update(blog)!: State of the Web App (#2821)

Signed-off-by: blacklight447 <niek@privacyguides.org>
Co-Authored-By: redoomed1 <161974310+redoomed1@users.noreply.github.com>

.github/workflows/build-blog.yml

@@ -65,6 +65,10 @@ jobs:
         with:
           cache: "pipenv"
 
+      - name: Install Python (no pipenv)
+        if: ${{ !inputs.privileged }}
+        uses: actions/setup-python@v5
+
       - name: Install Python Dependencies
         if: inputs.privileged
         run: |
@@ -72,10 +76,22 @@ jobs:
           pipenv install
           sudo apt install pngquant
 
-      - name: Build Website
+      - name: Install Python Dependencies (Unprivileged)
+        if: ${{ !inputs.privileged }}
+        run: |
+          pip install mkdocs-material mkdocs-rss-plugin mkdocs-glightbox mkdocs-macros-plugin
+          sudo apt install pngquant
+
+      - name: Build Website (Privileged)
+        if: inputs.privileged
         run: |
           pipenv run mkdocs build --config-file mkdocs.blog.yml
 
+      - name: Build Website (Unprivileged)
+        if: ${{ !inputs.privileged }}
+        run: |
+          BUILD_INSIDERS=false mkdocs build --config-file mkdocs.blog.yml
+
       - name: Package Website
         run: |
           tar -czf site-build-blog.tar.gz site

.github/workflows/build-pr.yml

@@ -19,12 +19,19 @@ jobs:
     env:
       ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
     steps:
+      - name: Save PR metadata
+        run: |
+          mkdir -p ./metadata
+          echo ${{ github.event.number }} > ./metadata/NR
+          echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
+
       - name: Set submodules for fork
         if: env.ACTIONS_SSH_KEY == ''
         id: submodules-fork
         run: |
           echo 'submodules={"repo":["brand","i18n"]}' >> "$GITHUB_OUTPUT"
           echo "privileged=false" >> "$GITHUB_OUTPUT"
+          echo "false" > ./metadata/PRIVILEGED
 
       - name: Set submodules for main repo
         if: env.ACTIONS_SSH_KEY != ''
@@ -32,12 +39,7 @@ jobs:
         run: |
           echo 'submodules={"repo":["brand","i18n","mkdocs-material-insiders"]}' >> "$GITHUB_OUTPUT"
           echo "privileged=true" >> "$GITHUB_OUTPUT"
-
-      - name: Save PR metadata
-        run: |
-          mkdir -p ./metadata
-          echo ${{ github.event.number }} > ./metadata/NR
-          echo ${{ github.event.pull_request.head.sha }} > ./metadata/SHA
+          echo "true" > ./metadata/PRIVILEGED
 
       - name: Upload metadata as artifact
         uses: actions/upload-artifact@v4

.github/workflows/build.yml

@@ -176,6 +176,24 @@ jobs:
         run: |
           eval ./run.sh --build --lang=${{ inputs.lang }} "$EXTRA_FLAGS"
 
+      - name: Run index-generation.sh for top posts
+        if: inputs.lang == 'en'
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/top.json?period=weekly' \
+            --tag="top posts" \
+            --destination="./site/en/index.html" \
+            --count=3
+
+      - name: Run index-generation.sh for latest posts
+        if: inputs.lang == 'en'
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/latest.json' \
+            --tag="latest posts" \
+            --destination="./site/en/index.html" \
+            --count=12
+
       - name: Package Website
         run: |
           tar -czf site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz site

.github/workflows/publish-pr.yml

@@ -22,6 +22,7 @@ jobs:
     outputs:
       pr_number: ${{ steps.metadata.outputs.pr_number }}
       sha: ${{ steps.metadata.outputs.sha }}
+      privileged: ${{ steps.metadata.outputs.privileged }}
 
     steps:
       - name: Download Website Build Artifact
@@ -86,6 +87,7 @@ jobs:
           unzip metadata.zip -d metadata
           echo "pr_number=$(cat metadata/NR)" >> "$GITHUB_OUTPUT"
           echo "sha=$(cat metadata/SHA)" >> "$GITHUB_OUTPUT"
+          echo "privileged=$(cat metadata/PRIVILEGED)" >> "$GITHUB_OUTPUT"
 
   deploy_netlify:
     needs: metadata
@@ -122,6 +124,7 @@ jobs:
       address: ${{ needs.deploy_garage.outputs.address }}
     steps:
       - uses: thollander/actions-comment-pull-request@v2.5.0
+        if: ${{ needs.metadata.outputs.privileged == 'true' }}
         with:
           pr_number: ${{ needs.metadata.outputs.pr_number }}
           message: |
@@ -132,3 +135,18 @@ jobs:
             | <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
             | <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
           comment_tag: deployment
+
+      - uses: thollander/actions-comment-pull-request@v2.5.0
+        if: ${{ needs.metadata.outputs.privileged == 'false' }}
+        with:
+          pr_number: ${{ needs.metadata.outputs.pr_number }}
+          message: |
+            ### <span aria-hidden="true">✅</span> Your preview is ready!
+
+            |  Name | Link |
+            | :---: | ---- |
+            | <span aria-hidden="true">🔨</span> Latest commit | ${{ needs.metadata.outputs.sha }} |
+            | <span aria-hidden="true">😎</span> Preview | ${{ env.address }} |
+
+            Please note that this preview was built from an untrusted source, so it was not granted access to all mkdocs-material features. Maintainers should ensure this PR has been reviewed locally with a full build before merging.
+          comment_tag: deployment

.github/workflows/update-discussions.yml

@@ -0,0 +1,82 @@
+# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+name: 🔄 Update Discussions
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "*/30 * * * *"
+
+permissions:
+  contents: read
+
+jobs:
+  generate:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    environment:
+      name: production
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: "false"
+          fetch-depth: 1
+
+      - name: Create site/en directory
+        run: mkdir -p site/en
+
+      - name: Update Discussions
+        uses: yakubique/minio-download@v1.1.1
+        with:
+          endpoint: https://${{ vars.PROD_GARAGE_HOSTNAME }}
+          access_key: ${{ secrets.PROD_GARAGE_KEY_ID }}
+          secret_key: ${{ secrets.PROD_GARAGE_SECRET_KEY }}
+          bucket: ${{ vars.PROD_GARAGE_BUCKET }}
+          source: /en/index.html
+          target: ./site/en/
+
+      - name: Run index-generation.sh for top posts
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/top.json?period=weekly' \
+            --tag="top posts" \
+            --destination="./site/en/index.html" \
+            --count=3
+
+      - name: Run index-generation.sh for latest posts
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/latest.json' \
+            --tag="latest posts" \
+            --destination="./site/en/index.html" \
+            --count=12
+
+      - name: Upload modified index
+        uses: yakubique/minio-upload@v1.1.3
+        with:
+          endpoint: https://${{ vars.PROD_GARAGE_HOSTNAME }}
+          access_key: ${{ secrets.PROD_GARAGE_KEY_ID }}
+          secret_key: ${{ secrets.PROD_GARAGE_SECRET_KEY }}
+          bucket: ${{ vars.PROD_GARAGE_BUCKET }}
+          source: ./site/en/index.html
+          target: /en

README.md

@@ -14,7 +14,9 @@
   <a href="https://github.com/privacyguides/privacyguides.org/stargazers">
     <img src="https://img.shields.io/github/stars/privacyguides?style=social"></a>
   <a href="https://mastodon.neat.computer/@privacyguides">
-    <img src="https://img.shields.io/mastodon/follow/109298532634697668?domain=https%3A%2F%2Fmastodon.neat.computer&label=Follow%20%40privacyguides%40neat.computer&style=social"></a></p>
+    <img src="https://img.shields.io/mastodon/follow/109298532634697668?domain=https%3A%2F%2Fmastodon.neat.computer&label=Follow&style=social"></a>
+  <a href="https://bsky.app/profile/privacyguides.org">
+    <img src="https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fpublic.api.bsky.app%2Fxrpc%2Fapp.bsky.actor.getProfile%3Factor%3Dprivacyguides.org&query=%24.followersCount&style=social&logo=bluesky&label=Follow"></a></p>
 
   <p><a href="https://github.com/privacyguides/privacyguides.org/pulls">
     <img src="https://img.shields.io/github/issues-pr-raw/privacyguides/privacyguides.org"></a>

blog/.authors.yml

@@ -23,6 +23,11 @@ authors:
     name: Freddy
     description: Team Member
     avatar: https://github.com/freddy-m.png
+    mastodon:
+      username: freddy
+      instance: social.lol
+    twitter: m00ws
+    bluesky: freddy.lol
   jonah:
     name: Jonah Aragon
     description: Project Director
@@ -31,6 +36,7 @@ authors:
       username: jonah
       instance: neat.computer
     twitter: jonaharagon
+    bluesky: jonaharagon.com
   kaitebay:
     name: Kai Tebay
     description: Former Team Member
@@ -51,3 +57,7 @@ authors:
     name: Sam Howell
     description: Guest Contributor
     avatar: https://gitlab.com/uploads/-/system/user/avatar/5349522/avatar.png
+  fria:
+    name: fria
+    description: Team Member
+    avatar: https://github.com/friadev.png

blog/author/jonah.md

@@ -34,3 +34,4 @@ schema:
 He is also known for his work on the Techlore YouTube channel, including the Techlore Talks podcast he co-hosts.
 
