privacyguides/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-07-24 12:21:09 +00:00
Code Issues Activity

Overhaul and revamp IM page (#192)

Browse Source 
Co-Authored-By: Tommy <contact@tommytran.io>
Co-Authored-By: Daniel Gray <dng@disroot.org>
This commit is contained in:
Stephen L
2021-10-14 01:17:49 +02:00
committed by Daniel Gray
parent f5ec6b4ecf
commit bb4dcb3025
28 changed files with 358 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
_includes/badge.html
View File

@@ -1,10 +1,11 @@
{% if include.link %}
<a
href="{{ include.link }}" class="text-decoration-none link-{{ include.color | default: "info" }}"
href="{{ include.link }}" class="text-decoration-none badge rounded-pill bg-{{ include.color | default: "info" }}"
{% if include.tooltip %}
data-bs-toggle="tooltip"
title="{{ include.tooltip }}"><i class="{{ include.icon | default: "fad fa-question-circle"}}"></i> {{ include.text }}
{% else %}><i class="{{ include.icon | default: "fas fa-external-link-alt"}}"></i> <span class="text-decoration-underline">{{ include.text }}</span>{% endif %}
{% else %}><i class="{{ include.icon | default: "fas fa-external-link-alt"}}"></i> {{ include.text }}
{% endif %}
</a>
{% else %}
<span

2
_includes/legacy/card.html
View File

@@ -12,7 +12,7 @@
{% assign labels = include.labels | replace:", ", "," | split:"," %}
<div class="mb-1">
{% for label in labels %}
{% assign label_data = label | split:":" %}
{% assign label_data = label | split:";" %}
{% assign color = label_data[0] %}
{% assign text = label_data[1] %}
{% assign tooltip = label_data[2] | default: "" %}

2
_includes/legacy/sections/email-warning.html
View File

@@ -5,6 +5,6 @@
<p class="card-text text-danger">When using end-to-end encryption (E2EE) technology like <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy">OpenPGP</a>, email will still have some metadata that is not encrypted in the header of the email. <a href="/providers/email/#metadata">Read more about email metadata.</a></p>
<p class="card-text text-danger">OpenPGP also does not support <a href="https://en.wikipedia.org/wiki/Forward_secrecy">Forward secrecy</a>, which means if either your or the recipient's private key is ever stolen, <strong>all</strong> previous messages encrypted with it will be exposed. <a href="/providers/email/#email-encryption">How do I protect my private keys?</a></p>
<p class="card-text text-info">Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.</p>
<a href="/software/real-time-communication/" class="btn btn-outline-info">Recommended Instant Messengers</a>
<a href="/real-time-communication/" class="btn btn-outline-info">Recommended Instant Messengers</a>
</div>
</div>

