update: Tidy up Cryptocurrency page and recommend places to buy Monero (#2823)

Signed-off-by: redoomed1 <161974310+redoomed1@users.noreply.github.com>
Signed-off-by: fria <138676274+friadev@users.noreply.github.com>
Signed-off-by: Daniel Gray <dngray@privacyguides.org>

.github/CODEOWNERS

@@ -1,4 +1,30 @@
+# Org
+
+/docs/about/ @jonaharagon
+CODE_OF_CONDUCT.md @jonaharagon
+CITATION.cff @jonaharagon
+LICENSE @jonaharagon @dngray
+LICENSE-CODE @jonaharagon
+README.md @jonaharagon @dngray
+
+# Config
+
+/mkdocs.yml @jonaharagon
+/mkdocs.blog.yml @jonaharagon
+/crowdin.yml @jonaharagon
+/includes/ @jonaharagon
+
+# Ops
+
+Dockerfile @jonaharagon
+/Pipfile @jonaharagon
+/Pipfile.lock @jonaharagon
+/.github/ @jonaharagon
+/run.sh @jonaharagon
+/modules/ @jonaharagon
+
 # High-traffic pages
+
 /blog/index.md @jonaharagon @freddy-m
 /docs/index.md @jonaharagon @dngray
 /theme/home.html @jonaharagon @dngray
@@ -7,14 +33,25 @@
 /theme/partials/ @jonaharagon
 /theme/layouts/ @jonaharagon
 
+# Financial-Related
+
+/docs/about/donate.md @jonaharagon @SamsungGalaxyPlayer
+/docs/cryptocurrency.md @jonaharagon @SamsungGalaxyPlayer
+/docs/financial-services.md @jonaharagon @SamsungGalaxyPlayer
+/docs/advanced/payments.md @jonaharagon @SamsungGalaxyPlayer
+
 # Blog authors
+
 /blog/.authors.yml @jonaharagon @dngray @freddy-m
+/blog/author/ @jonaharagon @dngray @freddy-m
 /blog/author/dngray.md @dngray
 /blog/author/freddy.md @freddy-m
 /blog/author/jonah.md @jonaharagon
 /blog/author/niek-de-wilde.md @blacklight447
 
 # Blog posts
+
+/blog/posts/ @jonaharagon
 /blog/posts/firefox-privacy-2021-update.md @dngray
 /blog/posts/firefox-privacy.md @jonaharagon
 /blog/posts/hide-nothing.md @freddy-m
@@ -27,25 +64,3 @@
 /blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md @jonaharagon
 /blog/posts/virtual-insanity.md @freddy-m
 /blog/posts/welcome-to-privacy-guides.md @jonaharagon
-
-# Org
-/docs/about/ @jonaharagon
-CODE_OF_CONDUCT.md @jonaharagon
-CITATION.cff @jonaharagon
-LICENSE @jonaharagon @dngray
-LICENSE-CODE @jonaharagon
-README.md @jonaharagon @dngray
-
-# Config
-/mkdocs.yml @jonaharagon
-/mkdocs.blog.yml @jonaharagon
-/crowdin.yml @jonaharagon
-/includes/ @jonaharagon
-
-# Ops
-Dockerfile @jonaharagon
-/Pipfile @jonaharagon
-/Pipfile.lock @jonaharagon
-/.github/ @jonaharagon
-/run.sh @jonaharagon
-/modules/ @jonaharagon

.github/workflows/build.yml

@@ -176,6 +176,24 @@ jobs:
         run: |
           eval ./run.sh --build --lang=${{ inputs.lang }} "$EXTRA_FLAGS"
 
+      - name: Run index-generation.sh for top posts
+        if: inputs.lang == 'en'
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/top.json?period=weekly' \
+            --tag="top posts" \
+            --destination="./site/en/index.html" \
+            --count=3
+
+      - name: Run index-generation.sh for latest posts
+        if: inputs.lang == 'en'
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/latest.json' \
+            --tag="latest posts" \
+            --destination="./site/en/index.html" \
+            --count=12
+
       - name: Package Website
         run: |
           tar -czf site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz site

.github/workflows/update-discussions.yml

@@ -0,0 +1,82 @@
+# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+name: 🔄 Update Discussions
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "*/30 * * * *"
+
+permissions:
+  contents: read
+
+jobs:
+  generate:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    environment:
+      name: production
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: "false"
+          fetch-depth: 1
+
+      - name: Create site/en directory
+        run: mkdir -p site/en
+
+      - name: Update Discussions
+        uses: yakubique/minio-download@v1.1.1
+        with:
+          endpoint: https://${{ vars.PROD_GARAGE_HOSTNAME }}
+          access_key: ${{ secrets.PROD_GARAGE_KEY_ID }}
+          secret_key: ${{ secrets.PROD_GARAGE_SECRET_KEY }}
+          bucket: ${{ vars.PROD_GARAGE_BUCKET }}
+          source: /en/index.html
+          target: ./site/en/
+
+      - name: Run index-generation.sh for top posts
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/top.json?period=weekly' \
+            --tag="top posts" \
+            --destination="./site/en/index.html" \
+            --count=3
+
+      - name: Run index-generation.sh for latest posts
+        run: |
+          bash index-generation.sh \
+            --source='https://discuss.privacyguides.net/latest.json' \
+            --tag="latest posts" \
+            --destination="./site/en/index.html" \
+            --count=12
+
+      - name: Upload modified index
+        uses: yakubique/minio-upload@v1.1.3
+        with:
+          endpoint: https://${{ vars.PROD_GARAGE_HOSTNAME }}
+          access_key: ${{ secrets.PROD_GARAGE_KEY_ID }}
+          secret_key: ${{ secrets.PROD_GARAGE_SECRET_KEY }}
+          bucket: ${{ vars.PROD_GARAGE_BUCKET }}
+          source: ./site/en/index.html
+          target: /en

blog/posts/pwa-vs-iwa.md

@@ -0,0 +1,45 @@
+---
+date:
+    created: 2024-11-30
+categories:
+    - Opinion
+authors:
+    - fria
+tags:
+    - PWA
+    - IWA
+    - Web
+license: BY-SA
+---
+# State of the Web App: Current Woes and Promising Futures
+
+The concept of a [progressive web app](https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps) is enticing: an application using web technologies that is inherently cross platform (since it runs in a browser) and acts like a native app, even functioning offline. Support for PWAs in traditionally locked-down platforms like iOS means that PWAs can give users the freedom to install apps without having to go through Apple’s App Store. But there are problems with web content that PWAs haven't solved.<!-- more -->
+
+## Current Web-Based Apps
+
+Attempts at similar things have been made before, the most infamous of which is [Electron](https://www.electronjs.org). Electron is a software framework that allows developers to easily create cross-platform apps by essentially bundling an entire Chromium browser in with the app. This approach has its [drawbacks](https://usa.kaspersky.com/blog/electron-framework-security-issues/28952/?srsltid=AfmBOor_UcYY-84soHz5K2ULTmhlX44-DsIfJp_StotBrusD63MweSGO), though. Browsers have huge attack surface so it's important to keep them updated with the latest security fixes, but many Electron apps ship outdated versions, leaving those apps vulnerable. Each Electron app has its own version of Chromium with its own attack surface, amounting to a performance and security nightmare. In contrast, PWAs use the browser that you already have installed, so as long as you keep it updated, all your apps will have the latest security fixes.
+
+So why isn't every Electron app shipping as a PWA? The answer is an age-old problem with web content: the fact that you have to trust the server fully. You make an HTML GET request and you're served the content (i.e., the site's HTML, CSS, and JavaScript), but if the server is compromised, you'll be served a compromised website. You also need to rely on the security of DNS name resolution and the [certificate authority](https://www.digicert.com/blog/what-is-a-certificate-authority) system. This is a huge problem for security-sensitive applications like messengers. An attacker that gains access to their server—even just temporarily—could distribute compromised clients to millions of people, potentially breaking E2EE or executing a host of other malicious actions.
+
+## Improving Web Apps
+
+A typical native app is downloaded onto your computer from some kind of trusted place like an app store and only receives updates when the developers push them out. Additionally, there's usually a process of checks and verification before that happens, like Apple's [App Review](https://developer.apple.com/distribute/app-review) and the Google Play [App Review](https://support.google.com/googleplay/android-developer/answer/9859455) process. In contrast to PWAs, with which the threat of an attacker with server access constantly looms, it's much more difficult to target a particular person. In other words, a malicious app update is much less likely to escape scrutiny than a highly targeted attack via compromised servers.
+
+Isolated Web Apps (IWAs) build on the work done on PWAs and [Web Packaging](https://github.com/WICG/webpackage). They are a specification that allows web content to be distributed offline outside of a browser, much like a traditional app. It can be signed just like a regular app too, allowing you to verify that it came from the proper place and hasn't been modified. You could install an IWA from your favorite app store just like any other app and have the same security assurances. This would be incredibly useful in allowing for cross-platform E2EE web apps that don't need to trust a server every time you use them.
+
+Google [distinguishes](https://chromeos.dev/en/web/isolated-web-apps) between the drive by web, PWAs, and IWAs. The drive by web requires more conservative access to the system as the most accessible and is therefore least trusted. PWAs are a bit more trusted and can integrate a bit more deeply into the system as a result. IWAs are the most trusted and, as such, can have deeper access into the system and more powerful capabilities.
+
+<figure markdown>
+  ![Diagram showing the drive by web, a PWA, and then a dotted line separating them from IWAs](../assets/images/pwa-vs-iwa/iwa-diagram.png)
+  <figcaption>source: <a href="https://chromeos.dev/en/web/isolated-web-apps">chromeos.dev</a></figcaption>
+</figure>
+
+This higher security assurance from isolated and signed web applications and the inherently more trusted nature of a natively installed app will allow for IWAs to safely access APIs which wouldn't be safe to allow normal websites to access, like [Direct Sockets](https://github.com/WICG/direct-sockets/blob/main/docs/explainer.md).
+
+IWAs use a totally new [URL scheme](https://github.com/WICG/isolated-web-apps/blob/main/Scheme.md) since they're not relying on HTTPS certificate authorities or DNS. They're totally isolated from each other and the web using enforced Content Security Policy and Cross-Origin Isolation, hence the name.
+
+## Issues
+
+The [Worldwide Web Consortium](https://www.w3.org) currently has an open issue on their GitHub for IWAs with some interesting discussions that are worth checking out. There are some [criticisms](https://github.com/w3ctag/design-reviews/issues/842#issuecomment-1989631915) of IWAs, at least in their current form. A big point of contention is giving IWAs access to more powerful features like raw TCP and UDP socket access, similar to what a natively installed app might be able to do, which Martin Thomson at Mozilla argues is dangerous even with user consent. Martin wrote a nice in-depth [article](https://lowentropy.net/posts/bundles) on bundling web content that's worth checking out on their website. It'll be a long process of iterating on the design before a version of this idea that's secure and available across browsers.
+
+Right now, Chrome ships the feature [enabled by default](https://chromestatus.com/feature/5146307550248960) but only on ChromeOS for admin-controlled machines and select development partners of Google. Safari and Firefox haven't implemented the feature, with [Firefox](https://github.com/mozilla/standards-positions/issues/799#issuecomment-2342084330) taking a stance against it. Perhaps in its trial run, the technology will prove its potential, or maybe IWAs aren't the best solution after all and another attempt at improving web apps will come along. I'll be watching with great interest either way.

blog/tags.md

@@ -1,3 +1,3 @@
-# Tag Index
+# Tags
 
 <!-- material/tags -->

docs/about.md

@@ -19,7 +19,7 @@ schema:
 
 **Privacy Guides** is a socially motivated website that provides information for protecting your data security and privacy. We are a non-profit project with a mission to inform the public about the value of digital privacy, and about global government initiatives which aim to monitor your online activity. Our website is free of advertisements and not affiliated with any of the listed providers.
 
