Update blog/posts/taking-advantage-of-android-user-profiles.md

Co-authored-by: redoomed1 <redoomed1@privacyguides.org>
Signed-off-by: Jonah Aragon <jonah@triplebit.net>

.devcontainer/Caddyfile

@@ -1,6 +0,0 @@
-:1337 {
-	reverse_proxy /articles/* http://127.0.0.1:8001
-	reverse_proxy /videos/* http://127.0.0.1:8002
-	reverse_proxy /en/* http://127.0.0.1:8000
-	redir / /en/
-}

.devcontainer/devcontainer.json

@@ -1,131 +1,8 @@
-// For format details, see https://aka.ms/devcontainer.json.
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/python
 {
-  "name": "Privacy Guides",
-  "image": "ghcr.io/privacyguides/privacyguides.org:sha-750239d",
-  "overrideCommand": true,
-  "portsAttributes": {
-    "1337": {
-      "label": "Website Live Preview",
-      "onAutoForward": "notify"
-    },
-    "8000": {
-      "label": "Main",
-      "onAutoForward": "silent"
-    },
-    "8001": {
-      "label": "Articles",
-      "onAutoForward": "silent"
-    },
-    "8002": {
-      "label": "Videos",
-      "onAutoForward": "silent"
-    }
-  },
-  "otherPortsAttributes": {
-    "onAutoForward": "ignore"
-  },
-  "mounts": [
-    "source=${env:HOME}${env:USERPROFILE}/.config,target=/root/.config,type=bind"
-  ],
-  "updateContentCommand": "git submodule update --init theme/assets/brand",
-  "customizations": {
-    "vscode": {
-      "settings": {
-        "tasks": {
-          "version": "2.0.0",
-          "tasks": [
-            {
-              "label": "Articles",
-              "type": "shell",
-              "command": "mkdocs serve --config-file=mkdocs.blog.yml --dev-addr=localhost:8001",
-              "group": "test",
-              "runOptions": {
-                "runOn": "folderOpen"
-              },
-              "presentation": {
-                "reveal": "always",
-                "panel": "dedicated",
-                "group": "Live server"
-              }
-            },
-            {
-              "label": "Videos",
-              "type": "shell",
-              "command": "mkdocs serve --config-file=mkdocs.videos.yml --dev-addr=localhost:8002",
-              "group": "test",
-              "runOptions": {
-                "runOn": "folderOpen"
-              },
-              "presentation": {
-                "reveal": "always",
-                "panel": "dedicated",
-                "group": "Live server"
-              }
-            },
-            {
-              "label": "Main",
-              "type": "shell",
-              "command": "./run.sh --cmd=mkdocs --insiders --production",
-              "group": "test",
-              "runOptions": {
-                "runOn": "folderOpen"
-              },
-              "presentation": {
-                "reveal": "always",
-                "panel": "dedicated",
-                "group": "Live server",
-                "focus": true
-              }
-            },
-            {
-              "label": "Caddy",
-              "type": "shell",
-              "command": "caddy run --config .devcontainer/Caddyfile",
-              "group": "test",
-              "runOptions": {
-                "runOn": "folderOpen"
-              },
-              "presentation": {
-                "reveal": "never",
-                "panel": "dedicated"
-              }
-            }
-          ]
-        }
-      },
-      "extensions": [
-        "EditorConfig.EditorConfig",
-        "DavidAnson.vscode-markdownlint",
-        "wholroyd.jinja",
-        "mikestead.dotenv",
-        "redhat.vscode-yaml",
-        "ecmel.vscode-html-css",
-        "yzhang.markdown-all-in-one",
-        "bierner.markdown-checkbox",
-        "bierner.markdown-emoji",
-        "bierner.markdown-footnotes",
-        "bierner.markdown-preview-github-styles",
-        "esbenp.prettier-vscode",
-        "ltex-plus.vscode-ltex-plus",
-        "ms-python.python",
-        "github.vscode-github-actions",
-        "matthewpi.caddyfile-support",
-        "ms-vsliveshare.vsliveshare"
-      ]
-    },
-    "codespaces": {
-      "repositories": {
-        "privacyguides/mkdocs-material-insiders": {
-          "permissions": {
-            "content": "read"
-          }
-        },
-        "privacyguides/brand": {
-          "permissions": {
-            "content": "read"
-          }
-        }
-      }
-    }
-  }
+	"name": "Privacy Guides",
+	"image": "ghcr.io/squidfunk/mkdocs-material:9.5.17",
+	"forwardPorts": [8000],
+  "postCreateCommand": "git submodule init; git submodule update theme/assets/brand; apk add bash; /bin/bash run.sh --cmd=mkdocs --cmd_flags=--dev-addr=0.0.0.0:8000"
 }

.devcontainer/team/devcontainer.json

@@ -0,0 +1,8 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/python
+{
+	"name": "Privacy Guides Team",
+	"image": "ghcr.io/privacyguides/privacyguides.org:main",
+	"forwardPorts": [8000],
+  "postCreateCommand": "git submodule init; git submodule update theme/assets/brand; ./run.sh --cmd=mkdocs --insiders --production --cmd_flags=--dev-addr=0.0.0.0:8000"
+}

.github/workflows/build-blog.yml

@@ -82,18 +82,6 @@ jobs:
           pip install mkdocs-material mkdocs-rss-plugin mkdocs-glightbox mkdocs-macros-plugin
           sudo apt install pngquant
 
-      - name: Set base navigation URLs for production build
-        if: inputs.context == 'production'
-        run: |
-          {
-            echo "MAIN_SITE_BASE_URL=https://www.privacyguides.org/en/"
-            echo "MAIN_SITE_ABOUT_URL=https://www.privacyguides.org/en/about/"
-            echo "MAIN_SITE_RECOMMENDATIONS_URL=https://www.privacyguides.org/en/tools/"
-            echo "MAIN_SITE_KNOWLEDGE_BASE_URL=https://www.privacyguides.org/en/basics/why-privacy-matters/"
-            echo "ARTICLES_SITE_BASE_URL=https://www.privacyguides.org/articles/"
-            echo "VIDEOS_SITE_BASE_URL=https://www.privacyguides.org/videos/"
-          } >> "$GITHUB_ENV"
-
       - name: Build Website (Privileged)
         if: inputs.privileged
         run: |

.github/workflows/build-container.yml

@@ -1,7 +1,9 @@
 name: ☁️ Build Container
 
-# Configures this workflow to run every release.
+# Configures this workflow to run every time a change is pushed to the branch called `release`.
 on:
+  push:
+    branches: ["main"]
   release:
     types: [published]
   workflow_dispatch:
@@ -73,12 +75,6 @@ jobs:
           flavor: |
             latest=${{ github.event_name == 'release' }}
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
       # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
       # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
       # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
@@ -89,9 +85,6 @@ jobs:
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-          platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
 
   cleanup:
     if: ${{ always() }}

.github/workflows/build-videos.yml

@@ -82,18 +82,6 @@ jobs:
           pip install mkdocs-material mkdocs-rss-plugin mkdocs-glightbox mkdocs-macros-plugin
           sudo apt install pngquant
 
-      - name: Set base navigation URLs for production build
-        if: inputs.context == 'production'
-        run: |
-          {
-            echo "MAIN_SITE_BASE_URL=https://www.privacyguides.org/en/"
-            echo "MAIN_SITE_ABOUT_URL=https://www.privacyguides.org/en/about/"
-            echo "MAIN_SITE_RECOMMENDATIONS_URL=https://www.privacyguides.org/en/tools/"
-            echo "MAIN_SITE_KNOWLEDGE_BASE_URL=https://www.privacyguides.org/en/basics/why-privacy-matters/"
-            echo "ARTICLES_SITE_BASE_URL=https://www.privacyguides.org/articles/"
-            echo "VIDEOS_SITE_BASE_URL=https://www.privacyguides.org/videos/"
-          } >> "$GITHUB_ENV"
-
       - name: Build Website (Privileged)
         if: inputs.privileged
         run: |

.github/workflows/build.yml

@@ -57,18 +57,6 @@ jobs:
             echo "EXTRA_FLAGS=""$EXTRA_FLAGS" --production""
           } >> "$GITHUB_ENV"
 
-      - name: Set base navigation URLs for production build
-        if: inputs.context == 'production'
-        run: |
-          {
-            echo "MAIN_SITE_BASE_URL=https://www.privacyguides.org/en/"
-            echo "MAIN_SITE_ABOUT_URL=https://www.privacyguides.org/en/about/"
-            echo "MAIN_SITE_RECOMMENDATIONS_URL=https://www.privacyguides.org/en/tools/"
-            echo "MAIN_SITE_KNOWLEDGE_BASE_URL=https://www.privacyguides.org/en/basics/why-privacy-matters/"
-            echo "ARTICLES_SITE_BASE_URL=https://www.privacyguides.org/articles/"
-            echo "VIDEOS_SITE_BASE_URL=https://www.privacyguides.org/videos/"
-          } >> "$GITHUB_ENV"
-
       - name: Set Metadata for Privileged Builds
         if: inputs.privileged
         run: |

.github/workflows/publish-immediate.yml

@@ -59,7 +59,6 @@ jobs:
       repo: ${{ github.repository }}
       ref: ${{ github.ref }}
       continue-on-error: false
-      context: production
 
   build_videos:
     needs: submodule
@@ -70,7 +69,6 @@ jobs:
       repo: ${{ github.repository }}
       ref: ${{ github.ref }}
       continue-on-error: false
-      context: production
 
   deploy:
     needs: [build_blog, build_videos]

.github/workflows/publish-release.yml

@@ -75,7 +75,6 @@ jobs:
       repo: ${{ github.repository }}
       ref: ${{ github.ref }}
       continue-on-error: false
-      context: production
 
   build_videos:
     needs: submodule
@@ -86,7 +85,6 @@ jobs:
       repo: ${{ github.repository }}
       ref: ${{ github.ref }}
       continue-on-error: false
-      context: production
 
   release:
     name: Create release notes

.gitmodules

@@ -3,4 +3,4 @@
 	url = https://github.com/privacyguides/brand.git
 [submodule "modules/mkdocs-material"]
 	path = modules/mkdocs-material
-	url = https://github.com/privacyguides/mkdocs-material-insiders.git
+	url = git@github.com:privacyguides/mkdocs-material-insiders.git

.vscode/extensions.json

@@ -27,15 +27,11 @@
     "redhat.vscode-yaml",
     "ecmel.vscode-html-css",
     "yzhang.markdown-all-in-one",
+    "valentjn.vscode-ltex",
     "bierner.markdown-checkbox",
     "bierner.markdown-emoji",
     "bierner.markdown-footnotes",
     "bierner.markdown-preview-github-styles",
-    "esbenp.prettier-vscode",
-    "ltex-plus.vscode-ltex-plus",
-    "ms-python.python",
-    "github.vscode-github-actions",
-    "ms-vscode-remote.remote-containers",
-    "github.codespaces"
+    "esbenp.prettier-vscode"
   ]
 }

.vscode/ltex.dictionary.en-US.txt

@@ -561,11 +561,3 @@ Chaum
 unlinkability
 Kagi
 Secureblue
-pseudonymity
-TrueNAS
-Arti
-Tailscale
-allowlisted
-MyMonero
-Monero-LWS
-OkCupid

Dockerfile

@@ -1,69 +1,72 @@
-FROM python:3.12-bookworm AS base
+FROM python:3.13-alpine as base
 
 LABEL org.opencontainers.image.source="https://github.com/privacyguides/privacyguides.org"
 
-# Setup environment
-ENV LANG=C.UTF-8
-ENV LC_ALL=C.UTF-8
-ENV PYTHONDONTWRITEBYTECODE=1
-ENV PYTHONFAULTHANDLER=1
+# Setup env
+ENV LANG C.UTF-8
+ENV LC_ALL C.UTF-8
+ENV PYTHONDONTWRITEBYTECODE 1
+ENV PYTHONFAULTHANDLER 1
 
-####################################################
-# Stage: python-deps
-# Install pipenv and compilation dependencies
-####################################################
 FROM base AS python-deps
 
-# Install pipenv
-RUN pip install --no-cache-dir pipenv
+# Install pipenv and compilation dependencies
+RUN pip install pipenv
+RUN \
+  apk upgrade --update-cache -a \
+&& \
+  apk add --no-cache \
+    gcc \
+    libffi-dev \
+    musl-dev
 
