update!: Add AI provider recommendations

Co-Authored-By: redoomed1 <161974310+redoomed1@users.noreply.github.com>
Co-Authored-By: fria <138676274+friadev@users.noreply.github.com>
Co-Authored-By: xe3 <137224605+xe-3@users.noreply.github.com>
Co-Authored-By: rollsicecream <rollsicecream@proton.me>

.all-contributorsrc

@@ -621,7 +621,12 @@
       "avatar_url": "https://avatars.githubusercontent.com/u/30749146?v=4",
       "profile": "https://github.com/razac-elda",
       "contributions": [
-        "doc"
+        "doc",
+        "bug",
+        "financial",
+        "promotion",
+        "question",
+        "translation"
       ]
     },
     {
@@ -2854,6 +2859,15 @@
       "contributions": [
         "doc"
       ]
+    },
+    {
+      "login": "IDON-TEXIST",
+      "name": "IDON-TEXIST",
+      "avatar_url": "https://avatars.githubusercontent.com/u/73442356?v=4",
+      "profile": "https://github.com/IDON-TEXIST",
+      "contributions": [
+        "doc"
+      ]
     }
   ],
   "contributorsPerLine": 5,

.github/CODEOWNERS

@@ -1,15 +1,51 @@
 # High-traffic pages
+/blog/index.md @jonaharagon @freddy-m
 /docs/index.md @jonaharagon @dngray
-/theme/overrides/ @jonaharagon
+/theme/home.html @jonaharagon @dngray
+/theme/main.html @jonaharagon
+/theme/blog-post.html @jonaharagon
+/theme/partials/ @jonaharagon
+/theme/layouts/ @jonaharagon
+
+# Blog authors
+/blog/.authors.yml @jonaharagon @dngray @freddy-m
+/blog/author/dngray.md @dngray
+/blog/author/freddy.md @freddy-m
+/blog/author/jonah.md @jonaharagon
+/blog/author/niek-de-wilde.md @blacklight447
+
+# Blog posts
+/blog/posts/firefox-privacy-2021-update.md @dngray
+/blog/posts/firefox-privacy.md @jonaharagon
+/blog/posts/hide-nothing.md @freddy-m
+/blog/posts/macos-ventura-privacy-security-updates.md @jonaharagon
+/blog/posts/move-fast-and-break-things.md @freddy-m
+/blog/posts/mozilla-disappoints-us-yet-again-2.md @jonaharagon
+/blog/posts/privacy-guides-partners-with-magic-grants-501-c-3.md @jonaharagon
+/blog/posts/proton-wallet-review.md @jonaharagon
+/blog/posts/restrict-act.md @jonaharagon
+/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md @jonaharagon
+/blog/posts/virtual-insanity.md @freddy-m
+/blog/posts/welcome-to-privacy-guides.md @jonaharagon
 
 # Org
 /docs/about/ @jonaharagon
 CODE_OF_CONDUCT.md @jonaharagon
-CITATION.cff
-LICENSE @jonaharagon
+CITATION.cff @jonaharagon
+LICENSE @jonaharagon @dngray
+LICENSE-CODE @jonaharagon
 README.md @jonaharagon @dngray
 
+# Config
+/mkdocs.yml @jonaharagon
+/mkdocs.blog.yml @jonaharagon
+/crowdin.yml @jonaharagon
+/includes/ @jonaharagon
+
 # Ops
+Dockerfile @jonaharagon
 /Pipfile @jonaharagon
 /Pipfile.lock @jonaharagon
 /.github/ @jonaharagon
+/run.sh @jonaharagon
+/modules/ @jonaharagon

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,29 +1,14 @@
-Changes proposed in this PR:
+List of changes proposed in this PR:
 
 -
 
-<!-- SCROLL TO BOTTOM TO AGREE!:
+<!--
 Please use a descriptive title for your PR, it will be included in our changelog!
 
-If you are making changes that you have a conflict of interest with, please
+If you are making changes that you have a conflict of interest with, you MUST
 disclose this as well (this does not disqualify your PR by any means):
 
 Conflict of interest contributions involve contributing about yourself,
 family, friends, clients, employers, or your financial and other relationships.
-Any external relationship can trigger a conflict of interest.
+ANY external relationship can trigger a conflict of interest.
 -->
-
-<summary>
-
-<!-- To agree, place an x in the box below, like: [x] -->
-- [ ] I agree to the terms listed below:
-  <details><summary>Contribution terms (click to expand)</summary>
-  1) I am the sole author of this work.
-  2) I agree to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute my contribution as part of this project.
-  3) I have disclosed any relevant conflicts of interest in my post.
-  4) I agree to the Community Code of Conduct.
-  </details>
-
-<!-- What's this? When you submit a PR, you keep the Copyright for the work you
-are contributing. We need you to agree to the above terms in order for us to
-publish this contribution to our website. -->

.github/dependabot.yml

@@ -1,77 +0,0 @@
-# Copyright (c) 2021-2023 Jonah Aragon <jonah@triplebit.net>
-
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to
-# deal in the Software without restriction, including without limitation the
-# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-# sell copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
-# IN THE SOFTWARE.
-
-version: 2
-
-registries:
-  github-privacyguides:
-    type: git
-    url: https://github.com
-    username: x-access-token
-    password: ${{secrets.REPO_PAT}}
-
-updates:
-  # Maintain dependencies for GitHub Actions
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "monthly"
-    assignees:
-      - "jonaharagon"
-    reviewers:
-      - "jonaharagon"
-    labels:
-      - "fix:github_actions"
-
-  # Maintain submodules
-  - package-ecosystem: "gitsubmodule"
-    directory: "/"
-    registries:
-      - github-privacyguides
-    schedule:
-      interval: "monthly"
-    labels:
-      - "fix:submodules"
-
-  - package-ecosystem: "devcontainers"
-    directory: "/"
-    schedule:
-      interval: weekly
-
-  - package-ecosystem: "docker"
-    directory: "/"
-    schedule:
-      interval: weekly
-# Disabled because some updates tend to remove needed dependencies for some reason
-
-#  # Maintain dependencies for pipenv
-#  - package-ecosystem: "pip"
-#    directory: "/"
-#    insecure-external-code-execution: allow
-#    registries:
-#      - github-privacyguides
-#    schedule:
-#      interval: "daily"
-#    assignees:
-#      - "jonaharagon"
-#    reviewers:
-#      - "jonaharagon"
-#    labels:
-#      - "fix:python"

.github/workflows/build-container.yml

@@ -79,7 +79,7 @@ jobs:
       # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
       # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
       - name: Build and push Docker image
-        uses: docker/build-push-action@v6.5.0
+        uses: docker/build-push-action@v6.9.0
         with:
           context: .
           push: true

.github/workflows/build.yml

@@ -27,6 +27,9 @@ on:
       strict:
         type: boolean
         default: false
+      cache:
+        type: boolean
+        default: true
 
 permissions:
   contents: read
@@ -57,6 +60,12 @@ jobs:
           echo "BUILD_INSIDERS=true" >> "$GITHUB_ENV"
           echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --insiders"" >> "$GITHUB_ENV"
 
+      - name: Set Metadata for International Builds
+        if: inputs.lang != 'en'
+        run: |
+          echo "GITREVISIONDATE=false" >> "$GITHUB_ENV"
+          echo "GITAUTHORS=false" >> "$GITHUB_ENV"
+
       - name: Set Metadata for Offline Mode
         if: inputs.config == 'offline'
         run: |
@@ -113,6 +122,7 @@ jobs:
       - name: Restore Privacy Plugin Cache
         uses: actions/cache/restore@v4.0.2
         id: privacy_cache_restore
+        if: inputs.cache
         with:
           key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
           path: |
@@ -125,6 +135,7 @@ jobs:
       - name: Restore Social Plugin Cache
         uses: actions/cache/restore@v4.0.2
         id: social_cache_restore
+        if: inputs.cache
         with:
           key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
           path: |
@@ -137,6 +148,7 @@ jobs:
       - name: Restore Optimize Plugin Cache
         uses: actions/cache/restore@v4.0.2
         id: optimize_cache_restore
+        if: inputs.cache
         with:
           key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
           path: |
@@ -170,7 +182,7 @@ jobs:
 
       - name: Find Privacy Plugin Cache
         uses: actions/cache/restore@v4.0.2
-        if: steps.privacy_cache_restore.outputs.cache-hit != 'true'
+        if: steps.privacy_cache_restore.outputs.cache-hit != 'true' && inputs.cache
         id: privacy_cache_test
         with:
           key: privacy-cache-privacyguides/privacyguides.org-${{ hashfiles('.cache/plugin/privacy/**') }}
@@ -180,7 +192,7 @@ jobs:
 
       - name: Find Social Plugin Cache
         uses: actions/cache/restore@v4.0.2
-        if: steps.social_cache_restore.outputs.cache-hit != 'true'
+        if: steps.social_cache_restore.outputs.cache-hit != 'true' && inputs.cache
         id: social_cache_test
         with:
           key: social-cache-privacyguides/privacyguides.org-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
@@ -191,7 +203,7 @@ jobs:
 
       - name: Find Optimize Plugin Cache
         uses: actions/cache/restore@v4.0.2
-        if: steps.optimize_cache_restore.outputs.cache-hit != 'true'
+        if: steps.optimize_cache_restore.outputs.cache-hit != 'true' && inputs.cache
         id: optimize_cache_test
         with:
           key: optimize-cache-privacyguides/privacyguides.org-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
@@ -201,14 +213,14 @@ jobs:
 
       - name: Save Privacy Plugin Cache
         uses: actions/cache/save@v4.0.2
-        if: steps.privacy_cache_test.outputs.cache-hit != 'true'
+        if: steps.privacy_cache_test.outputs.cache-hit != 'true' && inputs.cache
         with:
           key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
           path: .cache/plugin/privacy
 
       - name: Save Social Plugin Cache
         uses: actions/cache/save@v4.0.2
-        if: steps.social_cache_test.outputs.cache-hit != 'true'
+        if: steps.social_cache_test.outputs.cache-hit != 'true' && inputs.cache
         with:
           key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
           path: |
@@ -217,7 +229,7 @@ jobs:
 
       - name: Save Optimize Plugin Cache
         uses: actions/cache/save@v4.0.2
-        if: steps.optimize_cache_test.outputs.cache-hit != 'true'
+        if: steps.optimize_cache_test.outputs.cache-hit != 'true' && inputs.cache
         with:
           key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
           path: .cache/plugin/optimize

.github/workflows/publish-mirror.yml

@@ -51,14 +51,3 @@ jobs:
         with:
           source-repo: "git@github.com:privacyguides/privacyguides.org.git"
           destination-repo: "git@codeberg.org:privacyguides/privacyguides.org.git"
-
-  sourcehut:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Mirror to SourceHut
-        uses: wearerequired/git-mirror-action@v1
-        env:
-          SSH_PRIVATE_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
-        with:
-          source-repo: "git@github.com:privacyguides/privacyguides.org.git"
-          destination-repo: "git@git.sr.ht:~jonaharagon/privacyguides.org"

.github/workflows/publish-pr.yml

@@ -87,7 +87,7 @@ jobs:
           echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT"
           echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT"
 
-  deploy:
+  deploy_netlify:
     needs: metadata
     permissions:
       contents: read
@@ -99,13 +99,27 @@ jobs:
     secrets:
       NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
 
+  deploy_garage:
+    needs: metadata
+    permissions:
+      contents: read
+
+    uses: privacyguides/webserver/.github/workflows/deploy-garage-preview.yml@main
+    with:
+      alias: ${{ needs.metadata.outputs.pr_number }}
+      bucket: ${{ vars.PREVIEW_GARAGE_BUCKET }}
+      hostname: ${{ vars.PREVIEW_GARAGE_HOSTNAME }}
+    secrets:
+      PREVIEW_GARAGE_KEY_ID: ${{ secrets.PREVIEW_GARAGE_KEY_ID }}
+      PREVIEW_GARAGE_SECRET_KEY: ${{ secrets.PREVIEW_GARAGE_SECRET_KEY }}
+
   comment:
     permissions:
       pull-requests: write
-    needs: [deploy, metadata]
+    needs: [deploy_garage, metadata]
     runs-on: ubuntu-latest
     env:
-      address: ${{ needs.deploy.outputs.address }}
+      address: ${{ needs.deploy_garage.outputs.address }}
     steps:
       - uses: thollander/actions-comment-pull-request@v2.5.0
         with:

.github/workflows/publish-release.yml

@@ -62,6 +62,17 @@ jobs:
       lang: ${{ matrix.lang }}
       context: production
       continue-on-error: false
+      cache: false
+
+  build_blog:
+    needs: submodule
+    permissions:
+      contents: read
+    uses: ./.github/workflows/build-blog.yml
+    with:
+      repo: ${{ github.repository }}
+      ref: ${{ github.ref }}
+      continue-on-error: false
 
   release:
     name: Create release notes
@@ -84,12 +95,14 @@ jobs:
           makeLatest: true
 
   deploy:
-    needs: build
+    needs: [build, build_blog]
     uses: privacyguides/webserver/.github/workflows/deploy-all.yml@main
     secrets:
       NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
       PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
       PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
+      PROD_GARAGE_KEY_ID: ${{ secrets.PROD_GARAGE_KEY_ID }}
+      PROD_GARAGE_SECRET_KEY: ${{ secrets.PROD_GARAGE_SECRET_KEY }}
       CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
       CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
       CLUSTER_USERNAME: ${{ secrets.CLUSTER_USERNAME }}
@@ -99,5 +112,5 @@ jobs:
 
   cleanup:
     if: ${{ always() }}
-    needs: build
+    needs: [build, build_blog]
     uses: privacyguides/.github/.github/workflows/cleanup.yml@main

.github/workflows/test-lint.yml

@@ -103,7 +103,7 @@ jobs:
       - id: ml
         # You can override MegaLinter flavor used to have faster performances
         # More info at https://megalinter.io/flavors/
-        uses: oxsecurity/megalinter/flavors/documentation@v7.13.0
+        uses: oxsecurity/megalinter/flavors/documentation@v8.0.0
         env:
           # All available variables are described in documentation
           # https://megalinter.io/configuration/

.github/workflows/upload-crowdin.yml

@@ -41,7 +41,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: crowdin action
-        uses: crowdin/github-action@v2.1.1
+        uses: crowdin/github-action@v2.2.0
         with:
           upload_sources: true
           upload_sources_args: "--auto-update --delete-obsolete"

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.12-alpine as base
+FROM python:3.13-alpine as base
 
 LABEL org.opencontainers.image.source="https://github.com/privacyguides/privacyguides.org"
 

Pipfile

@@ -30,6 +30,7 @@ mkdocs-git-authors-plugin = "~=0.8"
 mkdocs-macros-plugin = "~=1.0"
 jieba = "~=0.42"
 mkdocs-rss-plugin = "*"
+mkdocs-glightbox = "*"
 
 [dev-packages]
 scour = "~=0.38"

README.md

@@ -30,8 +30,8 @@
     <img src="https://img.shields.io/github/commits-since/privacyguides/privacyguides.org/latest"></a>
   <a href="https://crowdin.com/project/privacyguides">
     <img src="https://badges.crowdin.net/privacyguides/localized.svg"></a>
-  <a href="https://opencollective.com/privacyguides">
-    <img src="https://img.shields.io/opencollective/all/privacyguides"></a>
+  <a href="https://github.com/sponsors/privacyguides#sponsors">
+    <img src="https://img.shields.io/github/sponsors/privacyguides"></a>
   <a href="https://squidfunk.github.io/mkdocs-material/">
     <img src="https://img.shields.io/badge/Material_for_MkDocs-526CFE?logo=MaterialForMkDocs&logoColor=white"></a>
   <a href="https://github.com/privacyguides/privacyguides.org/actions/workflows/publish-release.yml">
@@ -44,7 +44,7 @@
 
 The current list of team members can be found [here](https://www.privacyguides.org/en/about/#executive-committee). Additionally, [many people](#contributors) have made contributions to the project, and you can too!
 
