Privacy Policy of that specific instance. Invidious instances can be modified by their owners and therefore may not reflect their associated privacy policy. Some instances have Tor .onion addresses which may grant some privacy as long as your search queries don't contain PII (Personally Identifiable Information).
website: 'https://invidious.io'
downloads:
- icon: fas fa-globe-americas
url: 'https://instances.invidious.io'
- icon: fab fa-github
url: 'https://github.com/iv-org/invidious'

22
_data/software/video-streaming-front-ends/2_piped.yml
View File

@ -1,22 +0,0 @@
title: Piped
type: Recommendation
logo: /assets/img/video-streaming/piped.svg
description: |
**Piped** is a free and open source front end for YouTube that is also self-hostable. Alternative instances can be selected from "Preferences".
#### Use case
Piped is useful if you want to use [SponsorBlock](https://sponsor.ajay.app) without installing an extension or to access age-restricted content without an account. It does not provide privacy by itself and we dont recommend logging into any accounts.
#### Notes
When self-hosting, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting Piped, as other peoples' usage will be linked to your hosting.
When you are using a Piped instance, be sure to go read the Privacy Policy of that specific instance. Piped instances can be modified by their owners and therefore may not reflect their associated privacy policy.
Piped requires javascript in order to function.
website: 'https://piped.kavin.rocks/'
downloads:
- icon: fas fa-globe-americas
url: 'https://piped.kavin.rocks'
- icon: fab fa-github
url: 'https://github.com/TeamPiped/Piped'

21
_includes/badge.html
View File

@ -1,21 +0,0 @@
{% if include.link %}
<a
href="{{ include.link }}" class="text-decoration-none badge rounded-pill bg-{{ include.color | default: "info" }}"
{% if include.tooltip %}
data-bs-toggle="tooltip"
title="{{ include.tooltip }}"><i class="{{ include.icon | default: "fad fa-question-circle"}}"></i> {{ include.text }}
{% else %}><i class="{{ include.icon | default: "fas fa-external-link-alt"}}"></i> {{ include.text }}
{% endif %}
</a>
{% else %}
<span
class="badge rounded-pill bg-{{ include.color | default: "info" }}"
{% if include.tooltip %}
data-bs-toggle="tooltip"
title="{{ include.tooltip }}"
> <i class="{{ include.icon | default: "fad fa-question-circle"}}"></i> {{include.text}}
{% else %}
> {% if include.icon %}<i class="{{ include.icon }}"></i>{% endif %} {{include.text}}
{% endif %}
</span>
{% endif %}

11
_includes/blog-card.html
View File

@ -1,11 +0,0 @@
<div class="col-6 my-3">
<a href="{{ post.url | prepend: site.baseurl }}" class="text-decoration-none">
<div class="card bg-secondary {% if post.cover %}text-100" style="background-image: {{ post.color | default: "linear-gradient(to bottom, rgba(40, 50, 63, 0.3), rgba(40, 50, 63, 0.9))" }}, url(/assets/img/blog/{{ post.cover }}); background-size: cover; background-position: center;"{% else %}text-dm-100"{% endif %}>
<div class="card-body d-flex flex-column align-self-end" style="min-height: 300px;">
<h2 class="card-title mt-auto">{{ post.title }}</h2>
<p class="card-text">{{ post.excerpt }} <strong>Continue Reading...</strong></p>
<p class="card-text"><small class="">{% for author in page.author %}{{ author }}{% unless forloop.last %}, {% endunless %}{% endfor %} - {{ post.date | date: "%b %-d, %Y" }}</small></p>
</div>
</div>
</a>
</div>

5
_includes/card.html
View File

@ -1,5 +0,0 @@
<div class="card my-5">
<div class="card-body">
{{ include.content | default: markdown_text | markdownify }}
</div>
</div>

1
_includes/country.html
View File

@ -1 +0,0 @@
<span class="text-nowrap"><span class="flag-icon flag-icon-{{ include.cc | escape | downcase }}" title='{{ site.data.country[include.cc] | escape }}' aria-hidden="true"></span> {{ site.data.country[include.cc] | escape }}</span>

5
_includes/footer.html
View File

@ -1,5 +0,0 @@
<p><em><strong>Privacy Guides</strong> is a socially motivated website that provides information for protecting your data security and privacy.</em></p>
<p><i class="fab fa-creative-commons fa-fw"></i><i class="fab fa-creative-commons-zero fa-fw"></i> Unless otherwise noted, the original content on this website is made available under a <a href="https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE">CC0 1.0 Universal Public Domain Dedication</a>.
<p><small>This content was made available by the <a href="https://github.com/orgs/privacyguides/people">Privacy Guides team</a> and <a href="https://github.com/privacyguides/privacyguides.org/graphs/contributors?from=2019-05-11&type=c&to={{ site.build.date }}">contributors</a>. <a href="https://github.com/privacyguides/privacyguides">Get involved</a>! | <a href="https://github.com/privacyguides/privacyguides.org/issues">Open an Issue</a> | <a href="/privacy-policy/">Privacy Policy</a> | <a href="/terms-and-notices/">Website Terms &amp; Notices</a></small></p>

49
_includes/head.html
View File

@ -1,49 +0,0 @@
<head>
<meta charset="utf-8">
<meta name="referrer" content="no-referrer">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="keywords" content="privacy, anonymity, privacy guides, surveillance, encryption">
<meta name="description" content="{% if page.description %}{{ page.description | markdownify | strip_html | escape }}{% else %}{{ site.description | escape }}{% endif %}">
<link rel="canonical" href="{{ page.url | prepend: site.url | replace:'index.html','' }}">
<!-- title & Open Graph -->
{% if page.title %}
<title>{{ page.title }} | {{ site.title }}</title>
<meta property="og:title" content="{{ page.title | escape }} | {{ site.title | escape }}" />
{% else %}
<title>{{ site.title }}{%if page.url == "/" %} — Your Central Privacy and Security Resource{% endif %}</title>
<meta property="og:title" content="{{ site.title | escape }}" />
{% endif %}
<meta property="og:type" content="website" />
<meta property="og:url" content="{{ page.url | prepend: site.url }}" />
<meta property="og:description" content="{% if page.description %}{{ page.description | markdownify | strip_html | escape }}{% else %}{{ site.description | escape }}{% endif %}"/>
<meta property="og:locale" content="en_US" />
<meta property="og:site_name" content="{{ site.title | escape }}" />
<script type="application/ld+json">
{{ site.data.schema.organization | jsonify }}
</script>
<!-- blog feeds -->
<link rel="alternate" title="Blog (JSON feed)" type="application/json" href="/feed.json" />
<link rel="alternate" title="Blog (Atom feed)" type="application/rss+xml" href="/feed.xml" />
<!-- favicons and theme -->
<link rel="apple-touch-icon" sizes="180x180" href="/assets/img/layout/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/assets/img/layout/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/assets/img/layout/favicon-16x16.png">
<link rel="manifest" href="/assets/files/meta/site.webmanifest">
<link rel="mask-icon" href="/assets/img/layout/safari-pinned-tab.svg" color="#ffd06f">
<link rel="shortcut icon" href="/assets/img/layout/favicon.ico">
<meta name="apple-mobile-web-app-title" content="Privacy Guides">
<meta name="application-name" content="Privacy Guides">
<meta name="msapplication-TileColor" content="#ffd06f">
<meta name="msapplication-config" content="/assets/files/meta/browserconfig.xml">
<meta name="theme-color" content="#ffd06f">
<!-- CSS stylesheets -->
<link href="/assets/css/app.css?v=20210506" rel="stylesheet">
<link href="/assets/fonts/vendor/fontawesome/css/all.min.css?v=6.0.0-beta1" rel="stylesheet">
<link id="dark-css" href="/assets/css/dark.css?v=20210506" rel="stylesheet" media="(prefers-color-scheme: dark)">
</head>

1
_includes/hr.html
View File

@ -1 +0,0 @@
<hr class="m-5" />

76
_includes/legacy/card.html
View File

@ -1,76 +0,0 @@
<div class="col-xl-4 col-lg-6 col-md-12 mb-4">
<div class="card card-{{include.color}}">
{% if include.color == "warning" %}
<div class="card-header text-dark bg-{{include.color}}">
{% else %}
<div class="card-header text-white bg-{{include.color}}">
{% endif %}
<h3 class="h5">{{include.title}}</h3>
</div>
<div class="card-body">
{% if include.labels %}
{% assign labels = include.labels | replace:", ", "," | split:"," %}
<div class="mb-1">
{% for label in labels %}
{% assign label_data = label | split:";" %}
{% assign color = label_data[0] %}
{% assign text = label_data[1] %}
{% assign tooltip = label_data[2] | default: "" %}
{% assign help_icon = '<i class="far fa-question-circle"></i>' %}
<span class="badge rounded-pill bg-{{color}}" {% if tooltip %} data-bs-toggle="tooltip" title="{{ tooltip }}">{{text}} {{ help_icon
}}
{% else %}
>{{text}}
{% endif %}
</span>
{% endfor %}
</div>
{% endif %}
<p>
{% if include.image %}
<img src="{{include.image}}" width="120" height="120" alt="{{include.title}}" class="panel-item">
{% elsif include.icon %}
<i class="{{ include.icon }} panel-icon{% if include.iconcolor %} text-{{include.iconcolor}}{% endif %}"></i>
{% elsif include.font %}
<span class="{{ include.font }} panel-item panel-font" alt="{{ include.title }}"></span>
{% endif %}
{{include.description}}
</p>
<div>
<p>
{% if include.url %}
<a class="btn btn-{{include.color}} mb-1" href="{{include.url}}">
{% if include.website %}
{{include.website}}
{% else %}
{{ include.url | remove: "https://" | remove: "http://" | remove: "www." | remove: "/" | remove: "github.com" }}
{% endif %}
</a>
{% elsif include.page %}
<a class="btn btn-{{include.color}} mb-1" href="{{include.page}}">
{% if include.moretext %}
{{include.moretext}}
{% else %}
Learn More
{% endif %}
</a>
{% endif %}
{% if include.tor %}
<a class="mb-1" data-bs-toggle="tooltip" data-bs-placement="bottom" title="{{include.tor}} Requires specific software to access: torproject.org" href="{{include.tor}}"><img alt="Tor" src="/assets/img/layout/tor.png" width="35" height="35"></a>
{% endif %}
{% if include.git %}
<a class="mb-1" data-bs-toggle="tooltip" data-bs-placement="bottom" title="{{include.git}} supports source code compiling and open review | is free software" href="{{include.git}}"><img alt="Git" src="assets/img/layout/git.png" width="35"></a>
{% endif %}
{% if include.extra_button %}
{{include.extra_button}}
{% endif %}
</p>
{% if include.footer %}
<p>{{include.footer}}</p>
{% endif %}
</div>
</div>
</div>
</div>