-# Install build tools and libraries needed to compile any Python packages
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends \
-      gcc \
-      libffi-dev \
-      build-essential \
-    && rm -rf /var/lib/apt/lists/*
-
-# Copy Pipfile, Pipfile.lock, and any local modules needed for dependency resolution
+# Install python dependencies in /.venv
 COPY modules/mkdocs-material ./modules/mkdocs-material
 COPY Pipfile .
 COPY Pipfile.lock .
-
-# Install all Python dependencies into a project‐local virtual environment at /.venv
 RUN PIPENV_VENV_IN_PROJECT=1 pipenv install --deploy
 
-####################################################
-# Stage: runtime
-# Install runtime dependencies and copy runtime artifacts
-####################################################
 FROM base AS runtime
 
-# Install runtime packages (GTK/Cairo, image processing libraries, Git, etc.)
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends \
-      libcairo2-dev \
-      libfreetype6-dev \
-      git \
-      libjpeg-dev \
-      libpng-dev \
-      openssh-client \
-      pngquant \
-      tini \
-      zlib1g-dev \
-      libffi-dev \
-      bash \
-      caddy \
-    && rm -rf /var/lib/apt/lists/*
+# Install runtime dependencies
+RUN \
+  apk upgrade --update-cache -a \
+&& \
+  apk add --no-cache \
+    cairo \
+    freetype-dev \
+    git \
+    git-fast-import \
+    jpeg-dev \
+    openssh \
+    pngquant \
+    tini \
+    zlib-dev \
+    libffi-dev \
+    musl-dev \
+    bash
 
-# Copy virtual environment and local mkdocs-material module from python-deps stage
+# Copy virtual env from python-deps stage
 COPY --from=python-deps /.venv /.venv
 COPY --from=python-deps /modules/mkdocs-material /modules/mkdocs-material
-
-# Ensure the virtual environment’s bin directory is first in PATH
 ENV PATH="/.venv/bin:$PATH"
 
+# Create and switch to a new user
+RUN mkdir /site
+WORKDIR /site
+
+COPY docs docs
+COPY theme theme
+COPY includes includes
+COPY *.yml .
+COPY .cache/plugin/social/fonts .cache/plugin/social/fonts
+COPY run.sh .
+
+EXPOSE 8000
+
+ENV MKDOCS_INHERIT mkdocs-production.yml
+
 HEALTHCHECK NONE
 
-# Entry point script and default cmd for running mkdocs
-ENTRYPOINT ["/bin/bash"]
+ENTRYPOINT ["./run.sh"]
+CMD ["--cmd=mkdocs", "--insiders", "--cmd_flags=--dev-addr=0.0.0.0:8000"]