 [:simple-mastodon: @jonah@neat.computer](https://mastodon.neat.computer/@jonah "@jonah@neat.computer"){ .md-button rel=me }
+[:simple-bluesky: @jonaharagon.com](https://bsky.app/profile/jonaharagon.com "@jonaharagon.com"){ .md-button rel=me }

blog/posts/pwa-vs-iwa.md

@@ -0,0 +1,45 @@
+---
+date:
+    created: 2024-11-30
+categories:
+    - Opinion
+authors:
+    - fria
+tags:
+    - PWA
+    - IWA
+    - Web
+license: BY-SA
+---
+# State of the Web App: Current Woes and Promising Futures
+
+The concept of a [progressive web app](https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps) is enticing: an application using web technologies that is inherently cross platform (since it runs in a browser) and acts like a native app, even functioning offline. Support for PWAs in traditionally locked-down platforms like iOS means that PWAs can give users the freedom to install apps without having to go through Apple’s App Store. But there are problems with web content that PWAs haven't solved.<!-- more -->
+
+## Current Web-Based Apps
+
+Attempts at similar things have been made before, the most infamous of which is [Electron](https://www.electronjs.org). Electron is a software framework that allows developers to easily create cross-platform apps by essentially bundling an entire Chromium browser in with the app. This approach has its [drawbacks](https://usa.kaspersky.com/blog/electron-framework-security-issues/28952/?srsltid=AfmBOor_UcYY-84soHz5K2ULTmhlX44-DsIfJp_StotBrusD63MweSGO), though. Browsers have huge attack surface so it's important to keep them updated with the latest security fixes, but many Electron apps ship outdated versions, leaving those apps vulnerable. Each Electron app has its own version of Chromium with its own attack surface, amounting to a performance and security nightmare. In contrast, PWAs use the browser that you already have installed, so as long as you keep it updated, all your apps will have the latest security fixes.
+
+So why isn't every Electron app shipping as a PWA? The answer is an age-old problem with web content: the fact that you have to trust the server fully. You make an HTML GET request and you're served the content (i.e., the site's HTML, CSS, and JavaScript), but if the server is compromised, you'll be served a compromised website. You also need to rely on the security of DNS name resolution and the [certificate authority](https://www.digicert.com/blog/what-is-a-certificate-authority) system. This is a huge problem for security-sensitive applications like messengers. An attacker that gains access to their server—even just temporarily—could distribute compromised clients to millions of people, potentially breaking E2EE or executing a host of other malicious actions.
+
+## Improving Web Apps
+
+A typical native app is downloaded onto your computer from some kind of trusted place like an app store and only receives updates when the developers push them out. Additionally, there's usually a process of checks and verification before that happens, like Apple's [App Review](https://developer.apple.com/distribute/app-review) and the Google Play [App Review](https://support.google.com/googleplay/android-developer/answer/9859455) process. In contrast to PWAs, with which the threat of an attacker with server access constantly looms, it's much more difficult to target a particular person. In other words, a malicious app update is much less likely to escape scrutiny than a highly targeted attack via compromised servers.
+
+Isolated Web Apps (IWAs) build on the work done on PWAs and [Web Packaging](https://github.com/WICG/webpackage). They are a specification that allows web content to be distributed offline outside of a browser, much like a traditional app. It can be signed just like a regular app too, allowing you to verify that it came from the proper place and hasn't been modified. You could install an IWA from your favorite app store just like any other app and have the same security assurances. This would be incredibly useful in allowing for cross-platform E2EE web apps that don't need to trust a server every time you use them.
+
+Google [distinguishes](https://chromeos.dev/en/web/isolated-web-apps) between the drive by web, PWAs, and IWAs. The drive by web requires more conservative access to the system as the most accessible and is therefore least trusted. PWAs are a bit more trusted and can integrate a bit more deeply into the system as a result. IWAs are the most trusted and, as such, can have deeper access into the system and more powerful capabilities.
+
+<figure markdown>
+  ![Diagram showing the drive by web, a PWA, and then a dotted line separating them from IWAs](../assets/images/pwa-vs-iwa/iwa-diagram.png)
+  <figcaption>source: <a href="https://chromeos.dev/en/web/isolated-web-apps">chromeos.dev</a></figcaption>
+</figure>
+
+This higher security assurance from isolated and signed web applications and the inherently more trusted nature of a natively installed app will allow for IWAs to safely access APIs which wouldn't be safe to allow normal websites to access, like [Direct Sockets](https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md).
+
+IWAs use a totally new [URL scheme](https://github.com/WICG/isolated-web-apps/blob/main/Scheme.md) since they're not relying on HTTPS certificate authorities or DNS. They're totally isolated from each other and the web using enforced Content Security Policy and Cross-Origin Isolation, hence the name.
+
+## Issues
+
+The [Worldwide Web Consortium](https://www.w3.org) currently has an open issue on their GitHub for IWAs with some interesting discussions that are worth checking out. There are some [criticisms](https://github.com/w3ctag/design-reviews/issues/842#issuecomment-1989631915) of IWAs, at least in their current form. A big point of contention is giving IWAs access to more powerful features like raw TCP and UDP socket access, similar to what a natively installed app might be able to do, which Martin Thomson at Mozilla argues is dangerous even with user consent. Martin wrote a nice in-depth [article](https://lowentropy.net/posts/bundles) on bundling web content that's worth checking out on their website. It'll be a long process of iterating on the design before a version of this idea that's secure and available across browsers.
+
+Right now, Chrome ships the feature [enabled by default](https://chromestatus.com/feature/5146307550248960) but only on ChromeOS for admin-controlled machines and select development partners of Google. Safari and Firefox haven't implemented the feature, with [Firefox](https://github.com/mozilla/standards-positions/issues/799#issuecomment-2342084330) taking a stance against it. Perhaps in its trial run, the technology will prove its potential, or maybe IWAs aren't the best solution after all and another attempt at improving web apps will come along. I'll be watching with great interest either way.