324
_includes/legacy/cardv2.html
View File

@ -1,324 +0,0 @@
<div class="card">
<div class="card-header bg-transparent">
<h3 class="h5">
{% if include.badges %}
<span class="me-2">{{ include.title }}</span>
{% assign badges = include.badges | split:"|" %}
{% for badge in badges %}
{% assign badge_data = badge | split:":" %}
{% assign color = badge_data[0] %}
{% assign text = badge_data[1] %}
{% assign tooltip = badge_data[2] | default: false %}
{% assign help_icon = '<i class="far fa-question-circle"></i>' %}
<span
class="badge rounded-pill bg-{{color}}"
{% if tooltip %}
data-bs-toggle="tooltip"
title="{{ tooltip }}"
> {{text}} {{ help_icon }}
{% else %}
> {{text}}
{% endif %}
</span>
{% endfor %}
{% else %}
{{ include.title }}
{% endif %}
</h3>
</div>
<div class="card-body">
<p class="card-text">
<picture>
{% if include.image-dark %}
<source
srcset="{{include.image-dark}}"
media="(prefers-color-scheme: dark)"
>{% endif %}
<img
src="{{include.image}}"
height="120"
width="120"
class="panel-pic"
alt="{{include.title}} logo"
>
</picture>
{{ include.description }}
{% if include.labels %}
{% assign labels = include.labels | split:"|" %}
{% for label in labels %}
{% assign label_data = label | split:"::" %}
{% for label_attr in label_data %}
{% assign attr = label_attr | split:"==" %}
{% if attr[0] == "color" %}
{% assign color = attr[1] %}
{% elsif attr[0] == "link" %}
{% assign link = attr[1] %}
{% elsif attr[0] == "text" %}
{% assign text = attr[1] %}
{% elsif attr[0] == "icon" %}
{% assign icon = attr[1] %}
{% elsif attr[0] == "tooltip" %}
{% assign tooltip = attr[1] %}
{% endif %}
{% endfor %}
{% include badge.html
link=link
color=color
text=text
icon=icon
tooltip=tooltip
%}
{% assign color = nil %}
{% assign link = nil %}
{% assign text = nil %}
{% assign icon = nil %}
{% assign tooltip = nil %}
{% endfor %}
{% endif %}
</p>
<div class="d-flex justify-content-between flex-column flex-md-row align-items-start align-items-md-center">
<div class="flow-root flex-shrink-0 me-1">
<a
href="{{include.website}}"
rel="noopener"
class="btn btn-secondary mt-1 me-1">
<i class="fas fa-external-link-alt fa-fw"></i>
Website
</a>
{% if include.privacy-policy %}
<a
href="{{include.privacy-policy}}"
rel="noopener"
class="btn btn-primary mt-1 me-1">
<i class="fas fa-book fa-fw"></i>
Privacy Policy
</a>
{% endif %}
{% if include.tor %}
<a
href="{{include.tor}}"
rel="noopener"
class="btn btn-info mt-1 me-1"
data-bs-toggle="tooltip"
data-bs-placement="bottom"
title="Requires specific software to access: torproject.org">
<span class="pg-tor text-light"></span>
</a>
{% endif %}
{% if include.i2p %}
<a
href="{{include.i2p}}"
rel="noopener"
class="btn btn-primary mt-1 me-1"
data-bs-toggle="tooltip"
data-bs-placement="bottom"
title="Requires specific software to access: geti2p.net">
<span class="pg-i2p text-dark"></span>
</a>
{% endif %}
</div>
<div class="mt-2">
{% if include.windows %}
{% if include.windows != "" %}
<a href="{{ include.windows }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-windows fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-windows fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.mac %}
{% if include.mac != "" %}
<a href="{{ include.mac }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-macos fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-macos fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.linux %}
{% if include.linux != "" %}
<a href="{{ include.linux }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-linux fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-linux fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.freebsd %}
{% if include.freebsd != "" %}
<a href="{{ include.freebsd }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-freebsd fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-freebsd fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.openbsd %}
{% if include.openbsd != "" %}
<a href="{{ include.openbsd }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-openbsd fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-openbsd fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.netbsd %}
{% if include.netbsd != "" %}
<a href="{{ include.netbsd }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-netbsd fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-netbsd fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.firefox %}
{% if include.firefox != "" %}
<a href="{{ include.firefox }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-firefox fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-firefox fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.chrome %}
{% if include.chrome != "" %}
<a href="{{ include.chrome }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-chrome fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-chrome fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.safari %}
{% if include.safari != "" %}
<a href="{{ include.safari }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-safari fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-safari fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.opera %}
{% if include.opera != "" %}
<a href="{{ include.opera }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-opera fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-opera fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.edge %}
{% if include.edge != "" %}
<a href="{{ include.edge }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-edge fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-edge fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.fdroid %}
{% if include.fdroid != "" %}
<a href="{{ include.fdroid }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-f-droid fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-f-droid fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.googleplay %}
{% if include.googleplay != "" %}
<a href="{{ include.googleplay }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-google-play fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-google-play fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.android %}
{% if include.android != "" %}
<a href="{{ include.android }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-android fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fab fa-android fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.ios %}
{% if include.ios != "" %}
<a href="{{ include.ios }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-ios fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-ios fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.sailfish %}
{% if include.sailfish != "" %}
<a href="{{ include.sailfish }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="pg-sailfish-os fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="pg-sailfish-os fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{% if include.web %}
{% if include.web != "" %}
<a href="{{ include.web }}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fas fa-globe-americas fa-2x fa-fw d-inline pe-1"></i>
</a>
{% else %}
<i class="fas fa-globe-americas fa-2x fa-fw d-inline pe-1"></i>
{% endif %}
{% endif %}
{{include.icon1}}
{{include.icon2}}
{{include.icon3}}
{% if include.github %}
<a href="{{include.github}}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-github fa-2x fa-fw d-inline"></i>
</a>
{% endif %}
{% if include.gitlab %}
<a href="{{include.gitlab}}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-gitlab fa-2x fa-fw d-inline"></i>
</a>
{% endif %}
{% if include.git %}
<a href="{{include.git}}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fab fa-git-square fa-2x fa-fw d-inline"></i>
</a>
{% endif %}
{% if include.source %}
<a href="{{include.source}}" rel="noopener" class="text-decoration-none text-decoration-none">
<i class="fas fa-code-branch fa-2x fa-fw d-inline"></i>
</a>
{% endif %}
</div>
</div>
</div>
</div>
<br>

14
_includes/legacy/panel.html
View File

@ -1,14 +0,0 @@
<div class="col-xl-4 col-lg-6 col-md-12 mb-4">
<div class="card card-{{include.color}}">
{% if include.color == "warning" %}
<div class="card-header text-dark bg-{{include.color}}">
{% else %}
<div class="card-header text-white bg-{{include.color}}">
{% endif %}
<h3 class="h5">{{include.title}}</h3>
</div>
<div class="card-body">
{{include.body}}
</div>
</div>
</div>