178
_includes/legacy/sections/instant-messenger.html
View File

@@ -1,178 +0,0 @@
<h2 id="im" class="anchor">
<a href="#im"><i class="fas fa-link anchor-icon"></i></a>
Encrypted Instant Messengers
</h2>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using an Instant Messenger like Telegram, LINE, Viber, <a href="https://www.eff.org/deeplinks/2016/10/where-whatsapp-went-wrong-effs-four-biggest-security-concerns">WhatsApp</a>, or plain SMS, you should pick an alternative here.</strong>
</div>
<p>We only recommend instant messenger programs or apps that support <a href="https://en.wikipedia.org/wiki/End-to-end_encryption">end-to-end encryption (E2EE)</a>. When E2EE is used, all transmissions (messages, voice, video, etc.) are encrypted <strong>before</strong> they are sent from your device. E2EE protects both the authenticity and confidentiality of the transmission as they pass through any part of the network (servers, etc.).</p>
<p>All the client programs/apps we chose are <a href="https://en.wikipedia.org/wiki/Free_and_open-source_software">free and open-source software</a> unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.</p>
<p>We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.</p>
<h3 id="centralized" class="anchor">
<a href="#centralized"><i class="fas fa-link anchor-icon"></i></a>
Centralized
</h3>
<p>Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.</p>
{%
include legacy/cardv2.html
title="Signal"
image="/assets/img/legacy_svg/3rd-party/signal.svg"
description='Signal is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Its protocol has also been <a href="https://eprint.iacr.org/2016/1013.pdf">independently audited (PDF)</a>'
labels="color==warning::text==Requires phone number::tooltip==Signal requires your phone number as an personal identifier which means anyone you communicate with will see it.|text==VoIP"
website="https://signal.org/"
privacy-policy="https://signal.org/legal/"
github="https://github.com/signalapp"
windows="https://signal.org/download/"
mac="https://signal.org/download/"
linux="https://signal.org/download/"
googleplay="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms"
android="https://signal.org/android/apk/#apk-danger"
ios="https://apps.apple.com/app/id874139669"
%}
<div class="container">
<div class="row">
<div class="col-md-6">
<h4>Advantages</h4>
<ul>
<li>New features and changes can be implemented more quickly.</li>
<li>Easier to get started with and to find contacts.</li>
</ul>
</div>
<div class="col-md-6">
<h4>Disadvantages</h4>
<ul>
<li>Centralized services could be more susceptible to <a href="#exploiting-centralized-networks">legislation requiring backdoor access</a>.</li>
<li>Can include <a href="https://drewdevault.com/2018/08/08/Signal.html">restricted control or access</a>. This can include things like:</li>
<ul>
<li>Being <a href="https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217211165">forbidden from connecting third-party clients</a> to the centralized network that might provide for greater customization or better user experience. Often defined in Terms and Conditions of usage.</li>
<li>Poor or no documentation for third-party developers.</li>
</ul>
<li>The <a href="https://web.archive.org/web/20210729191953/https://blog.privacytools.io/delisting-wire/">ownership</a>, privacy policy, and operations of the service can change easily when a single entity controls it, potentially compromising the service later on.</li>
</ul>
</div>
</div>
</div>
<h3 id="federated" class="anchor">
<a href="#federated"><i class="fas fa-link anchor-icon"></i></a>
Federated
</h3>
<p>Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.</p>
{%
include legacy/cardv2.html
title="Element"
image="/assets/img/legacy_svg/3rd-party/element.svg"
description='<a href="https://element.io">Element</a> (formerly <a href="https://element.io/blog/welcome-to-element/">Riot</a>) is the reference client for the <a href="https://matrix.org/docs/guides/introduction">Matrix</a> network. The <a href="https://matrix.org/docs/spec">Matrix open standard</a> is an open-source standard for secure (<a href="https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last">audit</a>), decentralized, real-time communication.'
labels="text==VoIP"
website="https://element.io"
privacy-policy="https://element.io/privacy"
github="https://github.com/vector-im/element-web"
windows="https://element.io/get-started"
mac="https://element.io/get-started"
linux="https://element.io/get-started"
fdroid="https://f-droid.org/packages/im.vector.app/"
googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
ios="https://apps.apple.com/app/id1083446067"
web="https://app.element.io"
%}
<div class="container">
<div class="row">
<div class="col-md-6">
<h4>Advantages</h4>
<ul>
<li>Allows for greater control over your own data when running your own server.</li>
<li>Allows you to choose who to trust your data with by choosing between multiple "public" servers.</li>