Pipfile.lock

@@ -41,11 +41,11 @@
                 "filecache"
             ],
             "hashes": [
-                "sha256:73e7efec4b06b20d9267b441c1f733664f989fb8688391b670ca812d70795d11",
-                "sha256:b35e44a3113f17d2a31c1e6b27b9de6d4405f84ae51baa8c1d3cc5b633010cae"
+                "sha256:7d47d19f866409b98ff6025b6a0fca8e4c791fb31abbd95f622093894ce903a2",
+                "sha256:ebad2091bf12d0d200dfc2464330db638c5deb41d546f6d7aca079e87290f3b0"
             ],
-            "markers": "python_version >= '3.9'",
-            "version": "==0.14.3"
+            "markers": "python_version >= '3.8'",
+            "version": "==0.14.2"
         },
         "cairocffi": {
             "hashes": [
@@ -64,11 +64,11 @@
         },
         "certifi": {
             "hashes": [
-                "sha256:0a816057ea3cdefcef70270d2c515e4506bbc954f417fa5ade2021213bb8f0c6",
-                "sha256:30350364dfe371162649852c63336a15c70c6510c2ad5015b21c2345311805f3"
+                "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651",
+                "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"
             ],
             "markers": "python_version >= '3.6'",
-            "version": "==2025.4.26"
+            "version": "==2025.1.31"
         },
         "cffi": {
             "hashes": [
@@ -145,109 +145,109 @@
         },
         "charset-normalizer": {
             "hashes": [
-                "sha256:005fa3432484527f9732ebd315da8da8001593e2cf46a3d817669f062c3d9ed4",
-                "sha256:046595208aae0120559a67693ecc65dd75d46f7bf687f159127046628178dc45",
-                "sha256:0c29de6a1a95f24b9a1aa7aefd27d2487263f00dfd55a77719b530788f75cff7",
-                "sha256:0c8c57f84ccfc871a48a47321cfa49ae1df56cd1d965a09abe84066f6853b9c0",
-                "sha256:0f5d9ed7f254402c9e7d35d2f5972c9bbea9040e99cd2861bd77dc68263277c7",
-                "sha256:18dd2e350387c87dabe711b86f83c9c78af772c748904d372ade190b5c7c9d4d",
-                "sha256:1b1bde144d98e446b056ef98e59c256e9294f6b74d7af6846bf5ffdafd687a7d",
-                "sha256:1c95a1e2902a8b722868587c0e1184ad5c55631de5afc0eb96bc4b0d738092c0",
-                "sha256:1cad5f45b3146325bb38d6855642f6fd609c3f7cad4dbaf75549bf3b904d3184",
-                "sha256:21b2899062867b0e1fde9b724f8aecb1af14f2778d69aacd1a5a1853a597a5db",
-                "sha256:24498ba8ed6c2e0b56d4acbf83f2d989720a93b41d712ebd4f4979660db4417b",
-                "sha256:25a23ea5c7edc53e0f29bae2c44fcb5a1aa10591aae107f2a2b2583a9c5cbc64",
-                "sha256:289200a18fa698949d2b39c671c2cc7a24d44096784e76614899a7ccf2574b7b",
-                "sha256:28a1005facc94196e1fb3e82a3d442a9d9110b8434fc1ded7a24a2983c9888d8",
-                "sha256:32fc0341d72e0f73f80acb0a2c94216bd704f4f0bce10aedea38f30502b271ff",
-                "sha256:36b31da18b8890a76ec181c3cf44326bf2c48e36d393ca1b72b3f484113ea344",
-                "sha256:3c21d4fca343c805a52c0c78edc01e3477f6dd1ad7c47653241cf2a206d4fc58",
-                "sha256:3fddb7e2c84ac87ac3a947cb4e66d143ca5863ef48e4a5ecb83bd48619e4634e",
-                "sha256:43e0933a0eff183ee85833f341ec567c0980dae57c464d8a508e1b2ceb336471",
-                "sha256:4a476b06fbcf359ad25d34a057b7219281286ae2477cc5ff5e3f70a246971148",
-                "sha256:4e594135de17ab3866138f496755f302b72157d115086d100c3f19370839dd3a",
-                "sha256:50bf98d5e563b83cc29471fa114366e6806bc06bc7a25fd59641e41445327836",
-                "sha256:5a9979887252a82fefd3d3ed2a8e3b937a7a809f65dcb1e068b090e165bbe99e",
-                "sha256:5baececa9ecba31eff645232d59845c07aa030f0c81ee70184a90d35099a0e63",
-                "sha256:5bf4545e3b962767e5c06fe1738f951f77d27967cb2caa64c28be7c4563e162c",
-                "sha256:6333b3aa5a12c26b2a4d4e7335a28f1475e0e5e17d69d55141ee3cab736f66d1",
-                "sha256:65c981bdbd3f57670af8b59777cbfae75364b483fa8a9f420f08094531d54a01",
-                "sha256:68a328e5f55ec37c57f19ebb1fdc56a248db2e3e9ad769919a58672958e8f366",
-                "sha256:6a0289e4589e8bdfef02a80478f1dfcb14f0ab696b5a00e1f4b8a14a307a3c58",
-                "sha256:6b66f92b17849b85cad91259efc341dce9c1af48e2173bf38a85c6329f1033e5",
-                "sha256:6c9379d65defcab82d07b2a9dfbfc2e95bc8fe0ebb1b176a3190230a3ef0e07c",
-                "sha256:6fc1f5b51fa4cecaa18f2bd7a003f3dd039dd615cd69a2afd6d3b19aed6775f2",
-                "sha256:70f7172939fdf8790425ba31915bfbe8335030f05b9913d7ae00a87d4395620a",
-                "sha256:721c76e84fe669be19c5791da68232ca2e05ba5185575086e384352e2c309597",
-                "sha256:7222ffd5e4de8e57e03ce2cef95a4c43c98fcb72ad86909abdfc2c17d227fc1b",
-                "sha256:75d10d37a47afee94919c4fab4c22b9bc2a8bf7d4f46f87363bcf0573f3ff4f5",
-                "sha256:76af085e67e56c8816c3ccf256ebd136def2ed9654525348cfa744b6802b69eb",
-                "sha256:770cab594ecf99ae64c236bc9ee3439c3f46be49796e265ce0cc8bc17b10294f",
-                "sha256:7a6ab32f7210554a96cd9e33abe3ddd86732beeafc7a28e9955cdf22ffadbab0",
-                "sha256:7c48ed483eb946e6c04ccbe02c6b4d1d48e51944b6db70f697e089c193404941",
-                "sha256:7f56930ab0abd1c45cd15be65cc741c28b1c9a34876ce8c17a2fa107810c0af0",
-                "sha256:8075c35cd58273fee266c58c0c9b670947c19df5fb98e7b66710e04ad4e9ff86",
-                "sha256:8272b73e1c5603666618805fe821edba66892e2870058c94c53147602eab29c7",
-                "sha256:82d8fd25b7f4675d0c47cf95b594d4e7b158aca33b76aa63d07186e13c0e0ab7",
-                "sha256:844da2b5728b5ce0e32d863af26f32b5ce61bc4273a9c720a9f3aa9df73b1455",
-                "sha256:8755483f3c00d6c9a77f490c17e6ab0c8729e39e6390328e42521ef175380ae6",
-                "sha256:915f3849a011c1f593ab99092f3cecfcb4d65d8feb4a64cf1bf2d22074dc0ec4",
-                "sha256:926ca93accd5d36ccdabd803392ddc3e03e6d4cd1cf17deff3b989ab8e9dbcf0",
-                "sha256:982bb1e8b4ffda883b3d0a521e23abcd6fd17418f6d2c4118d257a10199c0ce3",
-                "sha256:98f862da73774290f251b9df8d11161b6cf25b599a66baf087c1ffe340e9bfd1",
-                "sha256:9cbfacf36cb0ec2897ce0ebc5d08ca44213af24265bd56eca54bee7923c48fd6",
-                "sha256:a370b3e078e418187da8c3674eddb9d983ec09445c99a3a263c2011993522981",
-                "sha256:a955b438e62efdf7e0b7b52a64dc5c3396e2634baa62471768a64bc2adb73d5c",
-                "sha256:aa6af9e7d59f9c12b33ae4e9450619cf2488e2bbe9b44030905877f0b2324980",
-                "sha256:aa88ca0b1932e93f2d961bf3addbb2db902198dca337d88c89e1559e066e7645",
-                "sha256:aaeeb6a479c7667fbe1099af9617c83aaca22182d6cf8c53966491a0f1b7ffb7",
-                "sha256:aaf27faa992bfee0264dc1f03f4c75e9fcdda66a519db6b957a3f826e285cf12",
-                "sha256:b2680962a4848b3c4f155dc2ee64505a9c57186d0d56b43123b17ca3de18f0fa",
-                "sha256:b2d318c11350e10662026ad0eb71bb51c7812fc8590825304ae0bdd4ac283acd",
-                "sha256:b33de11b92e9f75a2b545d6e9b6f37e398d86c3e9e9653c4864eb7e89c5773ef",
-                "sha256:b3daeac64d5b371dea99714f08ffc2c208522ec6b06fbc7866a450dd446f5c0f",
-                "sha256:be1e352acbe3c78727a16a455126d9ff83ea2dfdcbc83148d2982305a04714c2",
-                "sha256:bee093bf902e1d8fc0ac143c88902c3dfc8941f7ea1d6a8dd2bcb786d33db03d",
-                "sha256:c72fbbe68c6f32f251bdc08b8611c7b3060612236e960ef848e0a517ddbe76c5",
-                "sha256:c9e36a97bee9b86ef9a1cf7bb96747eb7a15c2f22bdb5b516434b00f2a599f02",
-                "sha256:cddf7bd982eaa998934a91f69d182aec997c6c468898efe6679af88283b498d3",
-                "sha256:cf713fe9a71ef6fd5adf7a79670135081cd4431c2943864757f0fa3a65b1fafd",
-                "sha256:d11b54acf878eef558599658b0ffca78138c8c3655cf4f3a4a673c437e67732e",
-                "sha256:d41c4d287cfc69060fa91cae9683eacffad989f1a10811995fa309df656ec214",
-                "sha256:d524ba3f1581b35c03cb42beebab4a13e6cdad7b36246bd22541fa585a56cccd",
-                "sha256:daac4765328a919a805fa5e2720f3e94767abd632ae410a9062dff5412bae65a",
-                "sha256:db4c7bf0e07fc3b7d89ac2a5880a6a8062056801b83ff56d8464b70f65482b6c",
-                "sha256:dc7039885fa1baf9be153a0626e337aa7ec8bf96b0128605fb0d77788ddc1681",
-                "sha256:dccab8d5fa1ef9bfba0590ecf4d46df048d18ffe3eec01eeb73a42e0d9e7a8ba",
-                "sha256:dedb8adb91d11846ee08bec4c8236c8549ac721c245678282dcb06b221aab59f",
-                "sha256:e45ba65510e2647721e35323d6ef54c7974959f6081b58d4ef5d87c60c84919a",
-                "sha256:e53efc7c7cee4c1e70661e2e112ca46a575f90ed9ae3fef200f2a25e954f4b28",
-                "sha256:e635b87f01ebc977342e2697d05b56632f5f879a4f15955dfe8cef2448b51691",
-                "sha256:e70e990b2137b29dc5564715de1e12701815dacc1d056308e2b17e9095372a82",
-                "sha256:e8082b26888e2f8b36a042a58307d5b917ef2b1cacab921ad3323ef91901c71a",
-                "sha256:e8323a9b031aa0393768b87f04b4164a40037fb2a3c11ac06a03ffecd3618027",
-                "sha256:e92fca20c46e9f5e1bb485887d074918b13543b1c2a1185e69bb8d17ab6236a7",
-                "sha256:eb30abc20df9ab0814b5a2524f23d75dcf83cde762c161917a2b4b7b55b1e518",
-                "sha256:eba9904b0f38a143592d9fc0e19e2df0fa2e41c3c3745554761c5f6447eedabf",
-                "sha256:ef8de666d6179b009dce7bcb2ad4c4a779f113f12caf8dc77f0162c29d20490b",
-                "sha256:efd387a49825780ff861998cd959767800d54f8308936b21025326de4b5a42b9",
-                "sha256:f0aa37f3c979cf2546b73e8222bbfa3dc07a641585340179d768068e3455e544",
-                "sha256:f4074c5a429281bf056ddd4c5d3b740ebca4d43ffffe2ef4bf4d2d05114299da",
-                "sha256:f69a27e45c43520f5487f27627059b64aaf160415589230992cec34c5e18a509",
-                "sha256:fb707f3e15060adf5b7ada797624a6c6e0138e2a26baa089df64c68ee98e040f",
-                "sha256:fcbe676a55d7445b22c10967bceaaf0ee69407fbe0ece4d032b6eb8d4565982a",
-                "sha256:fdb20a30fe1175ecabed17cbf7812f7b804b8a315a25f24678bcdf120a90077f"
+                "sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537",
+                "sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa",
+                "sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a",
+                "sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294",
+                "sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b",
+                "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd",
+                "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601",
+                "sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd",
+                "sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4",
+                "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d",
+                "sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2",
+                "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313",
+                "sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd",
+                "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa",
+                "sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8",
+                "sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1",
+                "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2",
+                "sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496",
+                "sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d",
+                "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b",
+                "sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e",
+                "sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a",
+                "sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4",
+                "sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca",
+                "sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78",
+                "sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408",
+                "sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5",
+                "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3",
+                "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f",
+                "sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a",
+                "sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765",
+                "sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6",
+                "sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146",
+                "sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6",
+                "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9",
+                "sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd",
+                "sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c",
+                "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f",
+                "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545",
+                "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176",
+                "sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770",
+                "sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824",
+                "sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f",
+                "sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf",
+                "sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487",
+                "sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d",
+                "sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd",
+                "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b",
+                "sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534",
+                "sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f",
+                "sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b",
+                "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9",
+                "sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd",
+                "sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125",
+                "sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9",
+                "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de",
+                "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11",
+                "sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d",
+                "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35",
+                "sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f",
+                "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda",
+                "sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7",
+                "sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a",
+                "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971",
+                "sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8",
+                "sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41",
+                "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d",
+                "sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f",
+                "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757",
+                "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a",
+                "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886",
+                "sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77",
+                "sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76",
+                "sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247",
+                "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85",
+                "sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb",
+                "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7",
+                "sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e",
+                "sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6",
+                "sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037",
+                "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1",
+                "sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e",
+                "sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807",
+                "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407",
+                "sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c",
+                "sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12",
+                "sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3",
+                "sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089",
+                "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd",
+                "sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e",
+                "sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00",
+                "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616"
             ],
             "markers": "python_version >= '3.7'",
-            "version": "==3.4.2"
+            "version": "==3.4.1"
         },
         "click": {
             "hashes": [
-                "sha256:27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202",
-                "sha256:61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b"
+                "sha256:63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2",
+                "sha256:ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a"
             ],
-            "markers": "python_version >= '3.10'",
-            "version": "==8.2.1"
+            "markers": "python_version >= '3.7'",
+            "version": "==8.1.8"
         },
         "colorama": {
             "hashes": [
@@ -275,11 +275,10 @@
         },
         "filelock": {
             "hashes": [
-                "sha256:adbc88eabb99d2fec8c9c1b229b171f18afa655400173ddc653d5d01501fb9f2",
-                "sha256:c401f4f8377c4464e6db25fff06205fd89bdd83b65eb0488ed1b160f780e21de"
+                "sha256:533dc2f7ba78dc2f0f531fc6c4940addf7b70a481e269a5a3b93be94ffbe8338",
+                "sha256:ee4e77401ef576ebb38cd7f13b9b28893194acc20a8e68e18730ba9c0e54660e"
             ],
-            "markers": "python_version >= '3.9'",
-            "version": "==3.18.0"
+            "version": "==3.17.0"
         },
         "ghp-import": {
             "hashes": [
@@ -336,11 +335,11 @@
         },
         "markdown": {
             "hashes": [
-                "sha256:794a929b79c5af141ef5ab0f2f642d0f7b1872981250230e72682346f7cc90dc",
-                "sha256:7df81e63f0df5c4b24b7d156eb81e4690595239b7d70937d0409f1b0de319c6f"
+                "sha256:2ae2471477cfd02dbbf038d5d9bc226d40def84b4fe2986e49b59b6b472bbed2",
+                "sha256:7eb6df5690b81a1d7942992c97fad2938e956e79df20cbc6186e9c3a77b1c803"
             ],
-            "markers": "python_version >= '3.9'",
-            "version": "==3.8"
+            "markers": "python_version >= '3.8'",
+            "version": "==3.7"
         },
         "markupsafe": {
             "hashes": [
@@ -435,21 +434,21 @@
         },
         "mkdocs-git-authors-plugin": {
             "hashes": [
-                "sha256:acdacc8452db90a94d9c395a230b16965a9f2f51e0a6eef182ac7d3e02e394fb",
-                "sha256:e19f0252ead3d626fd73e15bb56d6675704c3b62aa569ebc363f791291b8f60e"
+                "sha256:77f97c321e08a8757beb866293eb257070b11cd5a080976bc6696b249cbade4f",
+                "sha256:f6cefc4dc832865d26f7f9f944c0a8c7dc852742d79320f3800e0d97814e2a84"
             ],
             "index": "pypi",
             "markers": "python_version >= '3.8'",
-            "version": "==0.9.5"
+            "version": "==0.9.2"
         },
         "mkdocs-git-revision-date-localized-plugin": {
             "hashes": [
-                "sha256:056c0a90242409148f1dc94d5c9d2c25b5b8ddd8de45489fa38f7fa7ccad2bc4",
-                "sha256:10a49eff1e1c3cb766e054b9d8360c904ce4fe8c33ac3f6cc083ac6459c91953"
+                "sha256:364d7c4c45c4f333c750e34bc298ac685a7a8bf9b7b52890d52b2f90f1812c4b",
+                "sha256:bb1eca7f156e0c8a587167662923d76efed7f7e0c06b84471aa5ae72a744a434"
             ],
             "index": "pypi",
             "markers": "python_version >= '3.8'",
-            "version": "==1.4.7"
+            "version": "==1.4.1"
         },
         "mkdocs-glightbox": {
             "hashes": [
@@ -485,12 +484,12 @@
         },
         "mkdocs-rss-plugin": {
             "hashes": [
-                "sha256:0a5b3e03dd68cc6b94feb50fc2e47fd427d39c452affe0fc3135289da9810a6d",
-                "sha256:15b99c6b3370f50503fe189e814600b375e5a0d8f99d19f6d8d9b80c1aa56f5c"
+                "sha256:9371d30afb0eda7288c946a89b419aa7a0b8e212d2219584c2dbd23ece93a991",
+                "sha256:ff81f0ece33befd5a0152c196132e15eb93b4b9f7f53644c6d3db8e9a529e186"
             ],
             "index": "pypi",
             "markers": "python_version >= '3.9' and python_version < '4'",
-            "version": "==1.17.3"
+            "version": "==1.17.1"
         },
         "msgpack": {
             "hashes": [
@@ -564,11 +563,11 @@
         },
         "packaging": {
             "hashes": [
-                "sha256:29572ef2b1f17581046b3a2227d5c611fb25ec70ca1ba8554b24b0e69331a484",
-                "sha256:d443872c98d677bf60f6a1f2f8c1cb748e8fe762d2bf9d3148b5599295b0fc4f"
+                "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759",
+                "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"
             ],
             "markers": "python_version >= '3.8'",
-            "version": "==25.0"
+            "version": "==24.2"
         },
         "paginate": {
             "hashes": [
@@ -672,11 +671,11 @@
         },
         "platformdirs": {
             "hashes": [
-                "sha256:3d512d96e16bcb959a814c9f348431070822a6496326a4be0911c40b5a74c2bc",
-                "sha256:ff7059bb7eb1179e2685604f4aaf157cfd9535242bd23742eadc3c13542139b4"
+                "sha256:357fb2acbc885b0419afd3ce3ed34564c13c9b95c89360cd9563f73aa5e2b907",
+                "sha256:73e575e1408ab8103900836b97580d5307456908a03e92031bab39e4554cc3fb"
             ],
-            "markers": "python_version >= '3.9'",
-            "version": "==4.3.8"
+            "markers": "python_version >= '3.8'",
+            "version": "==4.3.6"
         },
         "pycparser": {
             "hashes": [
@@ -707,15 +706,16 @@
                 "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3",
                 "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427"
             ],
-            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2'",
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
             "version": "==2.9.0.post0"
         },
         "pytz": {
             "hashes": [
-                "sha256:360b9e3dbb49a209c21ad61809c7fb453643e048b38924c765813546746e81c3",
-                "sha256:5ddf76296dd8c44c26eb8f4b6f35488f3ccbf6fbbd7adee0b7262d43f0ec2f00"
+                "sha256:89dd22dca55b46eac6eda23b2d72721bf1bdfef212645d81513ef5d03038de57",
+                "sha256:c2db42be2a2518b28e65f9207c4d05e6ff547d1efa4086469ef855e4ab70178e"
             ],
-            "version": "==2025.2"
+            "markers": "python_version < '3.9'",
+            "version": "==2025.1"
         },
         "pyyaml": {
             "hashes": [
@@ -778,11 +778,11 @@
         },
         "pyyaml-env-tag": {
             "hashes": [
-                "sha256:17109e1a528561e32f026364712fee1264bc2ea6715120891174ed1b980d2e04",
-                "sha256:2eb38b75a2d21ee0475d6d97ec19c63287a7e140231e4214969d0eac923cd7ff"
+                "sha256:70092675bda14fdec33b31ba77e7543de9ddc88f2e5b99160396572d11525bdb",
+                "sha256:af31106dec8a4d68c60207c1886031cbf839b68aa7abccdb19868200532c2069"
             ],
-            "markers": "python_version >= '3.9'",
-            "version": "==1.1"
+            "markers": "python_version >= '3.6'",
+            "version": "==0.1"
         },
         "requests": {
             "hashes": [
@@ -797,7 +797,7 @@
                 "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274",
                 "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"
             ],
-            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2'",
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
             "version": "==1.17.0"
         },
         "smmap": {
@@ -818,11 +818,11 @@
         },
         "termcolor": {
             "hashes": [
-                "sha256:591dd26b5c2ce03b9e43f391264626557873ce1d379019786f99b0c2bee140aa",
-                "sha256:6a6dd7fbee581909eeec6a756cff1d7f7c376063b14e4a298dc4980309e55970"
+                "sha256:37b17b5fc1e604945c2642c872a3764b5d547a48009871aea3edd3afa180afb8",
+                "sha256:998d8d27da6d48442e8e1f016119076b690d962507531df4890fcd2db2ef8a6f"
             ],
             "markers": "python_version >= '3.9'",
-            "version": "==3.1.0"
+            "version": "==2.5.0"
         },
         "tinycss2": {
             "hashes": [
@@ -834,11 +834,11 @@
         },
         "urllib3": {
             "hashes": [
-                "sha256:414bc6535b787febd7567804cc015fee39daab8ad86268f1310a9250697de466",
-                "sha256:4e16665048960a0900c702d4a66415956a584919c03361cac9f1df5c5dd7e813"
+                "sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df",
+                "sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"
             ],
             "markers": "python_version >= '3.9'",
-            "version": "==2.4.0"
+            "version": "==2.3.0"
         },
         "watchdog": {
             "hashes": [