blog/posts/where-are-all-the-mprs.md

@@ -0,0 +1,58 @@
+---
+date:
+    created: 2024-11-17
+categories:
+    - Opinion
+authors:
+    - fria
+tags:
+    - MPR
+    - VPN
+license: BY-SA
+---
+# Where are all the Multi-Party Relays?
+
+Multi-Party Relays (MPRs) are a technology that aims to provide better privacy protections than VPNs do. MPRs showed a lot of promise when they first emerged, but years later there are fewer options than ever. What happened?<!-- more -->
+
+## Traditional VPNs
+
+The original purpose of Virtual Private Networks (VPNs) was to access a network privately when you're not physically there, with encryption in between, so you can securely access your files or manage your network from wherever you are. It extends the security you'd expect from being physically at your LAN to anywhere you are.
+
+[Commercial VPNs](https://www.privacyguides.org/en/basics/vpn-overview) like Proton VPN use this technology to allow you to connect to *their* network, and then connect to your destination. This keeps sites and services you connect to from knowing your real IP address and using it as a metric to track you. But there's a problem here: you now need to fully trust your VPN provider in the same way you need to trust your ISP with all your internet traffic. This "shifting trust" problem has haunted VPNs for as long as they've been marketed as a privacy product. It's clear that a better solution is needed.
+
+## The Alternative: Tor
+
+Mix networks like [Tor](https://www.privacyguides.org/en/advanced/tor-overview) have solved this problem by decoupling the sender from the destination. No relay along the path has all the information: the entry (or *guard*) relay knows who you are but not where you're going, the middle relay knows the other two relays, and the exit relay knows the destination but not the sender. There's also separate encryption between each relay.
+
+<figure markdown>
+  ![Tor path showing your device connecting to an entry node, middle node, and exit node before reaching the destination website](https://www.privacyguides.org/en/assets/img/how-tor-works/tor-path.svg#only-light)
+  ![Tor path showing your device connecting to an entry node, middle node, and exit node before reaching the destination website](https://www.privacyguides.org/en/assets/img/how-tor-works/tor-path-dark.svg#only-dark)
+  <figcaption>Tor circuit pathway</figcaption>
+</figure>
+
+Tor provides great privacy properties, but the relays are run by volunteers, so they can be extremely slow and unreliable. Anyone who's tried to download a file while connected to Tor knows how painful it can be. Even normal browsing can be slow, with potentially minutes collectively wasted on loading times in any given browsing session. Tor is hands down the most private way to [browse the web](https://www.privacyguides.org/en/tor), and if your threat model calls for it there is no substitute. But for VPN users who want better privacy, an obvious next step is a paid solution where you have access to fast and reliable servers like on a VPN, and *also* separation between who you are and what you're connecting to.
+
+## A Solution: Multi-Party Relays
+
+Enter Multi-Party Relays. Services like iCloud Private Relay and (the unfortunately discontinued) INVISV Multi-Party Relay take inspiration from mix networks like Tor and separate the sender from the destination using two relays operated by different parties, as the name implies. There's separate encryption between each relay as well. MPRs *do* require you to trust that the two parties don't collaborate to correlate your traffic, so keep that in mind.
+
+Typically, the first relay is controlled by the provider (either Apple or INVISV in the previous examples), and the second relay is controlled by another company such as Fastly or Cloudflare. These are big names, so you won't need to worry about reliability.
+
+<figure markdown>
+  ![A diagram showing how your IP address is known to your ISP and Apple, and the server you're accessing is known to Cloudflare and the destination, in the case of iCloud Private Relay](../assets/images/where-are-all-the-mprs/icloud-private-relay.png)
+  <figcaption>source: <a href="https://blog.cloudflare.com/icloud-private-relay/">blog.cloudflare.com</a></figcaption>
+</figure>
+
+They also provide *speed*. Private Relay uses the QUIC protocol and as a result it's lightning fast. You wouldn't even know you were connecting to two servers in between your cat videos. The reliability is so good that I forget I even have it on. It even integrates with Safari and gives you a different IP address for different websites, similar to Tor's stream isolation.
+
+So why haven't MPRs taken off? INVISV's Pretty Good Phone Privacy service never seemed to make it out of [beta](https://invisv.com/pgpp/#pgpp-release-notes). INVISV [partnered](https://invisv.com/articles/vivaldi-privacy-guard) with Vivaldi, but I can't seem to find any mention of it in the Vivaldi settings or on their website outside of the original [announcement](https://vivaldi.com/blog/desktop/privacy-guard-your-privacy-matters-vivaldi-browser-snapshot-3319-12/). INVISV ultimately [shut down](https://invisv.com/articles/service_shutdown.html) their service back in June. I hope to see more from them in the future because they were providing something that currently isn't possible to get anymore on Android.
+
+That leaves [iCloud Private Relay](https://support.apple.com/en-us/102602) as the only commercial offering that I'm aware of, but it's limited to Apple devices only. Great for Apple users, but everyone else is left high and dry. As is Apple's way, they didn't want any extra inconvenience from using their service, so they restrict you to your real country and timezone. You don't have the same freedom to choose a server wherever in the world you want like a [traditional VPN service](https://www.privacyguides.org/en/vpn) would allow.
+
+There is one more honorary mention: [OHTTP](https://blog.cloudflare.com/stronger-than-a-promise-proving-oblivious-http-privacy-properties). It's a new protocol with a design based on the same principles as those of MPRs: two servers, a relay and a gateway, that decouple the sender from the destination. It's already seeing use by large companies to maintain user privacy for things like Google's Safe Browsing and Apple's new Safari Highlights feature. Unfortunately, it's not quite comparable to MPRs. According to Cloudflare:
+
+> OHTTP is not a general purpose proxy protocol: it's fit for purpose, aimed at transactional interactions between clients and servers (such as app-level APIs).
+
+So it can't cover all the traffic on your device. Still, it's a promising protocol and I hope it becomes more widespread.
+
+It really is a shame to see such a promising technology go so underutilized. Perhaps VPN companies could make their own MPR product and fill the gap in the market. Only time will tell.