<li>Often allows for third party clients which can provide a more native, customized, or accessible experience.</li>
<li>Generally a less juicy target for governments wanting <a href="#exploiting-centralized-networks">backdoor access to everything</a> as the trust is decentralized. The server may be hosted independently from the organization developing the software.</li>
<li>Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)</li>
<li>Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.</li>
</ul>
</div>
<div class="col-md-6">
<h4>Disadvantages</h4>
<ul>
<li>Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.</li>
<li>Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).</li>
<li>Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.</li>
<li>Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.</li>
</ul>
</div>
</div>
</div>
<h4>Worth Mentioning</h4>
<ul>
<li><a href="https://status.im">Status.im</a> - Encrypted instant messenger with an integrated <a href="https://en.wikipedia.org/wiki/Ethereum">Ethereum</a> wallet (cryptocurrency) that also includes support for <a href="https://our.status.im/tag/dapps">DApps (decentralized apps)</a> (web apps in a curated store). Uses the <a href="https://our.status.im/status-launches-private-peer-to-peer-messaging-protocol/">Waku protocol (a fork of Whisper)</a> for P2P communication. Only available for iOS and Android.</li>
</ul>
<h3 id="peer-to-peer" class="anchor">
<a href="#peer-to-peer"><i class="fas fa-link anchor-icon"></i></a>
Peer to Peer (P2P)
</h3>
<p>Peer-to-Peer instant messengers connect directly to each other without requiring third-party servers. Clients (peers) usually find each other through the use of a <a href="https://en.wikipedia.org/wiki/Distributed_computing">distributed computing</a> network. Examples of this include <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">DHT (distributed hash table)</a> (used with technologies like <a href="https://en.wikipedia.org/wiki/BitTorrent_(protocol)">torrents</a> and <a href="https://en.wikipedia.org/wiki/InterPlanetary_File_System">IPFS</a>, for example). Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the <a href="https://www.scuttlebutt.nz">Scuttlebutt</a> social networking protocol). Once a peer has found a route to its contact via any of these methods, a direct connection between them is made.</p>
{%
include legacy/cardv2.html
title="Briar"
image="/assets/img/legacy_svg/3rd-party/briar.svg"
description="Encrypted instant messenger that connects to contacts via Wi-Fi, Bluetooth, or Tor over the internet to synchronize messages. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis."
website="https://briarproject.org"
privacy-policy="https://briarproject.org/privacy-policy/"
gitlab="https://code.briarproject.org/briar/briar"
fdroid="https://f-droid.org/packages/org.briarproject.briar.android/"
googleplay="https://play.google.com/store/apps/details?id=org.briarproject.briar.android"
%}
{%
include legacy/cardv2.html
title="Jami"
image="/assets/img/legacy_svg/3rd-party/jami.svg"
description='Encrypted instant messaging and video calling software. All communications are E2EE using <a href="https://jami.net/improving-performance-and-security-with-tls-1-3/">TLS 1.3</a> and never stored outside the client, even when <a href="https://jami.net/why-is-jami-truly-distributed/">TURN servers are used</a>.'
labels="color==warning::link==https://git.jami.net/savoirfairelinux/ring-project/issues/765::text==Warning::tooltip==This software is partially centralized but can be self-hosted.|text==VoIP"
website="https://jami.net/"
privacy-policy="https://jami.net/privacy-policy/"
gitlab="https://git.jami.net/savoirfairelinux"
windows="https://jami.net/download-jami-windows"
mac="https://jami.net/download-jami-macos"
linux="https://jami.net/download-jami-linux"
fdroid="https://f-droid.org/packages/cx.ring/"
googleplay="https://play.google.com/store/apps/details?id=cx.ring"
ios="https://apps.apple.com/app/id1306951055"
%}
<div class="container">
<div class="row">
<div class="col-md-6">
<h4>Advantages</h4>
<ul>
<li>Minimal information is exposed to third parties.</li>
<li>Modern P2P platforms implement end-to-end encryption by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.</li>
</ul>
</div>
<div class="col-md-6">
<h4>Disadvantages</h4>
<ul>
<li>Reduced feature set:</li>
<ul>
<li>Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.</li>
<li>Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.</li>
</ul>
<li>Your <a href="https://en.wikipedia.org/wiki/IP_address">IP address</a> and that of the contacts you're communicating with may be visible if you do not use the software in conjunction with a <a href="/software/networks">self contained network</a>, such as <a href="https://www.torproject.org">Tor</a> or <a href="https://geti2p.net/">I2P</a>. Many countries have some form of mass surveillance and/or metadata retention.</li>
</ul>
</div>
</div>
</div>