-*Featured on: [Tweakers](https://tweakers.net/reviews/10568/op-zoek-naar-privacyvriendelijke-tools-niek-de-wilde-van-privacy-guides.html), [The New York Times](https://nytimes.com/wirecutter/guides/online-security-social-media-privacy), and [Wired](https://wired.com/story/firefox-mozilla-2022)*
+*Featured on: [Tweakers](https://tweakers.net/reviews/10568/op-zoek-naar-privacyvriendelijke-tools-niek-de-wilde-van-privacy-guides.html), [The New York Times](https://nytimes.com/wirecutter/guides/online-security-social-media-privacy), [Wired](https://wired.com/story/firefox-mozilla-2022), and [Fast Company](https://www.fastcompany.com/91167564/mozilla-wants-you-to-love-firefox-again).*
 
 ## Contributing
 
@@ -246,7 +246,7 @@ Privacy Guides wouldn't be possible without these wonderful people ([emoji key](
     <tr>
       <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/Kcchouette"><img src="https://avatars.githubusercontent.com/u/3000936?v=4" width="100px;" loading=lazy /><br /><sub><b>Kcchouette</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=Kcchouette" title="Documentation">📖</a></td>
       <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://jacobneplokh.com/"><img src="https://avatars.githubusercontent.com/u/46184597?v=4" width="100px;" loading=lazy /><br /><sub><b>Jacob Neplokh</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=jneplokh" title="Documentation">📖</a></td>
-      <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/razac-elda"><img src="https://avatars.githubusercontent.com/u/30749146?v=4" width="100px;" loading=lazy /><br /><sub><b>Leonardo Mazzon</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=razac-elda" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/razac-elda"><img src="https://avatars.githubusercontent.com/u/30749146?v=4" width="100px;" loading=lazy /><br /><sub><b>Leonardo Mazzon</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=razac-elda" title="Documentation">📖</a> <a href="https://github.com/privacyguides/privacyguides.org/issues?q=author%3Arazac-elda" title="Bug reports">🐛</a> <a href="#financial-razac-elda" title="Financial">💵</a> <a href="#promotion-razac-elda" title="Promotion">📣</a> <a href="#question-razac-elda" title="Answering Questions">💬</a> <a href="#translation-razac-elda" title="Translation">🌍</a></td>
       <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/opheron"><img src="https://avatars.githubusercontent.com/u/7110152?v=4" width="100px;" loading=lazy /><br /><sub><b>Andrew Chong</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=opheron" title="Documentation">📖</a></td>
       <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/woctezuma"><img src="https://avatars.githubusercontent.com/u/570669?v=4" width="100px;" loading=lazy /><br /><sub><b>Wok</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=woctezuma" title="Documentation">📖</a></td>
     </tr>
@@ -593,6 +593,9 @@ Privacy Guides wouldn't be possible without these wonderful people ([emoji key](
       <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/m00t316"><img src="https://avatars.githubusercontent.com/u/54213179?v=4" width="100px;" loading=lazy /><br /><sub><b>Kieran Colfer</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=m00t316" title="Documentation">📖</a></td>
       <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/I-I-IT"><img src="https://avatars.githubusercontent.com/u/78900789?v=4" width="100px;" loading=lazy /><br /><sub><b>Triple T</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=I-I-IT" title="Documentation">📖</a></td>
     </tr>
+    <tr>
+      <td align="center" valign="top" width="20%"><a rel="nofollow noopener noreferrer" href="https://github.com/IDON-TEXIST"><img src="https://avatars.githubusercontent.com/u/73442356?v=4" width="100px;" loading=lazy /><br /><sub><b>IDON-TEXIST</b></sub></a><br /><a href="https://github.com/privacyguides/privacyguides.org/commits?author=IDON-TEXIST" title="Documentation">📖</a></td>
+    </tr>
   </tbody>
   <tfoot>
     <tr>

blog/.authors.yml

@@ -12,23 +12,25 @@ authors:
     name: Niek de Wilde
     description: Team Member
     avatar: https://github.com/blacklight447.png
+    mastodon:
+      username: blacklight447
+      instance: mastodon.social
   dngray:
     name: Daniel Gray
     description: Team Member
     avatar: https://github.com/dngray.png
-  freddy-m:
+  freddy:
     name: Freddy
     description: Team Member
     avatar: https://github.com/freddy-m.png
-    description_long: |
-      <a href="https://freddy.lol">Freddy</a> is a founding member of Privacy Guides and the editor of its blog. He writes in American English reluctantly.
   jonah:
     name: Jonah Aragon
-    description: Team Member
+    description: Project Director
     avatar: https://github.com/jonaharagon.png
-    description_long: |
-      <a href="https://www.jonaharagon.com">Jonah Aragon</a> is creating educational resources for average people to understand the importance of privacy and security on the internet, and take back control over their digital lives.
-      He is known for his work on the Techlore YouTube channel, including the Techlore Talks podcast he co-hosts, and the Privacy Guides non-profit website.
+    mastodon:
+      username: jonah
+      instance: neat.computer
+    twitter: jonaharagon
   kaitebay:
     name: Kai Tebay
     description: Former Team Member

blog/archive/2019.md

@@ -1,3 +1,5 @@
+# 2019
+
 !!! danger "Old Content"
 
     These posts are 5 years old. They may not accurately reflect the current opinion of our team.

blog/archive/2020.md

@@ -1,3 +1,5 @@
+# 2020
+
 !!! danger "Old Content"
 
     These posts are 4 years old. They may not accurately reflect the current opinion of our team.

blog/archive/2021.md

@@ -1,3 +1,5 @@
+# 2021
+
 !!! danger "Old Content"
 
     These posts are 3 years old. They may not accurately reflect the current opinion of our team.

blog/archive/2022.md

@@ -1,3 +1,5 @@
+# 2022
+
 !!! danger "Old Content"
 
     These posts are 2 years old. They may not accurately reflect the current opinion of our team.

blog/author/dngray.md

@@ -0,0 +1 @@
+# Daniel Gray

blog/author/freddy.md

@@ -0,0 +1,7 @@
+# Freddy
+
+![Profile picture](https://github.com/freddy-m.png){ align=right }
+
+[**Freddy**](https://freddy.lol) is a founding member of Privacy Guides and the editor of its blog. He writes in American English reluctantly.
+
+[:simple-mastodon: @freddy@social.lol](https://social.lol/@freddy "@freddy@social.lol"){ .md-button rel=me }

blog/author/jonah.md

@@ -0,0 +1,36 @@
+---
+description: Jonah Aragon is the Project Director and staff writer at Privacy Guides. His role includes researching and writing for this website, system administration, creating Privacy Guides Online Learning course content, reviewing the products recommended here, and most other day-to-day tasks.
+schema:
+  -
+    "@context": https://schema.org
+    "@type": ProfilePage
+    dateCreated: "2019-10-31T00:00:00Z"
+    dateModified: "2024-09-09T00:00:00Z"
+    mainEntity:
+      -
+        "@context": https://schema.org
+        "@type": Person
+        name: Jonah Aragon
+        jobTitle: Project Director
+        description: Jonah Aragon is the Project Director and staff writer at Privacy Guides.
+        url: https://www.privacyguides.org/articles/author/jonah/
+        image: https://www.privacyguides.org/articles/assets/external/github.com/jonaharagon.png.jpg
+        sameAs:
+          - https://www.jonaharagon.com
+          - https://discuss.privacyguides.net/u/jonah
+          - https://shop.jonaharagon.com
+          - https://jonaharagon.me
+          - https://mastodon.neat.computer/@jonah
+          - https://www.youtube.com/@jonaharagon
+          - https://www.wikidata.org/wiki/Q117304062
+---
+
+# Jonah Aragon
+
+![Profile picture](https://github.com/jonaharagon.png){ align=right }
+
+[**Jonah Aragon**](https://www.jonaharagon.com) is the Project Director and staff writer at *Privacy Guides*. His role includes researching and writing for this website, system administration, creating Privacy Guides Online Learning course content, reviewing the products recommended here, and most other day-to-day tasks.
+
+He is also known for his work on the Techlore YouTube channel, including the Techlore Talks podcast he co-hosts.
+
+[:simple-mastodon: @jonah@neat.computer](https://mastodon.neat.computer/@jonah "@jonah@neat.computer"){ .md-button rel=me }

blog/author/niek-de-wilde.md

@@ -0,0 +1,7 @@
+# Niek de Wilde
+
+![Profile picture](https://github.com/blacklight447.png){ align=right }
+
+**Niek** is a founding team member of Privacy Guides and part of the [executive committee](https://www.privacyguides.org/en/about/#executive-committee). His day-to-day concerns for Privacy Guides entail both research and outreach.
+
+[:simple-mastodon: @blacklight447@mastodon.social](https://mastodon.social/@blacklight447 "@blacklight447@mastodon.social"){ .md-button rel=me }

blog/category/announcements.md

@@ -0,0 +1,7 @@
+---
+description: The latest announcements and updates from the Privacy Guides team.
+---
+
+# Announcements
+
+Follow this page for the latest updates & announcements from the Privacy Guides team, and join the [announcements category](https://discuss.privacyguides.net/c/announcements/5) on our forum to discuss anything you read here!

blog/category/news.md

@@ -0,0 +1,7 @@
+---
+description: Privacy Guides News presents the latest tech news about the world's best (and occasionally worst) software, hardware, and services in the privacy world.
+---
+
+# News
+
+The latest tech news about the world's best (and occasionally worst) software, hardware, and services in the privacy world. *Privacy Guides News* has you covered for any important information you might need on your privacy journey.

blog/category/reviews.md

@@ -0,0 +1,7 @@
+---
+description: Read the latest privacy product reviews and stories from Privacy Guides contributing writers.
+---
+
+# Reviews
+
+Looking for alternatives to privacy-invasive apps you use everyday? Do you just want to know all the details behind your favorite privacy tools? *Privacy Guides Reviews* is the place to find all that and more. This is your one stop to find the latest advice and recommendations on things we use every day directly from Privacy Guides contributors.

blog/editorial.md

@@ -0,0 +1,107 @@
+---
+title: Editorial Policy
+---
+
+This page provides transparent information about Privacy Guides, its editorial process, and how Privacy Guides creates trustworthy news, articles, and reviews.
+
+Moreover, it is a part of Privacy Guides' commitment to [**The Trust Project**](https://thetrustproject.org/), "an international consortium of news organizations implementing transparency standards and working with technology platforms to affirm and amplify journalism’s commitment to transparency, accuracy, inclusion and fairness so that the public can make informed news choices." Privacy Guides is not currently a news partner of the program, but wholeheartedly supports its mission and values.
+
+## Coverage Priorities
+
+First and foremost, Privacy Guides is committed to publishing content related to the personal privacy and cybersecurity industry and communities. We firmly believe that privacy is a human right, which should not be intruded upon by any corporation, government, or other entity.
+
+To further our beliefs, Privacy Guides strives to create coverage that promotes the ideals of personal privacy and security in online spaces, encourages companies to engage in privacy-friendly behavior, and holds privacy and security invasive entities accountable for their actions.
+
+## Our Philosophy
+
+Privacy Guides strongly believes in independent information published by independent people with varying points of view. As an organization, we are firm proponents of freedom of speech, expression, and the press. Privacy Guides contributors are free to share their own opinions, even when they are controversial. Every opinion article is clearly labeled as such at the beginning of the news content.
+
+## Ethics Policy
+
+Privacy Guides' ethical code is based in our willingness to be accurate, fair, and complete, and for all of our writers to act with honesty, transparency, and independence.
+
+### Truth and Accuracy
+
+Privacy Guides contributors are expected to be as accurate as possible. Getting facts from reliable sources is the defining principle of journalism. Privacy Guides always strives to provide all the relevant facts available, ensure those facts have been verified, and generally hold ourselves to the highest standards of accuracy and truth. When we are unable to corroborate certain information, Privacy Guides always makes that clear to readers.
+
+### Independence
+
+Privacy Guides contributors must always be independent voices in the privacy community. Privacy Guides does not act on behalf of special interests, whether corporate, political, or cultural, and whether formally or informally. Independent fact-checking is always involved in the publication process.
+
+### Fairness and Impartiality
+
+Many stories have at least two sides. While we are not obligated to present every viewpoint in every article we publish, our stories are balanced and add context. Our impertial reporting is a significant part of why our community has trust and confidence in our work.
+
+### Humanity
+
+Privacy Guides contributors do no harm. We are aware of the impact of our words on the lives of others. Private persons have privacy rights that must be balanced against the public interest in reporting information about them. Our pursuit of the news is not a license for arrogance, and we will always treat the subject of any story with respect.
+
+### Accountability
+
+As professional and responsible journalists, we will always hold ourselves accountable for our work. Corrections are published when errors are discovered, and we always listen to the concerns of our audience.
+
+## Corrections Policy
+
+Privacy Guides believes in transparency and honesty. Therefore, we will correct mistakes promptly and ensure our readers are notified. In the online world of journalism, completeness and freshness of content are huge values, and we believe accuracy is equally essential. We will ensure expediency when making corrections as needed.
+
+When an error is detected in an article, Privacy Guides will immediately work to find the correct information, clearly display the correction within the affected article, and include the following:
+
+- The correct information.
+- What was originally published that was incorrect.
+- The severity of the error.
+- The date when the change took place.
+
+When errors cannot be amended within the body of an article's content, corrections are displayed in the last paragraph of the content. Rather than remove completely the content containing a mistake, we provide clarification and admittance of our mistakes to preserve transparency.
+
+## Verification & Fact-Checking
+
+Privacy Guides prides itself on the validity of its content, and therefore does whatever it can to ensure that the information presented by its contributors is accurate. As a well-known global publication, Privacy Guides understands the importance of approaching claims with skepticism, thinking critically, and upholding accuracy in whatever way possible.
+
+Privacy Guides encourages its writers to keep the following considerations in mind before publishing content:
+
+- Always credit, acknowledge, and verify the source(s) of your information.
+- Consider whether you know enough about the information to qualify as a trustable source yourself.
+- Think critically when addressing claims.
+- Never make assumptions.
+
+We trust the integrity of our contributors and the accuracy of content published on this website. In the case that a mistake is made, we understand the importance of admitting to them and working diligently to provide the correct information. We always encourage our readers, sources, and other contributors to provide us with feedback on any of our content.
+
+## Unnamed Sources Policy
+
+Privacy Guides will only used unnamed sources in our news reporting if:
+
+1. The material is informative, not opinion or speculation.
+2. The material is vital to the news report.
+3. The source is reliable, and in a position to have accurate information.
+4. The information provided is not available except under conditions of anonymity imposed by the source.
+
+Privacy Guides will always identify sources whenever possible. Our readership is entitled to as much information as possible in order to judge the reliability of our sources themselves.
+
+:   Privacy Guides' credibility is our most important asset. If our readers don't have faith that the stories they are reading here are accurate and fair, or if they suspect content within the stories we publish is fabricated, then we would lose that credibility. For our contributors to protect their own credibility, they must use every available avenue to confirm and attribute information before relying on unnamed sources. If the only way to publish a story is to use unnamed sources, our contributors owe it to our readership to identify the sources as clearly as possible without exposing the identity of the individual granted anonymity.
+
+Our contributors should always question the motives behind a source requesting anonymity.
+
+:   Always keep your promises, but clarify conditions attached to any promise made in exchange for information beforehand. You must not take information from an anonymous support without the approval of our editorial team. We only use unnamed sources to tell important stories that would otherwise go unreported.
+
+The decision to use an unnamed source is not a decision made solely by the writer. To use an unnamed source, a contributor must have the written consent of a member of our editorial team: [Daniel](author/dngray.md), [Freddy](author/freddy.md), [Jonah](author/jonah.md), or [Niek](author/niek-de-wilde.md).
+
+Our editorial team will grant consent to the use of unnamed sources if the source is considered to be accurate and reliable, and if there is substantial justification for using the source's information without attribution. Privacy Guides should never be in the position of having to verify any factors within this policy after a story has been published.
+
+## Actionable Feedback
+
+Privacy Guides is committed to engaging with our readers and taking action based on their suggestions, complaints, and other feedback.
+
+Readers may help us develop an individual story or line of coverage, answer questions that a story may raise, identify related or under-covered issues, and teach us about new and diverse sources, experts, and perspectives. We believe that news organizations have a responsibility to engage with the public on the values, issues, and ideas of the times, and that news organizations have much to gain in return. In fact, actionable feedback may:
+
+- Further develop an individual story or line of coverage.
+- Help answer questions that a story may raise.
+- Help identify related questions or issues that the audience, including demographic segments of that audience, is discussing or are concerned about.
+- Yield new and diverse sources and experts.
+
+**We strongly encourage our readers to participate in our community forum: <https://discuss.privacyguides.net/>**
+
+Our staff contributors are also [listed](https://www.privacyguides.org/en/about/) alongside verified email links and other contact information, where you can ask them questions or report a complaint. Each article within our news section also clearly lists the author's byline, including contact and social media information when available.
+
+When necessary, we will make updates to our articles based on our readership's comments and feedback.
+
+We are proud of keeping this openness a top priority, in line with the nature of our community.

blog/index.md

@@ -1,5 +1,11 @@
 ---
-title: Latest Articles
+description: Privacy-related news stories, product reviews, opinion pieces, and other important articles from Privacy Guides contributors.
 hide:
   - footer
 ---
+
+# Latest Articles
+
+This is our home for privacy-related news stories, product reviews, opinion pieces, and other important articles.
+
+Unlike the rest of our website, these articles don't represent a consensus viewpoint of our community. Instead, they present the opinions of trusted authors within our community as-is. You may even find multiple articles on the same topic with competing viewpoints, intended to further [privacy discussion](https://discuss.privacyguides.net/).

blog/posts/.meta.yml

@@ -1 +1,3 @@
 comments: true
+social:
+  cards_layout: blog

blog/posts/bad-faith-arguments.md

@@ -0,0 +1,48 @@
+---
+date:
+    created: 2024-09-09
+categories:
+    - Announcements
+authors:
+    - jonah
+tags:
+    - Privacy Guides
+license: BY-SA
+---
+# Bad-Faith Arguments in the Privacy Community
+
+The Privacy Guides community is one of the best privacy-related communities on the internet, and I think we have generally done a good job at promoting a positive and respectful environment where people can learn and grow.
+
+Unfortunately, as a public forum we are not immune to the small minority of individuals who feel empowered to spread anger, hostility, and divisiveness by their anonymity and general lack of consequences on the internet.<!-- more -->
+
+From now on, we are going to be strict about requiring all posts in our communities to be made in good faith.
+
+We will consider the following questions when reviewing posts:
+
+1. Is the poster presenting their criticism as informed or factual, when it's actually a matter of personal opinion, or worse, misinformation or false?
+2. Has the poster failed to provide reasoning for their criticism, and demonstrated an unwillingness to learn or discuss the topic?
+3. Is the poster writing something as if it is true and informed, when they're actually just speculating?
+4. Is the poster simply spreading negativity instead of actually trying to improve something?
+5. Is the poster engaging in ad hominem attacks against us or our community?
+
+If these answer to any of these questions is yes, the post will be removed and the poster will be asked to revise their statement. We will suspend posters who repeatedly engage in bad faith arguments.
+
+For almost everyone here, you won't see any negative impacts of this new policy. It is simply designed to allow us to remove the small number of people who occasionally join to spread unproductive negativity in the privacy space, at the expense of legitimate projects making the world a better place. Hopefully you will notice improvements in discussion quality overall.
+
+---
+
+To give an example, there are two specific behaviors we want to discourage with this new policy.
+
+1. The constant use of words like "shilling," "fanboys," etc. to describe people who have a difference in opinion to your own is not acceptable.
+
+    To "[shill](https://en.wikipedia.org/wiki/Shill)" something is to promote something you have an employer relationship or some other actual conflict of interest with. To accuse someone in our community of being a planted shill without any evidence, simply because they like something that you dislike, is both a serious accusation and a bad-faith argument.
+
+    Even the use of terms like these informally to describe people who like a certain product more than others is disrespectful, and sows uncertainty and distrust within our community, so it will no longer be tolerated.
+
+2. A very small portion of GrapheneOS community members continually attempt to derail any conversations mentioning GrapheneOS with irrelevant details and confrontational attitudes.
+
+    This is not a reflection on the GrapheneOS project itself, but unfortunately this has become a repeated situation with certain community members of this specific project more than anyone else, so we have to call it out.
+
+    Making unfounded accusations against Privacy Guides community members of harassment towards GrapheneOS simply because they presented their criticism of the project is not a good faith argument. Similarly, presenting unverified statements from the GrapheneOS community as factual has led to misinformation being spread in the past. It is critical to always differentiate between opinions/beliefs and factual information.
+
+    **Privacy Guides community spaces are not GrapheneOS discussion forums, and the drama from their community is not automatically on-topic in ours.** Please do not make new topics in our forum that simply link to drama posts from the GrapheneOS community. A good rule of thumb is that unless a post from GrapheneOS is specifically talking about GrapheneOS-specific, privacy-related functionality and not about other projects/software/etc., it is probably off-topic here.