-[:material-heart:{.pg-red} Make a Donation](about/donate.md){ .md-button .md-button--primary }
+[:material-heart:{.pg-red} Make a Donation](https://donate.magicgrants.org/privacyguides){ .md-button .md-button--primary }
 [:octicons-home-16:](https://www.privacyguides.org){ .card-link title=Homepage }
 [:octicons-code-16:](https://github.com/privacyguides/privacyguides.org){ .card-link title="Source Code" }
 

docs/about/donate.md

@@ -9,15 +9,20 @@ Privacy Guides has been a nonstop effort for over 5 years to stay up to date wit
 
 ## Donate
 
-Currently, the best way to support our work is to send a monthly or one-time contribution via GitHub Sponsors. We will be able to accept donations via alternate payment platforms very soon.
+MAGIC Grants is our fiscal host, and their custom, open-source donation platform allows you to donate to our project with **Monero**, **Bitcoin**, or **debit/credit card**.
 
-[:material-heart:{ .pg-red } Sponsor us on GitHub](https://github.com/sponsors/privacyguides){ class="md-button md-button--primary" }
+[:material-heart:{ .pg-red } Donate](https://donate.magicgrants.org/privacyguides){ class="md-button md-button--primary" }
+[Sponsor on GitHub](https://github.com/sponsors/privacyguides){ class="md-button" }
 
-A new donation platform we control to make donating easier will be deployed soon. In the meantime, if you'd like to arrange a donation (including with cryptocurrency), please reach out to [info@magicgrants.org](mailto:info@magicgrants.org).
+Donating with Monero will maximize your donation by lowering our transaction fees while simultaneously [preserving your privacy](../cryptocurrency.md), win-win! You can also donate to us via GitHub Sponsors if you prefer, or if you would like to publicize your support. GitHub does not charge us any fees if you donate as an individual, but may charge us fees if you donate with a GitHub organization, if this is a concern for you.
 
 ## How We Use Donations
 
-Privacy Guides is a **non-profit** organization. We use donations for a variety of purposes, including:
+Privacy Guides is a **non-profit** project. Your donation will go to a [dedicated fund](https://magicgrants.org/funds/privacy_guides) within [MAGIC Grants](https://magicgrants.org), a 501(c)(3) organization and our fiscal host. The funds will **only** be used for this project specifically.
+
+You may qualify for a tax deduction. When you donate to us [here](https://donate.magicgrants.org/privacyguides) with cryptocurrency or card you have the option to receive a receipt from MAGIC Grants for this purpose. If you have questions about other transactions please email <info@magicgrants.org>.
+
+We use donations for a variety of purposes, including:
 
 **Web Hosting**
 
@@ -25,7 +30,7 @@ Privacy Guides is a **non-profit** organization. We use donations for a variety
 
 **Payroll**
 
-:   We currently have one paid part-time [position](../about.md#staff) which handles day-to-day tasks like system administration, writing regular product reviews, posting our weekly show, creating course content, etc. In the future, we would like to be able to hire full-time journalists and writers to review products and create more educational content.
+:   We are endeavoring to [hire](jobs.md) full-time journalists and writers to review products and create more educational content on a regular basis.
 
 **Domain Registrations**
 
@@ -39,8 +44,6 @@ Privacy Guides is a **non-profit** organization. We use donations for a variety
 
 :   We occasionally purchase products and services for the purposes of testing our [recommended tools](../tools.md).
 
-Your donation will go to a [dedicated fund](https://magicgrants.org/funds/privacy_guides) within [MAGIC Grants](https://magicgrants.org), a 501(c)(3) organization. The funds will only be used for this project specifically. You may qualify for a tax deduction. If you need a donation receipt, please email <info@magicgrants.org>.
-
 Thank you to all those who support our mission! :material-heart:{ .pg-red }
 
 We strictly **cannot** use donations to support political campaigns/candidates or attempt to influence legislation. Earnings also will **not** inure to the benefit of any private shareholder or individual.

docs/about/jobs.md

@@ -3,7 +3,7 @@ title: Job Openings
 description: Privacy Guides has a small, remote team of privacy researchers and advocates. Any open positions we may have in the future will be posted here.
 ---
 
-Privacy Guides has a small, remote team of privacy researchers and advocates working to further our mission of protecting free expression and promoting privacy-respecting technology. As a non-profit, we are expanding very slowly to ensure the project is sustainable in the long term. All of our team members are listed [here](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all). Please consider [donating](donate.md) to support our cause.
+Privacy Guides has a small, remote team of privacy researchers and advocates working to further our mission of protecting free expression and promoting privacy-respecting technology. As a non-profit, we are expanding very slowly to ensure the project is sustainable in the long term. All of our team members are listed [here](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all). Please consider [donating](https://donate.magicgrants.org/privacyguides) to support our cause.
 
 We are occasionally looking for strong journalistic writers, product reviewers, and privacy experts to help us out, and any open positions will be posted below.
 
@@ -11,22 +11,4 @@ We are occasionally looking for strong journalistic writers, product reviewers,
 
 ## Open Positions
 
-<div class="grid cards" markdown>
-
-- :material-video-box:{ .lg .middle } **Content Creator**
-
-    ---
-
-    Full-Time | Remote | \$20-$25/hour
-
-    [View posting :material-arrow-right-drop-circle:](jobs/content-creator.md)
-
-- :material-file-document-edit:{ .lg .middle } **Journalist**
-
-    ---
-
-    Full-Time | Remote | \$20-$25/hour
-
-    [View posting :material-arrow-right-drop-circle:](jobs/journalist.md)
-
-</div>
+There are no open positions at this time.

docs/about/jobs/content-creator.md

@@ -5,6 +5,13 @@ description: Privacy Guides is looking for a video producer and host for informa
 
 [:material-arrow-left-drop-circle: Job Openings](../jobs.md)
 
+<div class="admonition info" markdown>
+<p class="admonition-title">Position Closed</p>
+
+Thank you for your interest in this position at Privacy Guides. At this time we are no longer accepting new applications, but please follow our [job openings](../jobs.md) page to learn about future opportunities.
+
+</div>
+
 Are you passionate about privacy and cybersecurity?
 
 Privacy Guides is an international nonprofit dedicated to producing top-tier, unbiased educational content and journalism, and to fostering safe and informative online communities to discuss technical topics around improving personal privacy and cybersecurity.
@@ -53,7 +60,12 @@ For this position, our hiring pay range falls between \$20-$25 / hour USD. The b
 
 ---
 
-**To apply, please send a video cover letter (no more than 5 minutes) and resume to <jobs@privacyguides.org>, and include the name of this position in the subject line. Feel free to include any other information or examples of your work that you think we may find relevant if you'd like.**
+<div class="admonition info" markdown>
+<p class="admonition-title">Position Closed</p>
+
+Thank you for your interest in this position at Privacy Guides. At this time we are no longer accepting new applications, but please follow our [job openings](../jobs.md) page to learn about future opportunities.
+
+</div>
 
 Privacy Guides is fiscally hosted by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity. MAGIC Grants is an equal opportunity employer. MAGIC Grants does not discriminate against any applicant or employee because of age, color, sex, disability, national origin, race, religion, sexual orientation, sexual identity, veteran status, or other protected characteristic.
 

docs/about/jobs/intern-news.md

@@ -10,8 +10,6 @@ description: Privacy Guides is looking for an intern to discover and promote rel
 
 Thank you for your interest in this position at Privacy Guides. At this time we are no longer accepting new applications, but please follow our [job openings](../jobs.md) page to learn about future opportunities.
 
-As of November 14, 2024, we may still be reaching out to existing candidates. If you previously applied, please keep an eye on your inbox!
-
 </div>
 
 Are you passionate about privacy and cybersecurity?
@@ -49,8 +47,6 @@ This is a 6-month contract paying $15 / hour USD, with the optional opportunity
 
 Thank you for your interest in this position at Privacy Guides. At this time we are no longer accepting new applications, but please follow our [job openings](../jobs.md) page to learn about future opportunities.
 
-As of November 14, 2024, we may still be reaching out to existing candidates. If you previously applied, please keep an eye on your inbox!
-
 </div>
 
 Privacy Guides is fiscally hosted by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity. MAGIC Grants is an equal opportunity employer. MAGIC Grants does not discriminate against any applicant or employee because of age, color, sex, disability, national origin, race, religion, sexual orientation, sexual identity, veteran status, or other protected characteristic.

docs/about/jobs/journalist.md

@@ -5,6 +5,13 @@ description: Privacy Guides is looking for a determined and focused journalist t
 
 [:material-arrow-left-drop-circle: Job Openings](../jobs.md)
 
+<div class="admonition info" markdown>
+<p class="admonition-title">Position Closed</p>
+
+Thank you for your interest in this position at Privacy Guides. At this time we are no longer accepting new applications, but please follow our [job openings](../jobs.md) page to learn about future opportunities.
+
+</div>
+
 Are you passionate about privacy and cybersecurity?
 
 Privacy Guides is an international nonprofit dedicated to producing top-tier, unbiased educational content and journalism, and to fostering safe and informative online communities to discuss technical topics around improving personal privacy and cybersecurity.
@@ -54,7 +61,12 @@ For this position, our hiring pay range falls between \$20-$25 / hour USD. The b
 
 ---
 
-**To apply, please send a cover letter and resume to <jobs@privacyguides.org>, and include the name of this position in the subject line. Feel free to include any other information or examples of your work that you think we may find relevant if you'd like.**
+<div class="admonition info" markdown>
+<p class="admonition-title">Position Closed</p>
+
+Thank you for your interest in this position at Privacy Guides. At this time we are no longer accepting new applications, but please follow our [job openings](../jobs.md) page to learn about future opportunities.
+
+</div>
 
 Privacy Guides is fiscally hosted by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity. MAGIC Grants is an equal opportunity employer. MAGIC Grants does not discriminate against any applicant or employee because of age, color, sex, disability, national origin, race, religion, sexual orientation, sexual identity, veteran status, or other protected characteristic.
 

docs/advanced/payments.md

@@ -3,33 +3,33 @@ title: Private Payments
 icon: material/hand-coin
 description: Your buying habits are the holy grail of ad targeting, but you still have plenty of options when it comes to making payments privately.
 ---
-There's a reason data about your buying habits is considered the holy grail of ad targeting: your purchases can leak a veritable treasure trove of data about you. Unfortunately, the current financial system is anti-privacy by design, enabling banks, other companies, and governments to easily trace transactions. Nevertheless, you have plenty of options when it comes to making payments privately.
+Data about your buying habits is considered the holy grail of ad targeting: your purchases can leak a veritable treasure trove of data about you. Unfortunately, the current financial system is anti-privacy by design, enabling banks, other companies, and governments to easily trace transactions. Nevertheless, you have plenty of options when it comes to making payments privately.
 
 ## Cash
 
-For centuries, **cash** has functioned as the primary form of private payment. Cash has excellent privacy properties in most cases, is widely accepted in most countries, and is **fungible**, meaning it is non-unique and completely interchangable.
+For centuries, **cash** has functioned as the primary form of private payment. Cash has excellent privacy properties in most cases, is widely accepted in most countries, and is **fungible**, meaning it is non-unique and completely interchangeable.
 
-Cash payment laws vary by country. In the United States, special disclosure is required for cash payments over $10,000 to the IRS on [Form 8300](https://irs.gov/businesses/small-businesses-self-employed/form-8300-and-reporting-cash-payments-of-over-10000). The receiving business is required to ID verify the payee’s name, address, occupation, date of birth, and Social Security Number or other TIN (with some exceptions). Lower limits without ID such as $3,000 or less exist for exchanges and money transmission. Cash also contains serial numbers. These are almost never tracked by merchants, but they can be used by law enforcement in targeted investigations.
+Cash payment laws vary by country. In the United States, special disclosure is required for cash payments over $10,000 to the IRS on [Form 8300](https://irs.gov/businesses/small-businesses-self-employed/form-8300-and-reporting-cash-payments-of-over-10000). The receiving business is required to ID verify the payee’s name, address, occupation, date of birth, and Social Security Number or other TIN (with some exceptions). Regulated exchanges, banks, and money services businesses must collect an ID for transactions exceeding $3,000. Cash contains serial numbers to assist law enforcement in targeted investigations.
 
-Despite this, it’s typically the best option.
+Despite the above, cash is typically the best option when available.
 
 ## Prepaid Cards & Gift Cards
 
-It’s relatively simple to purchase gift cards and prepaid cards at most grocery stores and convenience stores with cash. Gift cards usually don’t have a fee, though prepaid cards often do, so pay close attention to these fees and expiry dates. Some stores may ask to see your ID at checkout to reduce fraud.
+You can easily purchase gift cards and prepaid cards at most grocery stores and convenience stores with cash. Gift cards usually don’t have a fee, though prepaid cards often do, so pay close attention to these fees and expiry dates. Some stores may ask to see your ID at checkout in an effort to reduce fraud.
 