README.md

@@ -48,8 +48,6 @@ The current list of team members can be found [here](https://www.privacyguides.o
 
 ## Contributing
 
-[![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/privacyguides/privacyguides.org?devcontainer_path=.devcontainer%2Fdevcontainer.json)
-
 - 💬 [Start a discussion or suggest an idea](https://discuss.privacyguides.net)
 - 💖 [Sponsor the project](https://github.com/sponsors/privacyguides)
 - 🈴 [Help translate the site](https://crowdin.com/project/privacyguides) [[Matrix chat](https://matrix.to/#/#pg-i18n:aragon.sh)]
@@ -74,6 +72,18 @@ All contributors to the site are listed [here](#contributors). If you have contr
 
 - **Tor/onion:** [xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion](http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion)
 
+- **IPFS:** `/ipns/ipfs.privacyguides.org` (**not** anonymous)
+    - Please help us out by pinning a copy: [Learn more](https://github.com/privacyguides/webserver/blob/main/ipfs/README.md)
+    - via Cloudflare: [cloudflare-ipfs.com/ipns/ipfs.privacyguides.org](https://cloudflare-ipfs.com/ipns/ipfs.privacyguides.org/en/)
+    - via 4everland: [ipfs-privacyguides-org.ipns.4everland.io](https://ipfs-privacyguides-org.ipns.4everland.io/)
+    - via [@jonaharagon](https://github.com/jonaharagon): [ipfs.jonaharagon.net/ipns/ipfs.privacyguides.org](https://ipfs.jonaharagon.net/ipns/ipfs.privacyguides.org/en/)
+    - via [peer](https://docs.ipfs.tech/how-to/peering-with-content-providers/): `/dnsaddr/node-1.ipfs.jonaharagon.net/p2p/12D3KooWMwqzuApCKxYfo66zq5BrTjCoz9naJ1rrMEBCnwuGGqWB`
+
+- **I2P:** [privacyguides.i2p](http://privacyguides.i2p/?i2paddresshelper=fvbkmooriuqgssrjvbxu7nrwms5zyhf34r3uuppoakwwsm7ysv6q.b32.i2p)
+
+- **Yggdrasil:** [http://[200:f3a6:4922:e067:770d:ac57:fcb1:8dbf]](http://[200:f3a6:4922:e067:770d:ac57:fcb1:8dbf]/en/) (**not** anonymous)
+    - via public peer: `tcp://5.161.245.8:45454`
+
 ### Git Mirrors
 
 [![GitHub](https://img.shields.io/static/v1?logo=github&label=&message=GitHub&color=000&style=for-the-badge)](https://github.com/privacyguides/privacyguides.org)
@@ -100,18 +110,42 @@ When you contribute to this repository you are doing so under the above licenses
 
 ## Developing
 
-The only supported method of building and previewing this website locally is by running the automatic dev container. The easiest way to do this in your web browser without installing any software is to use [GitHub Codespaces](https://codespaces.new/privacyguides/privacyguides.org). To build the website locally, you will need the following software:
-
-- macOS/Windows: [Docker Desktop](https://www.docker.com/products/docker-desktop/)
-- Linux: [Docker CE](https://docs.docker.com/get-started/get-docker/#supported-platforms)
-- [VS Code](https://code.visualstudio.com/)
-- [Dev Containers for VS Code](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) extension
-- [GitHub Desktop](https://github.com/apps/desktop) (optional)
-
-You can technically use any IDE which supports [development containers](https://containers.dev/), but YMMV. Docker Desktop has an experimental Dev Environments option which allows you to use any text editor under Settings > Features in development. We are only testing with the combination of software above.
+[![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/privacyguides/privacyguides.org?devcontainer_path=.devcontainer%2Fdevcontainer.json)
 
 Committing to this repository requires [signing your commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) (`git config commit.gpgsign true`) unless you are making edits via the GitHub.com text editor interface. As of August 2022 the preferred signing method is [SSH commit signatures](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#ssh-commit-signature-verification), but GPG signing is also acceptable. You should add your signing key to your GitHub profile.
 
+### With `mkdocs-material`
+
+1. Install required packages: `pip install mkdocs-material`
+2. Run a local preview of the English site: `./run.sh --cmd=mkdocs`
+
+### With `mkdocs-material-insiders`
+
+This website uses [`mkdocs-material-insiders`](https://squidfunk.github.io/mkdocs-material/insiders) which offers additional functionality over the open-source `mkdocs-material` project. For obvious reasons we cannot distribute access to the insiders repository.
+
+**Team members** should clone the repository with `mkdocs-material-insiders` directly. This method is identical to production:
+
+1. Clone this repository and submodules: `git clone --recurse-submodules https://github.com/privacyguides/privacyguides.org.git`
+2. Enable SSH commit verification with our local [`.allowed_signers`](/.allowed_signers) file: `git config gpg.ssh.allowedSignersFile .allowed_signers`
+3. Install Python **3.12**.
+4. Install **pipenv**: `pip install pipenv`
+5. Install dependencies: `pipenv install --dev` (install [Pillow and CairoSVG](https://squidfunk.github.io/mkdocs-material/setup/setting-up-social-cards/#dependencies) as well to generate social cards)
+6. Serve the site locally: `./run.sh --insiders` (set `CARDS=true` to generate social cards)
+    - The site will be available at `http://localhost:8000`
+    - You can build the site locally with `./run.sh --insiders --build`
+    - This version of the site should be identical to the live, production version
+
+If you commit to `main` with commits signed with your SSH key, you should add your SSH key to [`.allowed_signers`](/.allowed_signers) in this repo.
+
+### Local Translated Site Builds
+
+1. Install the [Crowdin CLI Tool](https://developer.crowdin.com/cli-tool) (`brew install crowdin`)
+2. Set the `CROWDIN_PERSONAL_TOKEN` environment variable to your Crowdin personal access token
+3. Run `crowdin download` in the root of this repo
+4. Serve the site locally: `./run.sh --insiders --lang=fr` (replacing fr with the appropriate language in [/config](/config))
+
+Translations downloaded from Crowdin are [.gitignore](/.gitignore)'d, so any local changes to the translated site cannot be committed to this repo. Actual modifications need to be made on Crowdin. As an alternative to steps 1-3, you can copy the folders from [privacyguides/i18n](https://github.com/privacyguides/i18n) to the root of this repo to obtain the translated files.
+
 ## Releasing
 
 It is required to create a GitHub release to publish the current site to privacyguides.org. The current `main` branch can be previewed at [https://main.staging.privacyguides.dev](https://main.staging.privacyguides.dev) prior to release.

blog/.authors.yml

@@ -56,13 +56,6 @@ authors:
       instance: neat.computer
     twitter: jonaharagon
     bluesky: jonaharagon.com
-  justin:
-    name: Justin Ehrenhofer
-    description: Guest Contributor
-    avatar: https://github.com/SamsungGalaxyPlayer.png
-    mastodon:
-      username: sgp
-      instance: neat.computer
   kaitebay:
     name: Kai Tebay
     description: Former Team Member

blog/assets/images/digital-provenance/manifest.svg

@@ -1,40 +0,0 @@
-<svg host="65bd71144e" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="201px" height="301px" viewBox="-0.5 -0.5 201 301" content="&lt;mxfile&gt;&lt;diagram id=&quot;7obOEI9IPgsgN9EZozkg&quot; name=&quot;Page-1&quot;&gt;3ZZNb6MwEEB/Te6YrzjHlED3UmmlHPZsYABrDUbGKWR//ZpgCizOtkipKjWHCL/xgP08Gtg5Qdk9C1IXLzwFtrOttNs5p51te9Ze/ffgOoCD4w0gFzQdEJrAmf4BDS1NLzSFZjFRcs4krZcw4VUFiVwwIgRvl9MyzpZPrUkOK3BOCFvTXzSVxUCxZ038B9C8GJ+MLB0pyThZg6YgKW9nyAl3TiA4l8NV2QXAenejlyEvuhN9W5iASn4kwR4SXgm76L0F9s+jIi+kohk0Ui9TXse9Ny0tGanU6CmjjAWccXGLOKkHOHUVb6Tgv2EWwXbs+H4f0cnRMvPkhfjUZ66Xr3f0CkJCN0N6O8/AS5DiqqaM0VGtri1XD9vpoOzxOIrZITkjJLo48rdbT/7UhVZo1umudB6bRi2d8qrZYBLFBIFtMmlZfniM+gxeyRnPbr/7htHTEYW20bC91fA/ghFeG0a+wTB6hOH9yvDKa1tQCeeaJP24VQ1IbbuQpbrjCalL0tRDT8hoB6mhjAngLDHJ9xMMcWaU6G6ViN6tUteg0H2AQfxNDPpfZvDwTQyirytCb/3eYYSWG3pkhhNIjIpi7LnqVXy3F0Y4CIPgc3oh+mAv9B/g0L/n0DrTvCLyImCLzwx8s890f4it//mMQv+TfBoq8lE61XD6zLrFZt+qTvgX&lt;/diagram&gt;&lt;/mxfile&gt;">
-    <defs/>
-    <g>
-        <path d="M 0 23 L 0 0 L 200 0 L 200 23" fill="#d5e8d4" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 0 23 L 0 300 L 200 300 L 200 23" fill="#d5e8d4" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 0 23 L 200 23" fill="none" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="16">
-                C2PA Manifest
-            </text>
-        </g>
-        <path d="M 20 203 L 20 180 L 180 180 L 180 203" fill="#1ba1e2" stroke="#006eaf" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 203 L 20 280 L 180 280 L 180 203" fill="#1ba1e2" stroke="#006eaf" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 203 L 180 203" fill="none" stroke="#006eaf" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#ffffff" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="196">
-                Assertions
-            </text>
-        </g>
-        <rect x="30" y="220" width="40" height="40" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/>
-        <rect x="80" y="220" width="40" height="40" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/>
-        <rect x="130" y="220" width="40" height="40" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/>
-        <path d="M 20 133 L 20 110 L 180 110 L 180 133" fill="#f8cecc" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 133 L 20 170 L 180 170 L 180 133" fill="#f8cecc" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 133 L 180 133" fill="none" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="126">
-                Claim
-            </text>
-        </g>
-        <path d="M 20 63 L 20 40 L 180 40 L 180 63" fill="#ffe6cc" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 63 L 20 100 L 180 100 L 180 63" fill="#ffe6cc" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/>
-        <path d="M 20 63 L 180 63" fill="none" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/>
-        <g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px">
-            <text x="99.5" y="56">
-                Claim Signature
-            </text>
-        </g>
-    </g>
-</svg>