blog/posts/choosing-the-right-messenger.md

@@ -11,6 +11,8 @@ links:
 tags:
     - Instant Messengers
 license: BY-SA
+description: Choosing an instant messenger is a challenge. How can you be sure you’re using the most secure, privacy respecting platform?
+schema_type: AnalysisNewsArticle
 ---
 # Choosing the Right Messenger
 

blog/posts/delisting-startpage.md

@@ -10,6 +10,8 @@ links:
     - Search Engines: https://www.privacyguides.org/en/search-engines/
 tags:
     - Search Engines
+description: Startpage has been removed from Privacy Guides' recommendations following their acquisition by System1.
+schema_type: NewsArticle
 ---
 # Delisting Startpage From Privacy Guides
 

blog/posts/delisting-wire.md

@@ -10,6 +10,8 @@ links:
     - Types of Communication Networks: https://www.privacyguides.org/en/advanced/communication-network-types/
 tags:
     - Instant Messengers
+description: Wire has been removed from Privacy Guides' recommendations following their acquisition by a US holding company and VC investments.
+schema_type: NewsArticle
 ---
 # Delisting Wire From Privacy Guides
 

blog/posts/firefox-privacy-2021-update.md

@@ -11,6 +11,7 @@ tags:
     - Browsers
     - Firefox
 license: CC0
+schema_type: AnalysisNewsArticle
 ---
 # Firefox Privacy: 2021 Update
 

blog/posts/firefox-privacy.md

@@ -11,6 +11,7 @@ tags:
     - Browsers
     - Firefox
 license: BY-SA
+schema_type: AnalysisNewsArticle
 ---
 # Firefox Privacy: Tips and Tricks for Better Browsing
 

blog/posts/grapheneos-or-calyxos.md

@@ -12,6 +12,8 @@ links:
     - General Android Overview: https://www.privacyguides.org/android/overview/
     - Android Recommendations: https://www.privacyguides.org/android/
 license: BY-SA
+robots: nofollow, max-snippet:-1, max-image-preview:large
+schema_type: OpinionNewsArticle
 ---
 # Should You Use GrapheneOS or CalyxOS?
 

blog/posts/hide-nothing.md

@@ -11,6 +11,8 @@ links:
 tags:
     - Government
 license: BY-SA
+description: In the wake of the September 11, 2001, attack on the United States, the US government enacted laws that weakened citizen privacy in the name of national emergency.
+schema_type: OpinionNewsArticle
 ---
 # Hide Nothing
 

blog/posts/i18n-announcement.md

@@ -4,12 +4,14 @@ date:
 categories:
     - Announcements
 authors:
-    - freddy-m
+    - freddy
     - dngray
     - niek-de-wilde
 tags:
     - Privacy Guides
 license: BY-SA
+description: It's finally here. After countless requests, Privacy Guides now has translations.
+schema_type: NewsArticle
 ---
 # Privacy Guides Is Now Multilingual
 

blog/posts/integrating-metadata-removal.md

@@ -12,6 +12,8 @@ tags:
     - iOS
     - Windows
 license: BY-SA
+description: When sharing files, it's important to remove associated metadata. Image files commonly include Exif data, and sometimes photos even include GPS coordinates within its metadata.
+schema_type: AnalysisNewsArticle
 ---
 # Removing Metadata From Your Photos, Videos, and Other Files
 

blog/posts/ios-configuration-guide.md

@@ -10,6 +10,8 @@ authors:
 tags:
     - iOS
 license: BY-SA
+description: There are a number of privacy and security-related settings you should consider changing in the Settings app on iOS 16.
+schema_type: AnalysisNewsArticle
 ---
 # iOS 16 Privacy Configuration Guide
 

blog/posts/job-openings.md

@@ -0,0 +1,43 @@
+---
+date:
+    created: 2024-10-28
+categories:
+    - Announcements
+authors:
+    - niek-de-wilde
+links:
+    - Job Openings: https://www.privacyguides.org/en/about/jobs/
+tags:
+    - Privacy Guides
+description: Privacy Guides is now hiring for a video content creation position and a journalist position, as well as a 6-month internship.
+schema_type: NewsArticle
+---
+# Privacy Guides is Hiring
+
+We are thrilled to announce the opening of three new job positions aimed at enhancing our mission of promoting personal privacy and informed digital choices. As a non-profit organization dedicated to empowering individuals with the knowledge and tools they need to navigate the internet in a private manner, we are excited to expand our team with talented individuals who share our vision. They will play a key role in helping us reach new audiences to spread our message in multiple formats, and make sure we are the authoritative source for trustworthy and unbiased consumer privacy resources on the internet.<!-- more -->
+
+## Content Creator
+
+We're seeking a passionate multimedia content creator to spearhead our video production efforts on YouTube and other platforms. This role will involve creating engaging and informative video content that for example simplifies several privacy concepts and offers practical tips for protecting personal information. The ideal candidate will have experience in video production (but this is not strictly required) and a commitment to making complex topics accessible to a wide audience.
+
+This is your chance to enter the tech & educational content creation space, without worrying about sponsors and advertisers diluting your message. We have no commercial interests to interfere with your content, and no agenda beyond simply providing the best privacy information out there. If you're excited about using the power of video to educate and inspire, we want to hear from you!
+
+[Learn more and apply here :material-arrow-right-drop-circle:](https://privacyguides.org/en/about/jobs/content-creator/)
+
+## Journalist
+
+We are also looking for a skilled journalist to join our team. This role will focus on producing in-depth articles for our blog that explore the latest trends in privacy and security, as well as the implications of emerging technologies. The ideal candidate will have a background in investigative journalism and a deep understanding of privacy issues. Your work will help inform our community and foster critical discussions about digital rights and responsibilities.
+
+Other tasks will be to research new subjects to cover, perform interviews, and conduct product and service reviews for our recommendations.
+
+[Learn more and apply here :material-arrow-right-drop-circle:](https://privacyguides.org/en/about/jobs/journalist/)
+
+## News Curation Internship
+
+Finally, we are offering a paid internship position that will focus on staying up-to-date with the latest privacy and security news, interacting with our community, and providing overall support to our volunteers. This role will involve curating relevant articles, reports, and insights to keep our team informed and engaged with current events. This is an excellent opportunity for someone passionate about privacy issues and looking to gain hands-on experience in a non-profit environment. Ideal candidates will have strong research skills and a keen interest in digital rights.
+
+[Learn more and apply here :material-arrow-right-drop-circle:](https://privacyguides.org/en/about/jobs/intern-news/)
+
+## Join us in making a difference
+
+At Privacy Guides, we believe that everyone deserves the right to privacy and security in the digital world. By joining our team, you will play a vital role in educating the public and advocating for stronger privacy protections. If you’re ready to make a difference and are excited about one of these roles, we encourage you to apply!

blog/posts/linux-application-sandboxing.md

@@ -9,6 +9,8 @@ tags:
     - Linux
     - Security
 license: BY-SA
+description: We outline a few projects which aim to solve the poor sandboxing situation in Linux relative to operating systems like macOS and ChromeOS.
+schema_type: AnalysisNewsArticle
 ---
 # Sandboxing Applications on Desktop Linux
 

blog/posts/linux-system-hardening.md

@@ -9,6 +9,9 @@ tags:
     - Linux
     - Security
 license: BY-SA
+robots: nofollow, max-snippet:-1, max-image-preview:large
+description: There are a number of procedures you can follow to make your Linux desktop system more secure, some more advanced than others. We cover some general techniques here.
+schema_type: AnalysisNewsArticle
 ---
 # Hardening Your Desktop Linux System's Security
 

blog/posts/macos-ventura-privacy-security-updates.md

@@ -11,6 +11,8 @@ tags:
 links:
     - posts/ios-configuration-guide.md
 license: BY-SA
+description: We cover the improvements macOS Ventura will bring to Apple users when it comes to personal privacy and security.
+schema_type: NewsArticle
 ---
 # New Privacy and Security Features in macOS 13 Ventura
 

blog/posts/merch-announcement.md

@@ -4,11 +4,13 @@ date:
 categories:
     - Announcements
 authors:
-    - freddy-m
+    - freddy
     - niek-de-wilde
 tags:
     - Privacy Guides
 license: BY-SA
+description: Privacy Guides has partnered with HELLOTUX to create what we think are the finest garments in the land.
+schema_type: BackgroundNewsArticle
 ---
 # Privacy Guides Now Has Merchandise
 

blog/posts/move-fast-and-break-things.md

@@ -4,12 +4,14 @@ date:
 categories:
     - Opinion
 authors:
-    - freddy-m
+    - freddy
 links:
     - posts/virtual-insanity.md
 tags:
     - Facebook
 license: BY-SA
+description: If someone has to tell you that they care about your privacy, they probably don’t.
+schema_type: OpinionNewsArticle
 ---
 # Move Fast and Break Things
 

blog/posts/mozilla-disappoints-us-yet-again-2.md

@@ -2,12 +2,14 @@
 date:
     created: 2024-07-14
 categories:
-    - Opinion
+    - News
 authors:
     - jonah
 tags:
     - Firefox
     - Mozilla
+description: "'No shady privacy policies or back doors for advertisers' proclaims the Firefox homepage, but that's no longer true in Firefox 128."
+schema_type: AnalysisNewsArticle
 ---
 
 # "Privacy-Preserving" Attribution: Mozilla Disappoints Us Yet Again

blog/posts/onion-browser-review.md

@@ -0,0 +1,174 @@
+---
+title: "Onion Browser Review: Tor on iOS"
+description: "Onion Browser is our recommended way of connecting to Tor on iOS, but it does have a number of drawbacks compared to the traditional Tor Browser on other platforms you should be aware of."
+date:
+    created: 2024-09-18
+categories:
+    - Reviews
+authors:
+    - jonah
+links:
+    - Tor Recommendations: https://www.privacyguides.org/en/tor/
+    - Tor Overview: https://www.privacyguides.org/en/advanced/tor-overview/
+tags:
+    - Tor
+    - iOS
+license: BY-SA
+preview:
+  logo: theme/assets/img/self-contained-networks/onion_browser.svg
+review:
+  type: MobileApplication
+  category: BrowserApplication
+  subcategory: Tor Network Browser
+  name: Onion Browser
+  price: 0
+  website: https://onionbrowser.com/
+  rating: 3.5
+  pros:
+    - Officially endorsed way to access Tor on iOS.
+  cons:
+    - Some inconsistent and confusing settings.
+    - Doesn't provide the same protections as Tor Browser.
+---
+![Onion Browser logo](../assets/img/self-contained-networks/onion_browser.svg){ align=right }
+
+Search the App Store for "Tor Browser" and you'll be flooded with a variety of ways to connect to the Tor network from your iPhone. However, there's only one solution officially [endorsed](https://support.torproject.org/tormobile/tormobile-3/) by the Tor Project themselves: **Onion Browser**.<!-- more -->
+
+[:octicons-home-16: Homepage](https://onionbrowser.com){ .md-button }
+[:octicons-eye-16:](https://onionbrowser.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://onionbrowser.com/faqs){ .card-link title=Documentation}
+[:octicons-code-16:](https://github.com/OnionBrowser/OnionBrowser){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://onionbrowser.com/donate){ .card-link title=Contribute }
+
+Onion Browser is an open-source app created by Mike Tigas, who has worked closely with Tor Project in the past and was previously an investigative journalist at ProPublica (he is currently an advisor at the FTC). His company still maintains the app, although lately it is primarily [developed](https://github.com/OnionBrowser/OnionBrowser/graphs/contributors) by other maintainers.
+
+!!! info inline end "Side info"
+
+    - [:simple-appstore: App Store download](https://apps.apple.com/app/id519296448)
+
+We already recommend Onion Browser for any iOS users out there, with the important caveat that it doesn't have all the privacy features that Tor Browser on *other* operating systems would provide.
+
+## Usage
+
+Of course installing Onion Browser is as easy as any other app on iOS, Apple ID unfortunately required. Onion Browser can be set as your default browser in system settings too, which is nice.
+
+When you open Onion Browser for the first time you're given the option to connect to Tor via [Orbot](https://www.privacyguides.org/en/tor/#orbot), or with a built-in Tor network proxy. Using the built-in option is the easiest, it connects very quickly and doesn't require a separate app. It also allows you to [use Tor alongside another VPN app](https://www.privacyguides.org/en/advanced/tor-overview/#safely-connecting-to-tor), which may be helpful in certain circumstances. The Orbot app acts as its own "VPN connection" in iOS preventing the possibility of combining it with another VPN, but it is more flexible and it extends Tor network protections to every app on your device.
+
+<figure markdown="span">
+  ![A screenshot asking whether you want to use Orbot or built-in Tor to connect, noting the built-in Tor has security problems.](../assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.jpeg){ width="200" }
+  <figcaption>You're presented with a choice at startup</figcaption>
+</figure>
+
+Using the dedicated Orbot app also provides more robust protections against IP address leaks. Onion Browser warns in its comparison that using the built-in option could leak your IP or network information to malicious JavaScript code.
+
+I confirmed the built-in option works perfectly fine, in fact I occasionally had trouble connecting Orbot to Onion Browser, where it would re-prompt me to start Orbot even though it was already running until I restarted the Onion Browser app. The built-in proxy generally worked seamlessly. However, for most people using Onion Browser alongside Orbot probably still makes more sense. It's the official recommendation from Tor Project and the browser's developer themselves, so that's what I'll be sticking with for the rest of this review.
+
+<figure markdown="span">
+  ![A screenshot of check.torproject.org that says congratulations, this browser is configured to use Tor. It shows the IP address of the exit node, then states: however, it does not appear to be Tor Browser.](../assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.jpeg){ width="200" }
+  <figcaption>You can check your connection at check.torproject.org, but you'll be warned you're not using Tor Browser</figcaption>
+</figure>
+
+Onion Browser comes with 6 `.onion` bookmarks preinstalled: DuckDuckGo, the New York Times, the BBC, ProPublica, Freedom of the Press Foundation, and Deutsche Welle, which provides you with a good entry point into Tor network resources.
+
+<figure markdown="span">
+  ![A screenshot of the default new tab page, purple, with 6 bookmarks pre-installed](../assets/images/onion-browser-review/D0A2D20B-5550-4C1F-8FC6-F6D84AEBDF13_1_102_o.jpeg){ width="200" }
+  <figcaption>You can get started right away with built-in resources</figcaption>
+</figure>
+
+DuckDuckGo via its `.onion` address is also the default search engine. Unlike Safari, search engines in Onion Browser are completely configurable. Included by default are a few different DuckDuckGo configurations, Google, and Startpage, but you can add your own [search engine](https://www.privacyguides.org/en/search-engines/) easily if you prefer another option.
+
+I ran into trouble with DuckDuckGo not being able to display results, however. Switching to the **DuckDuckGo HTML** search engine in settings helped, and I prefer that more lightweight version myself anyway. I'm curious whether this is a common issue or a momentary glitch with DuckDuckGo, but neither switching circuits nor reducing security levels fixed it. Speaking of...
+
+<figure markdown="span">
+  <div markdown="span" style="display: flex; gap: 1em; justify-content: center;">
+    ![A screenshot of DuckDuckGo saying sorry, we ran into an issue displaying these results, and asking to try again](../assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.jpeg){ width="200" }
+    ![A screenshot of DuckDuckGo results loading normally when using the HTML version of the search engine](../assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.jpeg){ width="200" }
+  </div>
+  <figcaption>DuckDuckGo wouldn't work until I used their HTML-only version</figcaption>
+</figure>
+
+### Security Levels
+
+There are three configurable security levels in Onion Browser: Bronze, Silver (the default), and Gold. These levels roughly correlate to the *Safe, Safer, Safest* [security levels](https://tb-manual.torproject.org/security-settings/) in regular Tor Browser.
+
+<figure markdown="span">
+  ![A screenshot showing the security level for this site settings and three options, Gold, Silver, and Bronze](../assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.jpeg){ width="200" }
+  <figcaption>You can toggle security levels on a per-site basis with two taps</figcaption>
+</figure>
+
+I had no issues browsing the web in the standard Silver level, which felt similar to just using Safari. Even websites which rely a bit more on JavaScript like our own [forum](https://discuss.privacyguides.net/) were unaffected, so this seems to be a sane default for most people.
+
+The security level toggle next to the address bar is a bit dangerous, in my opinion. It changes the security level on a per-site basis, which can lead to inconsistent settings. I ran into this when I set the security level to Gold on privacyguides.**org**, then I navigated to our forum (hosted on privacyguides.**net**) and found the security level reset itself to Silver. Changing the security level for all sites requires going into the app's settings and changing the default security, which is something to keep in mind if you don't trust the sites you're visiting.
+
+That being said, I also found that even the default security level setting didn't apply itself consistently after changing it. When I set the default security to Gold and opened DuckDuckGo, it opened at the lower Silver security level. I believe this is because I had manually set DuckDuckGo to Silver using the per-site toggle earlier, but changing the default setting *really* should reset those preferences.
+
+The Gold browsing experience definitely broke more websites. Our forum didn't load at all, despite theoretically having a non-JavaScript version available. Other pages had broken elements: I loaded the Freedom of the Press Foundation's homepage fine, but I wasn't able to open the mobile navigation menu with the button in their header without switching back to Silver.
+
+Something to note is that even the Gold level protections don't go nearly as far as Safest protections in Tor Browser. For example, the Safest setting on desktop Tor Browser will block resources like external fonts, which are not blocked on any level by Onion Browser. Onion Browser is meant to be a censorship circumvention tool, but it is not ready to defend your anonymity against any more dedicated adversaries.
+
+### Other Settings
+
+Onion Browser comes with reasonable defaults and a fairly sparse number of customization options, but there's some you'll probably want to change if you're using this every day.
+
+The **Tab Security** setting defaults to *Forget in Background*, which I found closes your tabs even if you simply check your notifications. It's certainly good that it errs on the side of caution and closes your tabs when you do literally *anything* outside the app, but I think most people will probably prefer this set to *Forget at Shutdown* where the data is only wiped when the app is actually closed. If you're really not concerned about local data storage, you can have the browser remember tabs until you close them for a more standard browser-like experience.
+
+In the **Default Security** settings you can choose a different user agent, or leave it blank to send the default, in which case it sends Safari's default user agent for your device. You may find this useful to change how websites present themselves, but impersonating the user agent of another browser does **not** make you blend in with that browser from a fingerprinting perspective. There are many ways a website could determine what browser you are using outside your user agent, so don't rely on this setting to make you blend in with everyone else using Tor Browser on other devices.
+
+Besides leaving it blank for the default, it comes with three built-in user agent strings you can choose from, or you can enter your own. You might find it useful to use Tor Browser for Android's, but if you have no idea what any of this means it's probably best to leave the user agent settings alone.
+
+=== "Default (on my device)"
+
+    ```
+    Mozilla/5.0 (iPhone; CPU iPhone OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/605.1.15
+    ```
+
+=== "Safari Desktop"
+
+    ```
+    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Safari/605.1.15
+    ```
+
+=== "Tor Browser Desktop"
+
+    ```
+    Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
+    ```
+
+=== "Tor Browser Android"
+
+    ```
+    Mozilla/5.0 (Android 9; Mobile; rv:78.0) Gecko/20100101 Firefox/78.0
+    ```
+
+The other settings in the app are fairly self-explanatory, but I don't expect many people will need to change them.
+
+## Drawbacks
+
+A large part of Onion Browser's problems come down to how iOS works. Most notably the iOS requirement for third-party browsers to use the WebKit framework built in to iOS.
+
+This requirement means that Onion Browser has completely separate development from Tor Browser on desktop and Android, so it can't easily make use of all the advanced privacy-protecting features the Tor Project team is constantly adding to their browser. Technically it does also mean Onion Browser has historically been immune to [Firefox-related vulnerabilities](https://blog.mozilla.org/security/2016/11/30/fixing-an-svg-animation-vulnerability/), but Safari is not known for its perfect security record either, and the number of eyes on Tor-related *WebKit* vulnerabilities is certainly far smaller than on *Firefox/Gecko*-related ones.
+
+The Tor Project [notes](https://blog.torproject.org/tor-heart-onion-browser-and-more-ios-tor/) another drawback to Onion Browser's use of WebKit as well: The WebKit APIs simply don't give browser developers the level of control they're used to over the rendering and execution of web pages. This relates to what we saw earlier with the "Gold" protection levels not quite matching what you'd see in Tor Browser on other platforms.
+
+The EU recently required Apple to let third-party browser developers use their own engines instead of WebKit. It's possible that—likely many years from now—a version of Onion Browser or Tor Browser could come to iOS alongside Tor's stricter protections found in their standard browsers. Even still, the mobile version of Tor Browser on Android which *does* use Firefox's mobile engine is leagues behind desktop Tor Browser in terms of privacy and security. It's safe to say that desktop Tor Browser is going to be the best way to access Tor for quite some time.
+
+## Lockdown Mode
+
+There is one more way to improve Onion Browser security, but we have to look outside the browser to find it. [Lockdown Mode](macos-ventura-privacy-security-updates.md#lockdown-mode) is a feature introduced in iOS 16 that reduces the attack surface of your device by disabling a myriad of features, including web browsing features that could potentially impact security.
+
+Because Onion Browser is built on Apple's WebKit, these security improvements extend to Onion Browser as well. Most notably, external web fonts *are* blocked in Onion Browser with Lockdown Mode enabled, just as they are in Safari. These are disabled in desktop Tor Browser's Safest mode due to both privacy concerns, and security concerns related to the font rendering engine on your device, so having the option to disable them here on iOS is very useful for those looking to maximize their security.
+
+<figure markdown="span">
+  ![A screenshot of the Privacy Guides homepage with external fonts disabled](../assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.jpeg){ width="200" }
+  <figcaption>External fonts and JavaScript disabled with Gold + Lockdown Mode</figcaption>
+</figure>
+
+However, enabling Lockdown Mode *is* detectable by websites, meaning it could potentially be used to fingerprint you. Onion Browser in any form does not really provide the same fingerprinting protections that desktop Tor Browser is able to, so this probably shouldn't stop you from using Lockdown Mode, but it is something to keep in mind.
+
+## Conclusion
+
+The decision to use Onion Browser will ultimately come down to your specific requirements. If you simply need a web browser that connects to [Tor hidden services](https://www.privacyguides.org/en/advanced/tor-overview/#path-building-to-onion-services), and you're not concerned with being tracked down, this is a perfectly reasonable choice on iOS.
+
+It's also a good way to promote and normalize the use of Tor in general. My browsing experience using Onion Browser, while still a bit slower than regular browsing, was perfectly acceptable for reading the news, searching the web, and other everyday browsing tasks most of us do on our phone. The more people that use Tor for their everyday traffic, the safer the overall network becomes for people who really need it.
+
+Just don't expect the same level of protection that desktop Tor Browser can provide. If you're concerned about serious adversaries targeting you, the safest way to use Tor is still to use it via [Whonix+Qubes](https://www.privacyguides.org/en/desktop/#whonix).