 Gift cards usually have limits of up to $200 per card, but some offer limits of up to $2,000 per card. Prepaid cards (e.g.: from Visa or Mastercard) usually have limits of up to $1,000 per card.
 
 Gift cards have the downside of being subject to merchant policies, which can have terrible terms and restrictions. For example, some merchants don’t accept payment in gift cards exclusively, or they may cancel the value of the card if they consider you to be a high-risk user. Once you have merchant credit, the merchant has a strong degree of control over this credit.
 
-Prepaid cards don’t allow cash withdrawals from ATMs or “peer-to-peer” payments in Venmo and similar apps.
+Prepaid cards usually don’t allow cash withdrawals from ATMs or “peer-to-peer” payments in Venmo and similar apps.
 
-Cash remains the best option for in-person purchases for most people. Gift cards can be useful for the savings they bring. Prepaid cards can be useful for places that don’t accept cash. Gift cards and prepaid cards are easier to use online than cash, and they are easier to acquire with cryptocurrencies than cash.
+Cash remains the best option for in-person purchases for most people. Gift cards are often sold at a discount, which make them attractive. Prepaid cards can be useful for places that don’t accept cash. Gift cards and prepaid cards are easier to use online than cash, and they are easier to acquire with cryptocurrencies than cash.
 
 ### Online Marketplaces
 
-If you have [cryptocurrency](../cryptocurrency.md), you can purchase gift cards with an online gift card marketplace. Some of these services offer ID verification options for higher limits, but they also allow accounts with just an email address. Basic limits start at $5,000-10,000 a day for basic accounts, and significantly higher limits for ID verified accounts (if offered).
+If you have [cryptocurrency](../cryptocurrency.md), you can purchase gift cards with an online gift card marketplace. Some of these services offer high limits (with ID verification), but they usually allow basic, low-limit accounts with just an email address. Expect limits under $10,000 for basic accounts and significantly higher limits for ID verified accounts (if offered).
 
-When buying gift cards online, there is usually a slight discount. Prepaid cards are usually sold online at face value or with a fee. If you buy prepaid cards and gift cards with cryptocurrencies, you should strongly prefer to pay with Monero which provides strong privacy, more on this below. Paying for a gift card with a traceable payment method negates the benefits a gift card can provide when purchased with cash or Monero.
+When buying gift cards online, there is usually a slight discount. Prepaid cards are usually sold online at face value or with a fee. If you buy prepaid cards and gift cards with cryptocurrencies, you should strongly prefer to pay with Monero which provides strong privacy (more on this below). Paying for a gift card with a traceable payment method negates the benefits a gift card can provide when purchased with cash or Monero.
 
 - [Online Gift Card Marketplaces :material-arrow-right-drop-circle:](../financial-services.md#gift-card-marketplaces)
 
@@ -43,14 +43,14 @@ These tend to be good options for recurring/subscription payments online, while
 
 ## Cryptocurrency
 
-Cryptocurrencies are a digital form of currency designed to work without central authorities such as a government or bank. While *some* cryptocurrency projects can allow you to make private transactions online, many use a public blockchain which does not provide any transaction privacy. Cryptocurrencies also tend to be very volatile assets, meaning their value can change rapidly and significantly at any time. As such, we generally don't recommend using cryptocurrency as a long-term store of value. If you decide to use cryptocurrency online, make sure you have a full understanding of its privacy aspects beforehand, and only invest amounts which would not be disastrous to lose.
+Cryptocurrencies are a digital form of currency designed to work without central authorities such as a government or bank. While *some* cryptocurrency projects can allow you to make private transactions online, many use a transparent blockchain which does not provide any transaction privacy. Cryptocurrencies also tend to be very volatile assets, meaning their value can change rapidly and significantly. As such, we generally don't recommend using cryptocurrency as a long-term store of value. If you decide to use cryptocurrency online, make sure you have a full understanding of its privacy aspects beforehand, and only invest amounts which would not be disastrous to lose.
 
 <div class="admonition danger" markdown>
 <p class="admonition-title">Danger</p>
 
-The vast majority of cryptocurrencies operate on a **public** blockchain, meaning that every transaction is public knowledge. This includes even most well-known cryptocurrencies like Bitcoin and Ethereum. Transactions with these cryptocurrencies should not be considered private and will not protect your anonymity.
+The vast majority of cryptocurrencies operate on a **transparent** blockchain, meaning that every transaction's details are public knowledge. This includes most well-known cryptocurrencies like Bitcoin and Ethereum. Transactions with these cryptocurrencies should not be considered private and will not protect your anonymity.
 
-Additionally, many if not most cryptocurrencies are scams. Make transactions carefully with only projects you trust.
+Additionally, many if not most cryptocurrencies are scams. Make transactions carefully with only projects you trust. Transactions are irreversible and do not include any consumer protections.
 
 </div>
 
@@ -60,23 +60,25 @@ There are a number of cryptocurrency projects which purport to provide privacy b
 
 - [Recommended Cryptocurrency :material-arrow-right-drop-circle:](../cryptocurrency.md#monero)
 
-Privacy coins have been subject to increasing scrutiny by government agencies. In 2020, [the IRS published a $625,000 bounty](https://forbes.com/sites/kellyphillipserb/2020/09/14/irs-will-pay-up-to-625000-if-you-can-crack-monero-other-privacy-coins/?sh=2e9808a085cc) for tools which can break Bitcoin Lightning Network and/or Monero's transaction privacy. They ultimately [paid two companies](https://sam.gov/opp/5ab94eae1a8d422e88945b64181c6018/view) (Chainalysis and Integra Fec) a combined $1.25 million for tools which purport to do so (it is unknown which cryptocurrency network these tools target). Due to the secrecy surrounding tools like these, ==none of these methods of tracing cryptocurrencies have been independently confirmed.== However, it is quite likely that tools which assist targeted investigations into private coin transactions exist, and that privacy coins only succeed in thwarting mass surveillance.
+Privacy coins have been subject to increasing scrutiny by government agencies. In 2020, [the IRS published a $625,000 bounty](https://forbes.com/sites/kellyphillipserb/2020/09/14/irs-will-pay-up-to-625000-if-you-can-crack-monero-other-privacy-coins/?sh=2e9808a085cc) for tools which can trace (at least to some extent) Bitcoin Lightning Network and/or Monero transactions. They ultimately [paid two companies](https://sam.gov/opp/5ab94eae1a8d422e88945b64181c6018/view) (Chainalysis and Integra Fec) a combined $1.25 million to further develop tools to do so. Due to the secrecy surrounding tools like these, ==none of these methods of tracing cryptocurrencies have been independently confirmed.== However, it is quite likely that tools which assist targeted investigations into private coin transactions exist, and that privacy coins in their current form only succeed in thwarting mass surveillance.
 
 ### Other Coins (Bitcoin, Ethereum, etc.)
 
-The vast majority of cryptocurrency projects use a public blockchain, meaning that all transactions are both easily traceable and permanent. As such, we strongly discourage the use of most cryptocurrency for privacy-related reasons.
+The vast majority of cryptocurrency projects use a transparent blockchain, meaning that all transactions are both easily traceable and permanent. As such, we strongly discourage the use of most cryptocurrency for privacy-related reasons.
 
-Anonymous transactions on a public blockchain are *theoretically* possible, and the Bitcoin wiki [gives one example of a "completely anonymous" transaction](https://en.bitcoin.it/wiki/Privacy#Example_-_A_perfectly_private_donation). However, doing so requires a complicated setup involving Tor and "solo-mining" a block to generate completely independent cryptocurrency, a practice which has not been practical for nearly any enthusiast for many years.
+Anonymous transactions on a transparent blockchain are *theoretically* possible, and the Bitcoin wiki [gives one example of a "completely anonymous" transaction](https://en.bitcoin.it/wiki/Privacy#Example_-_A_perfectly_private_donation). However, this example requires a complicated setup involving Tor and "solo-mining" a block to generate completely independent cryptocurrency, a practice which has not been practical (even for enthusiasts) for many years.
 
 ==Your best option is to avoid these cryptocurrencies entirely and stick with one which provides privacy by default.== Attempting to use other cryptocurrency is outside the scope of this site and strongly discouraged.
 
 ### Wallet Custody
 
-With cryptocurrency there are two forms of wallets: custodial wallets and noncustodial wallets. Custodial wallets are operated by centralized companies/exchanges, where the private key for your wallet is held by that company, and you can access them anywhere typically with a regular username and password. Noncustodial wallets are wallets where you control and manage the private keys to access it. Assuming you keep your wallet's private keys secured and backed up, noncustodial wallets provide greater security and censorship-resistance over custodial wallets, because your cryptocurrency can't be stolen or frozen by a company with custody over your private keys. Key custody is especially important when it comes to privacy coins: Custodial wallets grant the operating company the ability to view your transactions, negating the privacy benefits of those cryptocurrencies.
+With cryptocurrency there are two forms of wallets: custodial wallets and self-custody wallets. Custodial wallets are operated by centralized companies/exchanges, where the private key for your wallet is held by that company, and you can access them anywhere typically with a regular username and password. Self-custody wallets are wallets where you control and manage the private keys to access it. Assuming you keep your wallet's private keys secured and backed up, self-custody wallets provide greater security and censorship-resistance over custodial wallets, because your cryptocurrency can't be stolen or frozen by a company with custody over your private keys. Key custody is especially important when it comes to privacy coins: Custodial wallets grant the operating company the ability to view your transactions, negating the privacy benefits of those cryptocurrencies.
 
 ### Acquisition
 
-Acquiring [cryptocurrencies](../cryptocurrency.md) like Monero privately can be difficult. P2P marketplaces, platforms which facilitate trades between people, are one option that can be used. If using an exchange which requires KYC is an acceptable risk for you as long as subsequent transactions can't be traced, a much easier option is to purchase Monero on an exchange like [Kraken](https://kraken.com), or purchase Bitcoin/Litecoin from a KYC exchange which can then be swapped for Monero. Then, you can withdraw the purchased Monero to your own noncustodial wallet to use privately from that point forward.
+Acquiring [cryptocurrencies](../cryptocurrency.md) like Monero privately can be difficult. P2P marketplaces (platforms which facilitate trades between people) are one option, though the user experience typically suffers. If using an exchange which requires KYC is acceptable for you as long as subsequent transactions can't be traced, it's much easier to purchase Monero on a centralized exchange or purchase Bitcoin/Litecoin from a KYC exchange which can then be swapped for Monero. Then, you can withdraw the purchased Monero to your own self-custody wallet to use privately from that point forward.
+
+[Recommended places to buy Monero](../cryptocurrency.md#buying-monero){ .md-button }
 
 If you go this route, make sure to purchase Monero at different times and in different amounts than where you will spend it. If you purchase $5000 of Monero at an exchange and make a $5000 purchase in Monero an hour later, those actions could potentially be correlated by an outside observer regardless of which path the Monero took. Staggering purchases and purchasing larger amounts of Monero in advance to later spend on multiple smaller transactions can avoid this pitfall.
 
@@ -85,3 +87,10 @@ If you go this route, make sure to purchase Monero at different times and in dif
 When you're making a payment in-person with cash, make sure to keep your in-person privacy in mind. Security cameras are ubiquitous. Consider wearing non-distinct clothing and a face mask (such as a surgical mask or N95). Don’t sign up for rewards programs or provide any other information about yourself.
 