59
_includes/legacy/sections/calendar-contacts-sync.html
View File

@ -1,59 +0,0 @@
<h2 id="calendar_contacts" class="anchor"><a href="#calendar_contacts"><i class="fas fa-link anchor-icon"></i></a> Calendar and Contacts Sync</h2>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud, you should pick an alternative here.</strong>
</div>
{%
include legacy/cardv2.html
title="Nextcloud"
image="/assets/img/legacy_svg/3rd-party/nextcloud.svg"
description="<strong>Nextcloud</strong> is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
website="https://nextcloud.com/"
privacy-policy="https://nextcloud.com/privacy/"
github="https://github.com/nextcloud"
windows="https://nextcloud.com/install/"
linux="https://nextcloud.com/install/"
mac="https://nextcloud.com/install/"
freebsd="https://www.freshports.org/deskutils/nextcloudclient/"
openbsd="http://openports.se/www/nextcloud"
netbsd="http://pkgsrc.se/www/php-nextcloud"
android="https://nextcloud.com/install/"
ios="https://nextcloud.com/install/"
%}
{%
include legacy/cardv2.html
title="EteSync"
image="/assets/img/legacy_svg/3rd-party/etesync.svg"
description="<strong>EteSync</strong> is a secure, end-to-end encrypted, and privacy-respecting cloud backup and synchronization software for your personal information (e.g. contacts and calendars). There are native clients for Android, iOS, and the web, and an adapter layer for most desktop clients. It costs $24 per year to use, or you can host the server yourself for free."
website="https://www.etesync.com/"
privacy-policy="https://www.etesync.com/tos/#privacy"
github="https://github.com/etesync"
web="https://client.etesync.com/"
windows="https://github.com/etesync/etesync-dav/releases/latest"
mac="https://github.com/etesync/etesync-dav/releases/latest"
linux="https://github.com/etesync/etesync-dav/releases/latest"
freebsd="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
openbsd="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
netbsd="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
fdroid="https://f-droid.org/packages/com.etesync.syncadapter/"
googleplay="https://play.google.com/store/apps/details?id=com.etesync.syncadapter"
ios="https://apps.apple.com/app/id1489574285"
%}
{%
include legacy/cardv2.html
title="Email Providers"
image="/assets/img/legacy_svg/layout/email.svg"
description='Many email providers also offer calendar and or contacts sync services. Refer to our <a href="/providers/email">Email Provider recommendations</a> to choose an email provider and see if they also offer calendar and/or contacts sync.'
website="/providers/email"
%}
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://github.com/39aldo39/DecSync">DecSync</a> - DecSync can be used to synchronize RSS, contacts, and calendars without a server by using file synchronization software such as <a href="https://syncthing.net/">Syncthing</a>.
</li>
</ul>

72
_includes/legacy/sections/email-clients.html
View File

@ -1,72 +0,0 @@
<h2 id="desktopclients" class="anchor"><a href="#desktopclients"><i class="fas fa-link anchor-icon"></i></a> Desktop Email Clients</h2>
{% include legacy/cardv2.html
title="Thunderbird"
image="/assets/img/legacy_svg/3rd-party/thunderbird.svg"
description="Thunderbird is a free, open source, cross-platform email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client developed by the Thunderbird community, and previously by the Mozilla Foundation."
website="https://www.thunderbird.net/"
privacy-policy="https://www.mozilla.org/privacy/thunderbird/"
source="https://hg.mozilla.org/comm-central/"
windows="https://www.thunderbird.net"
mac="https://www.thunderbird.net"
linux="https://www.thunderbird.net/"
freebsd="https://www.freshports.org/mail/thunderbird/"
openbsd="http://openports.se/mail/mozilla-thunderbird"
netbsd="http://pkgsrc.se/mail/thunderbird"
%}
{% include legacy/cardv2.html
title="Mailvelope"
image="/assets/img/legacy_svg/3rd-party/mailvelope.svg"
description="Mailvelope is a browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard."
website="https://www.mailvelope.com/en"
privacy-policy="https://www.mailvelope.com/en/privacy-policy"
github="https://github.com/mailvelope/mailvelope"
firefox="https://addons.mozilla.org/firefox/addon/mailvelope/"
chrome="https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke?hl"
edge="https://microsoftedge.microsoft.com/addons/detail/mailvelope/dgcbddhdhjppfdfjpciagmmibadmoapc"
%}
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://neomutt.org/">NeoMutt</a> - NeoMutt is an open-source command line mail reader (or MUA) for Linux and BSD. Its a fork of <a href="https://en.wikipedia.org/wiki/Mutt_(email_client)">Mutt</a> with added features.
</ul>
<h2 id="mobileclients" class="anchor"><a href="#mobileclients"><i class="fas fa-link anchor-icon"></i></a> Mobile Email Clients</h2>
<h3 id="adroidclients" class="anchor"><a href="#adroidclients"><i class="fas fa-link anchor-icon"></i></a> Android Email Clients</h3>
{% include legacy/cardv2.html
title="FairEmail"
image="/assets/img/legacy_svg/3rd-party/fairemail.svg"
description="FairEmail is a minimal, open source email app, using open standards (IMAP, SMTP, OpenPGP) with a low data and battery usage."
website="https://email.faircode.eu/"
privacy-policy="https://github.com/M66B/FairEmail/blob/master/PRIVACY.md"
github="https://github.com/M66B/FairEmail"
fdroid="https://f-droid.org/en/packages/eu.faircode.email/"
googleplay="https://play.google.com/store/apps/details?id=eu.faircode.email"
%}
{% include legacy/cardv2.html
title="K-9 Mail"
image="/assets/img/legacy_svg/3rd-party/k9mail.svg"
description="K-9 Mail is an independent mail application that supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP."
website="https://k9mail.app/"
privacy-policy="https://k9mail.app/privacy"
github="https://github.com/k9mail"
fdroid="https://f-droid.org/packages/com.fsck.k9/"
googleplay="https://play.google.com/store/apps/details?id=com.fsck.k9"
%}
<h3 id="iosclients" class="anchor"><a href="#iosclients"><i class="fas fa-link anchor-icon"></i></a> iOS Email Clients</h3>
{% include legacy/cardv2.html
title="Canary Mail"
image="/assets/img/legacy_svg/3rd-party/canarymail.svg"
labels="color==warning::link==https://canarymail.io/faq.html::text==Closed source::tooltip==The source programming code for Canary Mail is not available. Canary Mail is a proprietary application."
description="Canary Mail is a paid email client designed to make end-to-end encryption seamless with security features such as a biometric app lock."
website="https://canarymail.io/"
privacy-policy="https://canarymail.io/privacy.html"
ios="https://apps.apple.com/app/id1236045954"
%}