blog/posts/privacy-guides-partners-with-magic-grants-501-c-3.md

@@ -5,6 +5,8 @@ categories:
     - Announcements
 authors:
     - jonah
+description: We're excited to announce a partnership with MAGIC Grants, a Public 501(c)(3) charity with the mission of supporting privacy projects like ours and providing undergraduate scholarships for students interested in cryptocurrencies and privacy.
+schema_type: BackgroundNewsArticle
 ---
 # Privacy Guides Partners With MAGIC Grants 501(c)(3)
 

blog/posts/proton-wallet-review.md

@@ -0,0 +1,131 @@
+---
+title: "Proton Wallet Review: Is Proton Losing Touch?"
+template: review-article.html
+schema_type: ReviewNewsArticle
+description: "It may well be that Proton Wallet is the easiest way to start using Bitcoin, but is a Bitcoin wallet the solution people need to improve their financial privacy?"
+date:
+    created: 2024-09-08
+categories:
+    - Reviews
+authors:
+    - jonah
+links:
+    - Cryptocurrency: https://www.privacyguides.org/en/cryptocurrency/
+tags:
+    - Cryptocurrency
+license: BY-SA
+preview:
+  logo: theme/assets/img/cryptocurrency/proton-wallet.svg
+review:
+  type: SoftwareApplication
+  category: FinanceApplication
+  subcategory: Cryptocurrency Wallet
+  name: Proton Wallet
+  price: 0
+  website: https://proton.me/wallet
+  rating: 2
+  pros:
+    - Secure, non-custodial option for Proton users.
+  cons:
+    - Only supports Bitcoin, a non-private cryptocurrency.
+    - No support for Lightning or CoinJoin.
+    - iOS app still in beta.
+---
+![Proton Wallet logo](../assets/img/cryptocurrency/proton-wallet.svg){ align=right itemprop="image" }
+
+Proton, the Swiss creators of privacy-focused products like [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) and [Proton VPN](https://www.privacyguides.org/en/vpn/#proton-vpn), recently released the latest product in their ever-growing lineup: **Proton Wallet**. [Announced](https://discuss.privacyguides.net/t/introducing-proton-wallet-a-safer-way-to-hold-bitcoin/19636) at the end of July 2024, it promotes itself as "an easy-to-use, self-custodial" Bitcoin wallet that will ostensibly make financial freedom more attainable for everyone.<!-- more -->
+
+!!! info inline "Side info"
+
+    - Proton Wallet's [Privacy Policy](https://proton.me/wallet/privacy-policy)
+    - This review was conducted with the reviewer's personal Proton Visionary account. Proton was not contacted prior to this publication.
+
+It may well be that Proton Wallet is the easiest way to start using Bitcoin, but is a Bitcoin wallet the solution people need to improve their financial privacy?
+
+## A cryptocurrency primer
+
+Contrary to popular belief, [cryptocurrency](https://www.privacyguides.org/en/cryptocurrency/) is not an inherently private transactional system.
+
+The vast majority of cryptocurrency, including Bitcoin, uses a transparent and public blockchain as the ledger for all transactions. This means that anyone you've transacted with or who knows your wallet's public address can trivially trace all of your past transactions, and monitor all of your future transactions at any time.
+
+This is a huge problem for Proton Wallet, because Bitcoin is the **only** cryptocurrency it supports. Furthermore, Proton Wallet doesn't support the few privacy-enhancing additions to Bitcoin that do exist, like CoinJoin or even the Lightning Network. While these technologies still don't bring Bitcoin close to the levels of privacy attainable with some alternatives like Monero, to see them lacking in a product from a privacy-centric company like Proton is extremely disappointing.
+
+Proton has claimed in a few interviews that they chose Bitcoin because of its mass appeal, and it's certainly true that Bitcoin has the mind share and market share to beat out any other cryptocurrency, but the *most popular* option isn't always the *best* option.
+
+Had Proton Wallet added support for Monero or a similarly private cryptocurrency, they could have single-handedly boosted a financial system that is *actually* private by default by a significant degree. In my eyes, failing to do so in favor of the market leader is an unfortunate step back from their "privacy by default" mantra.
+
+## Using the app
+
+Proton Wallet *is* in beta, like many of Proton's products are when newly released, and available via the web, an Android app, and an iOS [TestFlight](https://testflight.apple.com/join/6OIcXtQN).
+
+![Proton wallet registration page](../assets/images/proton-wallet-review/1.png)
+
+Creating your wallet is a simple process, after registering you'll be asked to choose a name for your wallet and a default currency. You can also optionally set a passphrase to secure your account. Note that this isn't merely a passphrase securing your account on Proton's servers beyond your usual account credentials, it's a [BIP39 extension word](https://en.bitcoin.it/wiki/Seed_phrase#Two-factor_seed_phrases), meaning that if you lose it your wallet will be completely unrecoverable, **even if** you back up your 12 word seed phrase.
+
+![Proton wallet setup page](../assets/images/proton-wallet-review/2.png)
+
+The default currency here isn't the currency being *stored* in Proton Wallet. It is just used to show you the current conversion rate between Bitcoin and your local currency.
+
+Once you're in, Proton Wallet is fairly straightforward. In fact, there's not much to explore beyond finding your wallet address and buying Bitcoin. Clicking the **Recieve** button brings up a panel which shows your address and allows you to generate a new one on the fly. When you generate a new address, all of your previous addresses will continue to work, but are no longer displayed anywhere.
+
+![Proton wallet address QR code and text displayed in sidebar](../assets/images/proton-wallet-review/3.png)
+
+Buying Bitcoin is simple as well. Proton is working with two providers, Banxa and Ramp, and if you're in the United States like I am both are available, so you can choose the one with the best exchange rate to go with. Before you purchase, Proton Wallet asks you for your current country, so that will determine which providers it's possible to use.
+
+There's no private payment methods though, you're stuck with credit card, Google Pay, or Apple Pay. The purchase experience isn't quite seamless either, as it redirects you to either banxa.com or ramp.network to perform the actual transaction. Everything is pre-filled with your Proton Wallet information however, so it isn't a huge problem.
+
+## "Bitcoin via Email"
+
+The flagship feature of Proton Wallet is something they call **Bitcoin via Email**, which integrates with Proton Mail to allow you to send Bitcoin to any email address. Opening your wallet settings lets you enable Proton's *Receive Bitcoin via Email* feature, which allows other Proton Wallet users to send Bitcoin to your account with just your Proton Mail address.
+
+![Proton wallet receive Bitcoin via email settings page](../assets/images/proton-wallet-review/4.png)
+
+If you have multiple addresses on your Proton account, such as aliases or addresses on a custom domain, only one address can be linked to your wallet. This can be a bit annoying for people who have given out different Proton addresses to others in the past, like if you gave out your @protonmail.com address to some people, before later migrating to @proton.me when that domain became available.
+
+On the other hand, if you have aliases for different projects, this is a great way to keep Bitcoin payments to each address separate. If you have your personal email and a business alias for example, you can link your personal email to your primary wallet and create a second wallet to link your business alias to, thus keeping your personal and business transactions separate.
+
+Proton says that you can "create as many wallets as your Proton Wallet plan allows," but the exact limits are not very clear at the moment. This may become clearer as Proton Wallet exits its beta status.
+
+Sending Bitcoin to an email address is as simple as it is in mainstream payment apps like Venmo or CashApp, which is great. You can even include a memo with your transaction, and the transaction appears on the recipient's side very quickly. However, it can take a few hours or more for a transaction to actually complete and be usable by the recipient, so all they'll be able to do is monitor its progress in the meantime. This can be sped up by choosing a higher "network fee" when sending the payment, which costs more Bitcoin as the name would suggest.
+
+I'm not convinced this is particularly revolutionary though. Many Bitcoin wallets have streamlined the process of exchanging address information with other people with methods like QR codes, which are likely going to be more widely used than email in today's mobile-first world. Being able to replace Bitcoin addresses with emails fairly seamlessly *is* nice, but is it nice enough to warrant the entire Proton Wallet product? I'm not so sure.
+
+## What else sets it apart?
+
+There isn't much separating Proton Wallet from the existing options on the market. It is a *non-custodial* wallet, meaning that you control the private keys rather than Proton. This is a huge step-up in security compared to keeping your Bitcoin in an online exchange like Coinbase, but it isn't a big differentiator from other software wallets where non-custodial key storage is typically the norm.
+
+Besides that, and Bitcoin via Email, if you visit Proton's website to see how else they differentiate themselves the best third reason they could muster up is:
+
+> Our business is privacy: Proton isn't a crypto company — we're a privacy company that wants to empower everyone to use Bitcoin securely and privately.
+
+Unfortunately for Proton, this doesn't quite ring true when it comes to Proton Wallet. When it launched in 2014, Proton Mail was revolutionary in the email space. Encrypted email providers already existed, but Proton offered something different: Proton brought a good user experience to an interoperable encryption standard, PGP. While everyone else in the email space was rolling their own password-protected web portals to secure messages or simply delivering emails in plaintext, Proton built a user-friendly platform that actually improved the email ecosystem at large in the process.
+
+Proton's leadership thinks they can do for cryptocurrency what they once did for email, but there's a clear difference between then and now. Proton Mail had privacy and security ready to go from the beginning, but Proton Wallet simply meets the status quo.
+
+## Why does this exist?
+
+Proton Wallet is in a strange position. I've spoken to a few sources who suggest that privacy features like CoinJoin, which can mix Bitcoin in order to better anonymize transactions, were intended to be included at launch. The [crackdown](https://bitcoinmagazine.com/legal/samourai-wallet-breaking-down-dangerous-precedents) on the ill-fated Samouri Wallet project by U.S. authorities last April certainly put a damper on privacy in the Bitcoin space, and likely made Proton wary of introducing such features to the public.
+
+Proton suggests this themselves, stating on their [website](https://proton.me/wallet/bitcoin-guide-for-newcomers):
+
+> Coinjoin is considered the best solution for improving blockchain privacy. It works by mixing your BTC with other users’ BTC in a collaborative self-custodial transaction where you get back the same amount of BTC that you put in but on a different address that cannot be easily linked to your previous address. However, in 2024, in what many consider to be a regulatory overreach and attack on privacy, some of these Coinjoin services have been declared illegal in the US and EU. The future of financial privacy may therefore be decided by ongoing litigation in the next decade and privacy advocates should support these efforts.
+
+This situation likely soured Proton on other privacy-friendly cryptocurrencies like Monero as well. I get it, financial privacy is an extremely challenging task for any company to take on. We can't expect Proton to take on the risk of offering a completely anonymous payment service in the current legal climate, but it begs the question: why enter the financial space at all?
+
+Proton Wallet seems like a product that doesn't know its own place in the world. Is it meant to save us from the tyranny of payment processors like PayPal who can freeze your funds at a whim? Proton certainly thinks so, having faced that exact problem themselves during their original 2014 crowdfunding campaign. But in that case, is Bitcoin the actual solution to this problem, or is it just a stopgap fix that Proton happened to latch on to way back in 2014 when Bitcoin was more *in vogue* and there were few competitors?
+
+Today, there are many alternatives to Bitcoin which are safer to store your money in while remaining protected from intrusive fintech companies like PayPal. Stablecoins like USDC can be traded on multiple cryptocurrency networks without the need for middlemen payment processors, and can be exchanged at a variety of exchanges with the huge benefit of having *significantly* less risk than Bitcoin, theoretically no risk at all. Support for USDC or a similar technology would go a long way towards enabling *usable* cryptocurrency transactions for everyday users, even though USDC doesn't have any additional privacy protections either.
+
+Or, was Bitcoin chosen to give us independence from fiat currency, including stablecoins, entirely? Maybe so, but is that something we actually want? Prepping for a worldwide market collapse is perhaps a bit of a fool's errand. If the US Dollar and other economies failed overnight, I think we would all have a lot more problems than Bitcoin is going to solve for us. Bitcoin is a poor store of value to serve as an alternative to traditional currency anyway. Any asset which can gain or lose half its purchasing power on any given day of the week simply can't function as a viable medium of exchange, meaning it's virtually useless for day-to-day transactions.
+
+However, if Proton Wallet wasn't meant for all that, if it was simply meant to bring privacy to Bitcoin, then it's certainly a failure. Proton hasn't taken any risks with this product, meaning it's really only good for satisfying a singular belief: That Bitcoin is just inherently good, and anything to promote Bitcoin is inherently good as well. I don't share these fanatical beliefs of *Bitcoin maximalists*, however, when Bitcoin is demonstrably lacking in a wide variety of ways.
+
+## Conclusion
+
+Personally, I'm a bit of a cryptocurrency pessimist in general, but I can see some appeal for the technology in very specific areas. Unfortunately, Proton Wallet doesn't seem to fit in to a useful niche in any meaningful way. The functionality it does support is extremely basic, even by Bitcoin standards, and it simply doesn't provide enough value over the existing marketplace.
+
+If you're an existing Proton user simply looking for a place to store some Bitcoin *you already have* sitting around, Proton Wallet might be perfectly adequate. For everyone else, I don't see this product being too useful. Bitcoin is still far too volatile to be a solid investment or used as a safe store of value if you crave financial independence and sovereignty, and Proton Wallet simply isn't adequate for [paying for things privately online](https://www.privacyguides.org/en/advanced/payments/).
+
+There is some potential with Proton Wallet. Personally, I would like to see [support for Monero](https://protonmail.uservoice.com/forums/960668-proton-wallet/suggestions/48672359-support-monero), a cryptocurrency that has privacy features built-in by default. There is also the possibility of Proton expanding into the *traditional* finance space with features like a digital wallet for credit/debit cards, card aliasing à la [privacy.com](https://www.privacyguides.org/en/financial-services/#privacycom-us), and tap to pay within their mobile apps. A third-party alternative to Apple Pay and Google Wallet, and for the first time ever such a product could actually be viable: It's always been possible on Android, but just last month Apple announced the possibility for [iOS developers to use NFC](https://www.apple.com/newsroom/2024/08/developers-can-soon-offer-in-app-nfc-transactions-using-the-secure-element/) to facilitate payments outside of Apple Wallet. This presents a golden opportunity for Proton Wallet to be the first cross-platform digital wallet, if they can deliver.
+
+Alas, none of this is available in Proton Wallet today, and that's all that really counts.