 When purchasing online, ideally you should do so over [Tor](tor-overview.md). However, many merchants don’t allow purchases with Tor. You can consider using a [recommended VPN](../vpn.md) (paid for with cash, gift card, or Monero), or making the purchase from a coffee shop or library with free Wi-Fi. If you are ordering a physical item that needs to be delivered, you will need to provide a delivery address. You should consider using a PO box, private mailbox, or work address.
+
+<div class="admonition tip" markdown>
+<p class="admonition-title">Important notices</p>
+
+The content here is not legal or financial advice. We do not endorse or encourage illicit activities, and we do not endorse or encourage anything which violates a company's terms of service. Check with a professional to confirm that these recommendations are legal and available in your jurisdiction. [See all notices](../about/notices.md).
+
+</div>

docs/android/distributions.md

@@ -19,17 +19,6 @@ schema:
       "@context": http://schema.org
       "@type": WebPage
       url: "./"
-  -
-    "@context": http://schema.org
-    "@type": CreativeWork
-    name: Divest
-    image: /assets/img/android/divestos.svg
-    url: https://divestos.org/
-    sameAs: https://en.wikipedia.org/wiki/DivestOS
-    subjectOf:
-      "@context": http://schema.org
-      "@type": WebPage
-      url: "./"
 robots: nofollow, max-snippet:-1, max-image-preview:large
 ---
 <small>Protects against the following threat(s):</small>
@@ -70,38 +59,6 @@ By default, Android makes many network connections to Google to perform DNS conn
 
 If you want to hide information like this from an adversary on your network or ISP, you **must** use a [trusted VPN](../vpn.md) in addition to changing the connectivity check setting to **Standard (Google)**. It can be found in :gear: **Settings** → **Network & internet** → **Internet connectivity checks**. This option allows you to connect to Google's servers for connectivity checks, which, alongside the usage of a VPN, helps you blend in with a larger pool of Android devices.
 
-### DivestOS
-
-If GrapheneOS isn't compatible with your phone, DivestOS is a good alternative. It supports a wide variety of phones with *varying* levels of security protections and quality control.
-
-<div class="admonition recommendation" markdown>
-
-![DivestOS logo](../assets/img/android/divestos.svg){ align=right }
-
-**DivestOS** is a soft-fork of [LineageOS](https://lineageos.org).
-DivestOS inherits many [supported devices](https://divestos.org/index.php?page=devices&base=LineageOS) from LineageOS. It has signed builds, making it possible to have [verified boot](../os/android-overview.md#verified-boot) on some non-Pixel devices. Not all supported devices support verified boot or other security features.
-
-[:octicons-home-16: Homepage](https://divestos.org){ .md-button .md-button--primary }
-[:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Onion Service" }
-[:octicons-eye-16:](https://divestos.org/index.php?page=privacy_policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://divestos.org/index.php?page=faq){ .card-link title="Documentation" }
-[:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title="Contribute" }
-
-</div>
-
-The [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) of firmware updates in particular will vary significantly depending on your phone model. While standard AOSP bugs and vulnerabilities can be fixed with standard software updates like those provided by DivestOS, some vulnerabilities cannot be patched without support from the device manufacturer, making end-of-life devices less safe even with an up-to-date alternative ROM like DivestOS.
-
-DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, and a custom [hosts](https://divested.dev/index.php?page=dnsbl) file. Its hardened WebView, [Mulch](https://gitlab.com/divested-mobile/mulch), enables [control-flow integrity](https://en.wikipedia.org/wiki/Control-flow_integrity) for all architectures and [network state partitioning](https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning), and receives out-of-band updates.
-
-DivestOS also includes kernel patches from GrapheneOS and enables all available kernel security features via [defconfig hardening](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). All kernels newer than version 3.4 include full page [sanitization](https://lwn.net/Articles/334747) and all ~22 Clang-compiled kernels have [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) enabled.
-
-DivestOS implements some system hardening patches originally developed for GrapheneOS. DivestOS 16.0 and higher implements GrapheneOS's `INTERNET` and `SENSORS` permission toggle, [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), [exec-spawning](https://grapheneos.org/usage#exec-spawning), Java Native Interface [constification](https://en.wikipedia.org/wiki/Const_(computer_programming)), and partial [bionic](https://en.wikipedia.org/wiki/Bionic_(software)) hardening patchsets. 17.1 and higher features per-network full MAC address randomization, [`ptrace_scope`](https://kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) control, automatic reboot, and Wi-Fi/Bluetooth [timeout options](https://grapheneos.org/features#attack-surface-reduction).
-
-DivestOS uses F-Droid as its default app store. We normally [recommend avoiding F-Droid](obtaining-apps.md#f-droid), but doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repository, [DivestOS Official](https://divestos.org/fdroid/official). For these apps you should continue to use F-Droid **with the DivestOS repository enabled** to keep those components up to date. For other apps, our recommended [methods of obtaining them](obtaining-apps.md) still apply.
-
-DivestOS replaces many of Android's background network connections to Google services with alternative services, such as using OpenEUICC for eSIM activation, NTP.org for network time, and Quad9 for DNS. These connections can be modified, but their deviation from a standard Android phone's network connections could mean it is easier for an adversary on your network to deduce what operating system you have installed on your phone. If this is a concern to you, consider using a [trusted VPN](../vpn.md) and enabling the native VPN [kill switch](../os/android-overview.md#vpn-killswitch) to hide this network traffic from your local network and ISP.
-
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](../about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

docs/android/obtaining-apps.md

@@ -114,9 +114,9 @@ If you download APK files to install manually, you can verify their signature wi
 
 Due to their process of building apps, apps in the *official* F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet [modern security standards](https://developer.android.com/google/play/requirements/target-sdk).
 
-Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from GitHub and is the next best thing to the developers' own repositories. However, it is not something that we can fully recommend, as apps are typically [removed](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) from that repository if they are later added to the main F-Droid repository. While that makes sense (since the goal of that particular repository is to host apps before they're accepted into the main F-Droid repository), it can leave you with installed apps which no longer receive updates.
+Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from code forges (GitHub, GitLab, etc.) and is the next best thing to the developers' own repositories. They also offer [reproducible builds](https://android.izzysoft.de/articles/named/iod-rbs-mirrors-clients) for hundreds of applications and have developers who verify the reproducibility of developer-signed APKs. Furthermore, the IzzyOnDroid team conducts [additional security scans](https://android.izzysoft.de/articles/named/iod-scan-apkchecks) of apps housed in the repo, which usually result in [deliberations](https://github.com/gouravkhunger/QuotesApp/issues/22) between them and app developers toward privacy improvements in their apps. Note that apps may be removed from the IzzyOnDroid repo in [certain circumstances](https://gitlab.com/IzzyOnDroid/repo#are-apps-removed-from-the-repo--and-when-does-that-happen).
 
-That said, the [F-Droid](https://f-droid.org/en/packages) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid) repositories are home to countless apps, so they can be a useful tool to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgement when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
+The [F-Droid](https://f-droid.org/en/packages) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid) repositories are home to countless apps, so they can be useful places to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgment when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
 
 <div class="admonition note" markdown>
 <p class="admonition-title">F-Droid Basic</p>

docs/cloud.md

@@ -27,7 +27,7 @@ Nextcloud is [still a recommended tool](document-collaboration.md#nextcloud) for
 
 ![Proton Drive logo](assets/img/cloud/protondrive.svg){ align=right }
 
-**Proton Drive** is an encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail). The initial free storage is limited to 2GB, but with the completion of certain steps, additional storage can be obtained up to 5GB.
+**Proton Drive** is an encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail). The initial free storage is limited to 2GB, but with the completion of [certain steps](https://proton.me/support/more-free-storage-existing-users), additional storage can be obtained up to 5GB.
 
 [:octicons-home-16: Homepage](https://proton.me/drive){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://proton.me/drive/privacy-policy){ .card-link title="Privacy Policy" }

docs/cryptocurrency.md

@@ -40,15 +40,8 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
 
 With Monero, outside observers cannot decipher addresses trading Monero, transaction amounts, address balances, or transaction histories.
 
-For optimal privacy, make sure to use a noncustodial wallet where the view key stays on the device. This means that only you will have the ability to spend your funds and see incoming and outgoing transactions. If you use a custodial wallet, the provider can see **everything** you do; if you use a “lightweight” wallet where the provider retains your private view key, the provider can see almost everything you do. Some noncustodial wallets include:
-
-- [Official Monero client](https://getmonero.org/downloads) (Desktop)
-- [Cake Wallet](https://cakewallet.com) (iOS, Android, macOS)
-    - Cake Wallet supports multiple cryptocurrencies. A Monero-only version of Cake Wallet for iOS and Android is available at [Monero.com](https://monero.com).
-- [Feather Wallet](https://featherwallet.org) (Desktop)
-- [Monerujo](https://monerujo.io) (Android)
-
-For maximum privacy (even with a noncustodial wallet), you should run your own Monero node. Using another person’s node will expose some information to them, such as the IP address that you connect to it from, the timestamps that you sync your wallet, and the transactions that you send from your wallet (though no other details about those transactions). Alternatively, you can connect to someone else’s Monero node over Tor or [I2P](alternative-networks.md#i2p-the-invisible-internet-project).
+<details class="info" markdown>
+<summary>Monero's resilience to mass surveillance</summary>
 
 In August 2021, CipherTrace [announced](https://web.archive.org/web/20240223224846/https://ciphertrace.com/enhanced-monero-tracing) enhanced Monero tracing capabilities for government agencies. Public postings show that the US Department of the Treasury's Financial Crimes Enforcement Network [licensed](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view) CipherTrace's "Monero Module" in late 2022.
 
@@ -56,8 +49,45 @@ Monero transaction graph privacy is limited by its relatively small ring signatu
 
 Ultimately, Monero is the strongest contender for a privacy-friendly cryptocurrency, but its privacy claims have **not** been definitively proven one way or the other. More time and research is needed to assess whether Monero is resilient enough to attacks to always provide adequate privacy.
 
+</details>
+
+### Monero wallets
+
+For optimal privacy, make sure to use a self-custody wallet where the [view key](https://www.getmonero.org/resources/moneropedia/viewkey.html) stays on the device. This means that only you will have the ability to spend your funds and see incoming and outgoing transactions. If you use a custodial wallet, the provider can see **everything** you do; if you use a “lightweight” wallet where the provider retains your view key, the provider can see almost everything you do (but not spend your funds). Some self-custody wallets where the view key does not leave your device include:
+
+- [Official Monero client](https://getmonero.org/downloads) (Desktop)
+- [Cake Wallet](https://cakewallet.com) (iOS, Android, Desktop)
+    - Cake Wallet supports multiple cryptocurrencies. A Monero-only version of Cake Wallet for iOS and Android is available at [Monero.com](https://monero.com).
+- [Feather Wallet](https://featherwallet.org) (Desktop)
+- [Monerujo](https://monerujo.io) (Android)
+
+### Monero nodes
+
+For maximum privacy (even with a self-custody wallet), you should run your own Monero node called the [Monero daemon](https://getmonero.org/downloads/#cli). Using another person’s node will expose some information to them, such as the IP address that you connect to it from, the timestamps that you sync your wallet, and the transactions that you send from your wallet (though no other details about those transactions). Alternatively, you can connect to someone else’s Monero node over Tor, [I2P](alternative-networks.md#i2p-the-invisible-internet-project), or a VPN.
+
+### Buying Monero
+
+[General tips for acquiring Monero](advanced/payments.md#acquisition){ .md-button }
+
+There are numerous centralized exchanges (CEX) as well as P2P marketplaces where you can buy and sell Monero. Some of them require identifying yourself (KYC) to comply with anti-money laundering regulations. However, due to Monero's privacy features, the only thing known to the seller is _that_ you bought Monero, but not how much you own or where you spend it (after it leaves the exchange). Some reputable places to buy Monero include:
+
+- [Kraken](https://kraken.com): A well-known CEX. Registration and KYC are mandatory. Card payments and bank transfers accepted. Make sure not to leave your newly purchased Monero on Kraken's platform after the purchase; withdraw them to a self-custody wallet. Monero is not available in all jurisdictions that Kraken operates in.[^1]
+- [Cake Wallet](https://cakewallet.com): A self-custody cross-platform wallet for Monero and other cryptocurrencies. You can buy Monero directly in the app using card payments or bank transfers (through third-party providers such as [Guardarian](https://guardarian.com) or [DFX](https://dfx.swiss)).[^2] KYC is usually not required, but it depends on your country and the amount you are purchasing. In countries where directly purchasing Monero is not possible, you can also use a provider within Cake Wallet to first buy another cryptocurrency such as Bitcoin, Bitcoin Cash, or Litecoin and then exchange it to Monero in-app.
+    - [Monero.com](https://monero.com) is an associated website where you can buy Monero and other cryptocurrencies without having to download an app. The funds will simply be sent to the wallet address of your choice.
+- [RetoSwap](https://retoswap.com) (formerly known as Haveno-Reto) is a self-custody, decentralized P2P exchange platform based on the [Haveno](https://haveno.exchange) project which is available for Linux, Windows, and macOS. Monero can be bought and sold with maximum privacy, since most trading counterparties do not require KYC, trades are made directly between users (P2P), and all connections run through the Tor network. It is possible to buy Monero via bank transfer, Paypal, or even by paying in cash (meeting in person or sending by mail). Arbitrators can step in to resolve disputes between buyer and seller, but be careful when sharing your bank account or other sensitive information with your trading counterparty. Trading with some accounts may be against those accounts' terms of service. Please note that you can only buy Monero on RetoSwap if you already own a small amount of Monero (currently a minimum of 0.11 XMR) in order to fund security deposits, although there are ongoing efforts to drop this requirement in the future.
+
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
 - Cryptocurrency must provide private/untraceable transactions by default.
+
+<div class="admonition tip" markdown>
+<p class="admonition-title">Important notices</p>
+
+The content here is not legal or financial advice. We do not endorse or encourage illicit activities, and we do not endorse or encourage anything which violates a company's terms of service. Check with a professional to confirm that these recommendations are legal and available in your jurisdiction. [See all notices](about/notices.md).
+
+</div>
+
+[^1]: You may refer to the following pages for up-to-date information on countries in which Kraken does **not** allow the purchase of Monero: [Where is Kraken licensed or regulated?](https://support.kraken.com/hc/en-us/articles/where-is-kraken-licensed-or-regulated) and [Support for Monero (XMR) in Europe](https://support.kraken.com/hc/en-us/articles/support-for-monero-xmr-in-europe).
+[^2]: You may refer to the following pages for up-to-date information on countries in which Cake Wallet and Monero.com **only** allow the direct purchase of Monero (through third-party providers): [Which countries are served by DFX?](https://docs.dfx.swiss/en/faq.html#which-countries-are-served-by-dfx) and [What are the supported countries/regions? (Guardarian)](https://guardarian.freshdesk.com/support/solutions/articles/80001151826-what-are-the-supported-countries-regions).