docs/ai-chat.md

@@ -0,0 +1,188 @@
+---
+meta_title: "Recommended AI Chat: Private ChatGPT Alternatives - Privacy Guides"
+title: "AI Chat"
+icon: material/assistant
+description: Unlike OpenAI's ChatGPT and its Big Tech competitors, these AI tools run locally so your data never leaves your desktop device.
+cover: ai-chatbots.webp
+---
+<small>Protects against the following threat(s):</small>
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
+Since the release of ChatGPT in 2022, interactions with Large Language Models (LLMs) have become increasingly common. LLMs can help us write better, understand unfamiliar subjects, or answer a wide range of questions. They can statistically predict the next word based on a vast amount of data scraped from the web.
+
+## Privacy Concerns About LLMs
+
+Data used to train AI models, however, includes a massive amount of publicly available data scraped from the web, which can include sensitive information like names and addresses. Cloud-based AI software often [collects your inputs](https://openai.com/policies/row-privacy-policy), meaning your chats are not private from them. This practice also introduces a risk of data breaches. Furthermore, there is a real possibility that an LLM will leak your private chat information in future conversations with other users.
+
+If you are concerned about these practices, you can either refuse to use AI, or use [truly open-source models](https://proton.me/blog/how-to-build-privacy-first-ai) which publicly release and allow you to inspect their training datasets. One such model is [OLMoE](https://allenai.org/blog/olmoe-an-open-small-and-state-of-the-art-mixture-of-experts-model-c258432d0514) made by [Ai2](https://allenai.org/open-data).
+
+Alternatively, you can run AI models locally so that your data never leaves your device and is therefore never shared with third parties. As such, local models are a more private and secure alternative to cloud-based solutions and allow you to share sensitive information to the AI model without worry.
+
+## AI Models
+
+### Hardware for Local AI Models
+
+Local models are also fairly accessible. It's possible to run smaller models at lower speeds on as little as 8GB of RAM. Using more powerful hardware such as a dedicated GPU with sufficient VRAM or a modern system with fast LPDDR5X memory offers the best experience.
+
+LLMs can usually be differentiated by the number of parameters, which can vary between 1.3B to 405B for open-source models available for end users. For example, models below 6.7B parameters are only good for basic tasks like text summaries, while models between 7B and 13B are a great compromise between quality and speed. Models with advanced reasoning capabilities are generally around 70B.
+
+For consumer-grade hardware, it is generally recommended to use [quantized models](https://huggingface.co/docs/optimum/en/concept_guides/quantization) for the best balance between model quality and performance. Check out the table below for more precise information about the typical requirements for different sizes of quantized models.
+
+| Model Size (in Parameters) | Minimum RAM | Minimum Processor |
+|---|---|---|
+| 7B | 8GB | Modern CPU (AVX2 support) |
+| 13B | 16GB | Modern CPU (AVX2 support) |
+| 70B | 72GB | GPU with VRAM |
+
+To run AI locally, you need both an AI model and an AI client.
+
+### Choosing a Model
+
+There are many permissively licensed models available to download. [Hugging Face](https://huggingface.co/models) is a platform that lets you browse, research, and download models in common formats like [GGUF](https://huggingface.co/docs/hub/en/gguf). Companies that provide good open-weights models include big names like Mistral, Meta, Microsoft, and Google. However, there are also many community models and 'fine-tunes' available. As mentioned above, quantized models offer the best balance between model quality and performance for those using consumer-grade hardware.
+
+To help you choose a model that fits your needs, you can look at leaderboards and benchmarks. The most widely-used leaderboard is the community-driven [LM Arena](https://lmarena.ai). Additionally, the [OpenLLM Leaderboard](https://huggingface.co/spaces/open-llm-leaderboard/open_llm_leaderboard) focuses on the performance of open-weights models on common benchmarks like [MMLU-Pro](https://arxiv.org/abs/2406.01574).  There are also specialized benchmarks which measure factors like [emotional intelligence](https://eqbench.com), ["uncensored general intelligence"](https://huggingface.co/spaces/DontPlanToEnd/UGI-Leaderboard), and [many others](https://www.nebuly.com/blog/llm-leaderboards).
+
+## AI Chat Clients
+
+| Feature | [Kobold.cpp](#koboldcpp) | [Ollama](#ollama-cli) | [Llamafile](#llamafile) |
+|---|---|---|---|
+| GPU Support | :material-check:{ .pg-green } | :material-check:{ .pg-green } | :material-check:{ .pg-green } |
+| Image Generation | :material-check:{ .pg-green } | :material-close:{ .pg-red } | :material-close:{ .pg-red } |
+| Speech Recognition | :material-check:{ .pg-green } | :material-close:{ .pg-red } | :material-close:{ .pg-red } |
+| Auto-download Models | :material-close:{ .pg-red } | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } Few models available |
+| Custom Parameters | :material-check:{ .pg-green } | :material-close:{ .pg-red } | :material-check:{ .pg-green } |
+| Multi-platform | :material-check:{ .pg-green } | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } Size limitations on Windows |
+
+### Kobold.cpp
+
+<div class="admonition recommendation" markdown>
+
+![Kobold.cpp Logo](assets/img/ai-chat/kobold.png){align=right}
+
+Kobold.cpp is an AI client that runs locally on your Windows, Mac, or Linux computer. It's an excellent choice if you are looking for heavy customization and tweaking, such as for role-playing purposes.
+
+In addition to supporting a large range of text models, Kobold.cpp also supports image generators such as [Stable Diffusion](https://stability.ai/stable-image) and automatic speech recognition tools such as [Whisper](https://github.com/ggerganov/whisper.cpp).
+
+[:octicons-home-16: Homepage](https://github.com/LostRuins/koboldcpp){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/LostRuins/koboldcpp/wiki){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/LostRuins/koboldcpp){ .card-link title="Source Code" }
+[:octicons-lock-16:](https://github.com/LostRuins/koboldcpp/blob/2f3597c29abea8b6da28f21e714b6b24a5aca79b/SECURITY.md){ .card-link title="Security Policy" }
+
+<details class="downloads" markdown>
+<summary>Downloads</summary>
+
+- [:fontawesome-brands-windows: Windows](https://github.com/LostRuins/koboldcpp/releases)
+- [:simple-apple: macOS](https://github.com/LostRuins/koboldcpp/releases)
+- [:simple-linux: Linux](https://github.com/LostRuins/koboldcpp/releases)
+
+</details>
+
+</div>
+
+<div class="admonition note" markdown>
+<p class="admonition-title">Compatibility Issues</p>
+
+Kobold.cpp might not run on computers without AVX/AVX2 support.
+
+</div>
+
+Kobold.cpp allows you to modify parameters such as the AI model temperature and the AI chat's system prompt. It also supports creating a network tunnel to access AI models from other devices such as your phone.
+
+### Ollama (CLI)
+
+<div class="admonition recommendation" markdown>
+
+![Ollama Logo](assets/img/ai-chat/ollama.png){align=right}
+
+Ollama is a command-line AI assistant that is available on macOS, Linux, and Windows. Ollama is a great choice if you're looking for an AI client that's easy-to-use, widely compatible, and fast due to its use of inference and other techniques. It also doesn't involve any manual setup.
+
+In addition to supporting a wide range of text models, Ollama also supports [LLaVA](https://github.com/haotian-liu/LLaVA) models and has experimental support for Meta's [Llama vision capabilities](https://huggingface.co/blog/llama32#what-is-llama-32-vision).
+
+[:octicons-home-16: Homepage](https://ollama.com){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/ollama/ollama#readme){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/ollama/ollama){ .card-link title="Source Code" }
+[:octicons-lock-16:](https://github.com/ollama/ollama/blob/a14f76491d694b2f5a0dec6473514b7f93beeea0/SECURITY.md){ .card-link title="Security Policy" }
+
+<details class="downloads" markdown>
+<summary>Downloads</summary>
+
+- [:fontawesome-brands-windows: Windows](https://ollama.com/download/windows)
+- [:simple-apple: macOS](https://ollama.com/download/mac)
+- [:simple-linux: Linux](https://ollama.com/download/linux)
+
+</details>
+
+</div>
+
+Ollama simplifies the process of setting up a local AI chat by downloading the AI model you want to use automatically. For example, running `ollama run llama3.2` will automatically download and run the Llama 3.2 model. Furthermore, Ollama maintains their own [model library](https://ollama.com/library) where they host the files of various AI models. This ensures that models are vetted for both performance and security, eliminating the need to manually verify model authenticity.
+
+### Llamafile
+
+<div class="admonition recommendation" markdown>
+
+![Llamafile Logo](assets/img/ai-chat/llamafile.svg){align=right}
+
+Llamafile is a lightweight single-file executable that allows users to run LLMs locally on their own computers without any setup involved. It is [backed by Mozilla](https://hacks.mozilla.org/2023/11/introducing-llamafile) and available on Linux, macOS, and Windows.
+
+Llamafile also supports LLaVA. However, it doesn't support speech recognition or image generation.
+
+[:octicons-home-16: Homepage](https://github.com/Mozilla-Ocho/llamafile){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/Mozilla-Ocho/llamafile#llamafile){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/Mozilla-Ocho/llamafile){ .card-link title="Source Code" }
+[:octicons-lock-16:](https://github.com/Mozilla-Ocho/llamafile#security){ .card-link title="Security Policy" }
+
+<details class="downloads" markdown>
+<summary>Downloads</summary>
+
+- [:fontawesome-solid-desktop: Desktop](https://github.com/Mozilla-Ocho/llamafile#quickstart)
+
+</details>
+
+</div>
+
+Mozilla has made llamafiles available for only some Llama and Mistral models, while there are few third-party llamafiles available. Moreover, Windows limits `.exe` files to 4GB, and most models are larger than that.
+
+To circumvent these issues, you can [load external weights](https://github.com/Mozilla-Ocho/llamafile#using-llamafile-with-external-weights).
+
+## Securely Downloading Models
+
+If you use an AI client that maintains their own library of model files (such as [Ollama](#ollama-cli) and [Llamafile](#llamafile)), you should download it from there. However, if you want to download models not present in their library, or use an AI client that doesn't maintain its library (such as [Kobold.cpp](#koboldcpp)), you will need to take extra steps to ensure that the AI model you download is safe and legitimate.
+
+We recommend downloading model files from Hugging Face since it provides several features to verify that your download is genuine and safe to use.
+
+To check the authenticity and safety of the model, look for:
+
+- Model cards with clear documentation
+- A verified organization badge
+- Community reviews and usage statistics
+- A "Safe" badge next to the model file (Hugging Face only)
+- Matching checksums[^1]
+    - On Hugging Face, you can find the hash by clicking on a model file and looking for the **Copy SHA256** button below it. You should compare this checksum with the one from the model file you downloaded.
+
+A downloaded model is generally safe if it satisfies all of the above checks.
+
+## Criteria
+
+Please note we are not affiliated with any of the projects we recommend. In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project and conduct your own research to ensure it's the right choice for you.
+
+### Minimum Requirements
+
+- Must be open-source.
+- Must not transmit personal data, including chat data.
+- Must be multi-platform.
+- Must not require a GPU.
+- Must have support for GPU-powered fast inference.
+- Must not require an internet connection.
+
+### Best-Case
+
+Our best-case criteria represent what we *would* like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
+
+- Should be easy to download and set up, e.g. with a one-click install process.
+- Should have a built-in model downloader option.
+- The user should be able to modify the LLM parameters, such as its system prompt or temperature.
+
+[^1]: A file checksum is a type of anti-tampering fingerprint. A developer usually provides a checksum in a text file that can be downloaded separately, or on the download page itself. Verifying that the checksum of the file you downloaded matches the one provided by the developer helps ensure that the file is genuine and wasn't tampered with in transit. You can use commands like `sha256sum` on Linux and macOS, or `certutil -hashfile file SHA256` on Windows to generate the downloaded file's checksum.

docs/android/obtaining-apps.md

@@ -114,9 +114,9 @@ If you download APK files to install manually, you can verify their signature wi
 
 Due to their process of building apps, apps in the *official* F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet [modern security standards](https://developer.android.com/google/play/requirements/target-sdk).
 
-Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from GitHub and is the next best thing to the developers' own repositories. However, it is not something that we can fully recommend, as apps are typically [removed](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) from that repository if they are later added to the main F-Droid repository. While that makes sense (since the goal of that particular repository is to host apps before they're accepted into the main F-Droid repository), it can leave you with installed apps which no longer receive updates.
+Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from code forges (GitHub, GitLab, etc.) and is the next best thing to the developers' own repositories. They also offer [reproducible builds](https://android.izzysoft.de/articles/named/iod-rbs-mirrors-clients) for hundreds of applications and have developers who verify the reproducibility of developer-signed APKs. Furthermore, the IzzyOnDroid team conducts [additional security scans](https://android.izzysoft.de/articles/named/iod-scan-apkchecks) of apps housed in the repo, which usually result in [deliberations](https://github.com/gouravkhunger/QuotesApp/issues/22) between them and app developers toward privacy improvements in their apps. Note that apps may be removed from the IzzyOnDroid repo in [certain circumstances](https://gitlab.com/IzzyOnDroid/repo#are-apps-removed-from-the-repo--and-when-does-that-happen).
 