blog/posts/relisting-startpage.md

@@ -9,6 +9,8 @@ links:
     - Search Engines: https://www.privacyguides.org/en/search-engines/
 tags:
     - Search Engines
+description: Startpage has been relisted in our search engine recommendations following their open communications with the Privacy Guides community.
+schema_type: NewsArticle
 ---
 # Relisting Startpage.com
 

blog/posts/restrict-act.md

@@ -12,6 +12,8 @@ tags:
 links:
     - posts/hide-nothing.md
 canonical: https://www.jonaharagon.com/posts/restrict-act/
+description: The RESTRICT Act would grant the government broad powers to restrict access to any site or service they claim could pose a threat to national security, akin to China's Great Firewall.
+schema_type: OpinionNewsArticle
 ---
 # Worried About TikTok? The RESTRICT Act Is Not the Answer Americans Are Looking For
 

blog/posts/secure-data-erasure.md

@@ -11,6 +11,8 @@ links:
 tags:
     - Linux
 license: BY-SA
+description: Erasing data from your computer may seem like a simple task, but if you want to make sure the data is truly unrecoverable, there are some things you should consider.
+schema_type: AnalysisNewsArticle
 ---
 # Erasing Data Securely From Your SSD or HDD
 

blog/posts/security-privacy-anonymity.md

@@ -11,6 +11,8 @@ links:
 tags:
     - Security
 license: BY
+description: Privacy, security, and anonymity often complement each other, but they are not always dependent on each other, and they are definitely not the same thing.
+schema_type: OpinionNewsArticle
 ---
 # Security, Privacy, and Anonymity
 

blog/posts/signal-configuration-and-hardening.md

@@ -1,7 +1,7 @@
 ---
 date:
     created: 2022-07-07
-    updated: 2023-05-06
+    updated: 2024-08-23
 authors:
     - contributors
     - matchboxbananasynergy
@@ -13,6 +13,8 @@ tags:
     - Molly
     - Instant Messengers
 license: BY-SA
+description: This guide details actions you can take to configure and harden Signal in accordance with your threat model.
+schema_type: AnalysisNewsArticle
 ---
 # Signal Configuration and Hardening Guide
 
@@ -199,46 +201,13 @@ If you use iCloud and you don’t want to share call history on Signal, confirm
 
 While it may be tempting to link your Signal account to your desktop device for convenience, keep in mind that this extends your trust to an additional and potentially less secure operating system.
 
-If your threat model calls for it, avoid linking your Signal account to a desktop device to reduce your attack surface.
-
-### Endpoint Security
-
-Signal takes security very seriously, however there is only so much an app can do to protect you.
-
-It is very important to take device security on both ends into account to ensure that your conversations are kept private.
-
-We recommend an up-to-date [GrapheneOS](https://www.privacyguides.org/en/android/distributions#grapheneos) or iOS device.
+Avoid linking your Signal account to a desktop device to reduce your attack surface, if your threat model calls for protecting against [:material-bug-outline: Passive Attacks](https://www.privacyguides.org/en/basics/common-threats/#security-and-privacy){ .pg-orange }.
 
 ### Molly (Android)
 
-On Android you can consider using **Molly**, a fork of the Signal mobile client which aims to provide extensive hardening and anti-forensic features.
+If you use [Molly](https://www.privacyguides.org/en/real-time-communication/#molly-android) on Android to access the Signal network, there are a number of privacy- and security-enhancing features that you may want to explore.
 
-!!! recommendation
-
-    ![Molly logo](../assets/images/signal-configuration/molly.svg){ align=right }
-
-    **Molly** is an independent Signal fork which offers additional security features, including locking the app at rest, securely shredding unused RAM data, routing via Tor, and more.
-
-    [:octicons-home-16: Homepage](https://molly.im/){ .md-button .md-button--primary }
-    [:octicons-eye-16:](https://signal.org/legal/#privacy-policy){ .card-link title="Privacy Policy" }
-    [:octicons-info-16:](https://github.com/mollyim/mollyim-android/wiki){ .card-link title=Documentation}
-    [:octicons-code-16:](https://github.com/mollyim/mollyim-android){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://opencollective.com/mollyim){ .card-link title=Contribute }
-
-    ??? downloads
-
-         - [:octicons-moon-16: Accrescent](https://accrescent.app/app/im.molly.app)
-         - [:simple-github: GitHub](https://github.com/mollyim/mollyim-android/releases)
-
-Molly offers two variants of the app: **Molly** and **Molly-FOSS**.
-
-The former is identical to Signal with the addition of Molly's improvements and security features. The latter, Molly-FOSS, removes Google's proprietary code, which is used for some key features (e.g., [FCM](https://en.wikipedia.org/wiki/Firebase_Cloud_Messaging) and Google Maps integration), in an effort to make it fully open-source.
-
-A comparison of the two versions is available in the [project's repository](https://github.com/mollyim/mollyim-android#readme).
-
-Both versions of Molly support [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds), meaning it's possible to confirm that the compiled APKs match the source code.
-
-#### Features
+#### Privacy and Security Features
 
 Molly has implemented database encryption at rest, which means that you can encrypt the app's database with a passphrase to ensure that none of its data is accessible without it.
 
@@ -251,7 +220,7 @@ Once enabled, a configurable lock timer can be set, after which point Molly will
 For the database encryption feature to be useful, two conditions must be met:
 
 1. Molly has to be locked at the time an attacker gains access to the device. This can include a physical attack in which the attacker seizes your device and manages to unlock the device itself, or a remote attack, in which the device is compromised and manages to elevate privileges to root.
-1. If you become aware that your device has been compromised, you should not unlock Molly's database.
+2. If you become aware that your device has been compromised, you should not unlock Molly's database.
 
 If both of the above conditions are met, the data within Molly is safe as long as the passphrase is not accessible to the attacker.
 
@@ -266,9 +235,3 @@ Signal adds everyone who you have communicated with to its database. Molly allow
 To supplement the feature above, as well as for additional security and to fight spam, Molly offers the ability to block unknown contacts that you've never been in contact with or those that are not in your contact list without you having to manually block them.
 
 You can find a full list of Molly's [features](https://github.com/mollyim/mollyim-android#features) on the project's repository.
-
-#### Caveats
-
-- Molly removes Signal's MobileCoin integration.
-- Molly is updated every two weeks to include the latest features and bug fixes from Signal. The exception is security issues, which are patched as soon as possible. That said, you should be aware that there might be a slight delay compared to upstream.
-- By using Molly, you are extending your trust to another party, as you now need to trust the Signal team, as well as the Molly team.

blog/posts/signal-number-registration-update.md

@@ -13,6 +13,8 @@ links:
     - posts/signal-configuration-and-hardening.md
     - Real-Time Communication: https://www.privacyguides.org/real-time-communication/
 license: BY-SA
+description: Signal has changed how it handles registration. This primarily affects people who are using a number for Signal that they don't have exclusive access to.
+schema_type: ReportageNewsArticle
 ---
 # Important Changes to Signal Registration and Registration Lock
 

blog/posts/staff-announcement.md

@@ -0,0 +1,37 @@
+---
+date:
+    created: 2024-08-20
+categories:
+    - Announcements
+authors:
+    - niek-de-wilde
+tags:
+    - Privacy Guides
+license: BY-SA
+description: Privacy Guides has reached a significant milestone with today's hire of our first employee, Project Director Jonah Aragon.
+schema_type: NewsArticle
+---
+
+# Jonah Aragon Hired as Project Director
+
+We are thrilled to announce a significant milestone for Privacy Guides: the addition of our first paid staff member, Jonah Aragon. This achievement is a testament to the unwavering support and generous donations from our incredible community. Another major donation came from [Power Up Privacy](https://powerupprivacy.com/){ rel=nofollow }, a privacy advocacy group that funds privacy-related research and development, which helped us achieve this goal earlier then expected!<!-- more -->
+
+Jonah Aragon is no stranger to Privacy Guides. As a founding member, Jonah has been instrumental in shaping our organization and its mission. With his extensive background in privacy and cybersecurity, Jonah brings a wealth of knowledge and experience to his new role.
+
+## A Community-Driven Success
+
+The journey of Privacy Guides has always been fueled by the passion and contributions of our community. From the very beginning, our mission has been to provide reliable, independent information on privacy and security. Thanks to your donations, we are now able to take a significant step forward by bringing Jonah on board as our Project Director.
+
+In this new position, Jonah will be working 20 hours a week to manage our day-to-day operations. His responsibilities will include overseeing various projects, ensuring smooth coordination among team members, and maintaining the high standards of our content and resources.
+
+One of Jonah’s focuses will be restarting *This Week in Privacy*, our weekly podcast providing updates on the latest developments in our community and the privacy world. After our initial trial run of this project, we heard your positive feedback, so we will be bringing it back!
+
+Another crucial aspect of Jonah’s role will be fundraising. Our goal is to make this position self-sustaining, ensuring that Privacy Guides can continue to grow and thrive. Jonah’s efforts in fundraising will help secure the necessary resources to support our ongoing projects and initiatives.
+
+## Thank You for Your Support
+
+This exciting development would not have been possible without the incredible support of our community. Your donations have made it possible for us to bring Jonah on board and continue our mission of promoting privacy and security. We are deeply grateful for your trust and generosity.
+
+As we embark on this new chapter, we look forward to the positive impact Jonah will have on Privacy Guides. Together, we will continue to advocate for privacy, educate the public, and provide valuable resources to help everyone protect their digital lives.
+
+Thank you for being a part of our journey. Stay tuned for more updates and exciting developments!

blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md

@@ -2,7 +2,7 @@
 date:
     created: 2019-11-20
 categories:
-    - Opinion
+    - News
 authors:
     - jonah
 links:
@@ -12,6 +12,8 @@ links:
 tags:
     - VPN
 license: BY-SA
+description: There’s a massive problem in the privacy world. Many shady companies are disguising advertisements as genuine reviews, to the detriment of real news sources like Privacy Guides and to potential buyers of these services.
+schema_type: AnalysisNewsArticle
 ---
 # The Trouble With VPN and Privacy Review Sites
 

blog/posts/threads-launch-twitter.md

@@ -4,7 +4,7 @@ date:
 categories:
     - Opinion
 authors:
-    - freddy-m
+    - freddy
 links:
     - posts/move-fast-and-break-things.md
     - posts/virtual-insanity.md
@@ -12,6 +12,8 @@ tags:
     - Twitter
     - Facebook
 license: BY-SA
+description: The man behind Facebook has somehow managed to make the Twitter experience worse.
+schema_type: OpinionNewsArticle
 ---
 # Threads Is the Perfect Twitter Alternative, Just Not for You
 

blog/posts/virtual-insanity.md

@@ -4,13 +4,15 @@ date:
 categories:
     - Opinion
 authors:
-    - freddy-m
+    - freddy
 links:
     - posts/move-fast-and-break-things.md
     - posts/why-i-run-a-tor-relay.md
 tags:
     - Facebook
 license: BY-SA
+description: On Mark Zuckerberg, Facebook, and the Metaverse.
+schema_type: OpinionNewsArticle
 ---
 # Virtual Insanity
 

blog/posts/warning-about-signal-proxies.md

@@ -13,6 +13,8 @@ links:
     - Signal Configuration Guide: https://www.privacyguides.org/real-time-communication/signal-configuration-hardening/
     - Real-Time Communication: https://www.privacyguides.org/real-time-communication/
 license: BY-SA
+description: You should be aware of a number of issues with Signal’s current proxy implementation.
+schema_type: NewsArticle
 ---
 # A Warning About Signal Proxies in Iran and Other Oppressive Countries
 

blog/posts/welcome-to-privacy-guides.md

@@ -6,13 +6,15 @@ categories:
 authors:
     - jonah
     - dngray
-    - freddy-m
+    - freddy
 links:
     - 'About Privacy Guides': "https://www.privacyguides.org/about/"
     - posts/weve-joined-the-open-collective-foundation.md
 tags:
     - Privacy Guides
 license: CC0
+description: Today, Privacy Guides has officially launched by our long-standing volunteer team to carry on the legacy of the now-defunct PrivacyTools project.
+schema_type: NewsArticle
 ---
 # Welcome to Privacy Guides
 

blog/posts/weve-joined-the-open-collective-foundation.md

@@ -10,6 +10,7 @@ links:
 tags:
     - Privacy Guides
 license: CC0
+schema_type: NewsArticle
 ---
 # We've Joined the Open Collective Foundation 501(c)(3)
 

blog/posts/why-i-run-a-tor-relay.md

@@ -11,6 +11,8 @@ tags:
     - Tor
     - Self-Hosting
 license: BY-SA
+description: Each Tor relay is the direct result of an individual deciding to sacrifice money, time and effort for the cause of fighting for a freer Internet.
+schema_type: OpinionNewsArticle
 ---
 # Why I Decided to Run a Tor Relay
 

docs/about.md

@@ -12,7 +12,6 @@ schema:
     - https://twitter.com/privacy_guides
     - https://github.com/privacyguides
     - https://www.wikidata.org/wiki/Q111710163
-    - https://opencollective.com/privacyguides
     - https://www.youtube.com/@privacyguides
     - https://mastodon.neat.computer/@privacyguides
 ---
@@ -24,27 +23,11 @@ schema:
 [:octicons-home-16:](https://www.privacyguides.org){ .card-link title=Homepage }
 [:octicons-code-16:](https://github.com/privacyguides/privacyguides.org){ .card-link title="Source Code" }
 
-## Staff
+Privacy Guides is built by volunteers and staff members around the world. All changes to our recommendations and resources are reviewed by at least two [trusted](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all) individuals, and we work diligently to ensure our content is updated as quickly as possible to adapt to the ever changing cybersecurity threat landscape.
 
-[**Jonah Aragon**](https://www.jonaharagon.com) is the Project Director and staff writer at *Privacy Guides*. His role includes researching and writing for this website, system administration, creating *Privacy Guides Online Learning* course content, reviewing the products recommended here, and most other day-to-day tasks.
+In addition to our core team, [many other people](about/contributors.md) have made contributions to the project. You can too! We're open source on GitHub, and accepting translation suggestions on [Crowdin](https://crowdin.com/project/privacyguides).
 