blog/posts/age-verification-wants-your-face.md

@@ -1,112 +0,0 @@
----
-date:
-    created: 2025-05-06T21:45:00Z
-categories:
-    - News
-authors:
-    - em
-description: Age verification laws and propositions forcing platforms to restrict content accessed by children and teens have been multiplying in recent years. The problem is, implementing such measure necessarily requires identifying each user accessing this content, one way or another. This is bad news for your privacy.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp
----
-
-# Age Verification Wants Your Face, and Your Privacy
-
-![A stylized photo showing a person holding a printed photo of their face in front of their actual face.](../assets/images/age-verification-wants-your-face/ageverification-cover.webp)
-
-<small aria-hidden="true">Photo: Kyle Glenn / Unsplash</small>
-
-Age verification laws and propositions forcing platforms to restrict content accessed by children and teens have been multiplying in recent years. The problem is, implementing such measures necessarily requires identifying each user accessing this content, one way or another. This is bad news for your privacy.<!-- more -->
-
-For a few years now, several legislators in North America, Europe, and Australia have expressed concern about children and teens accessing certain types of content online. While there is no doubt some online content can be worrisome, implementing a technological solution for this is [extremely problematic](https://www.jonaharagon.com/posts/age-verification-is-incompatible-with-the-internet/).
-
-By mandating platforms to be legally responsible to verify a user's age, regulators effectively force them to identify each user requesting access to content deemed inappropriate under a certain age threshold.
-
-If these regulations continue to proliferate, this could lead to the end of pseudonymity online.
-
-## How can age be verified online
-
-Verifying age online is [difficult](https://www.woodhullfoundation.org/fact-checked/online-age-verification-is-not-the-same-as-flashing-your-id-at-a-liquor-store/). There isn't any magical solution to it, it's either recording how a user looks or scanning official documents.
-
-Conducting verification "on-device" offers only few additional protections considering this information still has to be checked and reported with an external service, somehow.
-
-Moreover, processes used to keep this data "on-device" are often opaque. Taking into account how valuable this information is, it becomes very difficult to trust any for-profit third-party services which such a sensitive task.
-
-Users' faces and official documents are two types of very sensitive information. Who becomes responsible to collect, process, store, and safeguard this data? With whom does this data get shared, and for which other purposes? And how accurate is this data anyway?
-
-### Facial scans
-
-Some platforms and third-party providers of the rapidly growing "[identity verification industry](https://www.businessresearchinsights.com/market-reports/digital-identity-verification-market-118180)" have started to use facial recognition and face scan systems in order to determine a user's age.
-
-The problem is, the systems are [horrible for everyone's privacy](https://www.liberties.eu/en/stories/facial-recognition-privacy-concerns/44518), extremely problematic to use due to [racist and gendered biases](https://www.aclu-mn.org/en/news/biased-technology-automated-discrimination-facial-recognition), [inaccurate](https://www.eff.org/deeplinks/2025/01/face-scans-estimate-our-age-creepy-af-and-harmful) to determine the correct age, and on top of all that, [can be cheated](https://www.theregister.com/2022/05/22/ai_in_brief/).
-
-### Official documents
-
-The second solution is to require users to provide an official piece of ID. Considering an official ID often contain a photo, full legal name, date of birth, home address, and government specific codes, this is even worse.
-
-All this sensitive data then gets collected by either the platform itself or a third-party provider with little oversight or incentive to protect this data at all. Leaks and breaches for this enormous data trove are just around the corner. Unfortunately, this isn't speculative, [data leaks have already occurred](https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/).
-
-The more copies of your official documents exist online, the greater the risk this data *will get exposed*, and the less value this document has to actually identify you when it's *truly* needed.
-
-And again, this sort of verification is easy to cheat. Any determined teenager will soon learn how to either create a fake ID, use someone else's ID, or go around this verification system in another way.
-
-Age verification laws will *without a doubt* support a flourishing criminal industry to provide fake or stolen IDs even more easily online.
-
-## Where age verification is (or will be) required
-
-In April this year, [Discord started to test age verification systems](https://www.theverge.com/news/650493/discord-age-verification-face-id-scan-experiment) using facial or ID scans, as a way to comply with [Australia](https://www.bbc.co.uk/news/articles/c89vjj0lxx9o)'s and [UK](https://www.theverge.com/2023/10/26/23922397/uk-online-safety-bill-law-passed-royal-assent-moderation-regulation)'s new laws.
-
-This measure only applies to access certain protected posts for users located in Australia and the United Kingdom and at this time, but don't be surprised if it soon gets implemented at the account level for users everywhere.
-
-In the [United States](https://action.freespeechcoalition.com/age-verification-resources/state-avs-laws/), many states have already passed some types of age verification laws, and several others have proposed such laws. In [Canada](https://www.eff.org/deeplinks/2024/09/canadas-leaders-must-reject-overbroad-age-verification-bill) and [Europe](https://digital-strategy.ec.europa.eu/en/funding/call-tenders-development-consultancy-and-support-age-verification-solution), legislators have also been pushing for similar regulations to block content online subject to age verification.
-
-There is no doubt the more countries pass similar prohibitive laws, the more other countries will soon follow.
-
-Some hope however, this month a US federal judge ruled an age verification [law in Arkansas unconstitutional](https://thehill.com/homenews/state-watch/5228836-judge-blocks-social-media-age-verification-law-in-arkansas/).
-
-## Who decides what is sensitive content
-
-When talking about age verification, most assume this only applies to obvious pornographic content. However, many of these laws have [much wider reach](https://www.eff.org/deeplinks/2025/01/impact-age-verification-measures-goes-beyond-porn-sites).
-
-For example, the Australian law prohibits access to social media altogether for anyone under the age of 16. This means that, once the law comes into full effect after its transitional period, anyone who uses social media in Australia will have to prove they are older than this age. It is likely that all Australian users will have to provide some form of identifying data to continue using their social media accounts. **This is a privacy nightmare.**
-
-When laws target specific content, definition of what is appropriate and what isn't is often too broad. Moreover, this definition is subject to change from one administration to another.
-
-There are also wide differences from one country to another. For example, some countries sadly consider simple discussions of gender identity or sexual orientation to be sensitive content. What is deemed inappropriate to children in one culture might not be the same in another.
-
-Automating this sort of censorship leads to a lot of misfiring. There has already been numerous instances of [breastfeeding photos mislabelled](https://www.cbc.ca/news/world/facebook-clarifies-breastfeeding-pics-ok-updates-rules-1.2997124) for nudity. Important educational material for sex education could get censored and inaccessible to children, who critically need access to it *before* adulthood.
-
-Who will decide which content should be censored and which shouldn't? Will countries hosting the big tech platforms end up having a greater decision power in the matter? Will platforms simply decide to apply the strongest level of restriction worldwide?
-
-## Age verification isn't effective
-
-Even if we could somehow find a global consensus that is perfectly ethical and never misfires on which content children shouldn't access, it will likely fail.
-
-Children, and teenagers especially, are and have always been incredibly effective at going around such limitation to feed their curious minds.
-
-First, there are technical tools such as VPNs and proxies of all sort to go around location-based restrictions. Then, there's the classic fake ID, and its modern evolution: deepfake face. There will also be without a doubt a growing market of pre-verified "adult" accounts up for sale online.
-
-Perhaps age verification measures will work for a couple of months, until products to evade it get the word out, then they'll become useless. Only leaving the ashes of your social media legal consenting adult pseudonymity in its path.
-
-## Why it's bad news for everyone's privacy
-
-Age verification will require all platforms and/or third-party identification service providers to collect an enormous trove of sensitive data on everyone.
-
-This goes against all principles of data minimization, generally a vital part of data protection regulations.
-
-Daily occurrences of data breach incidents have taught us we cannot trust these services to safeguard our data. Data breaches for this sensitive information are only a matter of time.
-
-The concentration of such valuable data will likely be monetized and resold either by the platforms themselves, by the for-profit third-party "age assurance" providers they use, or eventually by the criminals who stole it from them.
-
-This data trove will include face scans of children with their location (trying to pass as adults), and faces and official documents from every adult in the world using social media, if this kind of regulation gets implemented at large.
-
-**The privacy and safety implications of this are absolutely disastrous**.
-
-## Age verification is not the solution
-
-Sadly, age verification legislation will not help safeguard children from harmful content online, but it will effectively remove protection for anyone needing pseudonymity online to [stay safe](privacy-means-safety.md). Moreover, it will put everyone at a much greater risk of victimization by identify theft, impersonation, stalking, and worse.
-
-Despite the perhaps well-intended legislators, technological solutions aren't always adequate to solve every problem we have. Here again, education and content moderation are likely much better ways to deal with this sort of issues.
-
-In the meantime, don't be surprised if you cross a teenager on the street suddenly pointing their phone to scan *your* adult face, or a young relative looking in your wallet. They probably won't be looking for your money, but most likely for your adult ID.