241
_includes/legacy/sections/email-providers.html
View File

@ -1,241 +0,0 @@
<h2 id="email" class="anchor"><a href="#email"><i class="fas fa-link anchor-icon"></i></a> Recommended Email Services</h2>
<div class="alert alert-success" role="alert">
<strong>Our recommended providers operate outside of the US, adopt modern email technology, and meet <a href="/providers/email/#criteria">our other criteria</a> for listing</strong>.
</div>
<div class="container-fluid">
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img
src="/assets/img/legacy_svg/3rd-party/protonmail.svg"
height="70"
width="200"
class="img-fluid d-block me-auto ms-auto align-middle"
alt="ProtonMail">
</div>
<div class="col">
<h2 id="protonmail" class="anchor"><a href="#protonmail"><i class="fas fa-link anchor-icon"></i></a> ProtonMail {% include badge.html color="info" text="Free" %}</h2>
<p><strong><a href="https://protonmail.com">ProtonMail.com</a></strong> is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since <strong>2013</strong>. ProtonMail is based in Genève, <span class="flag-icon flag-icon-ch"></span> Switzerland. Accounts start with 500 MB storage with their free plan.</p>
<p>Free accounts have some limitations, such as not being able to search body text and not having access to <a href="https://protonmail.com/bridge">ProtonMail Bridge</a>, which is required to use a <a href="/software/email">recommended desktop email client</a> (e.g. Thunderbird). Paid accounts are available starting at <strong>€48/y</strong> which include features like ProtonMail Bridge, additional storage, and custom domain support.</p>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Paid ProtonMail users can use their own domain with the service. <a href="https://protonmail.com/support/knowledge-base/catch-all/">Catch-all</a> addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports <a href="https://protonmail.com/support/knowledge-base/creating-aliases/">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
<p>ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.</p>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>ProtonMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> <a href="https://protonmail.com/support/knowledge-base/two-factor-authentication/">two factor authentication</a> only. The use of a <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key is not yet supported. ProtonMail is planning to implement U2F upon completion of their <a href="https://reddit.com/comments/cheoy6/comment/feh2lw0/">Single Sign On (SSO)</a> code.</p>
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
<p>ProtonMail has <a href="https://protonmail.com/blog/zero-access-encryption">zero access encryption at rest</a> for your emails, <a href="https://protonmail.com/blog/encrypted-contacts-manager">address book contacts</a>, and <a href="https://protonmail.com/blog/protoncalendar-security-model">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>ProtonMail has <a href="https://protonmail.com/support/knowledge-base/how-to-use-pgp">integrated OpenPGP encryption</a> in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to <a href="https://protonmail.com/support/knowledge-base/encrypt-for-outside-users">encrypt messages to non-ProtonMail users</a> without the need for them to sign up for a ProtonMail account or use software like OpenPGP.</p>
<p>ProtonMail also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.</p>
<h5>{% include badge.html color="success" text=".onion Service" %}</h5>
<p>ProtonMail's login and services are accessible over Tor, <a href="https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/">protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion</a></p>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.</p>
</div>
</div>
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img
src="/assets/img/legacy_svg/3rd-party/mailboxorg.svg"
height="70"
width="200"
class="img-fluid d-block me-auto ms-auto align-middle"
alt="Mailbox">
</div>
<div class="col">
<h2 id="mailbox" class="anchor"><a href="#mailbox"><i class="fas fa-link anchor-icon"></i></a> Mailbox.org {% include badge.html color="info" text="€12/y" %}</h2>
<p><strong><a href="https://mailbox.org">Mailbox.org</a></strong> is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since <strong>2014</strong>. Mailbox.org is based in Berlin, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.</p>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Mailbox.org lets users use their own domain and they support <a href="https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain">catch-all</a> addresses. Mailbox.org also supports <a href="https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
<p>Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.</p>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Mailbox.org supports <a href="https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA">two factor authentication</a> for their webmail only. You can use either <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or a <a href="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> via the <a href="https://www.yubico.com/products/services-software/yubicloud">Yubicloud</a>. Web standards such as <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <a href="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>Mailbox.org allows for encryption of incoming mail using their <a href="https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox">encrypted mailbox</a>. New messages that you receive will then be immediately encrypted with your public key.</p>
<p>However, <a href="https://en.wikipedia.org/wiki/Open-Xchange">Open-Exchange</a>, the software platform used by Mailbox.org, <a href="https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book">does not support</a> the encryption of your address book and calendar. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate for that information.</p>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>Mailbox.org has <a href="https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow <a href="https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP">remote recipients to decrypt an email</a> on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.</p>
<p>Mailbox.org also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.</p>
<h5>{% include badge.html color="warning" text=".onion Service" %}</h5>
<p>You can access your Mailbox.org account via IMAP/SMTP using <a href="https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org">their .onion service</a>. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.</p>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>All accounts come with limited cloud storage that <a href="https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive">can be encrypted</a>. Mailbox.org also offers the alias <a href="https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely">@secure.mailbox.org</a>, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports <a href="https://en.wikipedia.org/wiki/Exchange_ActiveSync">Exchange ActiveSync</a> in addition to standard access protocols like IMAP and POP3.</p>
</div>
</div>
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img
src="/assets/img/legacy_svg/3rd-party/disroot.svg"
data-theme-src="/assets/img/legacy_svg/3rd-party/disroot-dark.svg"
height="70"
width="200"
class="img-fluid d-block me-auto ms-auto align-middle"
alt="Disroot">
</div>
<div class="col">
<h2 id="disroot" class="anchor"><a href="#disroot"><i class="fas fa-link anchor-icon"></i></a> Disroot {% include badge.html color="info" text="Free" %}</h2>
<p><strong><a href="https://disroot.org/en/services/email">Disroot</a></strong> offers email amongst <a href="https://disroot.org/en/#services">other services</a>. The service is maintained by volunteers and its community. They have been in operation since <strong>2015</strong>. Disroot is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.</p>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Disroot lets users use their own domain. They have aliases, however you must <a href="https://disroot.org/en/forms/alias-request-form">manually apply</a> for them.</p>
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
<p>Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.</p>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Disroot supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication for webmail only. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
<p>Disroot also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.</p>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>Disroot does not operate a .onion service.</p>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>They offer <a href="https://disroot.org/en/#services">other services</a> such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app <a href="https://f-droid.org/packages/org.disroot.disrootapp/">available in F-Droid</a>.</p>
</div>
</div>
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img
src="/assets/img/legacy_svg/3rd-party/tutanota.svg"
data-theme-src="/assets/img/legacy_svg/3rd-party/tutanota-dark.svg"
height="70"
width="200"
class="img-fluid d-block me-auto ms-auto align-middle"
alt="Tutanota">
</div>
<div class="col">
<h2 id="tutanota" class="anchor"><a href="#tutanota"><i class="fas fa-link anchor-icon"></i></a> Tutanota {% include badge.html color="info" text="Free" %}</h2>
<p><strong><a href="https://tutanota.com">Tutanota.com</a></strong> is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since <strong>2011</strong> and is based in Hanover, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 1GB storage with their free plan.</p>
<p>Tutanota <a href="https://tutanota.com/faq/#imap">doesn't allow</a> the use of third-party <a href="/software/email/">email clients</a>. Tutanota has no plans pull email from <a href="https://github.com/tutao/tutanota/issues/544#issuecomment-670473647">external email accounts</a> using the <a href="https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</a> protocol. <a href="https://github.com/tutao/tutanota/issues/630">Email import</a> is currently not possible.</p>
<p>Emails can be exported <a href="https://tutanota.com/howto#generalMail">individually or by bulk selection</a>. Tutanota does not allow for <a href="https://github.com/tutao/tutanota/issues/927">subfolders</a> as you might expect with other email providers.</p>
<p>Tutanota is working on a <a href="https://tutanota.com/blog/posts/desktop-clients/">desktop client</a> and they have an app <a href="https://f-droid.org/packages/de.tutao.tutanota">available in F-Droid</a>. They also have their app in conventional stores such as <a href="https://apps.apple.com/us/app/tutanota/id922429609">App Store</a> on iOS and <a href="https://play.google.com/store/apps/details?id=de.tutao.tutanota">Google Play</a> for Android.</p>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Paid Tutanota accounts can use up to 5 <a href="https://tutanota.com/faq#alias">aliases</a> and <a href="https://tutanota.com/faq#custom-domain">custom domains</a>. Tutanota doesn't allow for <a href="https://tutanota.com/faq#plus">subaddressing (plus addresses)</a>, but you can use a <a href="https://tutanota.com/howto#settings-global">catch-all</a> with a custom domain.</p>
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
<p>Tutanota only directly accepts credit cards and PayPal, however Bitcoin and Monero can be used to purchase gift cards via their <a href="https://tutanota.com/faq/#cryptocurrency">partnership</a> with Proxystore.</p>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Tutanota supports <a href="https://tutanota.com/faq#2fa">two factor authentication</a>. Users can either use <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a>. U2F support is <a href="https://github.com/tutao/tutanota/issues/443">not yet available on Android</a>.</p>
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
<p>Tutanota has <a href="https://tutanota.com/faq#what-encrypted">zero access encryption at rest</a> for your emails, <a href="https://tutanota.com/faq#encrypted-address-book">address book contacts</a>, and <a href="https://tutanota.com/faq#calendar">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
<h5>{% include badge.html color="warning" text="Email Encryption" %}</h5>
<p>Tutanota <a href="https://www.tutanota.com/faq/#pgp">does not use OpenPGP</a>. Tutanota users can only receive encrypted emails when external users send them through a <a href="https://www.tutanota.com/howto/#encrypted-email-external">temporary Tutanota mailbox</a>.</p>
<p>Tutanota <a href="https://github.com/tutao/tutanota/issues/198">does have plans</a> to support <a href="https://autocrypt.org">AutoCrypt</a>. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.</p>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>Tutanota does not operate a .onion service but <a href="https://github.com/tutao/tutanota/issues/528">may consider</a> it in the future.</p>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>Tutanota offers the business version of <a href="https://tutanota.com/blog/posts/secure-email-for-non-profit">Tutanota to non-profit organizations</a> for free or with a heavy discount.</p>
<p>Tutanota also has a business feature called <a href="https://tutanota.com/secure-connect/">Secure Connect</a>. This ensures customer contact to the business uses E2EE. The feature costs €240/y.</p>
</div>
</div>
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img
src="/assets/img/legacy_svg/3rd-party/startmail.svg"
data-theme-src="/assets/img/legacy_svg/3rd-party/startmail-dark.svg"
height="70"
width="200"
class="img-fluid d-block me-auto ms-auto align-middle"
alt="StartMail">
</div>
<div class="col">
<h2 id="startmail" class="anchor"><a href="#startmail"><i class="fas fa-link anchor-icon"></i></a> StartMail {% include badge.html color="info" text="Personal USD $59.95/y" %}</h2>
<p><strong><a href="https://startmail.com">StartMail.com</a></strong> is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since <strong>2014</strong> and is based in Boulevard 11, Zeist <span class="flag-icon flag-icon-nl"></span> Netherlands. Accounts start with 10GB. They offer a 30-day trial.</p>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Personal accounts can use <a href="https://support.startmail.com/hc/en-us/articles/360007297457-Aliases">Custom or Quick</a> aliases. <a href="https://support.startmail.com/hc/en-us/articles/4403911432209-Setup-a-custom-domain">Custom domains</a> are also available.</p>
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
<p>StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other <a href="https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods">payment options</a> such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.</p>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>StartMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://support.startmail.com/hc/en-us/articles/360006682158-Two-factor-authentication-2FA">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>StartMail has <a href="https://www.startmail.com/en/whitepaper/#_Toc458527835">zero access encryption at rest</a>, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.</p>
<p>StartMail supports importing <a href="https://support.startmail.com/hc/en-us/articles/360006495557-Import-contacts">contacts</a> however, they are only accessible in the webmail and not through protocols such as <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a>. Contacts are also not stored using zero knowledge encryption, so a <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>StartMail has <a href="https://support.startmail.com/hc/en-us/sections/360001889078-Encryption">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys.</p>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>StartMail does not operate a .onion service.</p>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.</p>
</div>
</div>
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img
src="/assets/img/legacy_svg/3rd-party/ctemplar.svg"
data-theme-src="/assets/img/legacy_svg/3rd-party/ctemplar-dark.svg"
height="70"
width="200"
class="img-fluid d-block me-auto ms-auto align-middle"
alt="CTemplar">
</div>
<div class="col">
<h2 id="ctemplar" class="anchor"><a href="#ctemplar"><i class="fas fa-link anchor-icon"></i></a> CTemplar {% include badge.html color="info" text="Prime USD $96/y" %}</h2>
<p><strong><a href="https://ctemplar.com">CTemplar</a></strong> is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. CTemplar has been in operation since <strong>2018</strong> and is run from <span class="flag-icon flag-icon-is"></span> Iceland. Paid accounts start with 5GB. They offer free accounts by <a href="https://ctemplar.com/email-creation-restriction/">invitation</a>.</p>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Paid accounts can use <a href="https://ctemplar.com/help/answer/add-a-domain/">Custom Domains </a> and <a href="https://ctemplar.com/help/answer/how-to-create-aliases/">aliases</a>.</p>
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
<p>CTemplar <a href="https://ctemplar.com/help/answer/payment-options/">payment options</a> include Credit cards via Stripe, Bitcoin and Monero.</p>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>CTemplar supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://ctemplar.com/help/answer/setting-up-two-factor-authentication-2fa/">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
<p>CTemplar has <a href="https://ctemplar.com/help/answer/what-encryption-method-is-used/">zero access encryption at rest</a>, using PGP. They support <a href="https://datatracker.ietf.org/doc/html/draft-autocrypt-lamps-protected-headers-02/">protected headers</a> and therefore there is <a href="https://ctemplar.com/help/answer/subject-encryption/">subject encryption</a>.</p>
<p>CTemplar supports importing <a href="https://ctemplar.com/help/answer/importing-contacts/">contacts</a> and <a href="https://ctemplar.com/help/answer/contact-encryption/">contacts are encrypted</a> at rest however, they are only accessible in the webmail and apps.</p>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>CTemplar has <a href="https://ctemplar.com/help/answer/how-does-encryption-decryption-work-in-ctemplar/">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys.</p>
<h5>{% include badge.html color="warning" text=".onion Service" %}</h5>
<p>CTemplar's .onion service <a href="http://ctemplarpizuduxk3fkwrieizstx33kg5chlvrh37nz73pv5smsvl6ad.onion /">ctemplarpizuduxk3fkwrieizstx33kg5chlvrh37nz73pv5smsvl6ad.onion</a> is <a href="https://twitter.com/RealCTemplar/status/1458775445202157570">currently disabled</a> for webmail access, due to a Tor Browser <a href="https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/32865">bug</a>.</p>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>CTemplar has a <a href="https://ctemplar.com/help/answer/setting-up-a-dead-mans-timer/">dead man timer</a> feature that will automatically send a specific message that you've set after a given period of time.</p>
<p>CTemplar also has a feature that allows users verify <a href="https://ctemplar.com/ctemplar-checksum-implementation/">checksums</a> of production pages with a public copy on Github.</p>
<p>Electron clients exist for Windows, Mac and Linux. Official clients also exist for iOS and Android (<a href="https://f-droid.org/en/packages/com.ctemplar.app.fdroid">including F-Droid</a>.) All of these clients are <a href="https://github.com/orgs/CTemplar/repositories">open source</a>.</p>
</div>
</div>
</div>