-<div class="grid" markdown>
-
-[:simple-discourse: Discourse (preferred): @jonah](https://discuss.privacyguides.net/u/jonah)
-
-[:material-email: Email: jonah@privacyguides.org](mailto:jonah@privacyguides.org)
-
-[:simple-mastodon: Mastodon: @jonah@neat.computer](https://mastodon.neat.computer/@jonah "@jonah@neat.computer"){rel=me}
-
-[:simple-signal: Signal: @jonah.01](https://signal.me/#eu/dDtlmTPv09utyEJPwCHq8UYs-AVOPlys8weinr7alfdylK5G-LNIX7GasDNJdV6y)
-
-</div>
-
-*The Project Director is a part-time position which reports directly to the executive committee.*
-
----
-
-[Open Positions :material-arrow-right-drop-circle:](about/jobs.md)
+[Job Openings :material-arrow-right-drop-circle:](about/jobs.md)
 
 ## Executive Committee
 <!-- markdownlint-disable MD030 -->
@@ -61,8 +44,8 @@ The project executive committee consists of five volunteers charged with managem
 
     [:material-account: Profile](https://discuss.privacyguides.net/u/dngray)
 
-    [:simple-github:](<https://github.com/dngray> "GitHub")
-    [:simple-mastodon:](https://mastodon.social/@dngray "@dngray@mastodon.social"){rel=me}
+    [:material-github:](<https://github.com/dngray> "GitHub")
+    [:material-mastodon:](https://mastodon.social/@dngray "@dngray@mastodon.social"){rel=me}
     [:material-email:](mailto:dngray@privacyguides.org "Email")
 
 -   :detective:{ .lg .middle } **Freddy**
@@ -73,8 +56,8 @@ The project executive committee consists of five volunteers charged with managem
 
     [:material-account: Profile](https://discuss.privacyguides.net/u/freddy)
 
-    [:simple-github:](https://github.com/freddy-m "GitHub")
-    [:simple-mastodon:](https://social.lol/@freddy "@freddy@social.lol"){rel=me}
+    [:material-github:](https://github.com/freddy-m "GitHub")
+    [:material-mastodon:](https://social.lol/@freddy "@freddy@social.lol"){rel=me}
     [:material-email:](mailto:freddy@privacyguides.org "Email")
 
 -   :robot:{ .lg .middle } **Jonah Aragon**
@@ -85,8 +68,9 @@ The project executive committee consists of five volunteers charged with managem
 
     [:material-account: Profile](https://discuss.privacyguides.net/u/jonah)
 
-    [:simple-github:](https://github.com/jonaharagon "GitHub")
-    [:simple-mastodon:](https://mastodon.neat.computer/@jonah "@jonah@neat.computer"){rel=me}
+    [:material-home:](https://www.jonaharagon.com "Homepage")
+    [:material-github:](https://github.com/jonaharagon "GitHub")
+    [:material-mastodon:](https://mastodon.neat.computer/@jonah "@jonah@neat.computer"){rel=me}
     [:material-email:](mailto:jonah@privacyguides.org "Email")
 
 -   :cactus:{ .lg .middle } **Niek de Wilde**
@@ -97,8 +81,8 @@ The project executive committee consists of five volunteers charged with managem
 
     [:material-account: Profile](https://discuss.privacyguides.net/u/Niek-de-Wilde)
 
-    [:simple-github:](https://github.com/blacklight447 "GitHub")
-    [:simple-mastodon:](https://mastodon.social/@blacklight447 "@blacklight447@mastodon.social"){rel=me}
+    [:material-github:](https://github.com/blacklight447 "GitHub")
+    [:material-mastodon:](https://mastodon.social/@blacklight447 "@blacklight447@mastodon.social"){rel=me}
     [:material-email:](mailto:niekdewilde@privacyguides.org "Email")
 
 -   :smirk_cat:{ .lg .middle } **Olivia**
@@ -109,29 +93,11 @@ The project executive committee consists of five volunteers charged with managem
 
     [:material-account: Profile](https://discuss.privacyguides.net/u/olivia)
 
-    [:simple-github:](https://github.com/hook9 "GitHub")
-    [:simple-mastodon:](https://mastodon.neat.computer/@oliviablob "@oliviablob@neat.computer"){rel=me}
+    [:material-github:](https://github.com/hook9 "GitHub")
+    [:material-mastodon:](https://mastodon.neat.computer/@oliviablob "@oliviablob@neat.computer"){rel=me}
 
 </div>
 
-## Volunteer Team
-
-A number of other contributors have volunteered their time to review and approve changes to this website, and keep the website up to date. Changes require 2+ approvals from team members before they can be merged. In addition to the executive committee members above, volunteers [trusted](https://github.com/orgs/privacyguides/people) to review pull requests include:
-
-<div class="grid cards" markdown>
-
-- [:simple-github: **kimg45**](https://github.com/kimg45)
-- [:simple-github: **ph00lt0**](https://github.com/ph00lt0)
-- [:simple-github: **redoomed1**](https://github.com/redoomed1)
-
-</div>
-
-We also especially thank our dedicated moderation team on Matrix and our forum: *Austin Huang*, *namazso*, *hik*, *riley*, and *Valynor*.
-
-Additionally, [many other people](about/contributors.md) have made contributions to the project. You can too! We're open source on GitHub, and accepting translation suggestions on [Crowdin](https://crowdin.com/project/privacyguides).
-
-Our team members review all changes made to the website and direct the course of the project as a whole. They do not personally profit from any contributions made to this site. Donations to Privacy Guides are generally tax-deductible in the United States.
-
 ## In The Media
 
 > To find [privacy-focused alternative] apps, check out sites like Good Reports and **Privacy Guides**, which list privacy-focused apps in a variety of categories, notably including email providers (usually on paid plans) that aren’t run by the big tech companies.
@@ -142,7 +108,7 @@ Our team members review all changes made to the website and direct the course of
 
 — [Tweakers.net](https://tweakers.net/reviews/10568/op-zoek-naar-privacyvriendelijke-tools-niek-de-wilde-van-privacy-guides.html) [Translated from Dutch]
 
-Also featured on: [Ars Technica](https://arstechnica.com/gadgets/2022/02/is-firefox-ok), [Wirecutter](https://nytimes.com/wirecutter/guides/practical-guide-to-securing-windows-pc) [[2](https://nytimes.com/wirecutter/guides/practical-guide-to-securing-your-mac)], [NPO Radio 1](https://nporadio1.nl/nieuws/binnenland/8eaff3a2-8b29-4f63-9b74-36d2b28b1fe1/ooit-online-eens-wat-doms-geplaatst-ga-jezelf-eens-googlen-en-kijk-dan-wat-je-tegenkomt), [Wired](https://wired.com/story/firefox-mozilla-2022) and [Fast Company](https://fastcompany.com/91167564/mozilla-wants-you-to-love-firefox-again).
+Also featured on: [Ars Technica](https://arstechnica.com/gadgets/2022/02/is-firefox-ok), [Wirecutter](https://nytimes.com/wirecutter/guides/practical-guide-to-securing-windows-pc) [[2](https://nytimes.com/wirecutter/guides/practical-guide-to-securing-your-mac)], [NPO Radio 1](https://nporadio1.nl/nieuws/binnenland/8eaff3a2-8b29-4f63-9b74-36d2b28b1fe1/ooit-online-eens-wat-doms-geplaatst-ga-jezelf-eens-googlen-en-kijk-dan-wat-je-tegenkomt), [Wired](https://wired.com/story/firefox-mozilla-2022), [Fast Company](https://fastcompany.com/91167564/mozilla-wants-you-to-love-firefox-again) and [404 Media](https://404media.co/privacy-service-optery-faces-backlash-after-plan-to-send-openai-user-data).
 
 ## History
 
@@ -152,7 +118,7 @@ In 2022, we completed the transition of our main website framework from Jekyll t
 
 We additionally launched our new discussion forum at [discuss.privacyguides.net](https://discuss.privacyguides.net) as a community platform to share ideas and ask questions about our mission. This augments our existing community on Matrix, and replaced our previous GitHub Discussions platform, decreasing our reliance on proprietary discussion platforms.
 
-In 2023, we launched international translations of our website in [French](https://www.privacyguides.org/fr/), [Hebrew](https://www.privacyguides.org/he/), [Dutch](https://www.privacyguides.org/nl/), and more languages, made possible by our excellent translation team on [Crowdin](https://crowdin.com/project/privacyguides). We plan to continue carrying forward our mission of outreach and education, and finding ways to more clearly highlight the dangers of a lack of privacy awareness in the modern digital age, and the prevalence and harms of security breaches across the technology industry.
+In 2023, we launched international translations of our website in [French](https://www.privacyguides.org/fr), [Hebrew](https://www.privacyguides.org/he), [Dutch](https://www.privacyguides.org/nl), and more languages, made possible by our excellent translation team on [Crowdin](https://crowdin.com/project/privacyguides). We plan to continue carrying forward our mission of outreach and education, and finding ways to more clearly highlight the dangers of a lack of privacy awareness in the modern digital age, and the prevalence and harms of security breaches across the technology industry.
 
 ## Site License
 

docs/about/contributors.md

@@ -2,6 +2,7 @@
 title: Contributors
 hide:
   - toc
+description: A complete list of contributors who have collectively made an enormous impact on the Privacy Guides project.
 ---
 <!-- Do NOT manually edit this file, please add yourself to the .all-contributorsrc file instead. See our GitHub Issues for more details -->
 
@@ -9,12 +10,12 @@ This project follows the [all-contributors](https://github.com/all-contributors/
 
 | Emoji | Type | Description
 | --- | --- | ---
-| 📖 | `doc` | A contributor to the content on [privacyguides.org](https://www.privacyguides.org/en/).
+| 📖 | `doc` | A contributor to the content on [privacyguides.org](https://www.privacyguides.org/en).
 | 👀 | `review` | Someone who has taken the time to review [pull requests](https://github.com/privacyguides/privacyguides.org/pulls) to the site.
 | 📝 | `blog` | Someone who has written a [blog](https://blog.privacyguides.org) post for us.
 | 💬 | `question` | Someone who has been helpful when answering questions on our [forum](https://discuss.privacyguides.net) or Matrix channels.
 | 🌍 | `translation` | Someone who has contributed on [Crowdin](https://crowdin.com/project/privacyguides).
 
-A huge thank you from Privacy Guides to these wonderful people ([full emoji key](https://allcontributors.org/docs/en/emoji-key)):
+A huge thank you from Privacy Guides to the following wonderful people ([full emoji key](https://allcontributors.org/docs/en/emoji-key)). We also especially thank our dedicated community moderation team on Matrix and our forum: *Austin Huang*, *namazso*, *hik*, *riley*, and *Valynor*.
 
 --8<-- "includes/contributors.md"

docs/about/criteria.md

@@ -1,14 +1,15 @@
 ---
 title: General Criteria
+description: A list of general priorities we consider for all submissions to Privacy Guides.
 ---
 
 Below are some general priorities we consider for all submissions to Privacy Guides. Each category will have additional requirements for inclusion.
 
-- **Security**: Tools should follow security best-practices wherever applicable.
+- **Security**: Tools should follow security best practices wherever applicable.
 - **Source Availability**: Open-source projects are generally preferred over equivalent proprietary alternatives.
-- **Cross-Platform Availability**: We typically prefer recommendations to be cross-platform, to avoid vendor lock-in.
-- **Active Development**: The tools that we recommend should be actively developed, unmaintained projects will be removed in most cases.
-- **Usability**: Tools should be accessible to most computer users, an overly technical background should not be required.
+- **Cross-Platform Availability**: We typically prefer recommendations to be cross-platform to avoid vendor lock-in.
+- **Active Development**: The tools that we recommend should be actively developed. Unmaintained projects will be removed in most cases.
+- **Usability**: Tools should be accessible to most computer users. An overly technical background should not be required.
 - **Documentation**: Tools should have clear and extensive documentation for use.
 
 ## Financial Disclosure
@@ -19,14 +20,16 @@ We do not make money from recommending certain products, we do not use affiliate
 
 We have these requirements in regard to developers which wish to submit their project or software for consideration.
 
+- Must undergo our [self-submission process](https://discuss.privacyguides.net/t/about-the-project-showcase-category/114) as a way to engage with our community, address any potential concerns, and elicit any feedback that can help improve your project.
+
 - Must disclose affiliation, i.e. your position within the project being submitted.
 
-- Must have a security whitepaper if it is a project that involves handling of sensitive information like a messenger, password manager, encrypted cloud storage, etc.
-    - Third party audit status. We want to know if you have one, or have one planned. If possible please mention who will be conducting the audit.
+- Must have a security whitepaper if it is a project that involves the handling of sensitive information like a messenger, password manager, encrypted cloud storage, etc.
+    - Regarding third party audit status, we want to know if you have undergone one, or have requested one. If possible please mention who will be conducting the audit.
 
 - Must explain what the project brings to the table in regard to privacy.
-    - Does it solve any new problem?
+    - What new problem(s), if any, does it solve?
     - Why should anyone use it over the alternatives?
 
 - Must state what the exact threat model is with their project.
-    - It should be clear to potential users what the project can provide, and what it cannot.
+    - It should be clear to potential users what the project can provide, and what it cannot. Ideally, a developer should be able to identify what [common threat(s)](../basics/common-threats.md) their project protects against.

docs/about/donate.md

@@ -1,5 +1,6 @@
 ---
 title: Donate
+description: The charitable mission of Privacy Guides relies on contributions from visitors like yourself. Anything you can do to support the project is hugely appreciated.
 ---
 <!-- markdownlint-disable MD036 -->
 Donate to Privacy Guides and support our mission to defend digital rights and spread the word about mass surveillance programs and other daily privacy invasions. You can help Privacy Guides researchers, activists, and maintainers create informative content, host private digital services, and protect privacy rights at a time when the world needs it most.

docs/about/executive-policy.md

@@ -0,0 +1,26 @@
+---
+title: Executive Policy
+description: These are policies formally adopted by our executive committee, and take precedence over all other statements expressed on this website.
+---
+
+These are policies formally adopted by Privacy Guides' executive committee, and take precedence over all other statements expressed on this website.
+
+The key words **must**, **must not**, **required**, **shall**, **shall not**, **should**, **should not**, **recommended**, **may**, and **optional** are to be interpreted as described in [RFC 2119](https://datatracker.ietf.org/doc/html/rfc2119).
+
+## EP1: Freely-Provided Product Samples
+
+*Our policy on accepting product samples for review was adopted September 7, 2024.*
+
+=== "Current Version (1)"
+
+    - Privacy Guides **shall not** proactively reach out to vendors asking for product samples or review accounts.
+    - Privacy Guides **shall not** accept test/review accounts for subscription cloud services.
+    - Privacy Guides **may** accept freely-provided product samples for one-time purchase software applications which run locally, given they don't require a subscription for continued operation.
+    - Privacy Guides **may** accept freely-provided samples of hardware products.
+        - Privacy Guides **may** accept a freely-provided subscription service associated with a hardware product, if such a subscription/license is necessary to use the product.
+    - Privacy Guides **must not** enter into an agreement pertaining to our editorial opinion with the vendor in order to receive a sample or publish a review. All freely-provided items must be strictly "no strings attached."
+        - We **may** agree to return the product to the vendor following the review if requested.
+        - We **may** agree to a reasonable NDA, provided it has a clear embargo date that is lifted no more than 6 months in the future where the NDA completely no longer applies.
+        - We **should not** enter into any other agreement with the vendor not described here. Potential agreements not described here **must** be approved by the executive committee beforehand.
+
+    In all cases, whether we paid for the product independently or received a free sample from a vendor, how we obtained the product **must** be clearly documented in the background section of every article associated with the product.

docs/about/jobs.md

@@ -1,11 +1,40 @@
 ---
 title: Job Openings
+description: Privacy Guides has a small, remote team of privacy researchers and advocates. Any open positions we may have in the future will be posted here.
 ---
 
-Privacy Guides has a small, remote team of privacy researchers and advocates working to further our mission of protecting free expression and promoting privacy-respecting technology. As a non-profit, we are expanding very slowly to ensure the project is sustainable in the long term. All of our staff members are listed [here](../about.md#staff). Please consider [donating](donate.md) to support our cause.
+Privacy Guides has a small, remote team of privacy researchers and advocates working to further our mission of protecting free expression and promoting privacy-respecting technology. As a non-profit, we are expanding very slowly to ensure the project is sustainable in the long term. All of our team members are listed [here](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all). Please consider [donating](donate.md) to support our cause.
 
 We are occasionally looking for strong journalistic writers, product reviewers, and privacy experts to help us out, and any open positions will be posted below.
 
 ---
 
-*We do not have any job openings at the moment.*
+## Open Positions
+
+<div class="grid cards" markdown>
+
+- :material-video-box:{ .lg .middle } **Content Creator**
+
+    ---
+
+    Full-Time | Remote | \$20-$25/hour
+
+    [View posting :material-arrow-right-drop-circle:](jobs/content-creator.md)
+
+- :material-file-document-edit:{ .lg .middle } **Journalist**
+
+    ---
+
+    Full-Time | Remote | \$20-$25/hour
+
+    [View posting :material-arrow-right-drop-circle:](jobs/journalist.md)
+
+- :material-comment-account-outline:{ .lg .middle } **Intern - Community/News**
+
+    ---
+
+    Internship | Remote | \$15/hour
+
+    [View posting :material-arrow-right-drop-circle:](jobs/intern-news.md)
+
+</div>

docs/about/jobs/content-creator.md

@@ -0,0 +1,60 @@
+---
+title: Content Creator
+description: Privacy Guides is looking for a video producer and host for informative privacy-related content on YouTube and other platforms.
+---
+
+[:material-arrow-left-drop-circle: Job Openings](../jobs.md)
+
+Are you passionate about privacy and cybersecurity?
+
+Privacy Guides is an international nonprofit dedicated to producing top-tier, unbiased educational content and journalism, and to fostering safe and informative online communities to discuss technical topics around improving personal privacy and cybersecurity.
+
+Privacy Guides is looking for a focused and motivated individual to be responsible for our social media presence from end to end, with a particular emphasis on video content. You must be comfortable being on camera to succeed in this role.
+
+This is a unique opportunity. Your primary goal will be to create and share privacy-based educational materials, without any motive to sell a product. If you truly value being able to create the best content that you can, and if you are passionate about privacy, then this position is for you!
+
+Your responsibilities will include, but aren’t limited to:
+
+- Scripting and hosting educational video content to be posted across various social media platforms.
+- Video editing, production, and other backend work required to make successful content.
+- Researching new topics to cover.
+- Regular, daily posting to text-based social media platforms like Mastodon.
+- Regular posting of highly educational video content to social media platforms.
+- Compiling news sources for and hosting a weekly news recap (livestreamed) podcast on our YouTube channel.
+- Regularly communicating with the Privacy Guides committee and other team members.
+
+This is a highly individualized role, and we are extremely interested in hearing your ideas on how you’ll find success and make this role your own. You will be responsible for handling virtually every aspect of this role without regular supervision, so being highly self-motivated is a must.
+
+As a guideline, we expect your video output to be roughly 1 video and 1 *This Week In Privacy* livestream per week, since we think most videos which meet our quality standards will be a multi-day process to research and script, in addition to a day for recording and editing. We realize some videos can be completed more quickly, while others may take multiple weeks or longer before publishing. You will be empowered to use your best judgement and prioritize your work accordingly.
+
+Job requirements:
+
+- Excellent organization and communication skills.
+- Flexibility to set and respond to varying priorities and deadlines.
+- Proactive, results-driven mindset with a strong sense of initiative.
+- Comfortable being on camera, and working with video production equipment.
+- Personal interest in consumer privacy, cybersecurity, and technology.
+- Skeptical nature and drive to investigate difficult, often niche, technologies. You will need to evaluate the truthfulness of claims.
+
+The following qualifications will be an asset to your application. However, we are looking for the best candidate (which isn’t always apparent on paper!), so please apply even if you don’t meet any/many of these qualifications.
+
+- Previous YouTube or other video creation experience.
+- Previous social media management experience.
+- Education in English, journalism, media production, or any other related fields.
+- Fluency in Spanish, French, Portuguese, or other languages.
+- Familiarity with Privacy Guides' communities, culture, and mission.
+- A solid understanding of the latest trends/culture on YouTube & TikTok.
+- Located between UTC-08:00 and UTC-04:00 time zones.
+- At least basic familiarity with GitHub, including pull requests, branches, reviews, and issues.
+
+The ideal candidate can commit to this role on a full-time basis (40 hours / week), but we are open to discussing a schedule you suggest.
+
+For this position, our hiring pay range falls between \$20-$25 / hour USD. The base pay may vary depending on job related qualifications such as knowledge, skills, and experience. Our compensation structure is rooted in a performance and merit based approach that acknowledges performance of both the individual and the project as a whole.
+
+---
+
+**To apply, please send a video cover letter (no more than 5 minutes) and resume to <jobs@privacyguides.org>, and include the name of this position in the subject line. Feel free to include any other information or examples of your work that you think we may find relevant if you'd like.**
+
+Privacy Guides is fiscally hosted by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity. MAGIC Grants is an equal opportunity employer. MAGIC Grants does not discriminate against any applicant or employee because of age, color, sex, disability, national origin, race, religion, sexual orientation, sexual identity, veteran status, or other protected characteristic.
+
+We respect your privacy. After this position is filled, your application will be deleted. Your application will not be shared with third parties.