blog/posts/digital-provenance.md

@@ -1,238 +0,0 @@
----
-date:
-    created: 2025-05-19T20:15:00Z
-categories:
-    - Opinion
-authors:
-    - fria
-tags:
-    - AI
-    - Content Credentials
----
-# The Power of Digital Provenance in the Age of AI
-
-![Article cover showing a painterly background with cool colors and the Content Credentials logo](../assets/images/digital-provenance/cover.jpg)
-
-<small aria-hidden="true">Photo: Kseniya Lapteva / Pexels | Logo: Content Credentials</small>
-
-With the popularity of generative AI, it's becoming more and more difficult to [distinguish](https://uwaterloo.ca/news/media/can-you-tell-ai-generated-people-real-ones) reality from fiction. Can this problem be solved using cryptography? What are the privacy implications of the currently proposed systems?<!-- more -->
-
-## The Problem
-
-Can you tell which of these images are AI generated?
-
-<div class="grid" markdown>
-
-![Group of geese by some water](../assets/images/digital-provenance/geese1.jpeg)
-
-![Group of geese by some water](../assets/images/digital-provenance/geese2.jpeg)
-
-![Group of geese by some water](../assets/images/digital-provenance/geese3.jpeg)
-
-![Group of geese by some water](../assets/images/digital-provenance/geese4.jpeg)
-
-</div>
-
-...Have a guess?
-
----
-
-Actually, they're all real. But the fact that you may have believed some of them were AI generated poses a problem: How can we tell where an image came from, if it was AI generated, and whether it was edited?
-
-## Provenance
-
-[Provenance](https://youtu.be/K56EhgfCDjs) is the history of ownership of an object, typically used when referring to antiques or art. Knowing the history of a piece of art can affect the value a lot, but you need a way to prove it's an original piece by the artist instead of a reproduction, or was owned by a famous person.
-
-Provenance can take many [forms](https://artbusiness.com/provwarn.html), from an original receipt or documentation from the artist themselves to stickers from a gallery attached to it. Typically, you want a signed [certificate](https://www.artcertificate.co.uk/?id_article=2267) from an expert on the artist in order to verify its authenticity.
-
-## Hoaxes
-
-It's important for historical preservation as well to know that an object is really from a certain time period. There's no shortage of [historical hoaxes](https://www.history.com/articles/7-historical-hoaxes). These can distort our view of history and make us all a bit dumber.
-
-### Cardiff Giant
-
-One of the most famous hoaxes was that of the [Cardiff Giant](https://www.history.com/articles/the-cardiff-giant-fools-the-nation-145-years-ago).
-
-An atheist named George Hull got into an argument with a preacher. Hull was frustrated with the preacher's literal interpretation of the bible, particularly his belief that giants were real.
-
-Hull devised a plan to trick the religious and make some money at the same time. He would have a statue of a giant man constructed and pass it off as a petrified human.
-
-After securing the materials needed, specifically a soft material called gypsum, he convinced a marble dealer to help him with his scheme. A pair of sculptors carved out the visage of a giant 10-foot man, with Hull posing as a model. They even poured sulfuric acid over it to give it an aged look.
-
-He settled on burying the giant in Cardiff, New York, where he cut a deal with a distant relative and farmer named William "Stub" Newell.
-
-On October 16, 1869, Newell hired an unsuspecting pair of workers to dig a well on his property. After they inevitably uncovered the giant, it wasn't long before the whole town was in a frenzy.
-
-![men surrounding a stone sculpture of a man in a hole in the ground doffing their hats](../assets/images/digital-provenance/cardiff-giant.jpg)
-
-<small aria-hidden="true">Photo: Wikimedia Commons (Public Domain)</small>
-
-Speculation that the sculpture was an ancient, petrified man quickly began to spread. Eventually, a syndicate of businessmen offered Newell $30,000 (worth $[705,438.97](https://www.in2013dollars.com/us/inflation/1869?amount=30000) in today's money) for a three-fourths stake, and he took them up on that offer.
-
-P.T. Barnum even tried to buy the sculpture, and after being turned down, he had a replica built and displayed it in a Manhattan museum. Several other copies were made afterward, and soon, there were petrified giants being exhibited all over the country.
-
-In a way that seems familiar to us now, you couldn't even be sure you were looking at the *real* hoax. Misinformation can so easily mutate and spread when left unchecked.
-
-A famed Yale paleontologist named Othniel Charles Marsh declared it "of very recent origin, and a most decided humbug." Unfortunately, as is so often the case, Hull had already cashed in on the fervor by the time experts had properly debunked his hoax.
-
-### AI Hoaxes
-
-Many modern hoaxes tend to make use of social media and focus on getting views and clicks over selling a physical object.
-
-[Miniminuteman](https://youtu.be/Pc2psN0PFTk) is a great YouTube channel covering misinformation on the internet, specifically about archaeology. Misinformation can spread quickly, especially now with the rise of generative AI that can make convincing fake images and videos.
-
-[Here](https://www.mediamatters.org/media/4016186/embed/embed) you can see an example of AI being used to make a fake Joe Rogan podcast clip. Now, whether or not you view Joe Rogan as a reliable source of information is another topic, but as one of the [most popular podcasts](https://podcastcharts.byspotify.com), his reach could be leveraged to spread dangerous misinformation like that a meteor is going to hit earth and kill everyone.
-
-The effort required is low, and the return is high. With TikTok's [Creator Rewards Program](https://www.tiktok.com/creator-academy/en/article/creator-rewards-program), content that's at least 60 seconds long and has high engagement will be rewarded. That means longer videos with alarming content like conspiracy theory videos will do very well since they will have lots of comments from people either fooled by the content posting about how scared they are or people debunking the claims. The insidious thing is the creators get rewarded either way.
-
-[Several](https://youtu.be/E4I6K8OEyho?si=wbWAUcLsjOA7yDnO) [history](https://youtu.be/cqrHmjGD1ds?si=k60RTO9MH177ASTS) [channels](https://youtu.be/HG1324unhcA?si=MuwglKd52FQ7iKU3) on YouTube have expressed their concerns about misinformation being spread about history through AI generated images and videos and how they can distort our view of the past. There's even the possibility that these AI generated images could end up polluting the historical record.
-
-## Content Authenticity Initiative
-
-In 2019, [Adobe announced](https://contentauthenticity.org/blog/test) that it was partnering with the New York Times and Twitter on a project to develop an industry standard for digital content attribution called the Content Authenticity Initiative.
-
-Twitter has since dropped out of the partnership.
-
-## Project Origin
-
-At the same time, [Project Origin](https://www.originproject.info) was designing their system for content transparency. This started as a partnership between Microsoft and the BBC.
-
-## C2PA
-
-The Coalition for Content Provenance and Authenticity, or [C2PA](https://c2pa.org), combines the efforts of Project Origin and the Content Authenticity Initiative. Together, they created the [C2PA standard](https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html) used to add verifiable provenance data to files, which they dub "Content Credentials."
-
-## Content Credentials
-
-[Content Credentials](https://contentcredentials.org) are the implementation of digital provenance by the C2PA, the culmination of years of research and development by major tech companies, from camera manufacturers to photo editing software and AI companies to social media sites.
-
-The way Content Credentials work draws on concepts both familiar and alien. The standard is designed to be flexible and cover the myriad ways media is used online.
-
-It's important to note that Content Credentials aren't attempting to determine "truth"; that's a much more complex and philosophical topic. Rather, they're trying to show where an image came from, edits made to it, its constituent parts, etc. so that you can decide for yourself if you trust the source. It's trying to show you that an image came from the BBC, rather than whether you should trust the BBC.
-
-### Manifest
-
-Content Credentials are contained in what's called the **manifest**. The manifest consists of the claim, claim signature, and assertions.
-
-![Example of a Manifest, with the Claim, Claim Signature, and Assertions inside](../assets/images/digital-provenance/manifest.svg)
-
-<small aria-hidden="true">Illustration: [C2PA](https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html)</small>
-
-The manifest is created by hardware or software called a "claim generator."
-
-Files can have multiple manifests, and the set of manifests comprise its provenance data.
-
-#### Assertions
-
-An assertion is labelled data such as the type of camera used, actions performed on the image such as color corrections, a thumbnail image, or other types of data.
-
-#### Claim
-
-The claim gathers together all the assertions and then hashes and cryptographically signs them. The claim is the part that backs up the assertions with cryptography; without it, there wouldn't be a way to verify the authenticity of the data.
-
-### Signatures
-
-The foundation is based around cryptographic signatures, similar to how you'd cryptographically sign software or text with a PGP signature.
-
-The parts of a file that are cryptographically verified are called "hard bindings." This allows programs to detect tampering.
-
-#### Certificate Authorities
-
-There are certificate authorities similar to how HTTPS works, which allow only signatures from trusted sources. Non-trusted signatures will give a warning in whatever C2PA-enabled software you're using.
-
-Content Credentials allow for each application to provide its own *trust lists*: lists of certificate authorities trusted by the application.
-
-The C2PA gives a few examples to illustrate. A news organization might rely on a non-profit organization that verifies the authenticity of sources through real-world due diligence. An insurance company might operate its own internal CA to verify only its own employees handled the images.
-
-### Ingredients
-
-However, what's interesting is Content Credentials can cover multiple assets being [combined](https://contentcredentials.org/verify?source=https%3A%2F%2Fcontentcredentials.org%2F_app%2Fimmutable%2Fassets%2Fhome2.91ab8f2d.jpg) and still be able to verify each element of the image. Each element is called an "ingredient." When the ingredients come together, the result is called a "composed asset," with "asset" referring to a digital media file or data stream.
-
-### Chain of Provenance
-
-It also supports a chain of provenance, showing all steps in the life cycle of the file that change its contents such as edits. These are referred to as "actions."
-
-The specification supports a list of pre-defined actions such as edits, changing the color, translating to a different language, etc. It's really quite flexible, but the flexibility of information that can be provided allows for more opportunities for errors and means you need to trust the entity providing the information more.
-
-An issue I noticed is when making edits using software that doesn't support Content Credentials, they will be corrupted and can't be read by verification programs. This poses a problem for the "unbroken chain of provenance" that the standard promises.
-
-These verification programs tend to offer a way to check against a database of images with Content Credentials, so you can find an image with unbroken provenance data. They use "soft bindings" or a type of fingerprinting of the image in order to find similar images in the database.
-
-I think this problem will be less and less of an issue when more software supports the standard. It will need to be so ubiquitous that image viewing programs don't trust images without provenance data, similar to how browsers don't trust websites without HTTPS. But for now with its very limited availability, that's not the case.
-
-### Privacy
-
-Since Content Credentials are all about attaching extra data to images, concerns about privacy are reasonable.
-
-However, it's important to remember that metadata has always existed in relation to digital files. Just like the metadata we've always had, Content Credentials are optional.
-
-Of course, it'll be up to programs we use to mediate what data is included. In order for the system to work as intended, certain things like "this photo was edited in Adobe Photoshop" will need to be automatically applied. Clear lines between personal data such as names, location, etc. need to be kept up to the user to add.
-
-Privacy was one of the stated goals when the C2PA was designing Content Credentials, and I think they've done a good job giving users control over their information.
-
-## Support
-
-There are several online verification tools you can use to try out Content Credentials. [ContentCredentials.org](https://contentcredentials.org) offers a [verification tool](https://contentcredentials.org/verify) that lets you upload a media file and check its Content Credentials. They have some example images on their site you can try, or you can upload images from elsewhere and see where Content Credentials are supported, for example you can upload any image generated in ChatGPT.
-
-Content Credentials also offers an official [command line tool](https://github.com/contentauth/c2pa-rs/releases?q=c2patool), so you can view exactly what data is being stored in the image. They provide some samples as well that you can play around with. To view the content credentials, just run
-
-```sh
-c2patool sample/C.jpg
-```
-
-for any image you want to inspect, replacing sample/C.jpg with a path to your image.
-
-### BBC
-
-The BBC is doing a limited trial run of Content Credentials with [BBC Verify](https://www.bbc.com/news/bbcverify). Not all media in these articles have Content Credentials attached. [This article](https://www.bbc.com/news/world-latin-america-68462851) has Content Credentials for the video at the bottom. They also ask for feedback, so feel free to provide some. I'd like to see more Content Credentials show up in news reporting, so please add your voice.
-
-### OpenAI
-
-OpenAI has embraced Content Credentials, with images generated using ChatGPT identifying themselves using Content Credentials. Try [generating an image](https://chatgpt.com) and upload it to the verification tool. You should see it identify the origin as OpenAI.
-
-### TikTok
-
-[TikTok](https://newsroom.tiktok.com/en-us/partnering-with-our-industry-to-advance-ai-transparency-and-literacy) became the first video sharing platform to support Content Credentials. For now, it's limited to being able to read Content Credentials from certain AI platforms. They say in the future they'll start labeling all content from TikTok with Content Credentials, but it seems they haven't enabled that yet, as if you download a video from TikTok, the C2PA verify tool will say it doesn't have any Content Credentials.
-
-### Leica
-
-Leica's [M11-P camera](https://leica-camera.com/en-US/photography/cameras/m/m11-p-black) is the first camera in the world to support Content Credentials. That's a huge step toward adoption; camera manufacturers need to support Content Credentials if they're going to be included from the creation of the image.
-
-### Nikon
-
-Nikon is planning to release a firmware update for their [Z6III](https://www.nikon.co.uk/en_GB/learn-and-explore/magazine/gear/nikon-z6iii-firmware-update-to-feature-content-verification) camera that will support Content Credentials.
-
-### Adobe
-
-Much of Adobe's [software](https://helpx.adobe.com/creative-cloud/help/content-credentials.html) supports Content Credentials, including Photoshop, Lightroom, and Adobe Camera Raw as well as Adobe's Firefly AI.
-
-### Qualcomm
-
-With the Snapdragon 8 Gen 3 chipset, Qualcomm is embedding Content Credential capabilities into the Trusted Execution Environment, allowing for Content Credentials to be added right as the photo is produced.
-
-## Limitations
-
-### Lack of Support
-
-Content Credentials will need widespread support at every level, from hardware OEMs to photo editing software vendors and AI generators to sites that host and display images. The rollout of Content Credentials will be slow, although more and more companies are starting to support them.
-
-There are still major players missing support like Apple and Android, which is a big problem considering how many images are taken, edited, and shared on smartphones. Once photos taken from your phone can be imbued with Content Credentials in the default camera app, we'll see much wider adoption I think.
-
-### Easy to Remove
-
-In my testing, any edits from a program that doesn't support Content Credentials will render them unreadable after that point. This problem won't be as bad if and when support for Content Credentials becomes widespread, since you can just decide not to trust images without them, sort of like not trusting a website without HTTPS. Platforms could even display a warning.
-
-But for now, removing Content Credentials won't be noticed.
-
-### Reliant on Certificate Authorities
-
-The system shares a flaw with HTTPS in that you need to rely on trusted Certificate Authorities to verify the validity of the information, except that Content Credentials are trying to verify a lot more information than just who originally made the image.
-
-Since anyone can add their own Content Credentials to an image, a warning is displayed similar to a certificate warning in your browser that the Content Credentials come from an untrusted entity.
-
-### Complexity
-
-One of the issues I ran into while researching was just how complex the standard is, since it needs to cover so many use cases and situations. This is pure speculation, but I can imagine the sheer complexity makes it unattractive for platforms to implement and maintain, which could be contributing to the very slow and partial rollout we're seeing on the platforms of even founding members of the project like the BBC.
-
-I think this will be less of an issue as it rolls out however, as platforms will likely be able to use each other's implementations, or at least reference them when implementing it on their platform.
-
-The standard is still in early stages and there's plenty of room to shape it and improve it in the future, so make your voice heard about how you want to see it implemented. I think with more awareness about Content Credentials, platforms will feel more pressure to support them, so if you want to see this feature on your favorite platform, speak up and gather support.