-That said, the [F-Droid](https://f-droid.org/en/packages) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid) repositories are home to countless apps, so they can be a useful tool to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgement when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
+The [F-Droid](https://f-droid.org/en/packages) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid) repositories are home to countless apps, so they can be useful places to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgment when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
 
 <div class="admonition note" markdown>
 <p class="admonition-title">F-Droid Basic</p>

docs/data-broker-removals.md

@@ -85,8 +85,6 @@ Our testing indicates that EasyOptOuts provides the best value out of any data r
 EasyOptOuts does not cover the following sites we consider to be "high priority," so you should still manually opt-out of:
 
 - Intelius ([Search](https://intelius.com), [Opt-Out](https://suppression.peopleconnect.us/login))
-- PeekYou ([Search](https://peekyou.com), [Opt-Out](https://peekyou.com/about/contact/optout))
-- PublicDataUSA ([Search](https://publicdatausa.com), [Opt-Out](https://publicdatausa.com/remove.php))
 
 </div>
 

docs/os/ios-overview.md

@@ -21,9 +21,15 @@ The only source for apps on iOS is Apple's App Store, which requires an Apple Ac
 
 ### Invasive Telemetry
 
-Apple has historically had problems with properly anonymizing their telemetry on iOS. [In 2019](https://theguardian.com/technology/2019/jul/26/apple-contractors-regularly-hear-confidential-details-on-siri-recordings), Apple was found to transmit Siri recordings—some containing highly confidential information—to their servers for manual review by third-party contractors. While they temporarily stopped that program after that practice was [widely reported on](https://theverge.com/2019/8/23/20830120/apple-contractors-siri-recordings-listening-1000-a-day-globetech-microsoft-cortana), the problem wasn't completely resolved [until 2021](https://theguardian.com/technology/2021/jun/07/apple-overhauls-siri-to-address-privacy-concerns-and-improve-performance).
+Apple has historically had problems with properly disassociating their telemetry from Apple Accounts on iOS. In [2019](https://theguardian.com/technology/2019/jul/26/apple-contractors-regularly-hear-confidential-details-on-siri-recordings), Apple was found to transmit Siri recordings—some containing highly confidential information—to their servers for manual review by third-party contractors. Though Apple temporarily stopped that program after that practice was [widely reported on](https://theverge.com/2019/8/23/20830120/apple-contractors-siri-recordings-listening-1000-a-day-globetech-microsoft-cortana), the company rolled out a switch to [**opt out** of uploading conversations with Siri](https://theguardian.com/technology/2019/oct/30/apple-lets-users-opt-out-of-having-siri-conversations-recorded) a few months later in the succeeding iOS update. Moreover, in 2021, [Apple reworked Siri](https://theguardian.com/technology/2021/jun/07/apple-overhauls-siri-to-address-privacy-concerns-and-improve-performance) so that it processes voice recordings locally rather than sending it to their servers.
 
-More recently, Apple has been found to [transmit analytics even when analytics sharing is disabled](https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558) on iOS, and this data [appears](https://twitter.com/mysk_co/status/1594515229915979776) to be easily linked to unique iCloud account identifiers despite supposedly being anonymous.
+More recently, Apple has been found to transmit analytics [even when analytics sharing is disabled](https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558) on iOS, and this data [appears](https://twitter.com/mysk_co/status/1594515229915979776) to be easily linked to unique iCloud account identifiers despite supposedly being decoupled from Apple Accounts.
+
+### Traffic Outside Active VPN Connections
+
+Apple's [privacy policy regarding VPNs](https://apple.com/legal/privacy/data/en/vpns) states:
+
+> Even when a VPN is active, some traffic that is necessary for essential system services will take place outside the VPN so that your device can function properly.
 
 ## Recommended Configuration
 

docs/passwords.md

@@ -228,8 +228,6 @@ Bitwarden's server-side code is [open source](https://github.com/bitwarden/serve
 
 With the acquisition of SimpleLogin in April 2022, Proton has offered a "hide-my-email" feature that lets you create 10 aliases (free plan) or unlimited aliases (paid plans).
 
-Proton Pass currently doesn't have any "master password" functionality, which means that your vault is protected with the password for your Proton account and any of their supported [two factor authentication](basics/multi-factor-authentication.md) methods.
-
 The Proton Pass mobile apps and browser extension underwent an audit performed by Cure53 throughout May and June of 2023. The security analysis company concluded:
 
 > Proton Pass apps and components leave a rather positive impression in terms of security.

docs/real-time-communication.md

@@ -39,6 +39,7 @@ These messengers are great for securing your sensitive communications.
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id874139669)
+- [:simple-github: GitHub](https://github.com/signalapp/Signal-Android/releases)
 - [:simple-android: Android](https://signal.org/android/apk)
 - [:fontawesome-brands-windows: Windows](https://signal.org/download/windows)
 - [:simple-apple: macOS](https://signal.org/download/macos)

docs/tools.md

@@ -364,6 +364,18 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 
 ## Software
 
+### AI Chat
+
+<div class="grid cards" markdown>
+
+- ![Kobold logo](assets/img/ai-chat/kobold.png){ .twemoji loading=lazy } [Kobold.cpp](ai-chat.md#koboldcpp)
+- ![Llamafile logo](assets/img/ai-chat/llamafile.svg){ .twemoji loading=lazy } [Llamafile](ai-chat.md#llamafile)
+- ![Ollama logo](assets/img/ai-chat/ollama.png){ .twemoji loading=lazy } [Ollama (CLI)](ai-chat.md#ollama-cli)
+
+</div>
+
+[Learn more :material-arrow-right-drop-circle:](ai-chat.md)
+
 ### Calendar Sync
 
 <div class="grid cards" markdown>

includes/abbreviations.en.txt

@@ -49,6 +49,8 @@
 *[ISPs]: Internet Service Providers
 *[JNI]: Java Native Interface
 *[KYC]: Know Your Customer
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
 *[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
 *[MAC]: Media Access Control
 *[MDAG]: Microsoft Defender Application Guard
@@ -62,6 +64,7 @@
 *[OCSP]: Online Certificate Status Protocol
 *[OEM]: Original Equipment Manufacturer
 *[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
 *[OS]: Operating System
 *[OTP]: One-Time Password
 *[OTPs]: One-Time Passwords
@@ -73,6 +76,7 @@
 *[PII]: Personally Identifiable Information
 *[QNAME]: Qualified Name
 *[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
+*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
 *[rolling release]: Updates which are released frequently rather than set intervals
 *[RSS]: Really Simple Syndication
 *[SELinux]: Security-Enhanced Linux
@@ -86,6 +90,8 @@
 *[SaaS]: Software as a Service (cloud software)
 *[SoC]: System on Chip
 *[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
 *[TCP]: Transmission Control Protocol
 *[TEE]: Trusted Execution Environment
 *[TLS]: Transport Layer Security

index-generation.sh

@@ -0,0 +1,89 @@
+#!/bin/bash
+
+DATE_CMD="date"
+
+# Check if the script is running on macOS
+if [[ "$OSTYPE" == "darwin"* ]]; then
+  DATE_CMD="gdate"
+fi
+
+# Defaults
+source="https://discuss.privacyguides.net/top.json?period=weekly"
+tag="top posts"
+destination="./site/en/index.html"
+count=3
+
+for arg in "$@"
+do
+  case $arg in
+    --source=*)
+    source="${arg#*=}"
+    shift
+    ;;
+    --tag=*)
+    tag="${arg#*=}"
+    shift
+    ;;
+    --destination=*)
+    destination="${arg#*=}"
+    shift
+    ;;
+    --count=*)
+    count="${arg#*=}"
+    shift
+    ;;
+  esac
+done
+
+# URL of the Discourse top.json
+DISCOURSE_URL="$source"
+
+# Fetch the JSON data
+json_data=$(curl -s $DISCOURSE_URL)
+
+# Extract the first 3 topics
+topics=$(echo $json_data | jq -r ".topic_list.topics[:$count]")
+
+users=$(echo $json_data | jq -r ".users")
+# Generate HTML for the first 3 posts
+html_output=""
+for row in $(echo "${topics}" | jq -r '.[] | @base64'); do
+  _jq() {
+    echo ${row} | base64 --decode | jq -r ${1}
+  }
+
+  title=$(_jq '.title')
+  id=$(_jq '.id')
+  like_count=$(_jq '.like_count')
+  reply_count=$(_jq '.posts_count')
+  views=$(_jq '.views')
+
+  author_id=$(_jq '.posters[0].user_id')
+  author_info=$(echo "${users}" | jq -r ".[] | select(.id==$author_id)")
+  author_username=$(echo "${author_info}" | jq -r ".username")
+
+  html_output+="<li class='discourse-topic'>"
+  html_output+="<p class='discourse-title'><a href='https://discuss.privacyguides.net/t/${id}'><strong>${title}</strong></a></p>"
+  html_output+="<hr>"
+  html_output+="<p class='discourse-author'>"
+  html_output+="<span class='discourse-author'>"
+  html_output+="<img src='https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/${author_username}/48/1.png' loading='lazy' aria-hidden='true' alt='${author_username}' width='20' height='20' class='middle'>"
+  html_output+="<span> Posted by <em>$author_username</em></span>"
+  html_output+="</span>"
+  html_output+="</p>"
+  html_output+="<p class='discourse-data'>"
+  html_output+="<span class='twemoji'><svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'><title>eye</title><path d='M12,9A3,3 0 0,0 9,12A3,3 0 0,0 12,15A3,3 0 0,0 15,12A3,3 0 0,0 12,9M12,17A5,5 0 0,1 7,12A5,5 0 0,1 12,7A5,5 0 0,1 17,12A5,5 0 0,1 12,17M12,4.5C7,4.5 2.73,7.61 1,12C2.73,16.39 7,19.5 12,19.5C17,19.5 21.27,16.39 23,12C21.27,7.61 17,4.5 12,4.5Z' /></svg></span>"
+  html_output+="<span class='discourse-views'> ${views} </span>"
+  html_output+="<span class='twemoji pg-red'><svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'><title>heart</title><path d='M12,21.35L10.55,20.03C5.4,15.36 2,12.27 2,8.5C2,5.41 4.42,3 7.5,3C9.24,3 10.91,3.81 12,5.08C13.09,3.81 14.76,3 16.5,3C19.58,3 22,5.41 22,8.5C22,12.27 18.6,15.36 13.45,20.03L12,21.35Z' /></svg></span>"
+  html_output+="<span class='discourse-likes'> ${like_count} </span>"
+  html_output+="<span class='twemoji'><svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'><title>reply</title><path d='M10,9V5L3,12L10,19V14.9C15,14.9 18.5,16.5 21,20C20,15 17,10 10,9Z' /></svg></span>"
+  html_output+="<span class='discourse-replies'> ${reply_count} </span>"
+  html_output+="</p>"
+  html_output+="</li>"
+done
+
+tempfile=$(mktemp)
+echo "$html_output" > $tempfile
+
+# Insert the HTML output between the comments in index.html
+sed -i'.bak' "/<!-- start $tag -->/,/<!-- end $tag -->/{//!d;}; /<!-- start $tag -->/r $tempfile" $destination