docs/about/jobs/intern-news.md

@@ -0,0 +1,42 @@
+---
+title: Intern (Community & News)
+description: Privacy Guides is looking for an intern to discover and promote relevant news content on our platform, and to moderate and engage with our online communities.
+---
+
+[:material-arrow-left-drop-circle: Job Openings](../jobs.md)
+
+Are you passionate about privacy and cybersecurity?
+
+Privacy Guides is an international nonprofit dedicated to producing top-tier, unbiased educational content and journalism, and to fostering safe and informative online communities to discuss technical topics around improving personal privacy and cybersecurity.
+
+This role is focused on interacting with our community members and answering their questions, keeping our online communities safe and constructive, and sharing thoughtful and informative news stories from around the internet for community discussion.
+
+Responsibilities will include:
+
+- Regularly interacting with our forum and other communities.
+- Responding to moderation complaints/flags within our communities.
+- Reading news stories from a variety of publications and generally staying up to date with the latest news in the privacy and cybersecurity space.
+- Regularly posting interesting news stories and other topics you discover in our communities for discussion.
+- Assisting our other staff and volunteers with research, writing, video production, and editing.
+- Assisting with Privacy Guides' advocacy efforts.
+- Remaining polite and fact-focused.
+
+No prior experience is necessary. We are looking for people passionate about privacy, cybersecurity, journalism, and community management regardless of your GPA or background.
+
+The following will be assets to your application, but please submit an application even if they don't apply to you:
+
+- Familiarity with Privacy Guides' communities, culture, and mission.
+- Previous experience with social media management and/or journalism.
+- Located between UTC-08:00 and UTC-04:00 time zones.
+
+This is a part-time, 10-20 hour per week role depending on your availability. We can work around your schedule and other obligations.
+
+This is a 6-month contract paying $15 / hour USD, with the optional opportunity for renewal or a longer-term role depending on your personal goals and the project's outcome. The specific starting and ending dates are flexible.
+
+---
+
+**To apply, please send a cover letter and resume to <jobs@privacyguides.org>, and include the name of this position in the subject line. Feel free to include any other information or examples of your work that you think we may find relevant if you'd like.**
+
+Privacy Guides is fiscally hosted by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity. MAGIC Grants is an equal opportunity employer. MAGIC Grants does not discriminate against any applicant or employee because of age, color, sex, disability, national origin, race, religion, sexual orientation, sexual identity, veteran status, or other protected characteristic.
+
+We respect your privacy. After this position is filled, your application will be deleted. Your application will not be shared with third parties.

docs/about/jobs/journalist.md

@@ -0,0 +1,61 @@
+---
+title: Journalist
+description: Privacy Guides is looking for a determined and focused journalist to research and write stories from the privacy and cybersecurity space on a regular basis.
+---
+
+[:material-arrow-left-drop-circle: Job Openings](../jobs.md)
+
+Are you passionate about privacy and cybersecurity?
+
+Privacy Guides is an international nonprofit dedicated to producing top-tier, unbiased educational content and journalism, and to fostering safe and informative online communities to discuss technical topics around improving personal privacy and cybersecurity.
+
+We are looking for a determined and focused journalist to join our team. As a reporter for our organization, you will conduct research, interview sources, and write engaging stories in the field of consumer privacy and cybersecurity.
+
+Our ideal candidate is committed to combating misinformation and clearly communicating stories on a timely basis, and dedicated to producing top-tier, unbiased journalism.
+
+Privacy Guides is a small, largely volunteer-driven nonprofit media organization, and we do not currently have a dedicated writing and editing team. As such, you will be expected to take charge of the entire writing process from beginning to publication. You will have the freedom to choose which topics to cover and set a schedule to release articles on our main website.
+
+==Our primary mission is to publish the highest quality content surrounding consumer privacy and cybersecurity on the internet==, not the highest quantity of stories. You will be empowered to dive deep into the topics you are writing about, and expected to meet our high quality and editorial standards.
+
+Your responsibilities will include, but aren’t limited to:
+
+- Creating high-quality articles for our [knowledge base](../../basics/why-privacy-matters.md).
+- Performing product reviews for our [reviews](https://www.privacyguides.org/articles/category/reviews) section and [tool recommendations](../../tools.md).
+- Researching new topics to cover.
+- Interviewing and fact-checking all relevant sources.
+- Regular posting of high-quality, unbiased journalistic content across our platforms.
+
+As a guideline, we expect roughly 3-5 articles a week that meet our quality standards, since we believe a well-researched article will take at least 8 hours to research and write on average. We realize some articles can be completed quickly, while others may take weeks or longer before publishing. You will be empowered to use your best judgement and prioritize your work accordingly.
+
+We are much more interested in articles that deeply cover a subject area than articles that cover the news of the day.
+
+Job requirements:
+
+- Excellent organization and communication skills.
+- Expertise in English and writing.
+- Flexibility to set and respond to varying priorities and deadlines.
+- Proactive, results-driven mindset with a strong sense of initiative.
+- Personal interest in consumer privacy, cybersecurity, and technology.
+- Regular communication with the Privacy Guides committee and other team members.
+- Skeptical nature and drive to investigate difficult, often niche, technologies. You will need to evaluate the truthfulness of claims.
+
+The following qualifications will be an asset to your application. However, we are looking for the best candidate (which isn’t always apparent on paper!), so please apply even if you don’t meet any/many of these qualifications.
+
+- Previous writing or journalism experience.
+- Previous product review experience.
+- Education in English, journalism, media production, or any other related fields.
+- Familiarity with Privacy Guides' communities, culture, and mission.
+- Located between UTC-08:00 and UTC-04:00 time zones.
+- At least basic familiarity with GitHub, including pull requests, branches, reviews, and issues.
+
+The ideal candidate can commit to this role on a full-time basis (40 hours / week), but we are open to discussing a schedule you suggest.
+
+For this position, our hiring pay range falls between \$20-$25 / hour USD. The base pay may vary depending on job related qualifications such as knowledge, skills, and experience. Our compensation structure is rooted in a performance and merit based approach that acknowledges performance of both the individual and the project as a whole.
+
+---
+
+**To apply, please send a cover letter and resume to <jobs@privacyguides.org>, and include the name of this position in the subject line. Feel free to include any other information or examples of your work that you think we may find relevant if you'd like.**
+
+Privacy Guides is fiscally hosted by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity. MAGIC Grants is an equal opportunity employer. MAGIC Grants does not discriminate against any applicant or employee because of age, color, sex, disability, national origin, race, religion, sexual orientation, sexual identity, veteran status, or other protected characteristic.
+
+We respect your privacy. After this position is filled, your application will be deleted. Your application will not be shared with third parties.

docs/about/notices.md

@@ -1,5 +1,6 @@
 ---
 title: "Notices and Disclaimers"
+description: Information about our website license, acceptable use policy, and other important details.
 ---
 
 ## Legal Disclaimer

docs/about/privacy-policy.md

@@ -1,7 +1,8 @@
 ---
 title: "Privacy Policy"
+description: We do not sell or share your data with any third-parties.
 ---
-Privacy Guides is a community project operated by a number of active volunteer contributors. The public list of team members [can be found on GitHub](https://github.com/orgs/privacyguides/people).
+Privacy Guides is a community project operated by a number of active contributors. The public list of team members [can be found on our forum](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all).
 
 ## Data We Collect From Visitors
 

docs/about/privacytools.md

@@ -1,5 +1,6 @@
 ---
 title: "PrivacyTools FAQ"
+description: The real story behind the team transition from privacytools.io to privacyguides.org
 ---
 In September 2021, every active contributor unanimously agreed to move from PrivacyTools to work on this site: Privacy Guides. This decision was made because PrivacyTools’ founder and controller of the domain name had disappeared for an extended period of time and could not be contacted.
 

docs/about/services.md

@@ -1,3 +1,7 @@
+---
+description: We run a number of web services to test out features and promote cool decentralized, federated, and/or open-source projects.
+---
+
 # Privacy Guides Services
 
 We run a number of web services to test out features and promote cool decentralized, federated, and/or open-source projects. Many of these services are available to the public and are detailed below.

docs/about/statistics.md

@@ -1,5 +1,6 @@
 ---
 title: Traffic Statistics
+description: We self-host Umami to create a nice visualization of our traffic statistics, which are made public here.
 ---
 <!-- markdownlint-disable MD051 -->
 We self-host [Umami](https://umami.is) to create a nice visualization of our traffic statistics, which are public at the link below.

docs/advanced/dns-overview.md

@@ -12,7 +12,7 @@ When you visit a website, a numerical address is returned. For example, when you
 
 DNS has existed since the [early days](https://en.wikipedia.org/wiki/Domain_Name_System#History) of the Internet. DNS requests made to and from DNS servers are **not** generally encrypted. In a residential setting, a customer is given servers by the ISP via [DHCP](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol).
 
-Unencrypted DNS requests are able to be easily **surveilled** and **modified** in transit. In some parts of the world, ISPs are ordered to do primitive [DNS filtering](https://en.wikipedia.org/wiki/DNS_blocking). When you request the IP address of a domain that is blocked, the server may not respond or may respond with a different IP address. As the DNS protocol is not encrypted, the ISP (or any network operator) can use [DPI](https://en.wikipedia.org/wiki/Deep_packet_inspection) to monitor requests. ISPs can also block requests based on common characteristics, regardless of which DNS server is used. Unencrypted DNS always uses [port](https://en.wikipedia.org/wiki/Port_(computer_networking)) 53 and always uses UDP.
+Unencrypted DNS requests are able to be easily **surveilled** and **modified** in transit. In some parts of the world, ISPs are ordered to do primitive [DNS filtering](https://en.wikipedia.org/wiki/DNS_blocking). When you request the IP address of a domain that is blocked, the server may not respond or may respond with a different IP address. As the DNS protocol is not encrypted, the ISP (or any network operator) can use [DPI](https://en.wikipedia.org/wiki/Deep_packet_inspection) to monitor requests. ISPs can also block requests based on common characteristics, regardless of which DNS server is used.
 
 Below, we discuss and provide a tutorial to prove what an outside observer may see using regular unencrypted DNS and [encrypted DNS](#what-is-encrypted-dns).
 

docs/advanced/payments.md

@@ -1,6 +1,7 @@
 ---
 title: Private Payments
 icon: material/hand-coin
+description: Your buying habits are the holy grail of ad targeting, but you still have plenty of options when it comes to making payments privately.
 ---
 There's a reason data about your buying habits is considered the holy grail of ad targeting: your purchases can leak a veritable treasure trove of data about you. Unfortunately, the current financial system is anti-privacy by design, enabling banks, other companies, and governments to easily trace transactions. Nevertheless, you have plenty of options when it comes to making payments privately.
 

docs/advanced/tor-overview.md

@@ -204,5 +204,5 @@ It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-wit
 ## Additional Resources
 
 - [Tor Browser User Manual](https://tb-manual.torproject.org)
-- [How Tor Works - Computerphile](https://invidious.privacyguides.net/embed/QRYzre4bf7I?local=true) <small>(YouTube)</small>
-- [Tor Onion Services - Computerphile](https://invidious.privacyguides.net/embed/lVcbq_a5N9I?local=true) <small>(YouTube)</small>
+- [How Tor Works - Computerphile](https://youtube.com/watch?v=QRYzre4bf7I) <small>(YouTube)</small>
+- [Tor Onion Services - Computerphile](https://youtube.com/watch?v=lVcbq_a5N9I) <small>(YouTube)</small>

docs/android/distributions.md

@@ -30,6 +30,7 @@ schema:
       "@context": http://schema.org
       "@type": WebPage
       url: "./"
+robots: nofollow, max-snippet:-1, max-image-preview:large
 ---
 <small>Protects against the following threat(s):</small>
 
@@ -61,43 +62,45 @@ GrapheneOS provides additional [security hardening](https://en.wikipedia.org/wik
 
 </div>
 
-GrapheneOS supports [sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as [push notifications](https://firebase.google.com/docs/cloud-messaging), while giving you full control over their permissions and access, and while containing them to a specific [work profile](../os/android-overview.md#work-profile) or [user profile](../os/android-overview.md#user-profiles) of your choice.
+GrapheneOS supports [sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs Google Play Services fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as push notifications, while giving you full control over their permissions and access, and while containing them to a specific [work profile](../os/android-overview.md#work-profile) or [user profile](../os/android-overview.md#user-profiles) of your choice.
 
 [Google Pixel phones](../mobile-phones.md#google-pixel) are the only devices that currently meet GrapheneOS's [hardware security requirements](https://grapheneos.org/faq#future-devices).
 
+By default, Android makes many network connections to Google to perform DNS connectivity checks, to sync with current network time, to check your network connectivity, and for many other background tasks. GrapheneOS replaces these with connections to servers operated by GrapheneOS and subject to their privacy policy. This hides information like your IP address [from Google](../basics/common-threats.md#privacy-from-service-providers), but means it is trivial for an admin on your network or ISP to see you are making connections to `grapheneos.network`, `grapheneos.org`, etc. and deduce what operating system you are using.
+
+If you want to hide information like this from an adversary on your network or ISP, you **must** use a [trusted VPN](../vpn.md) in addition to changing the connectivity check setting to **Standard (Google)**. It can be found in :gear: **Settings** → **Network & internet** → **Internet connectivity checks**. This option allows you to connect to Google's servers for connectivity checks, which, alongside the usage of a VPN, helps you blend in with a larger pool of Android devices.
+
 ### DivestOS
 
+If GrapheneOS isn't compatible with your phone, DivestOS is a good alternative. It supports a wide variety of phones with *varying* levels of security protections and quality control.
+
 <div class="admonition recommendation" markdown>
 
 ![DivestOS logo](../assets/img/android/divestos.svg){ align=right }
 
 **DivestOS** is a soft-fork of [LineageOS](https://lineageos.org).
-DivestOS inherits many [supported devices](https://divestos.org/index.php?page=devices&base=LineageOS) from LineageOS. It has signed builds, making it possible to have [verified boot](https://source.android.com/security/verifiedboot) on some non-Pixel devices.
+DivestOS inherits many [supported devices](https://divestos.org/index.php?page=devices&base=LineageOS) from LineageOS. It has signed builds, making it possible to have [verified boot](../os/android-overview.md#verified-boot) on some non-Pixel devices. Not all supported devices support verified boot or other security features.
 
 [:octicons-home-16: Homepage](https://divestos.org){ .md-button .md-button--primary }
 [:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Onion Service" }
 [:octicons-eye-16:](https://divestos.org/index.php?page=privacy_policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://divestos.org/index.php?page=faq){ .card-link title=Documentation}
+[:octicons-info-16:](https://divestos.org/index.php?page=faq){ .card-link title="Documentation" }
 [:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title="Contribute" }
 
 </div>
 
-DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, and a custom [hosts](https://divested.dev/index.php?page=dnsbl) file. Its hardened WebView, [Mulch](https://gitlab.com/divested-mobile/mulch), enables [CFI](https://en.wikipedia.org/wiki/Control-flow_integrity) for all architectures and [network state partitioning](https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning), and receives out-of-band updates.
+The [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) of firmware updates in particular will vary significantly depending on your phone model. While standard AOSP bugs and vulnerabilities can be fixed with standard software updates like those provided by DivestOS, some vulnerabilities cannot be patched without support from the device manufacturer, making end-of-life devices less safe even with an up-to-date alternative ROM like DivestOS.
+
+DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, and a custom [hosts](https://divested.dev/index.php?page=dnsbl) file. Its hardened WebView, [Mulch](https://gitlab.com/divested-mobile/mulch), enables [control-flow integrity](https://en.wikipedia.org/wiki/Control-flow_integrity) for all architectures and [network state partitioning](https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning), and receives out-of-band updates.
+
 DivestOS also includes kernel patches from GrapheneOS and enables all available kernel security features via [defconfig hardening](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). All kernels newer than version 3.4 include full page [sanitization](https://lwn.net/Articles/334747) and all ~22 Clang-compiled kernels have [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) enabled.
 
-DivestOS implements some system hardening patches originally developed for GrapheneOS. DivestOS 16.0 and higher implements GrapheneOS's [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) and SENSORS permission toggle, [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), [exec-spawning](https://grapheneos.org/usage#exec-spawning), [JNI](https://en.wikipedia.org/wiki/Java_Native_Interface) [constification](https://en.wikipedia.org/wiki/Const_(computer_programming)), and partial [bionic](https://en.wikipedia.org/wiki/Bionic_(software)) hardening patchsets. 17.1 and higher features GrapheneOS's per-network full [MAC randomization](https://en.wikipedia.org/wiki/MAC_address#Randomization) option, [`ptrace_scope`](https://kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) control, [automatic reboot](https://grapheneos.org/features#auto-reboot), and Wi-Fi/Bluetooth [timeout options](https://grapheneos.org/features#attack-surface-reduction).
+DivestOS implements some system hardening patches originally developed for GrapheneOS. DivestOS 16.0 and higher implements GrapheneOS's `INTERNET` and `SENSORS` permission toggle, [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), [exec-spawning](https://grapheneos.org/usage#exec-spawning), Java Native Interface [constification](https://en.wikipedia.org/wiki/Const_(computer_programming)), and partial [bionic](https://en.wikipedia.org/wiki/Bionic_(software)) hardening patchsets. 17.1 and higher features per-network full MAC address randomization, [`ptrace_scope`](https://kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) control, automatic reboot, and Wi-Fi/Bluetooth [timeout options](https://grapheneos.org/features#attack-surface-reduction).
 