10
_includes/legacy/sections/email-warning.html
View File

@ -1,10 +0,0 @@
<div class="card border-danger">
<div class="card-header text-danger"><i class="fas fa-exclamation-circle fa-fw"></i> Warning</div>
<div class="card-body">
<p class="card-text text-danger">When using end-to-end encryption (E2EE) technology like <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy">OpenPGP</a>, email will still have some metadata that is not encrypted in the header of the email. <a href="/providers/email/#metadata">Read more about email metadata.</a></p>
<p class="card-text text-danger">OpenPGP also does not support <a href="https://en.wikipedia.org/wiki/Forward_secrecy">Forward secrecy</a>, which means if either your or the recipient's private key is ever stolen, <strong>all</strong> previous messages encrypted with it will be exposed. <a href="/providers/email/#email-encryption">How do I protect my private keys?</a></p>
<p class="card-text text-info">Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.</p>
<a href="/real-time-communication/" class="btn btn-outline-info">Recommended Instant Messengers</a>
</div>
</div>

44
_includes/legacy/sections/file-encryption.html
View File

@ -1,44 +0,0 @@
<div class="alert alert-warning" role="alert">
<strong>If you are currently not using encryption software for your hard disk, emails, or file archives, you should pick one here.</strong>
</div>
{%
include legacy/cardv2.html
title="VeraCrypt - Disk Encryption"
image="/assets/img/legacy_svg/3rd-party/veracrypt.svg"
image-dark="/assets/img/legacy_svg/3rd-party/veracrypt-dark.svg"
description="<strong>VeraCrypt</strong> is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed."
website="https://veracrypt.fr/"
git="https://www.veracrypt.fr/code/"
windows="https://www.veracrypt.fr/en/Downloads.html"
linux="https://www.veracrypt.fr/en/Downloads.html"
mac="https://www.veracrypt.fr/en/Downloads.html"
%}
{%
include legacy/cardv2.html
title="GNU Privacy Guard - Email Encryption"
image="/assets/img/legacy_svg/3rd-party/gnupg.svg"
description="<strong>GnuPG</strong> is a GPL-licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government."
website="https://gnupg.org/"
privacy-policy="https://gnupg.org/privacy-policy.html"
git="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git"
windows="https://gpg4win.org/download.html"
linux="https://gnupg.org/download/index.html#binary"
freebsd="https://www.freshports.org/security/gnupg/"
openbsd="http://openports.se/security/gnupg"
netbsd="http://pkgsrc.se/security/gnupg"
mac="https://gpgtools.org/"
fdroid="https://f-droid.org/app/org.sufficientlysecure.keychain"
googleplay="https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain"
%}
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://cryptomator.org/">Cryptomator</a> - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.</li>
<li><a href="https://gitlab.com/cryptsetup/cryptsetup/">Linux Unified Key Setup (LUKS)</a> - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.</li>
<li><a href="https://www.dyne.org/software/tomb/">Tomb</a> - A simple zsh script for making LUKS containers on the commandline.</li>
<li><a href="https://hat.sh/">Hat.sh</a> - A web application that provides secure client-side file encryption in your browser. It can also be selfhosted.</li>
<li><a href="https://www.kryptor.co.uk/">Kryptor</a> - Free and open source file encryption software for Windows, macOS, and Linux.</li>
</ul>

36
_includes/legacy/sections/file-sharing.html
View File

@ -1,36 +0,0 @@
<h2 id="filesharing" class="anchor"><a href="#filesharing"><i class="fas fa-link anchor-icon"></i></a> File Sharing</h2>
{% include legacy/cardv2.html
title="OnionShare"
image="/assets/img/legacy_svg/3rd-party/onionshare.svg"
website="https://onionshare.org/"
tor="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/"
description="OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files."
github="https://github.com/micahflee/onionshare"
windows="https://onionshare.org/#downloads"
mac="https://onionshare.org/#downloads"
linux="https://onionshare.org/#downloads"
freebsd="https://www.freshports.org/www/onionshare/"
openbsd="http://openports.se/net/onionshare"
%}
{% include legacy/cardv2.html
title="Magic Wormhole"
image="/assets/img/legacy_png/3rd-party/magic_wormhole.png"
website="https://magic-wormhole.readthedocs.io"
description="Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: \"Get things from one computer to another, safely.\""
github="https://github.com/warner/magic-wormhole"
windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
freebsd="https://www.freshports.org/net/py-magic-wormhole/"
openbsd="https://pypi.org/project/magic-wormhole/"
netbsd="https://pypi.org/project/magic-wormhole/"
%}
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://github.com/schollz/croc">croc</a> - Easily and securely send arbitrary-sized files from one computer to another. Similar to Magic Wormhole but without dependencies.</li>
<li><a href="https://freedombox.org/">FreedomBox</a> - Designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or XMPP server, to a wiki, or VPN.</li>
</ul>

26
_includes/legacy/sections/file-sync.html
View File

@ -1,26 +0,0 @@
<h2 id="sync" class="anchor">
<a href="#sync"><i class="fas fa-link anchor-icon"></i></a>
File Sync
</h2>
{%
include legacy/cardv2.html
title="Syncthing"
image="/assets/img/legacy_svg/3rd-party/syncthing.svg"
description="<strong>Syncthing</strong> replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third-party, and how it is transmitted over the Internet."
website="https://syncthing.net/"
github="https://github.com/syncthing?type=source"
windows="https://github.com/syncthing/syncthing-gtk/releases/latest"
linux="https://github.com/syncthing/syncthing-gtk/releases/latest"
mac="https://github.com/syncthing/syncthing-macos/releases/latest"
fdroid="https://f-droid.org/packages/com.github.catfriend1.syncthingandroid/"
googleplay="https://play.google.com/store/apps/details?id=com.github.catfriend1.syncthingandroid"
%}
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://git-annex.branchable.com/">git-annex</a> - Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle, whether due to limitations in memory, time, or disk space.
</li>
</ul>

15
_includes/legacy/sections/ios-addons.html
View File

@ -1,15 +0,0 @@
<h2 id="iaddons" class="anchor"><a href="#iaddons"><i class="fas fa-link anchor-icon"></i></a> iOS Privacy Add-ons</h2>
<div class="container-fluid">
<div class="row mb-2">
<div class="col-lg-3 col-sm-12 pt-lg-5">
<img src="/assets/img/legacy_png/3rd-party/adguard.png" height="70" width="70" class="img-fluid d-block me-auto ms-auto align-middle" alt="AdGuard">
</div>
<div class="col">
<h3>Block content in Safari with <a href="https://adguard.com/en/adguard-ios/overview.html">AdGuard for iOS</a></h3>
<p><strong>AdGuard for iOS</strong> is a free (and <a href="https://github.com/AdguardTeam/AdguardForiOS">open-source</a>) content-blocking app that allows you to set filters within Safari. As required by iOS, it uses the native <a href="https://developer.apple.com/documentation/safariservices/creating_a_content_blocker">Content Blocker API</a> for even greater privacy.</p>
</div>
</div>
</div>