42
_includes/legacy/sections/teamchat.html
View File

@@ -1,42 +0,0 @@
<h2 id="teamchat" class="anchor">
<a href="#teamchat"><i class="fas fa-link anchor-icon"></i></a>
Team Chat Platforms
</h2>
<div class="alert alert-warning" role="alert">
<strong>If your project or organization currently uses a platform like <a href="https://tosdr.org/#discord">Discord</a> or <a href="https://drewdevault.com/2015/11/01/Please-stop-using-slack.html">Slack</a> you should pick an alternative here.</strong>
</div>
{%
include legacy/cardv2.html
title="Element"
image="/assets/img/legacy_svg/3rd-party/element.svg"
description='<a href="https://element.io">Element</a> (formerly <a href="https://element.io/blog/welcome-to-element/">Riot</a>) is the reference client for the <a href="https://matrix.org/docs/guides/introduction">Matrix</a> network. The <a href="https://matrix.org/docs/spec">Matrix open standard</a> is an open-source standard for secure, decentralized, real-time communication.'
labels="text==VoIP"
website="https://element.io"
privacy-policy="https://element.io/privacy"
github="https://github.com/vector-im/element-web"
windows="https://element.io/get-started"
mac="https://element.io/get-started"
linux="https://element.io/get-started"
fdroid="https://f-droid.org/packages/im.vector.app/"
googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
ios="https://apps.apple.com/app/id1083446067"
web="https://app.element.io"
%}
{%
include legacy/cardv2.html
title="Rocket.chat"
image="/assets/img/legacy_svg/3rd-party/rocketchat.svg"
description="Rocket.chat is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE."
labels="color==warning::link==https://rocket.chat/docs/user-guides/end-to-end-encryption/::text==Experimental E2EE::tooltip==Regarding E2EE their documentation states 'This feature is currently in alpha. It's also not yet supported on mobile'. There is no forward secrecy so compromised decryption password would leak all messages. Federation was also added afterwards, potentially causing room for mistakes.|text==VoIP"
website="https://rocket.chat/"
privacy-policy="https://rocket.chat/privacy"
github="https://github.com/rocketchat/"
windows="https://rocket.chat/install"
mac="https://apps.apple.com/app/id1086818840"
linux="https://rocket.chat/install"
googleplay="https://play.google.com/store/apps/details?id=chat.rocket.android"
ios="https://apps.apple.com/app/id1148741252"
%}