-DivestOS uses F-Droid as its default app store. We normally [recommend avoiding F-Droid](obtaining-apps.md#f-droid), but doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repository, [DivestOS Official](https://divestos.org/fdroid/official). We recommend disabling the official F-Droid app and using [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic) **with the DivestOS repository enabled** to keep those components up to date. For other apps, our recommended [methods of obtaining them](obtaining-apps.md) still apply.
+DivestOS uses F-Droid as its default app store. We normally [recommend avoiding F-Droid](obtaining-apps.md#f-droid), but doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repository, [DivestOS Official](https://divestos.org/fdroid/official). For these apps you should continue to use F-Droid **with the DivestOS repository enabled** to keep those components up to date. For other apps, our recommended [methods of obtaining them](obtaining-apps.md) still apply.
 
-<div class="admonition warning" markdown>
-<p class="admonition-title">Warning</p>
-
-DivestOS firmware update [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) and quality control varies across the devices it supports. We still recommend GrapheneOS depending on your device's compatibility. For other devices, DivestOS is a good alternative.
-
-Not all of the supported devices have verified boot, and some perform it better than others.
-
-</div>
+DivestOS replaces many of Android's background network connections to Google services with alternative services, such as using OpenEUICC for eSIM activation, NTP.org for network time, and Quad9 for DNS. These connections can be modified, but their deviation from a standard Android phone's network connections could mean it is easier for an adversary on your network to deduce what operating system you have installed on your phone. If this is a concern to you, consider using a [trusted VPN](../vpn.md) and enabling the native VPN [kill switch](../os/android-overview.md#vpn-killswitch) to hide this network traffic from your local network and ISP.
 
 ## Criteria
 

docs/android/general-apps.md

@@ -1,5 +1,6 @@
 ---
 title: "General Apps"
+description: The apps listed here are Android-exclusive and specifically enhance or replace key system functionality.
 schema:
   -
     "@context": http://schema.org
@@ -24,11 +25,18 @@ schema:
     name: Secure PDF Viewer
     applicationCategory: Utilities
     operatingSystem: Android
+robots: nofollow, max-snippet:-1, max-image-preview:large
 ---
+<small>Protects against the following threat(s):</small>
+
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
 We recommend a wide variety of Android apps throughout this site. The apps listed here are Android-exclusive and specifically enhance or replace key system functionality.
 
 ### Shelter
 
+If your device is on Android 15 or greater, we recommend using the native [Private Space](../os/android-overview.md#private-space) feature instead, which provides nearly the same functionality without needing to place trust in and grant powerful permissions to a third-party app.
+
 <div class="admonition recommendation" markdown>
 
 ![Shelter logo](../assets/img/android/shelter.svg){ align=right }
@@ -46,14 +54,18 @@ Shelter supports blocking contact search cross profiles and sharing files across
 <div class="admonition warning" markdown>
 <p class="admonition-title">Warning</p>
 
-Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular) and [Island](https://github.com/oasisfeng/island) as it supports [contact search blocking](https://secure-system.gitlab.io/Insular/faq.html).
-
 When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
 
 </div>
 
+Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular) and [Island](https://github.com/oasisfeng/island) as it supports [contact search blocking](https://secure-system.gitlab.io/Insular/faq.html).
+
 ### Secure Camera
 
+<small>Protects against the following threat(s):</small>
+
+- [:material-account-search: Public Exposure](../basics/common-threats.md#limiting-public-information){ .pg-green }
+
 <div class="admonition recommendation" markdown>
 
 ![Secure camera logo](../assets/img/android/secure_camera.svg#only-light){ align=right }
@@ -97,7 +109,6 @@ The image orientation metadata is not deleted. If you enable location (in Secure
 <small>Protects against the following threat(s):</small>
 
 - [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
-- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
 
 <div class="admonition recommendation" markdown>
 

docs/android/index.md

@@ -1,5 +1,6 @@
 ---
 title: "Android"
+description: Our advice for replacing privacy-invasive default Android features with private and secure alternatives.
 icon: 'simple/android'
 cover: android.webp
 schema:
@@ -21,16 +22,48 @@ schema:
 
 The **Android Open Source Project** (AOSP) is an open-source mobile operating system led by Google which powers the majority of the world's mobile devices. Most phones sold with Android are modified to include invasive integrations and apps such as Google Play Services, so you can significantly improve your privacy on your mobile device by replacing your phone's default installation with a version of Android without these invasive features.
 
-[:octicons-home-16:](https://source.android.com){ .card-link title=Homepage }
-[:octicons-info-16:](https://source.android.com/docs){ .card-link title=Documentation}
-[:octicons-code-16:](https://cs.android.com/android/platform/superproject/main){ .card-link title="Source Code" }
+[General Android Overview :material-arrow-right-drop-circle:](../os/android-overview.md){ .md-button .md-button--primary }
 
-We recommend the following Android-specific tools to maximize your mobile device's security and privacy.
+## Our Advice
 
-- [Alternative Distributions](distributions.md)
-- [General Apps](general-apps.md)
-- [Obtaining Applications](obtaining-apps.md)
+### Replace Google Services
 
-To learn more about Android:
+There are many methods of obtaining apps on Android while avoiding Google Play. Whenever possible, try using one of these methods before getting your apps from non-private sources:
 
-[General Android Overview :material-arrow-right-drop-circle:](../os/android-overview.md){ .md-button }
+[Obtaining Applications :material-arrow-right-drop-circle:](obtaining-apps.md){ .md-button }
+
+There are also many private alternatives to the apps that come pre-installed on your phone, such as the camera app. Besides the Android apps we recommend throughout this site in general, we've created a list of system utilities specific to Android which you might find useful.
+
+[General App Recommendations :material-arrow-right-drop-circle:](general-apps.md){ .md-button }
+
+### Install a Custom Distribution
+
+When you buy an Android phone, the default operating system comes bundled with apps and functionality that are not part of the Android Open Source Project. Many of these apps—even apps like the dialer which provide basic system functionality—require invasive integrations with Google Play Services, which in turn asks for privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, and numerous other things on your device in order for those basic system apps and many other apps to function in the first place. Frameworks like Google Play Services increase the attack surface of your device and are the source of various privacy concerns with Android.
+
+This problem could be solved by using an alternative Android distribution, commonly known as a *custom ROM*, that does not come with such invasive integration. Unfortunately, many custom Android distributions often violate the Android security model by not supporting critical security features such as AVB, rollback protection, firmware updates, and so on. Some distributions also ship [`userdebug`](https://source.android.com/setup/build/building#choose-a-target) builds which expose root via [ADB](https://developer.android.com/studio/command-line/adb) and require [more permissive](https://github.com/LineageOS/android_system_sepolicy/search?q=userdebug&type=code) SELinux policies to accommodate debugging features, resulting in a further increased attack surface and weakened security model.
+
+Ideally, when choosing a custom Android distribution, you should make sure that it upholds the Android security model. At the very least, the distribution should have production builds, support for AVB, rollback protection, timely firmware and operating system updates, and SELinux in [enforcing mode](https://source.android.com/security/selinux/concepts#enforcement_levels). All of our recommended Android distributions satisfy these criteria:
+
+[Recommended Distributions :material-arrow-right-drop-circle:](distributions.md){ .md-button }
+
+### Avoid Root
+
+[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful Verified Boot. Apps that require root will also modify the system partition, meaning that Verified Boot would have to remain disabled. Having root exposed directly in the user interface also increases the attack surface of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and SELinux policy bypasses.
+
+Content blockers which modify the [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) (AdAway) and firewalls (AFWall+) which require root access persistently are dangerous and should not be used. They are also not the correct way to solve their intended purposes. For content blocking, we suggest encrypted [DNS](../dns.md) or content blocking functionality provided by a VPN instead. TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN), preventing you from using privacy enhancing services such as [Orbot](../tor.md#orbot) or a [real VPN provider](../vpn.md).
+
+AFWall+ works based on the [packet filtering](https://en.wikipedia.org/wiki/Firewall_(computing)#Packet_filter) approach and may be bypassable in some situations.
+
+We do not believe that the security sacrifices made by rooting a phone are worth the questionable privacy benefits of those apps.
+
+### Install Updates Regularly
+
+It's important to not use an [end-of-life](https://endoflife.date/android) version of Android. Newer versions of Android receive not only security updates for the operating system but also important privacy enhancing updates too.
+
+For example, [prior to Android 10](https://developer.android.com/about/versions/10/privacy/changes) any apps with the [`READ_PHONE_STATE`](https://developer.android.com/reference/android/Manifest.permission#READ_PHONE_STATE) permission could access sensitive and unique serial numbers of your phone such as [IMEI](https://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity), [MEID](https://en.wikipedia.org/wiki/Mobile_equipment_identifier), or your SIM card's [IMSI](https://en.wikipedia.org/wiki/International_mobile_subscriber_identity); whereas now they must be system apps to do so. System apps are only provided by the OEM or Android distribution.
+
+### Use Built-in Sharing Features
+
+You can avoid giving many apps permission to access your media with Android's built-in sharing features. Many applications allow you to "share" a file with them for media upload.
+
+For example, if you want to post a picture to Discord you can open your file manager or gallery and share that picture with the Discord app, instead of granting Discord full access to your media and photos.

docs/android/obtaining-apps.md

@@ -1,5 +1,6 @@
 ---
 title: "Obtaining Applications"
+description: We recommend these methods for obtaining applications on Android without interacting with Google Play Services.
 ---
 There are many ways to obtain Android apps privately, even from the Play Store, without interacting with Google Play Services. We recommend the following methods of obtaining applications on Android, listed in order of preference.
 

docs/artificial-intelligence.md

@@ -0,0 +1,133 @@
+---
+meta_title: "Recommended AI Chat: Private ChatGPT Alternatives - Privacy Guides"
+title: "AI Services"
+icon: material/robot-confused-outline
+description: Unlike OpenAI's ChatGPT and its Big Tech competitors, these AI tools do not train their models using your conversations.
+cover: ai-chatbots.webp
+---
+<small>Protects against the following threat(s):</small>
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
+Since the release of ChatGPT in 2022, interactions with Large Language Models (LLMs) have become increasingly common. LLMs can help us write better, understand unfamiliar subjects, or answer a wide range of questions. Based on a vast amount of data scraped from the web, they can statistically predict the next word.
+
+However, to improve the quality of LLMs, developers of AI software often use [Reinforcement Learning from Human Feedback](https://en.wikipedia.org/wiki/Reinforcement_learning_from_human_feedback) (RLHF). This entails the possibility of AI companies reading your private AI chats as well as storing them, which introduces a risk of data breaches. Furthermore, there is a real possibility that an LLM will leak your private chat information in future conversations with other users. To solve these problems, you can use trusted and privacy-focused providers or run AI models locally so your data never leaves your device.
+
+<details class="admonition info" markdown>
+<summary>Ethical and Privacy Concerns about LLMs</summary>
+
+AI models have been trained on massive amounts of public *and* private data. If you are concerned about these practices, you can either refuse to use AI or use [truly open-source models](https://proton.me/blog/how-to-build-privacy-first-ai), which publicly release their training datasets and therefore weren't trained on private data. One such model is [Olmoe](https://allenai.org/blog/olmoe) made by [Allenai](https://allenai.org/open-data).
+
+[Ethical concerns](https://www.thelancet.com/journals/landig/article/PIIS2588-7500(24)00061-X/fulltext) about AI range from their impact on climate to their potential for discrimination.
+
+</details>
+
+The AI chat cloud providers listed here do not train their models using your chats and do not retain your chats for more than a month, based on each service's privacy policy. However, there is **no guarantee** that these privacy policies are honored. Read our [full list of criteria](#criteria) for more information.
+
+When using cloud-based AI chat tools, be mindful of the personal information you share. Even if a service doesn't store your conversations, there's still a risk of sensitive data being exposed or misused. To protect your privacy and security, **do not share sensitive information** related to health, finance, or other highly personal matters.
+
+A quick **overview** of the two providers we recommend:
+
+| Feature | DuckDuckGo AI | Brave Leo |
+|---------|---------------|-----------|
+| Tor Access | :material-check:{ .pg-green } Official onion service | :material-alert-outline:{ .pg-orange } Android-only (Orbot) |
+| Rate Limits | :material-check:{ .pg-green } High | :material-alert-outline:{ .pg-orange } Low-Medium[^1] |
+| Self-hosted Models | :material-close:{ .pg-red } | :material-check:{ .pg-green } |
+| Web Search Integration | :material-close:{ .pg-red } | :material-check:{ .pg-green } |
+| Multi-language Support | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } Limited |
+| Account Required | :material-close:{ .pg-red } | :material-close:{ .pg-red } |
+| Mobile Support | :material-check:{ .pg-green } | :material-check:{ .pg-green } only on Brave |
+
+[^1]: Rate limits vary by model, with Llama having the lowest restrictions
+
+### DuckDuckGo AI Chat
+
+<div class="admonition recommendation" markdown>
+
+![DuckDuckGo logo](assets/img/artificial-intelligence/duckai.svg){align=right}
+
+**DuckDuckGo AI Chat** is a web frontend for AI models. It is made by the popular [search engine provider](search-engines.md) of the same name.
+It is available directly on [DuckDuckGo](https://duckduckgo.com), [duck.ai](https://duck.ai), or [DuckDuckGo onion site](https://duckduckgogg41xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/chat).
+
+DuckDuckGo give you access to open-weights models from Meta and Mistral, as well as proprietary models from Anthropic and OpenAI. We strongly recommend you use open-weights models, because for those, no chat history is stored by Together.ai, the AI cloud platform DuckDuckGo uses to provide those models.
+Furthermore, to protect your IP adress and prevent fingerprinting, DuckDuckGo proxies your chats through their servers.
+
+[:octicons-home-16: Homepage](https://duck.ai){ .md-button .md-button--primary }
+[:simple-torbrowser:](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/chat){ .card-link title="Onion Service" }
+[:octicons-eye-16:](https://duckduckgo.com/aichat/privacy-terms){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://help.duckduckgo.com){ .card-link title="Documentation" }
+
+</div>
+
+DuckDuckGo has agreements with their third-party providers that guarantee that they will not use your data for training their AI models. Proprietary model providers can keep a chat history for up to 30 days. For open-weights model, Duck uses the [together.ai](https://together.ai) AI cloud platform, and has disabled history for those chats.
+
+<div class="admonition danger" markdown>
+<p class="admonition-title">Proprietary Model Providers Retain Your Chats</p>
+
+We advise against using proprietary models from Anthropic or OpenAI because those providers keep a chat history for up to 30 days.
+
+</div>
+
+<div class="admonition warning" markdown>
+<p class="admonition-title">DuckDuckGo Doesn't Self-Host Open Models</p>
+
+You will have to trust the together.ai cloud platform to honor their commitments to not store chats.
+
+</div>
+
+### Brave Leo
+
+<div class="admonition recommendation" markdown>
+
+![Brave Logo](assets/img/artificial-intelligence/leo.svg){align=right}
+
+**Brave Leo** is an AI assistant available inside the [Brave](desktop-browsers.md#brave) web browser.
+
+Brave Leo supports a variety of models, including open-weights models from Meta and Mistral, and proprietary models from Anthropic. We **strongly recommend** that you use **open-weights models**, because **Brave self-hosts them** and for those open-weights models, they **discards all chat data** after you close your session.
+
+Additionally, the ["Bring Your Own Model"](https://brave.com/blog/byom-nightly/) (BYOM) feature allows you to use one of your local AI models directly in Brave.
+
+[:octicons-home-16: Homepage](https://brave.com/leo){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://brave.com/privacy/browser/#brave-leo){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://github.com/brave/brave-browser/wiki/Brave-Leo){ .card-link title="Documentation" }
+
+</div>
+The default model is Mixtral, which has a low rate limit of 5 messages per hour. However, you can switch to the Llama model, which has "no" rate limits.
+
+Leo can enhance its knowledge through web searches, similar to Microsoft Copilot. However, Brave's AI solution still faces challenges with multi-language support and contextual understanding.
+
+<div class="admonition danger" markdown>
+<p class="admonition-title">Page Content is Sent by Default</p>
+
+By default, Brave Leo includes the webpage you are currently on as context for the AI model. While this can often be convenient, it also represents a privacy risk for pages with private information, such as your mailbox or social media. However, this feature cannot be globally disabled. Therefore, you'll need to **manually toggle off "Shape answers based on the page's contents"** for pages with PII.
+
+</div>
+
+<div class="admonition danger" markdown>
+<p class="admonition-title">Proprietary Model Providers Retain Your Chats</p>
+
+We advise against using Anthropic's Claude proprietary models because Anthropic keeps chat history for up to 30 days.
+
+</div>
+
+## Criteria
+
+Please note we are not affiliated with any of the projects we recommend. In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project and conduct your own research to ensure it's the right choice for you.
+
+### Minimum Requirements
+
+- The provider or third-parties they use must not use your chats for training.
+- The provider or third-parties they use must not retain your chats for more than 30 days.
+- Must be accessible privately (no account required, accepts requests from VPN users).
+- Must provide models they host themselves or with a third-party that acts on their behalf.
+- Must provide at least one model with high rate limits, to allow an user to use it for medium to heavy workloads.
+
+### Best-Case
+
+Our best-case criteria represent what we *would* like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
+
+- Should not retain your chats.
+- Should be accessible anonymously trough Tor.
+- Should only offer self-hosted open-weights models.
+- Should not be rate-limited.