docs/data-redaction.md

@@ -18,20 +18,16 @@ You should **never** use blur to redact [text in images](https://bishopfox.com/b
 
 </div>
 
-## Desktop
-
-### MAT2
+## MAT2
 
 <div class="admonition recommendation" markdown>
 
 ![MAT2 logo](assets/img/data-redaction/mat2.svg){ align=right }
 
-**MAT2** is free software, which allows the metadata to be removed from image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for [Dolphin](https://0xacab.org/jvoisin/mat2/-/tree/master/dolphin), the default file manager of [KDE](https://kde.org).
-
-On Linux, a third-party graphical tool [Metadata Cleaner](https://gitlab.com/rmnvgr/metadata-cleaner) powered by MAT2 exists and is [available on Flathub](https://flathub.org/apps/details/fr.romainvigier.MetadataCleaner).
+**MAT2** is free, cross-platform software which allows you to remove metadata from image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for [Dolphin](https://0xacab.org/jvoisin/mat2/-/tree/master/dolphin), the default file manager of [KDE](https://kde.org).
 
 [:octicons-repo-16: Repository](https://0xacab.org/jvoisin/mat2){ .md-button .md-button--primary }
-[:octicons-info-16:](https://0xacab.org/jvoisin/mat2/-/blob/master/README.md){ .card-link title=Documentation}
+[:octicons-info-16:](https://0xacab.org/jvoisin/mat2/-/blob/master/README.md){ .card-link title="Documentation" }
 [:octicons-code-16:](https://0xacab.org/jvoisin/mat2){ .card-link title="Source Code" }
 
 <details class="downloads" markdown>
@@ -46,9 +42,7 @@ On Linux, a third-party graphical tool [Metadata Cleaner](https://gitlab.com/rmn
 
 </div>
 
-## Mobile
-
-### ExifEraser (Android)
+## ExifEraser (Android)
 
 <div class="admonition recommendation" markdown>
 
@@ -59,7 +53,7 @@ On Linux, a third-party graphical tool [Metadata Cleaner](https://gitlab.com/rmn
 It currently supports JPEG, PNG and WebP files.
 
 [:octicons-repo-16: Repository](https://github.com/Tommy-Geenexus/exif-eraser){ .md-button .md-button--primary }
-[:octicons-info-16:](https://github.com/Tommy-Geenexus/exif-eraser#readme){ .card-link title=Documentation}
+[:octicons-info-16:](https://github.com/Tommy-Geenexus/exif-eraser#readme){ .card-link title="Documentation" }
 [:octicons-code-16:](https://github.com/Tommy-Geenexus/exif-eraser){ .card-link title="Source Code" }
 
 <details class="downloads" markdown>
@@ -89,42 +83,30 @@ The app offers multiple ways to erase metadata from images. Namely:
 - It allows you to drag photos from another app into ExifEraser when they are both open in split-screen mode.
 - Lastly, it allows you to paste an image from your clipboard.
 
-### Metapho (iOS)
+## Shortcuts (iOS & macOS)
 
-<div class="admonition recommendation" markdown>
+On iOS and macOS, you can remove image metadata without using any third-party apps by creating a [**shortcut**](https://apps.apple.com/app/id915249334) for this purpose. Here is an example shortcut you can download to use as is:
 
-![Metapho logo](assets/img/data-redaction/metapho.jpg){ align=right }
+[:material-tag-minus: Clean Image Metadata](https://icloud.com/shortcuts/fb774ddb7b5b4296871776c67ac0fff9){ .md-button }
 
-**Metapho** is a simple and clean viewer for photo metadata such as date, file name, size, camera model, shutter speed, and location.
+You can also use it as a model for your own shortcut; just make sure that the **Preserve Metadata** option under the **Convert** action is unchecked. Once added, you can access the shortcut in the share sheet that appears when you select the :octicons-share-24: Share button. You can select multiple images and invoke the shortcut to remove their metadata all at once.
 
-[:octicons-home-16: Homepage](https://zininworks.com/metapho){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://zininworks.com/privacy){ .card-link title="Privacy Policy" }
+This shortcut removes metadata such as location, device model, lens model, and other camera information. It also sets the image creation date to the time the shortcut was used.
 
-<details class="downloads" markdown>
-<summary>Downloads</summary>
-
-- [:simple-appstore: App Store](https://apps.apple.com/app/id914457352)
-
-</details>
-
-</div>
-
-## Command-line
-
-### ExifTool
+## ExifTool (CLI)
 
 <div class="admonition recommendation" markdown>
 
 ![ExifTool logo](assets/img/data-redaction/exiftool.png){ align=right }
 
-**ExifTool** is the original perl library and command-line application for reading, writing, and editing meta information (Exif, IPTC, XMP, and more) in a wide variety of file formats (JPEG, TIFF, PNG, PDF, RAW, and more).
+**ExifTool** is the original Perl library and command-line application for reading, writing, and editing meta information (Exif, IPTC, XMP, and more) in a wide variety of file formats (JPEG, TIFF, PNG, PDF, RAW, and more).
 
-It's often a component of other Exif removal applications and is in most Linux distribution repositories.
+It is often a component of other Exif removal applications and in most Linux distribution repositories.
 
 [:octicons-home-16: Homepage](https://exiftool.org){ .md-button .md-button--primary }
-[:octicons-info-16:](https://exiftool.org/faq.html){ .card-link title=Documentation}
+[:octicons-info-16:](https://exiftool.org/faq.html){ .card-link title="Documentation" }
 [:octicons-code-16:](https://github.com/exiftool/exiftool){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://exiftool.org/#donate){ .card-link title=Contribute }
+[:octicons-heart-16:](https://exiftool.org/#donate){ .card-link title="Contribute" }
 
 <details class="downloads" markdown>
 <summary>Downloads</summary>

docs/device-integrity.md

@@ -187,43 +187,3 @@ It is important to note that Auditor can only effectively detect changes **after
 No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
 
 If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
-
-## On-Device Scanners
-
-<small>Protects against the following threat(s):</small>
-
-- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
-
-These are apps you can install on your device which scan your device for signs of compromise.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Warning</p>
-
-Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
-
-</div>
-
-### Hypatia (Android)
-
-<div class="admonition recommendation" markdown>
-
-![Hypatia logo](assets/img/device-integrity/hypatia.svg#only-light){ align=right }
-![Hypatia logo](assets/img/device-integrity/hypatia-dark.svg#only-dark){ align=right }
-
-**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android/distributions.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
-
-[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
-[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
-
-<details class="downloads" markdown>
-<summary>Downloads</summary>
-
-- [:simple-fdroid: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner)
-
-</details>
-
-</div>
-
-Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors) for advice.

docs/financial-services.md

@@ -102,3 +102,10 @@ These services allow you to purchase gift cards for a variety of merchants onlin
 
 - Accepts payment in [a recommended cryptocurrency](cryptocurrency.md).
 - No ID requirement.
+
+<div class="admonition tip" markdown>
+<p class="admonition-title">Important notices</p>
+
+The content here is not legal or financial advice. We do not endorse or encourage illicit activities, and we do not endorse or encourage anything which violates a company's terms of service. Check with a professional to confirm that these recommendations are legal and available in your jurisdiction. [See all notices](about/notices.md).
+
+</div>

docs/index.md

@@ -70,7 +70,7 @@ Trying to protect all your data from everyone all the time is impractical, expen
 <div markdown>
 **Privacy Guides** has a dedicated [community](https://discuss.privacyguides.net) independently reviewing various *privacy tools* and services. Each of our recommendations comply with a strict set of criteria to ensure they provide the most value to most people, and provide the best balance of privacy, security, and convenience. As part of a non-profit **public charity**, Privacy Guides has strict **journalistic standards** and policies to ensure our recommendations are free of conflict of interest, and we do not partner with providers or affiliate programs that could sway our reviews and recommendations.
 
-[:material-heart:{.pg-red} Support Our Work](about/donate.md){ .md-button .md-button--primary }
+[:material-heart:{.pg-red} Support Our Work](https://donate.magicgrants.org/privacyguides){ .md-button .md-button--primary }
 </div>
 
 - [x] **Ad-Free Recommendations**

docs/meta/uploading-images.md

@@ -29,8 +29,8 @@ optipng -o7 file.png
 
 In Inkscape:
 
-1. File Save As..
-2. Set type to Optimized SVG (*.svg)
+1. File > Save As...
+2. Set type to: Optimized SVG (*.svg)
 
 In the **Options** tab:
 

docs/mobile-browsers.md

@@ -262,50 +262,6 @@ These options can be found in :material-menu: → :gear: **Settings** → **Lega
 
 This disables update checks for the unmaintained Bromite adblock filter.
 