blog/posts/importance-of-privacy-for-the-queer-community.md

@@ -1,353 +0,0 @@
----
-date:
-    created: 2025-06-03T17:00:00Z
-categories:
-    - News
-tags:
-    - Pride Month
-authors:
-    - em
-description: Data privacy is important for everyone. But for some marginalized populations, data privacy is indispensable for social connection, access to information, and physical safety. For Pride month this year, we will discuss topics at the intersection of data privacy and experiences specific to the LGBTQ+ community.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp
----
-# The Importance of Data Privacy For The Queer Community
-
-![Photo of a Progress Pride Flag with a semi-transparent padlock icon over it.](../assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Chris Robert / Unsplash</small>
-
-Data privacy is important for everyone. But for some marginalized populations, data privacy is indispensable for social connection, access to information, and physical safety. For [Pride month](../tags.md#tag:pride-month) this year, we will discuss topics at the intersection of data privacy and experiences specific to the LGBTQ+ community.<!-- more -->
-
-While it's difficult to get a complete estimate on this, due to fear of discrimination and other factors, a 2021 [survey](https://www.ipsos.com/sites/default/files/ct/news/documents/2021-06/LGBT%20Pride%202021%20Global%20Survey%20Report_3.pdf) conducted by Ipsos in 27 countries revealed that only 80% of the population surveyed identified as heterosexual. Additionally, about 1% of adults identified as a gender different from the one they were assigned at birth. This percentage is even higher for Gen Z and Millennials.
-
-In the United States alone, it's [estimated](https://www.lgbttech.org/_files/ugd/d77b01_0e1e02c938e94ae3aad4ce21312bdde4.pdf) there are 20 million adults who are part of the LGBTQ+ community. That's a lot of people!
-
-Despite the progress of the past decades, the queer population still faces many challenges to being free and safe from discrimination.
-
-Discrimination online, at work, at school, at the national or even the familial level, can put LGBTQ+ individuals in dangerous situations, where data privacy may be the only shield available for protection.
-
-In this context, it's essential for the queer community to be well-informed on the tools and practices that can help mitigate the risks, so that information, services, and support can still be accessed safely.
-
-## Higher risk when data gets exposed
-
-Unfortunately, LGBTQ+ people are still at a higher risk when their personal data gets exposed.
-
-First, for people living in environments hostile to their sexual orientation or gender identity, keeping personal information private can literally mean life or death. Tragically, even today many countries still criminalize homosexuality and gender identities different from cisgender. When this personal information gets exposed, people might lose support from their family, lose their job, get arrested, or even be [executed](https://en.wikipedia.org/wiki/Capital_punishment_for_homosexuality) in some countries.
-
-People in these very vulnerable situations have to be *extremely* careful about protecting their data in order to stay safe, online and offline.
-
-Moreover, organizations collecting data that could put anyone at risk of getting accidentally or maliciously outed should feel a *strong responsibility* to protect this data fiercely, and be held legally accountable when they fail.
-
-### Being outed against one's will
-
-For a queer person, deciding when, how, and to whom to reveal their sexuality or gender identity is a very important and intimate moment. It *must* be a personal choice, and only on the person's own terms.
-
-Even in countries where queer identities and sexualities are legal and accepted, [being outed against one's will can have devastating consequences](https://www.pridecorner.org/post/how-to-support-someone-who-has-been-outed-against-their-will).
-
-If someone lives with family members who do not accept who they are, getting outed against their will could mean losing their home and familial support. In other situations, perhaps their family is supportive, but their employer isn't, or maybe some of their friends or co-workers are hostile. They might want to keep this information from them in order to avoid conflicts at work, or avoid losing friendships. Further, there is of course the risk for discrimination, online harassment, and worse.
-
-No matter the situation, coming out as queer should always be an individual and intentional choice.
-
-It is an act of violence to out someone against their consent, even when performed by the intermediary of an algorithm or a neglectful data leak.
-
-Each time there is a data breach that includes information about gender identity, sexuality, browsing history, location history, installed applications, or legal names, this data leak risks outing people against their will.
-
-For all these reasons, it is vital that information be safeguarded so that a queer person is empowered to choose when, how, and to whom to come out on their own terms.
-
-In today's political climate, this is unfortunately even truer for trans people, who are at a greater risk of getting outed against their will when data about their gender, sex, or legal name leaks. Sadly, there are still too many online forms and software that needlessly collect gender data when it's completely unnecessary. Similarly, requiring full *legal* name is completely irrelevant in many situations where it is currently asked.
-
-Developers must take responsibility and design software and forms considering these risks. As data scientist and civic technologist Soren Spicknall explains brilliantly, gender data [should never be collected](https://medium.com/@SorenSpicknall/protecting-queer-communities-through-data-4707ae0cb562) unless *absolutely* necessary and *absolutely* protected, which in most instances it really isn't:
-
-> "Is the danger to your LGBT+ users worth the ability to roughly guess whether somebody is buying a purse for themselves or as a gift, or to assume you know what kind of movie they want to watch?"
-
-Algorithms shouldn't be able to target sexuality and gender identity as markers for advertising purposes. Unfortunately, there have already been reported incidents where [people were outed against their will by Facebook](https://www.dailydot.com/irl/facebook-ads-lgbtq/) spitting around rainbow ads everywhere, because of Facebook secretly tying someone's browsing activity back to their profile.
-
-Facebook (and most other commercial platforms) uses cookies and other tracking technologies to follow users online and [build an advertising profile](https://www.makeuseof.com/tag/facebook-tracking-stop/) based on their online activity, even outside of Facebook. Then, it shows ads on Facebook related to that activity, no matter if this information was shared or not on the platform.
-
-This kind of non-consensual outing can have devastating consequences, and should be forbidden by law. Everyone should be able to come out when and how they see fit, and not be aggressively outed by some Facebook or Google ad algorithm, or by some negligent data leak.
-
-### Online harassment and extortion
-
-The risk of having data about one's sexuality or gender identity revealed against one's will can be very dangerous for some people.
-
-With online harassment on the rise, this intimate information can be weaponized by bigots and extortionists to cause severe harm. Unfortunately, this isn't a rare occurrence, even in countries where the LGBTQ+ community is well accepted. Regrettably, some platforms have even started to [roll back previous protections against hate speech](https://apnews.com/article/social-media-lgbtq-tiktok-x-facebook-instagram-glaad-f790bda1bc3f169ef28ca3f441ea8447) and harassment. This will have a severely detrimental impact on the safety of the queer community online.
-
-This year, the LGBTQ advocacy organization GLAAD produced a [Social Media Safety Index](https://glaad.org/smsi/2025/platform-scorecard/) rating six major platforms: TikTok, Facebook, Instagram, YouTube, Threads, and X. X (formerly Twitter) received the worst safety score of them all.
-
-### Seeking health information
-
-People questioning their gender identity or sexuality might seek information online about the health procedures or treatments they need.
-
-This sensitive search history can reveal a lot of personal details that should never be exposed against one's will. Sadly, browsing the internet without any tracking is a task that becomes harder every year, and many people aren't aware of the protections they can use against this tracking.
-
-People can suffer from severe harm when sensitive data related to their gender-affirming care or sexual health is exposed, ranging from non-consensual outing to imprisonment. Discrimination related to this type of health information is still rampant in every country in the world.
-
-### Seeking community online
-
-Seeking the support of online communities is common for queer people who can more easily feel isolated. This is especially true for youth living in hostile or rural environments, where smaller population density often means less supportive local resources and venues.
-
-For people in these situations, finding community online can be essential to survival.
-
-Despite all its flaws, the internet still offers a wonderful way to connect with others regardless of physical distances, and this is doubly true for the queer community.
-
-The need for social connection and support from peers is a fundamental human need. No matter how dangerous this can be, not sharing information online is simply not a viable option for many queer people.
-
-## Privacy-invasive practices that are exponentially worse for queer people
-
-### Real-name policies
-
-Many privacy-invasive practices and policies are significantly more dangerous for LGBTQ+ people. For example, [the "real-name" policies](https://en.wikipedia.org/wiki/Real-name_system) on Facebook and other platforms are absolutely horrendous for transgender people.
-
-If a trans person uses an older account, or has not changed their name on official documentation, a real-name policy could either out them against their will, force them to keep their [deadname](https://en.wikipedia.org/wiki/Deadnaming) online, or even lock them out of their account if official ID is requested for account recovery and doesn't match the name they used for the account.
-
-For many people around the world, the use of pseudonyms or chosen names online means safety, and this is even truer for trans people and other queer people.
-
-### Single-account policies
-
-Thankfully, most platforms aren't using such policies yet. But unfortunately, it does seem there could be a push to implement single-account policies in the near future.
-
-With the multiplication of age verification laws and the proliferation of unregulated AI systems, there has been some talk of using unique identifiers to prevent the creation of multiple accounts. This is **a horrible idea for everyone**, and should never be allowed, but it's even worse for LGBTQ+ people.
-
-Creating multiple accounts for different purposes, for example to separate work life from personal life, is a great privacy practice for anyone.
-
-Multiple accounts on a same platform, or "alt accounts", are regularly used by queer people in order to be their full selves online, when they aren't fully out in their public or personal life, or just because they prefer to keep their queer identity and activities separated.
-
-Sadly, if single-account policies begin to be implemented on platforms, this great privacy protection could soon disappear.
-
-### Facial recognition
-
-Facial recognition is an especially problematic technology for transgender people. Many times, these algorithms will not only create a faceprint from the data, but will also try to infer gender from it.
-
-These systems are deeply flawed and have discrimination biases built-in. They can't even reliably identify the correct gender of cisgender people. Because of the way these algorithms were developed, the use of this technology is [worse for transgender people](https://www.theswaddle.com/how-facial-recognition-ai-reinforces-discrimination-against-trans-people), and [exponentially worse](https://sciencepolicy.hsites.harvard.edu/blog/racial-discrimination-face-recognition-technology) for transgender people of color.
-
-Tragically, privacy legislation is lagging behind at protecting us by regulating this biased, invasive, and inaccurate technology that is spreading faster and further every year.
-
-### Public photos during events
-
-These days, it's pretty much impossible to attend many events without having our photo intrusively taken by a stranger and posted on Instagram without our consent.
-
-This is a generally bad behavior that we should all work on improving culturally. Posting photos of strangers online without their consent can be much more harmful for queer people.
-
-For example, taking photos at a Pride event and posting it online can out people against their will. While it's perhaps fair to assume most people *performing* in a Pride parade or on a stage might implicitly be comfortable with it, this isn't necessarily the case for people in the *audience*.
-
-This non-consensual practice, coupled with the corporate social media tendency to use facial recognition to tag everyone's faces, can cause harm in all sorts of ways.
-
-We should all [develop more respectful practices](the-privacy-of-others.md) when taking photos at events, and be mindful not to post anything online which could identify anyone in the audience who did not give their explicit consent.
-
-### Background checks and algorithmic biases
-
-Even for people who are publicly out and live in regions that are supportive, discrimination and biases are still there. Despite new legislations and a more progressive culture, data remnants of previous oppressive times can still have a severe negative impact on someone's life. Too few efforts are made by institutions to correct records properly after legislation has passed.
-
-This is especially problematic with opaque systems where embedded discrimination might not be obvious. Algorithmic decision-making is a growing danger for this, considering there is often no way to trace back the reasons a decision was made, and no accountability for whomever fed biased data to the black-box algorithm, whether negligently or maliciously.
-
-There are also older systems of decision-making, such as background checks. Last year, a 78-year-old woman from West Sussex [learned](https://www.bbc.co.uk/news/articles/c3v5pwnpnvko) that she had a criminal record for 56 years for being a lesbian in the military (at a time when it was illegal). Completely unaware of this outdated data trail, this woman spent her whole life with this discriminatory tag attached to her records. This likely cost her countless opportunities throughout the decades, without her ever knowing the cause.
-
-Unfortunately, this kind of incident is likely to multiply by millions with the increased use of algorithmic decision-making using closed systems, often impossible to audit.
-
-### Dating apps data
-
-Last but not least, data collected by dating apps is an especially sensitive issue for the queer population.
-
-Regrettably, there have already been numerous data breaches showing this risk is very real. Intimate photos have been leaked, location data has been leaked, health data has been leaked, and even private messages have been [leaked](https://www.pride.com/think-your-privacy-is-safe-on-the-gay-dating-apps-this-data-leak-could-change-your-mind).
-
-The harm caused by these leaks and breaches have consequences ranging from accidental outing, to loss of employment, extortion by criminals, imprisonment, and even *death*.
-
-In countries where homosexuality is criminalized, cruel state authorities and homophobic bigots are [weaponizing dating apps to entrap](https://www.article19.org/resources/apps-traps-dating-apps-must-protect-communities-middle-east-north-africa/) LGBTQ+ people to attack or arrest them. Weighing the need for support, love, and affection, with the very real risk of physical aggression is a dreadful challenge many queer people face.
-
-## Things to keep in mind to stay safe
-
-Despite the increased risks the queer community is exposed to, staying offline and disconnected from the world isn't a viable option.
-