88
_includes/legacy/sections/key-disclosure-law.html
View File

@ -1,88 +0,0 @@
<h2 id="kdl" class="anchor"><a href="#kdl"><i class="fas fa-link anchor-icon"></i></a> Key Disclosure Law</h2>
<h3>Who is required to hand over the encryption keys to authorities?</h3>
<p>Mandatory <a href="https://en.wikipedia.org/wiki/Key_disclosure_law">key disclosure laws</a> require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.</p> <p><a href="https://en.wikipedia.org/wiki/Steganography">Steganography</a> involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).</p>
<div class="row mb-2">
{% include legacy/panel.html color="danger"
title="Key disclosure laws apply"
body='
<ol class="card-ol">
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Antigua_and_Barbuda">Antigua and Barbuda</a> <div class="float-end"><span class="flag-icon flag-icon-ag"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Australia">Australia</a> <div class="float-end"><span class="flag-icon flag-icon-au"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#France">France</a> <div class="float-end"><span class="flag-icon flag-icon-fr"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#India">India</a> <div class="float-end"><span class="flag-icon flag-icon-in"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Ireland">Ireland</a> <div class="float-end"><span class="flag-icon flag-icon-ie"></span></div></li>
<li><a href="https://edri.org/norway-introduces-forced-biometric-authentication/">Norway</a> <div class="float-end"><span class="flag-icon flag-icon-no"></span></div></li>
<li><a href="https://www.bloomberg.com/news/articles/2018-03-20/telegram-loses-bid-to-stop-russia-from-getting-encryption-keys">Russia</a> <div class="float-end"><span class="flag-icon flag-icon-ru"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#South_Africa">South Africa</a> <div class="float-end"><span class="flag-icon flag-icon-za"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom">United Kingdom</a> <div class="float-end"><span class="flag-icon flag-icon-gb"></span></div></li>
</ol>
'
%}
{% include legacy/panel.html color="danger"
title="Key disclosure laws may apply"
body='
<ol class="card-ol">
<li><a href="https://tweakers.net/nieuws/163116/belgische-rechter-verdachte-mag-verplicht-worden-code-smartphone-af-te-staan.html">Belgium</a> <div class="float-end"><span class="flag-icon flag-icon-be"></span></div></li>
<li><a href="https://www.riigiteataja.ee/akt/106012016019">Estonia</a> <div class="float-end"><span class="flag-icon flag-icon-ee"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Finland">Finland *</a> <div class="float-end"><span class="flag-icon flag-icon-fi"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#New_Zealand">New Zealand</a> (unclear) <div class="float-end"><span class="flag-icon flag-icon-nz"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#The_Netherlands">The Netherlands *</a> <div class="float-end"><span class="flag-icon flag-icon-nl"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Sweden">Sweden</a> (proposed) <div class="float-end"><span class="flag-icon flag-icon-se"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#United_States">United States</a> (see related info) <div class="float-end"><span class="flag-icon flag-icon-us"></span></div></li>
</ol>
'
%}
{% include legacy/panel.html color="secondary"
title="Key disclosure laws don't apply"
body='
<ol class="card-ol">
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Canada">Canada</a> <div class="float-end"><span class="flag-icon flag-icon-ca"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Czech_Republic">Czech Republic</a> <div class="float-end"><span class="flag-icon flag-icon-cz"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Germany">Germany</a> <div class="float-end"><span class="flag-icon flag-icon-de"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Iceland">Iceland</a> <div class="float-end"><span class="flag-icon flag-icon-is"></span></div></li>
<li><a href="https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/italy">Italy</a> <div class="float-end"><span class="flag-icon flag-icon-it"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Poland">Poland</a> <div class="float-end"><span class="flag-icon flag-icon-pl"></span></div></li>
<li><a href="https://www.wikipedia.org/wiki/Key_disclosure_law#Switzerland">Switzerland</a> <div class="float-end"><span class="flag-icon flag-icon-ch"></span></div></li>
</ol>
'
%}
</div>
<p>* <em>People who know how to access a system may be ordered to share their knowledge. However, this doesn't apply to the suspect itself or family members.</em></p>
<h3>Related Information</h3>
<ul>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law">Wikipedia page on key disclosure law</a></li>
<li><a href="https://law.stackexchange.com/questions/1523/can-a-us-citizen-be-required-to-provide-the-authentication-key-for-encrypted-dat">law.stackexchange.com question about key disclosure law in US</a></li>
<li><a href="https://peertube.mastodon.host/videos/watch/e09915eb-5962-4830-a02f-8da5c2b59e71">DEFCON 20: Crypto and the Cops: the Law of Key Disclosure and Forced Decryption</a></li>
</ul>
<h3 id="usa" class="anchor">Why is it not recommended to choose a US-based service?</h3>
<img src="/assets/img/legacy_svg/layout/great_seal_of_the_united_states_obverse.svg" width="200" height="200" class="img-fluid float-end ms-3" alt="USA">
<p>Services based in the United States are not recommended because of the country's surveillance programs and use of <a href="https://www.eff.org/issues/national-security-letters/faq">National Security Letters</a> (NSLs) with accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to <a href="https://www.schneier.com/blog/archives/2013/08/more_on_the_nsa.html">secretly force</a> companies to grant complete access to customer data and transform the service into a tool of mass surveillance.</p>
<p>An example of this is <a href="https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order">Lavabit</a> a secure email service created by Ladar Levison. The FBI <a href="https://www.vice.com/en_us/article/nzz888/lavabit-founder-ladar-levison-discusses-his-federal-battle-for-privacy">requested</a> Snowden's records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service's SSL keys. Having the SSL keys would allow them to access
communications (both metadata and unencrypted content) in real time for all of Lavabit's customers, not just Snowden's.</p>
<p>Ultimately, Levison turned over the SSL keys and <a href="https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email">shut down</a> the service at the same time. The US government then <a href="https://www.cnbc.com/id/100962389">threatened Levison with arrest</a>, saying that shutting down the service was a violation of the court order.</p>
<h3>Related Information</h3>
<ul>
<li><a href="https://www.bestvpn.com/the-ultimate-privacy-guide/#avoidus">Avoid all US and UK based services</a></li>
<li><a href="https://en.wikipedia.org/wiki/Surespot#History">Proof that warrant canaries work based on the surespot example.</a></li>
<li><a href="https://en.wikipedia.org/wiki/UKUSA_Agreement">The United Kingdom United States of America Agreement (UKUSA)</a></li>
<li><a href="https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order">Lavabit: Suspension and gag order</a></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law">Key disclosure law</a></li>
<li><a href="https://en.wikipedia.org/wiki/Mass_surveillance">Wikipedia: Mass Surveillance</a></li>
</ul>

26
_includes/legacy/sections/metadata-removal-tools.html
View File

@ -1,26 +0,0 @@
{%
include legacy/cardv2.html
title="MAT2"
image="/assets/img/legacy_svg/3rd-party/mat2.svg"
description="<strong>MAT2</strong> is free software, which allows the removal of metadata of image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Nautilus, the default file manager of GNOME."
website="https://0xacab.org/jvoisin/mat2"
gitlab="https://0xacab.org/jvoisin/mat2"
windows="https://pypi.org/project/mat2/"
mac="https://pypi.org/project/mat2/"
linux="https://pypi.org/project/mat2/"
freebsd="https://pypi.org/project/mat2/"
openbsd="https://pypi.org/project/mat2/"
netbsd="https://pypi.org/project/mat2/"
%}
{%
include legacy/cardv2.html
title="ExifCleaner"
image="/assets/img/legacy_svg/3rd-party/exifcleaner.svg"
description='<strong>ExifCleaner</strong> is a freeware, open source graphical app that uses <a href="https://exiftool.org/">ExifTool</a> to remove <a href="https://en.wikipedia.org/wiki/Exif">exif</a> metadata from images, videos, and PDF documents using a simple drag and drop interface. It supports multi-core batch processing and dark mode.'
website="https://exifcleaner.com"
github="https://github.com/szTheory/exifcleaner"
windows="https://github.com/szTheory/exifcleaner/releases"
mac="https://github.com/szTheory/exifcleaner/releases"
linux="https://github.com/szTheory/exifcleaner/releases"
%}

52
_includes/legacy/sections/notebooks.html
View File

@ -1,52 +0,0 @@
<h2 id="notebook" class="anchor"><a href="#notebook"><i class="fas fa-link anchor-icon"></i></a> Digital Notebook</h2>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, you should pick an alternative here.</strong>
</div>
{% include legacy/cardv2.html
title="Joplin"
image="/assets/img/legacy_svg/3rd-party/joplin.svg"
description="Joplin is a free, open-source, and fully-featured note-taking and to-do application which can handle a large number of markdown notes organized into notebooks and tags. It offers end-to-end encryption and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes."
website="https://joplinapp.org/"
privacy-policy="https://joplinapp.org/privacy/"
github="https://github.com/laurent22/joplin"
windows="https://joplinapp.org/#desktop-applications"
mac="https://joplinapp.org/#desktop-applications"
linux="https://joplinapp.org/#desktop-applications"
freebsd="https://www.npmjs.com/package/joplin"
googleplay="https://play.google.com/store/apps/details?id=net.cozic.joplin"
android="https://joplinapp.org/#mobile-applications"
ios="https://apps.apple.com/app/id1315599797"
firefox="https://addons.mozilla.org/en-US/firefox/addon/joplin-web-clipper/"
chrome="https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek"
%}
{% include legacy/cardv2.html
title="Standard Notes"
image="/assets/img/legacy_svg/3rd-party/standard_notes.svg"
description='Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. It features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors. It has also been <a href="https://s3.amazonaws.com/standard-notes/security/Report-SN-Audit.pdf">independently audited (PDF)</a>.'
website="https://standardnotes.org/"
privacy-policy="https://standardnotes.org/privacy"
github="https://github.com/standardnotes"
windows="https://standardnotes.org/#get-started"
mac="https://standardnotes.org/#get-started"
linux="https://standardnotes.org/#get-started"
ios="https://apps.apple.com/app/id1285392450"
googleplay="https://play.google.com/store/apps/details?id=com.standardnotes"
web="https://app.standardnotes.org/"
%}
<h3>Warning</h3>
<ul>
<li>Note: As of Dec 2018, Joplin does not support password/pin protection for the application itself or individual notes/notebooks. Data is still encrypted in transit and at sync location using your master key. See <a href='https://github.com/laurent22/joplin/issues/289'>open issue</a>.</li>
</ul>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://www.etesync.com/">EteSync</a> - Secure, end-to-end encrypted, and privacy respecting sync for your contacts, calendars, tasks and notes.</li>
<li><a href="https://paperwork.cloud/">Paperwork</a> - An open-source and self-hosted solution. For PHP / MySQL servers.</li>
<li><a href="https://orgmode.org">Org-mode</a> - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system. </li>
</ul>