mkdocs.blog.yml

@@ -56,6 +56,9 @@ extra:
     - icon: simple/mastodon
       link: https://mastodon.neat.computer/@privacyguides
       name: !ENV [SOCIAL_MASTODON, "Mastodon"]
+    - icon: simple/bluesky
+      link: https://bsky.app/profile/privacyguides.org
+      name: !ENV [SOCIAL_BLUESKY, "Bluesky"]
     - icon: simple/matrix
       link: https://matrix.to/#/#privacyguides:matrix.org
       name: !ENV [SOCIAL_MATRIX, "Matrix"]

mkdocs.net.yml

@@ -0,0 +1,197 @@
+# Copyright (c) 2022-2024 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+docs_dir: "net"
+site_url: "https://www.privacyguides.net/"
+site_dir: "site/net"
+
+site_name: Privacy Guides Community
+site_description: "Discover privacy tools and resources, ask questions, and stay informed at the biggest digital rights and privacy tech community online."
+edit_uri_template: blob/main/net/{path}?plain=1
+
+extra:
+  privacy_guides:
+    footer:
+      intro:
+        !ENV [
+          FOOTER_INTRO,
+          "Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy.",
+        ]
+      note:
+        !ENV [
+          FOOTER_NOTE,
+          "We do not make money from recommending certain products, and we do not use affiliate links.",
+        ]
+      copyright:
+        author:
+          !ENV [FOOTER_COPYRIGHT_AUTHOR, "Privacy Guides and contributors."]
+        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2024"]
+      license:
+        - fontawesome/brands/creative-commons
+        - fontawesome/brands/creative-commons-by
+        - fontawesome/brands/creative-commons-sa
+  homepage: https://www.privacyguides.org/en/
+  generator: false
+  context: !ENV [BUILD_CONTEXT, "production"]
+  offline: !ENV [BUILD_OFFLINE, false]
+  deploy: !ENV DEPLOY_ID
+  social:
+    - icon: simple/mastodon
+      link: https://mastodon.neat.computer/@privacyguides
+      name: !ENV [SOCIAL_MASTODON, "Mastodon"]
+    - icon: simple/matrix
+      link: https://matrix.to/#/#privacyguides:matrix.org
+      name: !ENV [SOCIAL_MATRIX, "Matrix"]
+    - icon: simple/discourse
+      link: https://discuss.privacyguides.net/
+      name: !ENV [SOCIAL_FORUM, "Forum"]
+    - icon: simple/github
+      link: https://github.com/privacyguides
+      name: !ENV [SOCIAL_GITHUB, "GitHub"]
+    - icon: simple/torbrowser
+      link: http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion/
+      name: !ENV [SOCIAL_TOR_SITE, "Hidden service"]
+
+repo_url:
+  !ENV [BUILD_REPO_URL, "https://github.com/privacyguides/privacyguides.org"]
+repo_name: ""
+
+theme:
+  name: material
+  language: en
+  custom_dir: theme
+  font:
+    text: Public Sans
+    code: DM Mono
+  palette:
+    - media: "(prefers-color-scheme)"
+      scheme: default
+      accent: deep purple
+      toggle:
+        icon: material/brightness-auto
+        name: !ENV [THEME_DARK, "Switch to dark mode"]
+    - media: "(prefers-color-scheme: dark)"
+      scheme: slate
+      accent: amber
+      toggle:
+        icon: material/brightness-2
+        name: !ENV [THEME_LIGHT, "Switch to light mode"]
+    - media: "(prefers-color-scheme: light)"
+      scheme: default
+      accent: deep purple
+      toggle:
+        icon: material/brightness-5
+        name: !ENV [THEME_AUTO, "Switch to system theme"]
+  favicon: assets/brand/logos/png/favicon-32x32.png
+  icon:
+    repo: simple/github
+  features:
+    - announce.dismiss
+    - navigation.tracking
+    - navigation.tabs
+    - navigation.sections
+    - navigation.expand
+    - navigation.path
+    - navigation.indexes
+    - navigation.footer
+    - content.action.edit
+    - content.tabs.link
+    - content.tooltips
+    - search.highlight
+
+extra_css:
+  - assets/stylesheets/extra.css?v=20240829
+
+watch:
+  - theme
+  - includes
+
+plugins:
+  tags: {}
+  privacy:
+    enabled: !ENV [BUILD_PRIVACY, true]
+  offline:
+    enabled: !ENV [BUILD_OFFLINE, false]
+  group:
+    enabled: !ENV [BUILD_INSIDERS, true]
+    plugins:
+      macros: {}
+      meta: {}
+      optimize:
+        enabled: !ENV [OPTIMIZE, PRODUCTION, NETLIFY, false]
+      typeset: {}
+      social:
+        cards: !ENV [CARDS, true]
+        cards_dir: assets/img/social
+        cards_layout_dir: theme/layouts
+        cards_layout: page
+
+markdown_extensions:
+  admonition: {}
+  pymdownx.details: {}
+  pymdownx.superfences:
+    custom_fences:
+      - name: mermaid
+        class: mermaid
+        format: !!python/name:pymdownx.superfences.fence_code_format
+  pymdownx.tabbed:
+    alternate_style: true
+  pymdownx.arithmatex:
+    generic: true
+  pymdownx.critic: {}
+  pymdownx.caret: {}
+  pymdownx.keys: {}
+  pymdownx.mark: {}
+  pymdownx.tilde: {}
+  pymdownx.snippets:
+    auto_append:
+      - !ENV [BUILD_ABBREVIATIONS, "includes/abbreviations.en.txt"]
+  pymdownx.tasklist:
+    custom_checkbox: true
+  attr_list: {}
+  def_list: {}
+  md_in_html: {}
+  meta: {}
+  abbr: {}
+  pymdownx.emoji:
+    emoji_index: !!python/name:material.extensions.emoji.twemoji
+    emoji_generator: !!python/name:material.extensions.emoji.to_svg
+  tables: {}
+  footnotes: {}
+  toc:
+    permalink: true
+    toc_depth: 4
+
+nav:
+  - !ENV [NAV_HOME, "Home"]: https://www.privacyguides.org/en/
+  - !ENV [NAV_KNOWLEDGE_BASE, "Knowledge Base"]:
+      https://www.privacyguides.org/en/basics/why-privacy-matters/
+  - !ENV [NAV_RECOMMENDATIONS, "Recommendations"]:
+      https://www.privacyguides.org/en/tools/
+  - !ENV [NAV_BLOG, "Articles"]: https://www.privacyguides.org/articles/
+  - !ENV [NAV_ABOUT, "About"]: https://www.privacyguides.org/en/about/
+  - "Donate": https://www.privacyguides.org/en/about/donate/
+  - !ENV [NAV_CHANGELOG, "Changelog"]:
+      "https://github.com/privacyguides/privacyguides.org/releases"
+  - !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/"
+
+validation:
+  nav:
+    not_found: info