-## Mull (Android)
-
-<div class="admonition recommendation" markdown>
-
-![Mull logo](assets/img/browsers/mull.svg){ align=right }
-
-**Mull** is a privacy oriented and deblobbed Android browser based on Firefox. Compared to Firefox, it offers much greater fingerprinting protection out of the box, and disables JavaScript Just-in-Time (JIT) compilation for enhanced security. It also removes all proprietary elements from Firefox, such as replacing Google Play Services references.
-
-[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#mull){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://divestos.org/pages/privacy_policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://divestos.org/pages/browsers#tuningFenix){ .card-link title="Documentation" }
-[:octicons-code-16:](https://codeberg.org/divested-mobile/mull-fenix){ .card-link title="Source Code" }
-
-<details class="downloads" markdown>
-<summary>Downloads</summary>
-
-- [:simple-fdroid: F-Droid](https://f-droid.org/en/packages/us.spotco.fennec_dos)
-
-</details>
-
-</div>
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Danger</p>
-
-Firefox (Gecko)-based browsers on Android [lack](https://bugzilla.mozilla.org/show_bug.cgi?id=1610822) [site isolation](https://wiki.mozilla.org/Project_Fission),[^1] a powerful security feature that protects against a malicious site performing a [Spectre](https://en.wikipedia.org/wiki/Spectre_(security_vulnerability))-like attack to gain access to the memory of another website you have open.[^2] Chromium-based browsers like [Brave](#brave) will provide more robust protection against malicious websites.
-
-</div>
-
-[^1]: This should not be mistaken for [state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning) (or dynamic [first party isolation](https://2019.www.torproject.org/projects/torbrowser/design/#identifier-linkability)), where website data such as cookies and cache is restricted so that a third-party embedded in one top-level site cannot access data stored under another top-level site. This is an important privacy feature to prevent cross-site tracking and **is** supported by Firefox on Android.
-[^2]: GeckoView also [does not](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196) take advantage of Android's native process sandboxing by using the [isolatedProcess](https://developer.android.com/guide/topics/manifest/service-element#isolated) flag, which normally allows an app to safely run less trusted code in a separate process that has no permissions of its own.
-
-Enable DivestOS's [F-Droid repository](https://divestos.org/fdroid/official) to receive updates directly from the developer. Downloading Mull from the default F-Droid repo will mean your updates could be delayed by a few days or longer.
-
-Mull enables many features upstreamed by the [Tor uplift project](https://wiki.mozilla.org/Security/Tor_Uplift) using preferences from [Arkenfox](desktop-browsers.md#arkenfox-advanced). Proprietary blobs are removed from Mozilla's code using the scripts developed for Fennec F-Droid.
-
-### Recommended Mull Configuration
-
-We would suggest installing [uBlock Origin](browser-extensions.md#ublock-origin) as a content blocker if you want to block trackers within Mull.
-
-Mull comes with privacy protecting settings configured by default. You might consider configuring the **Delete browsing data on quit** options in Mull's settings if you want to close all your open tabs when quitting the app automatically, or clear other data such as browsing history and cookies automatically.
-
-Because Mull has more advanced and strict privacy protections enabled by default compared to most browsers, some websites may not load or work properly unless you adjust those settings. You can consult this [list of known issues and workarounds](https://divestos.org/pages/broken#mull) for advice on a potential fix if you do encounter a broken site. Adjusting a setting in order to fix a website could impact your privacy/security, so make sure you fully understand any instructions you follow.
-
 ## Safari (iOS)
 
 On iOS, any app that can browse the web is [restricted](https://developer.apple.com/app-store/review/guidelines) to using an Apple-provided [WebKit framework](https://developer.apple.com/documentation/webkit), so a browser like [Brave](#brave) does not use the Chromium engine like its counterparts on other operating systems.

docs/tools.md

@@ -84,14 +84,6 @@ For more details about each project, why they were chosen, and additional tips o
 
     - [Read Full Review :material-arrow-right-drop-circle:](mobile-browsers.md#cromite-android)
 
-- ![Mull logo](assets/img/browsers/mull.svg){ .lg .middle .twemoji } **Mull (Android)**
-
-    ---
-
-    **Mull** is a Firefox-based browser for Android centered around privacy and removing proprietary components.
-
-    - [Read Full Review :material-arrow-right-drop-circle:](mobile-browsers.md#mull-android)
-
 - ![Safari logo](assets/img/browsers/safari.svg){ .lg .middle .twemoji } **Safari (iOS)**
 
     ---
@@ -403,8 +395,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 
 - ![MAT2 logo](assets/img/data-redaction/mat2.svg){ .twemoji loading=lazy } [MAT2](data-redaction.md#mat2)
 - ![ExifEraser logo](assets/img/data-redaction/exiferaser.svg){ .twemoji loading=lazy } [ExifEraser (Android)](data-redaction.md#exiferaser-android)
-- ![Metapho logo](assets/img/data-redaction/metapho.jpg){ .twemoji loading=lazy } [Metapho (iOS)](data-redaction.md#metapho-ios)
-- ![ExifTool logo](assets/img/data-redaction/exiftool.png){ .twemoji loading=lazy } [ExifTool (CLI)](data-redaction.md#exiftool)
+- ![ExifTool logo](assets/img/data-redaction/exiftool.png){ .twemoji loading=lazy } [ExifTool (CLI)](data-redaction.md#exiftool-cli)
 
 </div>
 
@@ -627,7 +618,6 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
 <div class="grid cards" markdown>
 
 - ![GrapheneOS logo](assets/img/android/grapheneos.svg#only-light){ .twemoji loading=lazy }![GrapheneOS logo](assets/img/android/grapheneos-dark.svg#only-dark){ .twemoji loading=lazy } [GrapheneOS](android/distributions.md#grapheneos)
-- ![DivestOS logo](assets/img/android/divestos.svg){ .twemoji loading=lazy } [DivestOS](android/distributions.md#divestos)
 
 </div>
 
@@ -708,7 +698,6 @@ These tools may provide utility for certain individuals. They provide functional
 - ![MVT logo](assets/img/device-integrity/mvt.webp){ .twemoji loading=lazy } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
 - ![iMazing logo](assets/img/device-integrity/imazing.png){ .twemoji loading=lazy } [iMazing (iOS)](device-integrity.md#imazing-ios)
 - ![Auditor logo](assets/img/device-integrity/auditor.svg#only-light){ .twemoji loading=lazy }![Auditor logo](assets/img/device-integrity/auditor-dark.svg#only-dark){ .twemoji loading=lazy } [Auditor (Android)](device-integrity.md#auditor-android)
-- ![Hypatia logo](assets/img/device-integrity/hypatia.svg#only-light){ .twemoji loading=lazy }![Hypatia logo](assets/img/device-integrity/hypatia-dark.svg#only-dark){ .twemoji loading=lazy } [Hypatia (Android)](device-integrity.md#hypatia-android)
 
 </div>
 

docs/vpn.md

@@ -298,7 +298,7 @@ We require all our recommended VPN providers to provide OpenVPN configuration fi
 - Support for strong protocols such as WireGuard & OpenVPN.
 - Killswitch built in to clients.
 - Multihop support. Multihopping is important to keep data private in case of a single node compromise.
-- If VPN clients are provided, they should be [open source](https://en.wikipedia.org/wiki/Open_source), like the VPN software they generally have built into them. We believe that [source code](https://en.wikipedia.org/wiki/Source_code) availability provides greater transparency about what your device is actually doing.
+- If VPN clients are provided, they should be [open source](https://en.wikipedia.org/wiki/Open_source), like the VPN software they generally have built into them. We believe that [source code](https://en.wikipedia.org/wiki/Source_code) availability provides greater transparency about what the program is actually doing.
 - Censorship resistance features designed to bypass firewalls without DPI.
 
 **Best Case:**

index-generation.sh

@@ -0,0 +1,89 @@
+#!/bin/bash
+
+DATE_CMD="date"
+
+# Check if the script is running on macOS
+if [[ "$OSTYPE" == "darwin"* ]]; then
+  DATE_CMD="gdate"
+fi
+
+# Defaults
+source="https://discuss.privacyguides.net/top.json?period=weekly"
+tag="top posts"
+destination="./site/en/index.html"
+count=3
+
+for arg in "$@"
+do
+  case $arg in
+    --source=*)
+    source="${arg#*=}"
+    shift
+    ;;
+    --tag=*)
+    tag="${arg#*=}"
+    shift
+    ;;
+    --destination=*)
+    destination="${arg#*=}"
+    shift
+    ;;
+    --count=*)
+    count="${arg#*=}"
+    shift
+    ;;
+  esac
+done
+
+# URL of the Discourse top.json
+DISCOURSE_URL="$source"
+
+# Fetch the JSON data
+json_data=$(curl -s $DISCOURSE_URL)
+
+# Extract the first 3 topics
+topics=$(echo $json_data | jq -r ".topic_list.topics[:$count]")
+
+users=$(echo $json_data | jq -r ".users")
+# Generate HTML for the first 3 posts
+html_output=""
+for row in $(echo "${topics}" | jq -r '.[] | @base64'); do
+  _jq() {
+    echo ${row} | base64 --decode | jq -r ${1}
+  }
+
+  title=$(_jq '.title')
+  id=$(_jq '.id')
+  like_count=$(_jq '.like_count')
+  reply_count=$(_jq '.posts_count')
+  views=$(_jq '.views')
+
+  author_id=$(_jq '.posters[0].user_id')
+  author_info=$(echo "${users}" | jq -r ".[] | select(.id==$author_id)")
+  author_username=$(echo "${author_info}" | jq -r ".username")
+
+  html_output+="<li class='discourse-topic'>"
+  html_output+="<p class='discourse-title'><a href='https://discuss.privacyguides.net/t/${id}'><strong>${title}</strong></a></p>"
+  html_output+="<hr>"
+  html_output+="<p class='discourse-author'>"
+  html_output+="<span class='discourse-author'>"
+  html_output+="<img src='https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/${author_username}/48/1.png' loading='lazy' aria-hidden='true' alt='${author_username}' width='20' height='20' class='middle'>"
+  html_output+="<span> Posted by <em>$author_username</em></span>"
+  html_output+="</span>"
+  html_output+="</p>"
+  html_output+="<p class='discourse-data'>"
+  html_output+="<span class='twemoji'><svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'><title>eye</title><path d='M12,9A3,3 0 0,0 9,12A3,3 0 0,0 12,15A3,3 0 0,0 15,12A3,3 0 0,0 12,9M12,17A5,5 0 0,1 7,12A5,5 0 0,1 12,7A5,5 0 0,1 17,12A5,5 0 0,1 12,17M12,4.5C7,4.5 2.73,7.61 1,12C2.73,16.39 7,19.5 12,19.5C17,19.5 21.27,16.39 23,12C21.27,7.61 17,4.5 12,4.5Z' /></svg></span>"
+  html_output+="<span class='discourse-views'> ${views} </span>"
+  html_output+="<span class='twemoji pg-red'><svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'><title>heart</title><path d='M12,21.35L10.55,20.03C5.4,15.36 2,12.27 2,8.5C2,5.41 4.42,3 7.5,3C9.24,3 10.91,3.81 12,5.08C13.09,3.81 14.76,3 16.5,3C19.58,3 22,5.41 22,8.5C22,12.27 18.6,15.36 13.45,20.03L12,21.35Z' /></svg></span>"
+  html_output+="<span class='discourse-likes'> ${like_count} </span>"
+  html_output+="<span class='twemoji'><svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'><title>reply</title><path d='M10,9V5L3,12L10,19V14.9C15,14.9 18.5,16.5 21,20C20,15 17,10 10,9Z' /></svg></span>"
+  html_output+="<span class='discourse-replies'> ${reply_count} </span>"
+  html_output+="</p>"
+  html_output+="</li>"
+done
+
+tempfile=$(mktemp)
+echo "$html_output" > $tempfile
+
+# Insert the HTML output between the comments in index.html
+sed -i'.bak' "/<!-- start $tag -->/,/<!-- end $tag -->/{//!d;}; /<!-- start $tag -->/r $tempfile" $destination

mkdocs.blog.yml

@@ -109,8 +109,6 @@ theme:
     - announce.dismiss
     - navigation.tracking
     - navigation.tabs
-    - navigation.sections
-    - navigation.expand
     - navigation.path
     - navigation.indexes
     - navigation.footer
@@ -212,8 +210,8 @@ nav:
   - !ENV [NAV_RECOMMENDATIONS, "Recommendations"]: /en/tools/
   - !ENV [NAV_BLOG, "Articles"]:
       - index.md
-      - tags.md
       - editorial.md
+      - tags.md
   - !ENV [NAV_ABOUT, "About"]: /en/about/
   - "Donate": /en/about/donate/
   - !ENV [NAV_CHANGELOG, "Changelog"]:

mkdocs.net.yml

@@ -0,0 +1,197 @@
+# Copyright (c) 2022-2024 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+docs_dir: "net"
+site_url: "https://www.privacyguides.net/"
+site_dir: "site/net"
+
+site_name: Privacy Guides Community
+site_description: "Discover privacy tools and resources, ask questions, and stay informed at the biggest digital rights and privacy tech community online."
+edit_uri_template: blob/main/net/{path}?plain=1
+
+extra:
+  privacy_guides:
+    footer:
+      intro:
+        !ENV [
+          FOOTER_INTRO,
+          "Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy.",
+        ]
+      note:
+        !ENV [
+          FOOTER_NOTE,
+          "We do not make money from recommending certain products, and we do not use affiliate links.",
+        ]
+      copyright:
+        author:
+          !ENV [FOOTER_COPYRIGHT_AUTHOR, "Privacy Guides and contributors."]
+        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2024"]
+      license:
+        - fontawesome/brands/creative-commons
+        - fontawesome/brands/creative-commons-by
+        - fontawesome/brands/creative-commons-sa
+  homepage: https://www.privacyguides.org/en/
+  generator: false
+  context: !ENV [BUILD_CONTEXT, "production"]
+  offline: !ENV [BUILD_OFFLINE, false]
+  deploy: !ENV DEPLOY_ID
+  social:
+    - icon: simple/mastodon
+      link: https://mastodon.neat.computer/@privacyguides
+      name: !ENV [SOCIAL_MASTODON, "Mastodon"]
+    - icon: simple/matrix
+      link: https://matrix.to/#/#privacyguides:matrix.org
+      name: !ENV [SOCIAL_MATRIX, "Matrix"]
+    - icon: simple/discourse
+      link: https://discuss.privacyguides.net/
+      name: !ENV [SOCIAL_FORUM, "Forum"]
+    - icon: simple/github
+      link: https://github.com/privacyguides
+      name: !ENV [SOCIAL_GITHUB, "GitHub"]
+    - icon: simple/torbrowser
+      link: http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion/
+      name: !ENV [SOCIAL_TOR_SITE, "Hidden service"]
+
+repo_url:
+  !ENV [BUILD_REPO_URL, "https://github.com/privacyguides/privacyguides.org"]
+repo_name: ""
+
+theme:
+  name: material
+  language: en
+  custom_dir: theme
+  font:
+    text: Public Sans
+    code: DM Mono
+  palette:
+    - media: "(prefers-color-scheme)"
+      scheme: default
+      accent: deep purple
+      toggle:
+        icon: material/brightness-auto
+        name: !ENV [THEME_DARK, "Switch to dark mode"]
+    - media: "(prefers-color-scheme: dark)"
+      scheme: slate
+      accent: amber
+      toggle:
+        icon: material/brightness-2
+        name: !ENV [THEME_LIGHT, "Switch to light mode"]
+    - media: "(prefers-color-scheme: light)"
+      scheme: default
+      accent: deep purple
+      toggle:
+        icon: material/brightness-5
+        name: !ENV [THEME_AUTO, "Switch to system theme"]
+  favicon: assets/brand/logos/png/favicon-32x32.png
+  icon:
+    repo: simple/github
+  features:
+    - announce.dismiss
+    - navigation.tracking
+    - navigation.tabs
+    - navigation.sections
+    - navigation.expand
+    - navigation.path
+    - navigation.indexes
+    - navigation.footer
+    - content.action.edit
+    - content.tabs.link
+    - content.tooltips
+    - search.highlight
+
+extra_css:
+  - assets/stylesheets/extra.css?v=20240829
+
+watch:
+  - theme
+  - includes
+
+plugins:
+  tags: {}
+  privacy:
+    enabled: !ENV [BUILD_PRIVACY, true]
+  offline:
+    enabled: !ENV [BUILD_OFFLINE, false]
+  group:
+    enabled: !ENV [BUILD_INSIDERS, true]
+    plugins:
+      macros: {}
+      meta: {}
+      optimize:
+        enabled: !ENV [OPTIMIZE, PRODUCTION, NETLIFY, false]
+      typeset: {}
+      social:
+        cards: !ENV [CARDS, true]
+        cards_dir: assets/img/social
+        cards_layout_dir: theme/layouts
+        cards_layout: page
+
+markdown_extensions:
+  admonition: {}
+  pymdownx.details: {}
+  pymdownx.superfences:
+    custom_fences:
+      - name: mermaid
+        class: mermaid
+        format: !!python/name:pymdownx.superfences.fence_code_format
+  pymdownx.tabbed:
+    alternate_style: true
+  pymdownx.arithmatex:
+    generic: true
+  pymdownx.critic: {}
+  pymdownx.caret: {}
+  pymdownx.keys: {}
+  pymdownx.mark: {}
+  pymdownx.tilde: {}
+  pymdownx.snippets:
+    auto_append:
+      - !ENV [BUILD_ABBREVIATIONS, "includes/abbreviations.en.txt"]
+  pymdownx.tasklist:
+    custom_checkbox: true
+  attr_list: {}
+  def_list: {}
+  md_in_html: {}
+  meta: {}
+  abbr: {}
+  pymdownx.emoji:
+    emoji_index: !!python/name:material.extensions.emoji.twemoji
+    emoji_generator: !!python/name:material.extensions.emoji.to_svg
+  tables: {}
+  footnotes: {}
+  toc:
+    permalink: true
+    toc_depth: 4
+
+nav:
+  - !ENV [NAV_HOME, "Home"]: https://www.privacyguides.org/en/
+  - !ENV [NAV_KNOWLEDGE_BASE, "Knowledge Base"]:
+      https://www.privacyguides.org/en/basics/why-privacy-matters/
+  - !ENV [NAV_RECOMMENDATIONS, "Recommendations"]:
+      https://www.privacyguides.org/en/tools/
+  - !ENV [NAV_BLOG, "Articles"]: https://www.privacyguides.org/articles/
+  - !ENV [NAV_ABOUT, "About"]: https://www.privacyguides.org/en/about/
+  - "Donate": https://www.privacyguides.org/en/about/donate/
+  - !ENV [NAV_CHANGELOG, "Changelog"]:
+      "https://github.com/privacyguides/privacyguides.org/releases"
+  - !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/"
+
+validation:
+  nav:
+    not_found: info

mkdocs.yml

@@ -466,7 +466,7 @@ nav:
               - "meta/uploading-images.md"
               - "meta/git-recommendations.md"
               - "meta/commit-messages.md"
-  - "about/donate.md"
+  - !ENV [NAV_DONATE, "Donate"]: https://donate.magicgrants.org/privacyguides
   - !ENV [NAV_CHANGELOG, "Changelog"]:
       "https://github.com/privacyguides/privacyguides.org/releases"
   - !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/"

net/index.md

@@ -0,0 +1,42 @@
+---
+title: Weekly Discussions
+meta_title: Privacy Guides Community
+hide:
+  - footer
+  - toc
+  - navigation
+schema:
+  -
+    "@context": https://schema.org
+    "@type": Organization
+    "@id": https://www.privacyguides.org/
+    name: Privacy Guides
+    url: https://www.privacyguides.org/
+    logo: https://www.privacyguides.org/en/assets/brand/logos/png/square/pg-yellow.png
+    sameAs:
+      - https://twitter.com/privacy_guides
+      - https://github.com/privacyguides
+      - https://www.wikidata.org/wiki/Q111710163
+      - https://www.youtube.com/@privacyguides
+      - https://mastodon.neat.computer/@privacyguides
+  -
+    "@context": https://schema.org
+    "@type": WebSite
+    name: Privacy Guides
+    alternateName: ["Privacy Guides Community", "Privacy Guides Forum", "Privacy & Security Forum", "Privacy Discussions", "Privacy Community", "PG Community"]
+    url: "https://www.privacyguides.net/"
+    isPartOf: "https://www.privacyguides.org/"
+---
+
+Discover privacy tools and resources, ask questions, and stay informed at the biggest digital rights and privacy tech community online.
+
+[Open Forum](https://discuss.privacyguides.net){.md-button .md-button--primary}
+[View Resources](https://www.privacyguides.org/en/tools/){.md-button}
+
+<div class="grid cards">
+      <ul>
+<!-- start latest posts -->
+
+<!-- end latest posts -->
+</ul>
+</div>

theme/assets/img/android/divestos.svg

@@ -1 +0,0 @@
-<svg version="1.1" viewBox="0 0 128 128" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(.256 0 0 .256 -1.534 -1.5359)"><path d="m506 256a250 250 0 0 1-248.51 250 250 250 0 0 1-251.48-247.01 250 250 0 0 1 245.5-252.95 250 250 0 0 1 254.41 243.98" fill="#fc5424"/><path d="m261.3 166.34c-48.1 0-76.959 33.794-76.959 89.541 0 56.98 28.859 89.787 76.959 89.787 48.347 0 77.207-33.794 77.207-89.787 0-56.98-28.86-89.541-77.207-89.541zm155.15 0c-35.52 0-61.668 19.241-61.668 49.334 0 25.407 14.062 41.193 52.295 53.033 24.913 7.6467 31.326 13.32 31.326 25.9 0 13.073-10.359 20.967-27.133 20.967-17.02 0-30.588-6.1668-43.168-16.773l-20.473 22.447c14.06 13.567 35.273 24.42 64.873 24.42 42.673 0 67.834-22.201 67.834-54.021 0-31.573-18.501-44.892-50.814-55.252-26.64-8.3867-33.053-12.828-33.053-23.682 0-10.853 8.8794-16.771 22.939-16.771 13.813 0 25.654 4.6866 37.494 14.307l18.746-21.955c-15.047-14.307-33.053-21.953-59.199-21.953zm-384.8 4.1934v170.94h51.307c43.66 0 85.1-17.514 85.1-86.334 0-70.547-43.165-84.607-88.799-84.607h-47.607zm229.65 25.408c22.94 0 34.781 16.773 34.781 59.939 0 43.413-11.595 60.186-34.781 60.186-22.2 0-34.533-16.772-34.533-60.186 0-43.167 11.84-59.939 34.533-59.939zm-189.19 3.9453h12.828c23.68 0 41.193 9.3738 41.193 55.254 0 45.387-16.281 56.98-40.701 56.98h-13.32v-112.23z"/></g></svg>