61
_includes/legacy/sections/password-managers.html
View File

@ -1,61 +0,0 @@
<h2 id="pw" class="anchor"><a href="#pw"><i class="fas fa-link anchor-icon"></i></a> Password Manager Software</h2>
{%
include legacy/cardv2.html
title="Bitwarden - Cloud/Self-host"
image="/assets/img/legacy_svg/3rd-party/bitwarden.svg"
description="<strong>Bitwarden</strong> is a free and open-source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
website="https://bitwarden.com/"
privacy-policy="https://bitwarden.com/privacy/"
github="https://github.com/bitwarden"
web="https://vault.bitwarden.com/#/"
windows="https://bitwarden.com/download/"
linux="https://bitwarden.com/download/"
freebsd="https://www.npmjs.com/package/@bitwarden/cli"
openbsd="https://www.npmjs.com/package/@bitwarden/cli"
netbsd="https://www.npmjs.com/package/@bitwarden/cli"
mac="https://apps.apple.com/app/bitwarden/id1352778147"
firefox="https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/"
chrome="https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb"
safari="https://apps.apple.com/app/id1352778147"
opera="https://addons.opera.com/extensions/details/bitwarden-free-password-manager/"
edge="https://microsoftedge.microsoft.com/addons/detail/jbkfoedolllekgbhcbcoahefnbanhhlh"
fdroid="https://mobileapp.bitwarden.com/fdroid/"
googleplay="https://play.google.com/store/apps/details?id=com.x8bit.bitwarden"
ios="https://apps.apple.com/app/id1137397744"
%}
{%
include legacy/cardv2.html
title="KeePassXC - Local"
image="/assets/img/legacy_svg/3rd-party/keepassxc.svg"
description="<strong>KeePassXC</strong> is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager."
website="https://keepassxc.org/"
privacy-policy="https://keepassxc.org/privacy/"
github="https://github.com/keepassxreboot/keepassxc"
windows="https://keepassxc.org/download/#windows"
linux="https://keepassxc.org/download/#linux"
mac="https://keepassxc.org/download/#mac"
freebsd="https://www.freshports.org/security/keepassxc/"
openbsd="http://openports.se/security/keepassxc"
netbsd="http://pkgsrc.se/security/keepassxc"
fdroid="https://f-droid.org/packages/com.kunzisoft.keepass.libre/"
googleplay="https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.free"
firefox="https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser"
chrome="https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk"
%}
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://psono.com/">Psono</a> - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails. All secrets are protected by a master password. Uses <a href="https://nacl.cr.yp.to/">NACL Crypto</a>, a combination of Curve25519, Salsa20 and Poly1305.
</li>
<li>
<a href="https://pwsafe.org/">Password Safe</a> - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire username/password list.
</li>
<li>
<a href="https://www.passwordstore.org/">Pass</a> - Pass is a bare-bones password store that keeps passwords using gpg2 encrypted files inside a simple directory tree residing at <code>~/.password-store</code>. It has a simple terminal interface where the user can perform the usual actions, and it's functionality can be extended by plugins. It can also be used in scripts without having to input the actual password in plain text.
</li>
</ul>

39
_includes/legacy/sections/privacy-resources.html
View File

@ -1,39 +0,0 @@
<h2 id="resources" class="anchor"><a href="#resources"><i class="fas fa-link anchor-icon"></i></a> More Privacy Resources</h2>
<h3>Guides</h3>
<ul>
<li><a href="https://ssd.eff.org/"><strong>Surveillance Self-Defense by EFF</strong></a> - Guide to defending yourself from surveillance by using secure technology and developing careful practices.</li>
<li><a href="https://github.com/cryptoseb/CryptoPaper"><strong>The Crypto Paper</strong></a> - Privacy, Security and Anonymity for Every Internet User.</li>
<li><a href="https://emailselfdefense.fsf.org/en/"><strong>Email Self-Defense by FSF</strong></a> - A guide to fighting surveillance with GnuPG encryption.</li>
<li><a href="https://www.bestvpn.com/the-ultimate-privacy-guide/"><strong>The Ultimate Privacy Guide</strong></a> - Excellent privacy guide written by the creators of the bestVPN.com website.</li>
<li><a href="https://www.ivpn.net/privacy-guides"><strong>IVPN Privacy Guides</strong></a> - These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation.</li>
<li><a href="https://fried.com/privacy"><strong>The Ultimate Guide to Online Privacy</strong></a> - Comprehensive "Ninja Privacy Tips" and 150+ tools.</li>
</ul>
<h3>Information</h3>
<ul>
<li><a href="https://freedom.press/"><strong>Freedom of the Press Foundation</strong></a> - Supporting and defending journalism dedicated to transparency and accountability since 2012.</li>
<li><a href="https://openwireless.org/"><strong>Open Wireless Movement</strong></a> - a coalition of Internet freedom advocates, companies, organizations, and technologists working to develop new wireless technologies and to inspire a movement of Internet openness.</li>
<li><a href="https://privacy.net/us-government-surveillance-spying-data"><strong>privacy.net</strong></a> - What does the US government know about you?</li>
<li><a href="https://www.grc.com/securitynow.htm"><strong>Security Now!</strong></a> - Weekly Internet Security Podcast by Steve Gibson and Leo Laporte.</li>
<li><a href="https://www.jupiterbroadcasting.com/show/techsnap/"><strong>TechSNAP</strong></a> - Weekly Systems, Network, and Administration Podcast. Every week TechSNAP covers the stories that impact those of us in the tech industry.</li>
<li><a href="https://tosdr.org/"><strong>Terms of Service; Didn't Read</strong></a> - "I have read and agree to the Terms" is the biggest lie on the web. We aim to fix that.</li>
</ul>
<h3>Tools</h3>
<ul>
<li><a href="https://ipleak.net/"><strong>ipleak.net</strong></a> - IP/DNS Detect - What is your IP, what is your DNS, what informations you send to websites.</li>
<li><a href="https://www.ghacks.net/2015/12/28/the-ultimate-online-privacy-test-resource-list/"><strong>The ultimate Online Privacy Test Resource List</strong></a> - A collection of Internet sites that check whether your web browser leaks information.</li>
<li><a href="https://prism-break.org/"><strong>PRISM Break</strong></a> - We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.</li>
<li><a href="https://securityinabox.org/"><strong>Security in-a-Box</strong></a> - A guide to digital security for activists and human rights defenders throughout the world.</li>
<li><a href="https://securedrop.org/"><strong>SecureDrop</strong></a> - An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created
by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.</li>
<li><a href="https://secfirst.org/"><strong>Security First</strong></a> - Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.</li>
<li><a href="https://www.osalt.com/"><strong>Osalt</strong></a> - A directory to help you find open source alternatives to proprietary tools.</li>
<li><a href="https://alternativeto.net/"><strong>AlternativeTo</strong></a> - A directory to help find alternatives to other software, with the option to only show open source software</li>
</ul>
<p>Note: Just being open source does not make software secure!</p>

47
_includes/legacy/sections/productivity-tools.html
View File

@ -1,47 +0,0 @@
{% include legacy/cardv2.html
title="PrivateBin"
image="/assets/img/legacy_svg/3rd-party/privatebin.svg"
description="<strong>PrivateBin</strong> is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin. Do note that it uses JavaScript to handle encryption, so you must trust the provider to the extent that they do not inject any malicious JavaScript to get your private key. Consider self-hosting to mitigate this threat."
website="https://privatebin.info/"
github="https://github.com/PrivateBin/PrivateBin"
%}
{%
include legacy/cardv2.html
title="CryptPad"
image="/assets/img/legacy_svg/3rd-party/cryptpad.svg"
description="<strong>CryptPad</strong> is a private-by-design alternative to popular office tools. All content is end-to-end encrypted. Do note that it uses JavaScript to handle encryption, so you must trust the provider to the extent that they do not inject any malicious JavaScript to get your private key. Consider self-hosting to mitigate this threat."
website="https://cryptpad.fr/"
privacy-policy="https://cryptpad.fr/pad/#/2/pad/view/GcNjAWmK6YDB3EO2IipRZ0fUe89j43Ryqeb4fjkjehE/"
github="https://github.com/xwiki-labs/cryptpad"
web="https://cryptpad.fr/"
%}
{%
include legacy/cardv2.html
title="Write.as"
image="/assets/img/legacy_svg/3rd-party/writeas.svg"
image-dark="/assets/img/legacy_svg/3rd-party/writeas-dark.svg"
description="<strong>Write.as</strong> is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
website="https://write.as/"
privacy-policy="https://write.as/privacy"
tor="http://writeasw4b635r4o3vec6mu45s47ohfyro5vayzx2zjwod4pjswyovyd.onion"
git="https://code.as/writeas"
web="https://write.as/pad"
windows="https://github.com/writeas/writeas-cli"
mac="https://github.com/writeas/writeas-cli"
linux="https://write.as/apps"
chrome="https://write.as/apps"
googleplay="https://play.google.com/store/apps/details?id=com.abunchtell.writeas"
ios="https://apps.apple.com/app/id1531530896"
%}
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://crypt.ee/">Cryptee</a> - Free privacy-friendly service for storing Documents, files and Photos</li>
<li><a href="https://dudle.inf.tu-dresden.de/anonymous/">dudle</a> - An online scheduling application, free and open-source. Schedule meetings or make small online polls. No email collection or the need of registration.</li>
<li><a href="https://framadate.org/">Framadate</a> - A free and open-source online service for planning an appointment or making a decision quickly and easily. No registration is required.</li>
<li><a href="https://www.libreoffice.org/">LibreOffice</a> - Free and open-source office suite.</li>
<li><a href="https://vscodium.com/">VSCodium</a> - Scripts to automatically build Microsoft's Visual Studio Code editor without branding or telemetry.</li>
</ul>