59
_includes/legacy/sections/voice-video-messenger.html
View File

@@ -1,59 +0,0 @@
<h2 id="voip" class="anchor"><a href="#voip"><i class="fas fa-link anchor-icon"></i></a> Video/Voice Calling</h2>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a Video/Voice Calling app like Google Hangouts, Skype, Viber or <a href="https://medium.com/privacyguides/protecting-your-privacy-with-a-virtual-machine-while-using-zoom-efab2b65c8c6">Zoom</a>, you should pick an alternative here.</strong> Please note that many of the above instant messengers also support {% include badge.html color="info" text="VoIP" %}. The software listed below are <em>primarily</em> Voice/Video focused.
</div>
{% include legacy/cardv2.html
title="Linphone"
image="/assets/img/legacy_svg/3rd-party/linphone.svg"
website="https://www.linphone.org/"
privacy-policy="https://www.linphone.org/privacy-policy"
description="Linphone is an open-source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication."
github="https://github.com/BelledonneCommunications"
windows="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
linux="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
mac="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
fdroid="https://f-droid.org/packages/org.linphone"
googleplay="https://play.google.com/store/apps/details?id=org.linphone"
ios="https://apps.apple.com/app/id360065638"
%}
{% include legacy/cardv2.html
title="Jitsi Meet"
image="/assets/img/legacy_svg/3rd-party/jitsi.svg"
website="https://jitsi.org/jitsi-meet/"
privacy-policy="https://jitsi.org/security/"
description='Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application with optional E2EE. It can be used from the browser, in <a href="https://github.com/jitsi/jitsi-meet-electron/releases">desktop applications</a> or on smartphones. Additional features include screen sharing for presentations and an always-on-top floating call window when minimized. See the <a href="https://github.com/jitsi/jitsi-meet/wiki/Jitsi-Meet-Instances">list of public Jitsi Meet instances</a>.'
labels="color==warning::text==Requires WebRTC::tooltip==Our Firefox tweaks recommend disabling WebRTC as it can be used to leak your IP address even behind a VPN, which is why Tor Browser disables it.|color==warning::link==https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/e2ee.md::text==Experimental E2EE::tooltip==E2EE in Jitsi Meet is dependent on Insertable Streams, which is currently supported in Chrome but not Firefox. The mobile apps also do not support E2EE for the moment. Prefer to use the desktop apps instead."
github="https://github.com/jitsi/jitsi-meet"
windows="https://github.com/jitsi/jitsi-meet-electron/releases"
linux="https://github.com/jitsi/jitsi-meet-electron/releases"
mac="https://github.com/jitsi/jitsi-meet-electron/releases"
fdroid="https://f-droid.org/en/packages/org.jitsi.meet/"
googleplay="https://play.google.com/store/apps/details?id=org.jitsi.meet"
ios="https://apps.apple.com/app/id1165103905"
%}
{% include legacy/cardv2.html
title="Mumble"
image="/assets/img/legacy_svg/3rd-party/mumble.svg"
website="https://mumble.info/"
description="Mumble is an open-source, low-latency, and high quality voice chat application primarily intended for use while gaming. Note that while Mumble doesn't log messages or record by default, <a href=\"https://github.com/mumble-voip/mumble/issues/1813\">it's missing end-to-end encryption</a>, so self-hosting is recommended."
github="https://github.com/mumble-voip/"
windows="https://www.mumble.info/downloads"
linux="https://www.mumble.info/downloads"
mac="https://www.mumble.info/downloads"
android="https://www.mumble.info/downloads/#third-party-clients"
ios="https://apps.apple.com/app/id443472808"
%}
<h3>Related Information</h3>
<ul>
<li>More information about Mumble:</li>
<ul>
<li><a href="https://wiki.mumble.info/wiki/Running_Murmur">Running Mumble Server</a> and <a href="https://wiki.mumble.info/wiki/Murmur.ini">its config file</a>, particularly <a href="https://wiki.mumble.info/wiki/Murmur.ini#obfuscate">obfuscating IPv4 addresses</a> and <a href="https://wiki.mumble.info/wiki/Murmur.ini#Process_Administrivia">logging</a></li>
<li><a href="https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Mumble">Torifying Mumble</a>
</ul>
</ul>

34
_includes/recommendation-card.html
View File

@@ -8,6 +8,40 @@
<h2>{{ item.title }}</h2>
{% if item.info %} <p class="badge rounded-pill bg-info"><i class="fad fa-info-circle"></i> {{ item.info }}</p>{% endif %}
{% if item.warning %} <p class="badge rounded-pill bg-warning"><i class="fad fa-exclamation-triangle"></i> {{ item.warning }}</p>{% endif %}
{% if item.labels %}
<p>
{% assign labels = item.labels | split:"|" %}
{% for label in labels %}
{% assign label_data = label | split:"::" %}
{% for label_attr in label_data %}
{% assign attr = label_attr | split:"==" %}
{% if attr[0] == "color" %}
{% assign color = attr[1] %}
{% elsif attr[0] == "link" %}
{% assign link = attr[1] %}
{% elsif attr[0] == "text" %}
{% assign text = attr[1] %}
{% elsif attr[0] == "icon" %}
{% assign icon = attr[1] %}
{% elsif attr[0] == "tooltip" %}
{% assign tooltip = attr[1] %}
{% endif %}
{% endfor %}
{% include badge.html
link=link
color=color
text=text
icon=icon
tooltip=tooltip
%}
{% assign color = nil %}
{% assign link = nil %}
{% assign text = nil %}
{% assign icon = nil %}
{% assign tooltip = nil %}
{% endfor %}
</p>
{% endif %}
{{ item.description | markdownify }}
{% if item.downloads %}<p>{% for platform in item.downloads %}
<a href="{{ platform.url }}"><i class="{{ platform.icon }} fa-fw h2"></i></a>