theme/assets/img/browsers/mull.svg

@@ -1 +0,0 @@
-<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(.23559 0 0 .23559 1.8105e-7 .00017997)"><path d="m97.545 29.843s2.554-8.59 10.911-13c8.357-4.411 28.553-4.411 31.57-3.018 3.018 1.393 3.947 25.999 0 32.034-3.946 6.036-11.839 9.286-18.106 9.286-6.268 0-25.999-15.089-25.999-15.089z" fill="#e91e63"/><path d="m104.86 31.267s1.694-5.697 7.238-8.623c5.543-2.926 18.941-2.926 20.943-2.002s2.618 17.247 0 21.251-7.854 6.159-12.011 6.159c-4.158 0-17.248-10.009-17.248-10.009z" fill="#424242"/><path d="m46.206 29.843s-2.554-8.59-10.911-13c-8.356-4.411-28.553-4.411-31.57-3.018-3.018 1.393-3.946 25.999 0 32.034 3.946 6.036 11.839 9.286 18.106 9.286 6.268 0 25.999-15.089 25.999-15.089z" fill="#e91e63"/><path d="m38.888 31.267s-1.694-5.697-7.237-8.623c-5.544-2.926-18.941-2.926-20.943-2.002s-2.618 17.247 0 21.251 7.854 6.159 12.012 6.159 17.247-10.009 17.247-10.009z" fill="#424242"/></g><path d="m8.1036 7.1525s1.1318 0.00899 2.048 0.26551c0 0-2.3456 0.47637-4.178 1.6856 0 0 0.69618 0.036774 1.6126 0.18329 0 0-2.8064 2.0574-4.9931 5.1856 7.3768 1.4324 8.7289 9.3139 8.7289 9.3139 0.30485-0.48744 2.4372-1.9497 2.4372-1.9497 0.91786-10.59-0.71926-15.081-1.5827-16.652-1.5059 0.43396-2.9788 1.0762-4.0729 1.9677zm18.177 2.1344c0.91621-0.14654 1.6126-0.18329 1.6126-0.18329-1.8324-1.2093-4.1777-1.6856-4.1777-1.6856 0.91622-0.25656 2.048-0.26551 2.048-0.26551-1.0943-0.89148-2.567-1.5337-4.0731-1.9677-0.86343 1.5709-2.5006 6.0615-1.5827 16.652 0 0 2.1326 1.4623 2.4372 1.9497 0 0 1.3521-7.8815 8.7289-9.3139-2.1868-3.1279-4.9931-5.1856-4.9931-5.1856z" fill="#212121" stroke-width=".23559"/><g transform="matrix(.23559 0 0 .23559 1.8105e-7 .00017997)"><path d="m128.2 91.998c9.178-0.623 15.556 4.2 15.556 4.2-1.4-14.468-11.044-19.134-11.044-19.134 6.222 0.622 9.645 4.666 9.645 4.666-1.845-7.679-5.674-14.776-10.023-20.884 0.139 0.194 0.279 0.387 0.416 0.583-31.312 6.08-37.051 39.534-37.051 39.534-1.293-2.069-10.345-8.276-10.345-8.276-3.896-44.952 3.054-64.013 6.718-70.681-7.263-2.092-14.707-3.04-20.19-3.04-6.07 0-14.542 1.159-22.511 3.752 0.77-0.25 1.544-0.488 2.321-0.712 3.665 6.668 10.614 25.729 6.718 70.681 0 0-9.052 6.207-10.345 8.276 0 0-5.74-33.454-37.052-39.534 0.138-0.196 0.277-0.389 0.416-0.583-4.351 6.108-8.18 13.206-10.025 20.885 0 0 3.422-4.044 9.645-4.666 0 0-9.645 4.666-11.045 19.134 0 0 6.378-4.823 15.556-4.2 0 0-9.8 0.934-13.222 11.667 0 0 12.013-7.723 29.168-2.784 15.974 4.599 15.005 24.445 26.677 28.606 9.641 3.438 13.697-1.244 13.697-1.244s4.056 4.682 13.697 1.244c11.671-4.161 10.703-24.008 26.677-28.606 17.156-4.938 29.169 2.784 29.169 2.784-3.423-10.734-13.223-11.668-13.223-11.668z" fill="#e91e63"/><path d="m71.876 101.79c-10.66 0-15.61 4.697-15.61 4.697s10.557 14.105 15.61 14.352c5.053-0.247 15.61-14.352 15.61-14.352s-4.95-4.697-15.61-4.697z" fill="#212121"/><path d="m71.876 104.16c9.164 0 14.204 1.759 15.605 2.332l4e-3 -6e-3s-4.95-4.697-15.61-4.697-15.61 4.697-15.61 4.697l4e-3 6e-3c1.403-0.573 6.442-2.332 15.607-2.332z" fill="#424242"/><ellipse transform="matrix(.9602 -.2794 .2794 .9602 -15.818 30.286)" cx="98.317" cy="70.621" rx="10.771" ry="13.034" fill="#424242"/><circle cx="98.316" cy="69.891" r="6.81" fill="#332a24"/><circle cx="98.317" cy="69.891" r="4.375" fill="#4d4a47"/><circle cx="96.999" cy="68.527" r="1.761" fill="#fff"/><ellipse transform="matrix(-.9602 -.2794 .2794 -.9602 69.326 151.13)" cx="45.435" cy="70.621" rx="10.771" ry="13.034" fill="#424242"/><circle cx="45.435" cy="69.891" r="6.81" fill="#332a24"/><circle cx="45.435" cy="69.891" r="4.375" fill="#4d4a47"/><circle cx="44.117" cy="68.527" r="1.761" fill="#fff"/></g><path d="m30.064 21.674c2.1623-0.14678 3.6649 0.98948 3.6649 0.98948-0.32982-3.4085-2.6019-4.5078-2.6019-4.5078 1.4658 0.14654 2.2723 1.0993 2.2723 1.0993-0.421-1.7523-1.2819-3.3739-2.2664-4.7818 8.9e-4 -2.4e-4 0.0018-4.72e-4 0.0027-8.9e-4 -0.03223-0.04621-0.06527-0.09164-0.09801-0.13735 2.41e-4 2.32e-4 2.41e-4 4.72e-4 4.72e-4 7.04e-4 -0.38401-0.5395-0.78476-1.0463-1.1853-1.5148 1.1546-0.29802 2.322-0.98288 2.9981-2.0169 0.92988-1.4218 0.71101-7.219 0-7.5469-0.71101-0.32841-5.4688-0.32841-7.4376 0.71101-0.96545 0.50959-1.6006 1.255-1.9987 1.8833-0.59843-0.26056-1.2265-0.48343-1.8624-0.66672-1.7111-0.49286-3.4648-0.71619-4.7566-0.71619v25.744s0.95556 1.103 3.2269 0.29307c2.7496-0.98029 2.5215-5.6561 6.2849-6.7393 4.0418-1.1634 6.8717 0.65588 6.8717 0.65588-0.80642-2.5284-3.1155-2.7484-3.1155-2.7484z" fill="#5c4337" opacity=".1" stroke-width=".23559"/></svg>

theme/assets/img/device-integrity/hypatia-dark.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" fill="#fff" version="1.1" viewBox="0 0 64 64"><path stroke-width="2.934" d="m29.623 0.50599-20.539 9.1251c-2.1126 0.93891-3.4916 3.0515-3.4916 5.3694v13.79c0 16.284 11.267 31.512 26.407 35.209 15.14-3.697 26.407-18.925 26.407-35.209v-13.79c0-2.3179-1.379-4.4305-3.4916-5.3694l-20.539-9.1251c-1.4964-0.67485-3.2569-0.67485-4.7533 0zm2.3766 31.19h20.539c-1.5551 12.089-9.6239 22.857-20.539 26.231v-26.202h-20.539v-16.724l20.539-9.1251z"/></svg>

theme/assets/img/device-integrity/hypatia.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><path fill="#1a1a1a" stroke-width="1.539" d="m16.933-1.6667e-7 -13.855 6.1576v9.2364c0 8.5436 5.9113 16.533 13.855 18.473 7.9433-1.9397 13.855-9.9291 13.855-18.473v-9.2364zm0 16.918h10.776c-0.81588 6.3423-5.0492 11.992-10.776 13.762v-13.747h-10.776v-8.7746l10.776-4.7875z"/><path fill="none" stroke-width=".265" d="m16.415 18.141h6.35v6.35h-6.35z"/></svg>

theme/assets/javascripts/discourse-topics.js

@@ -1,170 +0,0 @@
-/**
- * @overview Generates a list of topics on a Discourse forum.
- * @author Jonah Aragon <jonah@triplebit.net>
- * @version 3.1.0
- * @license
- * Copyright (c) 2023 - 2024 Jonah Aragon
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-async function getData(url) {
-  const response = await fetch(url);
-  return response.json()
-}
-
-async function main() {
-  const elements = document.querySelectorAll("ul[data-forum]");
-
-  for (let j = 0; j < elements.length; j++) {
-
-    var topics = elements[j];
-    var dataset = topics.dataset;
-
-    console.log("Fetching data from " + dataset.feed)
-    const data = await getData(dataset.feed);
-    var list = data['topic_list']['topics'];
-    var profiles = data['users'];
-    var count = dataset.count;
-
-    for (var i = 0; i < count; i++) {
-
-      if (list[i]['pinned'] == true) {
-        count++;
-        continue;
-      }
-
-      var title = list[i]['title'];
-      var id = list[i]['id'];
-
-      var topic = document.createElement("li");
-      topic.className = "discourse-topic";
-
-      var h3 = document.createElement('p');
-      h3.className = "discourse-title";
-      var a1 = document.createElement('a');
-
-      a1.href = dataset.forum + '/t/' + id;
-
-      var boldTitle = document.createElement('strong');
-      boldTitle.innerText = title;
-      a1.appendChild(boldTitle);
-      h3.appendChild(a1);
-
-      var authorinfo = document.createElement('p');
-      authorinfo.className = "discourse-author";
-
-      var author_id = list[i]['posters'][0]['user_id'];
-      var author_data = profiles.find(profile => profile['id'] == author_id);
-      var author = document.createElement('span');
-      author.className = "discourse-author";
-      var avatar = document.createElement('img');
-      avatar.src = dataset.forum + author_data['avatar_template'].replace("{size}", "40");
-      avatar.width = 20;
-      avatar.height = 20;
-      avatar.className = "middle";
-      avatar.loading = "lazy";
-      avatar.ariaHidden = "true";
-      avatar.alt = "";
-      author.appendChild(avatar);
-      var namespan = document.createElement('span');
-      namespan.innerText = " Posted by " + author_data['username'];
-      author.appendChild(namespan);
-      authorinfo.appendChild(author);
-
-      var postinfo = document.createElement('p');
-      postinfo.className = "discourse-data";
-
-      var dateIcon = document.createElement('span');
-      dateIcon.className = "twemoji";
-      dateIcon.innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"></path></svg>';
-
-      var date = document.createElement('span');
-      date.className = "discourse-date";
-      var datestring = list[i]['bumped_at'];
-      var dateobject = new Date(datestring);
-      var now = new Date();
-      var diff = now - dateobject;
-      var minutes = Math.floor(diff / 60000);
-      var hours = Math.floor(minutes / 60);
-      var days = Math.floor(hours / 24);
-      if (days > 0) {
-        if (days == 1) {
-          date.innerText = " 1 day ago ";
-        }
-        else {
-          date.innerText = " " + days + " days ago ";
-        }
-      }
-      else if (hours > 0){
-        if (hours == 1) {
-          date.innerText = " 1 hour ago ";
-        }
-        else {
-          date.innerText = " " + hours + " hours ago ";
-        }
-      }
-      else {
-        if (minutes == 1) {
-          date.innerText = " 1 minute ago ";
-        }
-        else {
-          date.innerText = " " + minutes + " minutes ago ";
-        }
-      }
-      postinfo.appendChild(dateIcon);
-      postinfo.appendChild(date);
-
-      var likesicon = document.createElement('span');
-      likesicon.classList = "twemoji pg-red";
-      likesicon.innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m12 21.35-1.45-1.32C5.4 15.36 2 12.27 2 8.5 2 5.41 4.42 3 7.5 3c1.74 0 3.41.81 4.5 2.08C13.09 3.81 14.76 3 16.5 3 19.58 3 22 5.41 22 8.5c0 3.77-3.4 6.86-8.55 11.53L12 21.35Z"></path></svg>';
-
-      var likes = document.createElement('span');
-      likes.className = "discourse-likes";
-      likes.innerText = " " + list[i]['like_count'] + " ";
-      postinfo.appendChild(likesicon);
-      postinfo.appendChild(likes);
-
-      var replyIcon = document.createElement('span');
-      replyIcon.classList = "twemoji";
-      replyIcon.innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M10 9V5l-7 7 7 7v-4.1c5 0 8.5 1.6 11 5.1-1-5-4-10-11-11Z"></path></svg>';
-
-      var replies = document.createElement('span');
-      replies.className = "discourse-replies";
-
-      var reply_count = list[i]['posts_count'] - 1;
-      if (reply_count == 1) {
-        replies.innerText = "1 Reply"
-      }
-      else {
-        replies.innerText = " " + reply_count
-      }
-      postinfo.appendChild(replyIcon);
-      postinfo.appendChild(replies);
-
-      topic.appendChild(h3);
-      topic.appendChild(document.createElement('hr'));
-      topic.appendChild(authorinfo);
-      topic.appendChild(postinfo);
-      topics.appendChild(topic);
-    }
-  }
-}
-
-main();

theme/home.html

@@ -52,11 +52,10 @@
   {% if config.theme.language == "en" %}
     <h2>Top discussions this week</h2>
     <div class="grid cards">
-      <ul
-        class="topics-list"
-        data-forum="https://discuss.privacyguides.net"
-        data-feed="https://discuss.privacyguides.net/top.json?period=weekly"
-        data-count="3">
+      <ul>
+        <!-- start top posts -->
+
+        <!-- end top posts -->
       </ul>
 
     </div>
@@ -103,11 +102,10 @@
     <div class="mdx-discourse-topics">
       <h3>Latest discussions</h3>
       <div class="grid cards">
-        <ul
-          class="topics-list"
-          data-forum="https://discuss.privacyguides.net"
-          data-feed="https://discuss.privacyguides.net/latest.json"
-          data-count="12">
+        <ul>
+          <!-- start latest posts -->
+
+          <!-- end latest posts -->
         </ul>
       </div>
       <noscript>
@@ -120,7 +118,3 @@
     </div>
   {% endif %}
 {% endblock %}
-{% block scripts %}
-  <script defer src="{{ 'assets/javascripts/discourse-topics.js' | url }}"></script>
-  {{ super() }}
-{% endblock %}

theme/main.html

@@ -93,12 +93,12 @@
   {% endif %}
 {% endblock %}
 
-{% if config.theme.language == "en" %}
+{% if config.theme.language == "en" and config.extra.context == "production" %}
   {% block announce %}
     <span>
       <strong>We don't run ads, we don't use affiliate links, and we don't have paywalls.</strong> We rely on our readers to build this community and spread the word.<br>
       If you've received $3 worth of knowledge here, please donate today if you're able to. It really helps.
-      <a href="/en/about/donate">
+      <a href="https://donate.magicgrants.org/privacyguides" target="_blank">
         <span class="twemoji pg-red">
           {% include ".icons/material/heart.svg" %}
         </span>