53
_includes/legacy/sections/quotes.html
View File

@ -1,53 +0,0 @@
<div class="page-header">
<h2>Privacy? I don't have anything to hide.</h2>
</div>
<blockquote class="blockquote">
<p><a href="https://www.ted.com/talks/glenn_greenwald_why_privacy_matters" title="Glenn Greenwald - Why privacy matters - TED Talk"><img src="/assets/img/legacy_png/layout/glenn_greenwald.png" width="170px" class="img-fluid float-end ms-2" alt="Glenn Greenwald: Why privacy matters"></a>
Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a
pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I
want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." <strong>Not a single person has taken me up on that offer.</strong></p>
<footer class="blockquote-footer">Glenn Greenwald in <cite title="Why privacy matters - TED Talk"><a href="https://www.ted.com/talks/glenn_greenwald_why_privacy_matters">Why privacy matters - TED Talk</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>The primary reason for window curtains in our house, is to stop people from being able to see in. The reason we dont want them to see in is because we consider much of what we do inside our homes to be private. Whether that be having dinner at the table, watching a movie with your kids, or even engaging in intimate or sexual acts with your partner. None of these things are illegal by any means but even knowing this, we still keep the curtains and blinds on our windows. We clearly have this strong desire for privacy when it comes to our personal life and the public.</p>
<footer class="blockquote-footer">Joshua in <cite title="The Crypto Paper"><a href="https://github.com/cryptoseb/CryptoPaper#let-me-explain-further">The Crypto Paper</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>[...] But saying that you don't need or want privacy because you have nothing to hide is to assume that no one should have, or could have, to hide anything -- including their immigration status, unemployment history, financial history, and health records. You're assuming that no one, including yourself, might object to revealing to anyone information about their religious beliefs, political affiliations, and sexual activities, as casually as some choose to reveal their movie and music tastes and reading preferences.</p>
<footer class="blockquote-footer">Edward Snowden in <cite title="Permanent Record"><a href="https://en.wikipedia.org/wiki/Permanent_Record_(autobiography)">Permanent Record</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>Privacy is not a luxury [in America]: it is a right one that we need to defend in the digital realm as much as in the physical realm. We need to stay vigilant to maintain access to that right, though ... especially as technology continues to advance...</p>
<footer class="blockquote-footer">Chelsea Manning in <cite title="The Guardian"><a href="https://www.theguardian.com/commentisfree/2016/feb/22/privacy-is-a-right-not-a-luxury-and-its-increasingly-at-risk-for-lgbt-people">The Guardian</a></cite></footer>
</blockquote>
<h4>Read also:</h4>
<ul>
<li><a href="https://en.wikipedia.org/wiki/Nothing_to_hide_argument">Nothing to hide argument (Wikipedia)</a></li>
<li><a href="https://www.reddit.com/r/privacy/comments/3hynvp/how_do_you_counter_the_i_have_nothing_to_hide/">How do you counter the "I have nothing to hide?" argument? (reddit.com)</a></li>
<li><a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565">'I've Got Nothing to Hide' and Other Misunderstandings of Privacy (Daniel J. Solove - San Diego Law Review)</a></li>
</ul>
<h2 id="quotes" class="anchor"><a href="#quotes"><i class="fas fa-link anchor-icon"></i></a> Quotes</h2>
<blockquote class="blockquote">
<p>Ultimately, saying that you don't care about privacy because you have nothing to hide is no different from saying you don't care about freedom of speech because you have nothing to say. Or that you don't care about freedom of the press because you don't like to read. Or that you don't care about freedom of religion because you don't believe in God. Or that you don't care about the freedom to peacably assemble because you're a lazy, antisocial agoraphobe. </p>
<footer class="blockquote-footer">Edward Snowden in <cite title="Permanent Record"><a href="https://en.wikipedia.org/wiki/Permanent_Record_(autobiography)">Permanent Record</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all
I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is
not something I am willing to support or live under. </p>
<footer class="blockquote-footer">Edward Snowden in <cite title="Edward Snowden, NSA files source: 'If they want to get you, in time they will"><a href="https://www.theguardian.com/world/2013/jun/09/nsa-whistleblower-edward-snowden-why">The Guardian</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we're not being watched can we really test the limits of who we want to be. It's really in the private realm where
dissent, creativity and personal exploration lie.</p>
<footer class="blockquote-footer">Glenn Greenwald in <cite title="Glenn Greenwald On Why Privacy Is Vital, Even If You 'Have Nothing To Hide"><a href="https://www.huffingtonpost.com/2014/06/20/glenn-greenwald-privacy_n_5509704.html">Huffington Post</a></cite></footer>
</blockquote>

55
_includes/legacy/sections/resources.html
View File

@ -1,55 +0,0 @@
<h2 id="os" class="anchor">Privacy Tools</h2>
<p><a href="/classic/"><i class="fas fa-info-circle"></i> Prefer the classic site? View a single-page layout.</a></p>
<div class="row">
{% include legacy/card.html color="success"
title="Providers"
icon="fas fa-server"
iconcolor="dark"
page="/providers/"
description="Discover privacy-centric online services, including email providers, VPN operators, DNS administrators, and more!"
%}
{% include legacy/card.html color="primary"
title="Web Browsers"
icon="far fa-compass"
iconcolor="dark"
page="/browsers/"
description="Find a web browser that respects your privacy, and discover how to harden your browser against tracking and leaks."
%}
{% include legacy/card.html color="warning"
title="Software"
icon="far fa-window-restore"
iconcolor="dark"
page="/software/"
description="Discover a variety of open source software built to protect your privacy and keep your digital data secure."
%}
{% include legacy/card.html color="info"
title="Operating Systems"
icon="fas fa-desktop"
iconcolor="dark"
page="/operating-systems/"
description="Find out how your operating system is compromising your privacy, and what simple alternatives exist."
%}
{% include legacy/card.html color="secondary"
title="Privacy Guides Services"
icon="far fa-eye-slash"
iconcolor="dark"
page="/services/"
description="The Privacy Guides team is proud to launch a variety of privacy-centric online services, including a Mastodon instance, search engine, and more!"
%}
{% include legacy/card.html color="danger"
title="Donate"
icon="fas fa-donate"
iconcolor="dark"
page="/donate/"
description="We can't operate this site without the generous contributions we receive from our viewers. If you love privacy and our website please consider donating."
%}
</div>

53
_includes/legacy/sections/self-contained-networks.html
View File

@ -1,53 +0,0 @@
<h2 id="darknets" class="anchor"><a href="#darknets"><i class="fas fa-link anchor-icon"></i></a> Self-contained Networks</h2>
{% include legacy/cardv2.html
title="Tor"
image="/assets/img/legacy_svg/3rd-party/tor.svg"
description="The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool."
website="https://www.torproject.org/"
tor="http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion"
windows="https://www.torproject.org/download/"
mac="https://www.torproject.org/download/"
linux="https://www.torproject.org/download/"
freebsd="https://www.freshports.org/security/tor"
openbsd="http://openports.se/net/tor"
netbsd="http://pkgsrc.se/net/tor"
fdroid="https://support.torproject.org/tormobile/tormobile-7/"
googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
android="https://www.torproject.org/download/#android"
git="https://gitweb.torproject.org/tor.git"
%}
{% include legacy/cardv2.html
title="I2P Anonymous Network"
image="/assets/img/legacy_svg/3rd-party/i2p.svg"
image-dark="/assets/img/legacy_svg/3rd-party/i2p-dark.svg"
description="The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses."
website="https://geti2p.net/"
i2p="http://i2p-projekt.i2p/"
windows="https://geti2p.net/en/download#windows"
mac="https://geti2p.net/en/download#mac"
linux="https://geti2p.net/en/download#unix"
freebsd="https://www.freshports.org/security/i2p/"
openbsd="http://openports.se/net/i2pd"
netbsd="http://pkgsrc.se/wip/i2pd"
fdroid="https://f-droid.org/app/net.i2p.android.router"
googleplay="https://play.google.com/store/apps/details?id=net.i2p.android"
android="https://download.i2p2.de/android/current/"
source="https://geti2p.net/en/get-involved/guides/new-developers#getting-the-i2p-code"
%}
{% include legacy/cardv2.html
title="The Freenet Project"
image="/assets/img/legacy_svg/3rd-party/freenet.svg"
description="Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection."
website="https://freenetproject.org/"
windows="https://freenetproject.org/pages/download.html#windows"
mac="https://freenetproject.org/pages/download.html#os-x"
linux="https://freenetproject.org/pages/download.html#gnulinux-posix"
freebsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
openbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
netbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
github="https://github.com/freenet/"
%}

Some files were not shown because too many files have changed in this diff Show More