mkdocs.yml

@@ -108,6 +108,9 @@ extra:
             - icon: simple/mastodon
               name: !ENV [HOMEPAGE_CTA_MASTODON_NAME, "Follow us on Mastodon"]
               link: https://mastodon.neat.computer/@privacyguides
+            - icon: simple/bluesky
+              name: !ENV [HOMEPAGE_CTA_BLUESKY_NAME, "Follow us on Bluesky"]
+              link: https://bsky.app/profile/privacyguides.org
             - icon: simple/github
               name: !ENV [HOMEPAGE_CTA_GITHUB_NAME, "Contribute on GitHub"]
               link: https://github.com/privacyguides/privacyguides.org
@@ -164,6 +167,9 @@ extra:
     - icon: simple/mastodon
       link: https://mastodon.neat.computer/@privacyguides
       name: !ENV [SOCIAL_MASTODON, "Mastodon"]
+    - icon: simple/bluesky
+      link: https://bsky.app/profile/privacyguides.org
+      name: !ENV [SOCIAL_BLUESKY, "Bluesky"]
     - icon: simple/matrix
       link: https://matrix.to/#/#privacyguides:matrix.org
       name: !ENV [SOCIAL_MATRIX, "Matrix"]
@@ -403,6 +409,7 @@ nav:
           - "search-engines.md"
           - "vpn.md"
       - !ENV [NAV_SOFTWARE, "Software"]:
+          - "ai-chat.md"
           - "calendar.md"
           - "cryptocurrency.md"
           - "data-redaction.md"

net/index.md

@@ -0,0 +1,42 @@
+---
+title: Weekly Discussions
+meta_title: Privacy Guides Community
+hide:
+  - footer
+  - toc
+  - navigation
+schema:
+  -
+    "@context": https://schema.org
+    "@type": Organization
+    "@id": https://www.privacyguides.org/
+    name: Privacy Guides
+    url: https://www.privacyguides.org/
+    logo: https://www.privacyguides.org/en/assets/brand/logos/png/square/pg-yellow.png
+    sameAs:
+      - https://twitter.com/privacy_guides
+      - https://github.com/privacyguides
+      - https://www.wikidata.org/wiki/Q111710163
+      - https://www.youtube.com/@privacyguides
+      - https://mastodon.neat.computer/@privacyguides
+  -
+    "@context": https://schema.org
+    "@type": WebSite
+    name: Privacy Guides
+    alternateName: ["Privacy Guides Community", "Privacy Guides Forum", "Privacy & Security Forum", "Privacy Discussions", "Privacy Community", "PG Community"]
+    url: "https://www.privacyguides.net/"
+    isPartOf: "https://www.privacyguides.org/"
+---
+
+Discover privacy tools and resources, ask questions, and stay informed at the biggest digital rights and privacy tech community online.
+
+[Open Forum](https://discuss.privacyguides.net){.md-button .md-button--primary}
+[View Resources](https://www.privacyguides.org/en/tools/){.md-button}
+
+<div class="grid cards">
+      <ul>
+<!-- start latest posts -->
+
+<!-- end latest posts -->
+</ul>
+</div>

theme/assets/img/messengers/signal.svg

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><path fill="#3a76f0" stroke-width=".265" d="m100.94 132.06 0.38097 1.5398a15.302 15.302 0 0 0-4.2542 1.7593l-0.81485-1.3598a16.869 16.869 0 0 1 4.6881-1.9392zm8.1274 0-0.38097 1.5398a15.302 15.302 0 0 1 4.2542 1.7593l0.82014-1.3598a16.869 16.869 0 0 0-4.6933-1.9392zm-18.562 7.6856a16.869 16.869 0 0 0-1.9392 4.688l1.5398 0.38097a15.302 15.302 0 0 1 1.7593-4.2542zm-0.8466 8.7517a15.318 15.318 0 0 1 0.17197-2.299l-1.5689-0.2381a16.993 16.993 0 0 0 0 5.0743l1.5689-0.2381a15.318 15.318 0 0 1-0.17197-2.2991zm24.096 14.498-0.81485-1.3598a15.302 15.302 0 0 1-4.2489 1.7594l0.38097 1.5398a16.869 16.869 0 0 0 4.6828-1.9392zm6.5929-14.498a15.318 15.318 0 0 1-0.17196 2.2991l1.5689 0.2381a16.993 16.993 0 0 0 0-5.0743l-1.5689 0.2381a15.318 15.318 0 0 1 0.17196 2.299zm1.0926 4.0637-1.5398-0.38097a15.302 15.302 0 0 1-1.7593 4.2542l1.3598 0.82014a16.869 16.869 0 0 0 1.9392-4.6933zm-14.138 11.112a15.453 15.453 0 0 1-4.5981 0l-0.2381 1.5688a16.993 16.993 0 0 0 5.0743 0zm10.053-6.0717a15.4 15.4 0 0 1-3.2515 3.2488l0.94184 1.2778a16.958 16.958 0 0 0 3.5875-3.5769zm-3.2515-21.456a15.4 15.4 0 0 1 3.2515 3.2515l1.2778-0.95242a16.958 16.958 0 0 0-3.5769-3.5769zm-21.453 3.2515a15.4 15.4 0 0 1 3.2515-3.2515l-0.95243-1.2778a16.958 16.958 0 0 0-3.5769 3.5769zm26.85 0.34923-1.3598 0.81485a15.302 15.302 0 0 1 1.7593 4.2489l1.5398-0.38097a16.869 16.869 0 0 0-1.9392-4.6828zm-16.797-6.4209a15.453 15.453 0 0 1 4.5981 0l0.23811-1.5689a16.993 16.993 0 0 0-5.0743 0zm-9.2385 29.224-3.2779 0.76459 0.76459-3.2779-1.545-0.36245-0.76459 3.2779a1.5874 1.5874 0 0 0 1.9075 1.9075l3.2753-0.75136zm-3.7277-4.2912 1.545 0.3598 0.52913-2.2726a15.279 15.279 0 0 1-1.7064-4.1642l-1.5398 0.38097a16.805 16.805 0 0 0 1.5609 4.024zm7.4078 3.4393-2.2726 0.52913 0.35981 1.545 1.672-0.3889a16.805 16.805 0 0 0 4.024 1.5609l0.38097-1.5398a15.279 15.279 0 0 1-4.1536-1.717zm7.8575-26.956a13.757 13.757 0 0 0-11.641 21.078l-1.3228 5.6431 5.6431-1.3228a13.757 13.757 0 1 0 7.3204-25.398z" transform="translate(-88.068 -131.57)"/></g></svg>
+<svg fill="none" height="160" viewBox="0 0 160 160" width="160" xmlns="http://www.w3.org/2000/svg"><g fill="#3b45fd"><path d="m80 0c4.1505 0 8.2271.31607 12.2072.925452l-1.1444 7.413248c-3.6069-.55226-7.3014-.8387-11.0628-.8387-3.7612 0-7.4555.28641-11.0623.83862l-1.1444-7.413245c3.9799-.609332 8.0564-.925375 12.2067-.925375z"/><path d="m98.9849 2.26619-1.7798 7.28755c7.3099 1.77896 14.1849 4.66606 20.4389 8.47306l3.895-6.411c-6.901-4.20091-14.488-7.38658-22.5541-9.34961z"/><path d="m127.279 15.4591-4.432 6.0507c5.977 4.3861 11.257 9.6664 15.643 15.6437l6.051-4.4324c-4.84-6.5957-10.666-12.4222-17.262-17.262z"/><path d="m148.384 38.4618-6.411 3.8942c3.807 6.2541 6.694 13.1299 8.473 20.4395l7.288-1.7798c-1.963-8.0657-5.149-15.6528-9.35-22.5539z"/><path d="m159.075 67.7934-7.414 1.1444c.553 3.6067.839 7.301.839 11.0622 0 3.7614-.286 7.4559-.839 11.0628l7.414 1.1444c.609-3.9801.925-8.0567.925-12.2072 0-4.1503-.316-8.2267-.925-12.2066z"/><path d="m141.973 117.645c3.807-6.255 6.694-13.13 8.473-20.44l7.288 1.7798c-1.963 8.0662-5.149 15.6532-9.35 22.5542z"/><path d="m138.49 122.847 6.051 4.432c-4.84 6.596-10.666 12.422-17.262 17.262l-4.433-6.051c5.978-4.386 11.258-9.666 15.644-15.643z"/><path d="m117.644 141.973 3.894 6.411c-6.901 4.201-14.488 7.387-22.5537 9.35l-1.7798-7.288c7.3095-1.779 14.1855-4.666 20.4395-8.473z"/><path d="m91.0622 151.661 1.1445 7.414c-3.9799.609-8.0564.925-12.2067.925-4.1505 0-8.2272-.316-12.2073-.925l1.1442-7.413c3.6054.552 7.2997.838 11.0631.838 3.7612 0 7.4555-.286 11.0622-.839z"/><path d="m62.7945 150.448-1.7794 7.286c-6.0589-1.475-11.8477-3.639-17.2785-6.406l-7.5927 1.772-1.7042-7.304 10.2604-2.394 2.4408 1.243c4.9187 2.506 10.1623 4.467 15.6536 5.803z"/><path d="m28.1097 147.273 1.7042 7.304-13.0145 3.036c-8.66079 2.021-16.433718-5.752-14.41286-14.412l3.03673-13.015 7.30383 1.704-3.03675 13.015c-.75782 3.248 2.15705 6.162 5.40485 5.405z"/><path d="m14.2041 125.56-7.30383-1.704 1.77163-7.593c-2.76664-5.431-4.93123-11.22-6.40585-17.2787l7.28586-1.7794c1.33599 5.4911 3.29709 10.7351 5.80279 15.6541l1.2435 2.441z"/><path d="m8.33759 91.0624-7.412228 1.1442c-.609324-3.9799-.925362-8.0563-.925362-12.2066 0-4.1505.316067-8.2271.925446-12.2072l7.413244 1.1444c-.55225 3.607-.83869 7.3014-.83869 11.0628 0 3.7631.28613 7.4572.83759 11.0624z"/><path d="m9.55373 62.795-7.28755-1.7798c1.96302-8.0657 5.1487-15.6528 9.34962-22.5539l6.411 3.8942c-3.807 6.2541-6.6941 13.1299-8.47307 20.4395z"/><path d="m21.5098 37.1531-6.0507-4.4324c4.8398-6.5957 10.6663-12.4221 17.262-17.2619l4.4324 6.0507c-5.9773 4.3861-11.2576 9.6663-15.6437 15.6436z"/><path d="m42.356 18.0266-3.8943-6.4111c6.9011-4.20082 14.4882-7.38645 22.554-9.34944l1.7798 7.28755c-7.3096 1.77899-14.1854 4.66589-20.4395 8.47299z"/><path d="m145 80c0 35.899-29.101 65-65 65-11.3866 0-22.0893-2.928-31.3965-8.072-.8961-.495-1.9417-.658-2.9389-.426l-28.9134 6.747 6.7465-28.914c.2326-.997.0692-2.043-.426-2.939-5.1439-9.307-8.0717-20.0095-8.0717-31.396 0-35.8985 29.1015-65 65-65 35.899 0 65 29.1015 65 65z"/></g></svg>

theme/assets/javascripts/discourse-topics.js

@@ -1,170 +0,0 @@
-/**
- * @overview Generates a list of topics on a Discourse forum.
- * @author Jonah Aragon <jonah@triplebit.net>
- * @version 3.1.0
- * @license
- * Copyright (c) 2023 - 2024 Jonah Aragon
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-async function getData(url) {
-  const response = await fetch(url);
-  return response.json()
-}
-
-async function main() {
-  const elements = document.querySelectorAll("ul[data-forum]");
-
-  for (let j = 0; j < elements.length; j++) {
-
-    var topics = elements[j];
-    var dataset = topics.dataset;
-
-    console.log("Fetching data from " + dataset.feed)
-    const data = await getData(dataset.feed);
-    var list = data['topic_list']['topics'];
-    var profiles = data['users'];
-    var count = dataset.count;
-
-    for (var i = 0; i < count; i++) {
-
-      if (list[i]['pinned'] == true) {
-        count++;
-        continue;
-      }
-
-      var title = list[i]['title'];
-      var id = list[i]['id'];
-
-      var topic = document.createElement("li");
-      topic.className = "discourse-topic";
-
-      var h3 = document.createElement('p');
-      h3.className = "discourse-title";
-      var a1 = document.createElement('a');
-
-      a1.href = dataset.forum + '/t/' + id;
-
-      var boldTitle = document.createElement('strong');
-      boldTitle.innerText = title;
-      a1.appendChild(boldTitle);
-      h3.appendChild(a1);
-
-      var authorinfo = document.createElement('p');
-      authorinfo.className = "discourse-author";
-
-      var author_id = list[i]['posters'][0]['user_id'];
-      var author_data = profiles.find(profile => profile['id'] == author_id);
-      var author = document.createElement('span');
-      author.className = "discourse-author";
-      var avatar = document.createElement('img');
-      avatar.src = dataset.forum + author_data['avatar_template'].replace("{size}", "40");
-      avatar.width = 20;
-      avatar.height = 20;
-      avatar.className = "middle";
-      avatar.loading = "lazy";
-      avatar.ariaHidden = "true";
-      avatar.alt = "";
-      author.appendChild(avatar);
-      var namespan = document.createElement('span');
-      namespan.innerText = " Posted by " + author_data['username'];
-      author.appendChild(namespan);
-      authorinfo.appendChild(author);
-
-      var postinfo = document.createElement('p');
-      postinfo.className = "discourse-data";
-
-      var dateIcon = document.createElement('span');
-      dateIcon.className = "twemoji";
-      dateIcon.innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"></path></svg>';
-
-      var date = document.createElement('span');
-      date.className = "discourse-date";
-      var datestring = list[i]['bumped_at'];
-      var dateobject = new Date(datestring);
-      var now = new Date();
-      var diff = now - dateobject;
-      var minutes = Math.floor(diff / 60000);
-      var hours = Math.floor(minutes / 60);
-      var days = Math.floor(hours / 24);
-      if (days > 0) {
-        if (days == 1) {
-          date.innerText = " 1 day ago ";
-        }
-        else {
-          date.innerText = " " + days + " days ago ";
-        }
-      }
-      else if (hours > 0){
-        if (hours == 1) {
-          date.innerText = " 1 hour ago ";
-        }
-        else {
-          date.innerText = " " + hours + " hours ago ";
-        }
-      }
-      else {
-        if (minutes == 1) {
-          date.innerText = " 1 minute ago ";
-        }
-        else {
-          date.innerText = " " + minutes + " minutes ago ";
-        }
-      }
-      postinfo.appendChild(dateIcon);
-      postinfo.appendChild(date);
-
-      var likesicon = document.createElement('span');
-      likesicon.classList = "twemoji pg-red";
-      likesicon.innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m12 21.35-1.45-1.32C5.4 15.36 2 12.27 2 8.5 2 5.41 4.42 3 7.5 3c1.74 0 3.41.81 4.5 2.08C13.09 3.81 14.76 3 16.5 3 19.58 3 22 5.41 22 8.5c0 3.77-3.4 6.86-8.55 11.53L12 21.35Z"></path></svg>';
-
-      var likes = document.createElement('span');
-      likes.className = "discourse-likes";
-      likes.innerText = " " + list[i]['like_count'] + " ";
-      postinfo.appendChild(likesicon);
-      postinfo.appendChild(likes);
-
-      var replyIcon = document.createElement('span');
-      replyIcon.classList = "twemoji";
-      replyIcon.innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M10 9V5l-7 7 7 7v-4.1c5 0 8.5 1.6 11 5.1-1-5-4-10-11-11Z"></path></svg>';
-
-      var replies = document.createElement('span');
-      replies.className = "discourse-replies";
-
-      var reply_count = list[i]['posts_count'] - 1;
-      if (reply_count == 1) {
-        replies.innerText = "1 Reply"
-      }
-      else {
-        replies.innerText = " " + reply_count
-      }
-      postinfo.appendChild(replyIcon);
-      postinfo.appendChild(replies);
-
-      topic.appendChild(h3);
-      topic.appendChild(document.createElement('hr'));
-      topic.appendChild(authorinfo);
-      topic.appendChild(postinfo);
-      topics.appendChild(topic);
-    }
-  }
-}
-
-main();

theme/home.html

@@ -52,11 +52,10 @@
   {% if config.theme.language == "en" %}
     <h2>Top discussions this week</h2>
     <div class="grid cards">
-      <ul
-        class="topics-list"
-        data-forum="https://discuss.privacyguides.net"
-        data-feed="https://discuss.privacyguides.net/top.json?period=weekly"
-        data-count="3">
+      <ul>
+        <!-- start top posts -->
+
+        <!-- end top posts -->
       </ul>
 
     </div>
@@ -103,11 +102,10 @@
     <div class="mdx-discourse-topics">
       <h3>Latest discussions</h3>
       <div class="grid cards">
-        <ul
-          class="topics-list"
-          data-forum="https://discuss.privacyguides.net"
-          data-feed="https://discuss.privacyguides.net/latest.json"
-          data-count="12">
+        <ul>
+          <!-- start latest posts -->
+
+          <!-- end latest posts -->
         </ul>
       </div>
       <noscript>
@@ -120,7 +118,3 @@
     </div>
   {% endif %}
 {% endblock %}
-{% block scripts %}
-  <script defer src="{{ 'assets/javascripts/discourse-topics.js' | url }}"></script>
-  {{ super() }}
-{% endblock %}