-Indeed, disconnection and isolation can be a *worse* risk for many LGBTQ+ people, especially younger people. Tragically, queer youth are more than four times as likely to attempt suicide. Disconnecting from the internet communities that accept them isn't an option, and would pose dangers of its own.
-
-Thankfully, there are many tools and practices that can be adopted to improve privacy online, and reduce the risk of sensitive data getting exposed. Here are a few ideas that might help yourself or your loved ones to stay safer online:
-
-### Using better social media
-
-Social media usage leaves *a lot* of digital footprints online, and some platforms are worse than others for this. Staying mindful about which platform to choose, and how to use it, can greatly improve one's experience and security.
-
-Favoring alternative social media platforms that do not have a commercial incentive to monetize data can really help.
-
-For example, platforms that are developed and managed by a community of volunteers, rather than a for-profit corporation, tend to keep their users' benefits and safety in mind much more.
-
-If you are ready to make a change, [Mastodon](https://joinmastodon.org/) is a non-profit platform that [we recommend](https://www.privacyguides.org/en/social-networks/#mastodon).
-
-Mastodon is a social media platform that somewhat resembles Twitter prior to its rebranding. It is composed of multiple servers you can choose from, which makes it easier to move your account if you aren't satisfied with the moderation on one particular server.
-
-To get started, you can choose the server administrated by the team who develops the Mastodon software ([mastodon.social](https://mastodon.social/about)), or you can choose a smaller server run by volunteers (you can also self-host, but that's a longer story).
-
-Don't let this choice intimidate you too much though, these servers connect with each other, and you can always move later on. Just pick one you like. Some servers will have a focus on a region, a topic, a hobby, and there are even servers focused on LGBTQ+ communities, such as [tech.lgbt](https://tech.lgbt/about), [lgbtqia.space](https://lgbtqia.space/about), and [more](https://joinmastodon.org/servers).
-
-All the servers listed on the Mastodon website have [committed](https://joinmastodon.org/covenant) to hold active moderation against racism, sexism, homophobia, and transphobia.
-
-Additionally, Mastodon connects with other social media platforms that are also part of the larger [Fediverse](https://fediverse.info/) network.
-
-If you prefer something similar to Instagram, you can replace it with [Pixelfed](https://pixelfed.org/). For something similar to Facebook, look for [Friendica](https://friendi.ca/). For something more like TikTok, try [Loops](https://loops.video/). For a replacement to YouTube, check videos on [PeerTube](https://joinpeertube.org/), and [more](https://fediverse.info/explore/projects)!
-
-These alternative platforms often benefit from stronger moderation and better respect for their users' data. Because they aren't for-profit corporations, they have no interest in collecting your data, tracking you, or imposing invasive "real-name" policies. Additionally, they run **no ads**!
-
-#### Secure any social media you use
-
-No matter what social media platform(s) you choose to use, the first step should always be to make sure you go through all the settings to secure your account ([enable multifactor authentication](https://www.privacyguides.org/en/basics/multi-factor-authentication/)!), and adjust the available privacy options to your needs and preferences (consider [locking](https://www.privacyguides.org/en/social-networks/#public-profile) your account if you wish to restrict visibility to your followers).
-
-This is true for Mastodon as well, but you should make adjusting all the privacy and security options an *absolute priority* for *any* corporate social media, especially [if you stay on Facebook](https://www.digitaltrends.com/social-media/how-to-opt-out-of-targeted-ads-on-facebook/).
-
-Additionally, keep in mind that many platforms, including X, Facebook, and Reddit, will now use all your posted content to train their AI systems, making this information and embedded biases likely impossible to delete in the future.
-
-Developing an awareness of what data is shared, who can access it, how it is secured, and how it is used is very important for staying safe online.
-
-### Securing data when communicating
-
-Outside of social media platforms, many tools are available to help you secure your intimate and private communications.
-
-While chatting on dating apps may be the first step to meeting new people, moving early to end-to-end encrypted channels is likely a good idea for data security and privacy.
-
-That being said, also take into account that because your communications there will be fully end-to-end encrypted (only visible by its intended sender and recipient), there will be no moderation with it. Make sure you trust a person enough before moving the discussion to an end-to-end encrypted, more personal channel.
-
-#### Instant messaging communication
-
-[Signal](https://www.privacyguides.org/en/real-time-communication/#signal) is a wonderful end-to-end encrypted and free-to-use instant messaging app. Signal will collect your phone number to create the account, but nothing else.
-
-When using Signal, you should [enable the username feature](https://support.signal.org/hc/en-us/articles/6712070553754-Phone-Number-Privacy-and-Usernames). That way, you can (and should) share your *username* only, instead of sharing your phone number to connect with others.
-
-Additionally, you should [enable the disappearing messages](https://support.signal.org/hc/en-us/articles/360007320771-Set-and-manage-disappearing-messages) feature from Signal, to help clean up the data you no longer need as time goes, and reduce the risk of leaks.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Only send sensitive information to people you genuinely trust!</p>
-
-Keep in mind that even when using end-to-end encrypted apps and a disappearing message features, this will not prevent a malicious person from downloading this data on their device or taking a screenshot of it.
-
-Be especially careful when sending very sensitive information, such as intimate photos for example. No matter how secure the application is, you should only send sensitive information and pictures to people you know and sincerely trust.
-
-</div>
-
-#### Email communication
-
-For email communication, migrating to an end-to-end encrypted alternative can make a big difference for your privacy.
-
-For example, services like Gmail (Google) and Hotmail (Microsoft) could access the content of all your communications, and often use this information in various ways to build advertising profiles. Because email content isn't end-to-end encrypted, this data could get requested by authorities as well, and handed to them in plain text (unencrypted).
-
-For secure and more private end-to-end encrypted email services, we recommend [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) or [Tuta](https://www.privacyguides.org/en/email/#tuta). These services will not make you anonymous when you email someone (email address, IP address, and subject line, could still identify you), but the content of your communication will be encrypted end-to-end (if used with a compatible service), and only visible to its intended recipient(s).
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Encrypted email service limitations</p>
-
-Stay aware that if you email someone who is not using the same end-to-end encrypted email service as you, and you aren't using any additional measures to encrypt the message, this email will likely be accessible to the service you sent it to.
-
-For example, if you send an email from a Proton Mail address, to someone using a Gmail address, without asking the recipient to use your encryption key or use any additional services, then the email you sent will be stored on Google's servers, and could get accessed by Google.
-
-If you send a Proton Mail email to another Proton Mail user, the *content* of the message will be fully end-to-end encrypted and Proton could not access it.
-
-The same is true for any other email providers. Make sure to verify compatibility fully before sending any sensitive information that way.
-
-</div>
-
-### Securing data when traveling
-
-When traveling, keep in mind that different countries or regions might have different laws related to LGBTQ+ people.
-
-Your marriage might not be recognized in the location you are visiting. Your new legal name might also not get the same recognition, sadly. The first step to take when planning a trip should always be to gather information on the legal and cultural differences between your own region and the one you are visiting.
-
-If you are visiting a country hostile to your sexuality or gender identity, make sure to take the proper precautions to secure your data *before* you cross the border.
-
-This could mean leaving your phone at home and only bringing a burner phone with you. It could also mean bringing additional (or different) types of official ID that are less likely to get you in trouble, and more likely to get accepted by the authorities of your visiting country.
-
-Be extremely careful when connecting to Wi-Fi services from a foreign country. If you were to connect to a service or website that is illegal there, and could accidentally out yourself as queer, you could get in trouble with few recourses. Using a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) can help mitigate some of this risk.
-
-### Securing data when protesting
-
-For this month of Pride, you might feel the need to join a protest more than a parade.
-
-If you decide to join the action, make sure to secure your data properly to stay safe. Prepare your devices adequately to be ready and resist surveillance targeted at protesters. Consult our [Protesters' Guide to Smartphone Security](activists-guide-securing-your-smartphone.md), and make sure you understand well the level of risk of this particular protest. **Different protests in different regions require different levels of data protection.**
-
-If you are organizing actions, try to stay away from corporate platforms who will willingly and quickly share your data with authorities (even private messages). If you must use corporate platforms, then make sure to limit the personal data you share there, and ensure attendees have alternative ways to contact you that do not require them to create an account, to register, or to use their legal name.
-
-Having an independent website, or using a Fediverse-connected platform that will be accessible to everyone even without an account, are better ways to organize.
-
-For example, if you create a Mastodon account for your organization, people will not need to create a Mastodon account to read your posts and event announcements. All your posts will be accessible just like any independent website would be (if you leave your posts' visibility public).
-
-Setting up an end-to-end encrypted email address and using an [alias email address](https://www.privacyguides.org/en/email-aliasing/) are also good ways to stay accessible without requiring attendees to use a Facebook account.
-
-Additionally, there are federated platforms, such as [Mobilizon](https://mobilizon.org/), that can be a great non-commercial way to organize in a safer and more accessible space.
-
-Data shared on federated platforms isn't necessarily end-to-end encrypted, and could also get shared with authorities if requested. But by using non-commercial platforms, this data will not be compiled and attached to an account the same way this would happen on a for-profit corporate platform such as Facebook. Using alternative not-for-profit platforms isn't perfect nor anonymous, but it's still a great improvement from the corporate default.
-
-### Protections for extreme situations
-
-Finally, if you are living in an extreme situation where being yourself is dangerous to your physical safety, caution must be a priority.
-
-There isn't a single solution that can protect all your data at once, and anyone telling you there is one is lying to sell you something. Remain skeptical of such claims.
-
-However, there are a *multitude* of practices and tools that can help *reduce* your data trails, and improve your privacy greatly. The tools and practices you need to adopt will depend on the [threat model](https://www.privacyguides.org/en/basics/threat-modeling/) specific to your situation.
-
-Take the time to evaluate well which data could put you in danger, and focus on protecting this first.
-
-If you are in a situation where someone hostile to you has access to your device, for example because you are living with an unsupportive family and need to browse the internet on a family device, Tails may be a tool that can help you. If you can use this computer unobserved, by [using the live system Tails](installing-and-using-tails.md) installed on a USB stick, you can keep your browsing activity hidden from this device. Your Internet Service Provider (ISP) could still know you have been visiting a special network, however. Make sure to read our tutorial thoroughly if you decide to use Tails.
-
-If the information stored on your computer isn't a risk to you, but visiting LGBTQ+ websites from your country could be dangerous, perhaps [using Tor](in-praise-of-tor.md) with a Bridge or through a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) could be another solution to allow you to access this information in a safer way.
-
-It's impossible to cover every specific situation, but know that there are [many solutions](https://www.privacyguides.org/en/tools/) to reduce the risks greatly, and improve data protection to allow you to **stay connected, stay yourself, and stay safe** 💛
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Caution: This isn't an exhaustive list!</p>
-
-This is only a short introduction to some practices and tools that *can* improve your privacy online. Not one solution will be enough to be anonymous online.
-
-It's important to stay aware of what data will still be shared and which will be better protected, but nothing will make you 100% anonymous.
-
-For more information on how to improve further your data protection online, you can consult our various guides. If you are just starting in your privacy-improving journey, be patient. Adopt one small improvement at the time, then add another one. Each additional step you take will slowly but surely reduce your data trails, and improve your privacy overtime.
-
-</div>
-
-## Improving data privacy is vital for everyone, but critical for the queer community
-
-Every situation is different and requires different protections. While data privacy is important for everyone, it's also essential to acknowledge that marginalized populations are often at a heightened risk when their data gets exposed.
-
-Protection *cannot* be only an individual responsibility. **Protecting vulnerable and marginalized populations is a societal responsibility that concerns everyone.**
-
-We *all* have a **duty of care** to protect the data of others. Whether it's from the photos we take at public events, or the discussions we have about others on Facebook or X-Twitter's direct messages, *everyone* must improve their practices on this.
-
-Moreover, anyone in a position to improve how data is collected from users *must* be held accountable, and must feel morally liable on the decisions taken that could endanger anyone, but especially marginalized groups like the queer community.
-
-In an ideal world, laws and cultures would protect everyone and particularly the most vulnerable *by default*.
-
-But until we get there, we have to empowered ourselves to bring change and stop predatory data collection, prevent negligent data security, and educate everyone on the tools we can use to help ourselves and the most vulnerable to stay safe.
-
-## Additional resources
-
-### Helplines
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): A confidential emotional, mental health support helpline for people who identify as Trans, Agender, Gender Fluid or Non-Binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support over the phone.
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 phone number 988.
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### Supportive organizations
-
-- [Egale (Canada, International)](https://egale.ca/asylum/): Resources for LGBTQ+ asylum and immigration requests from outside and inside Canada.
-
-- [SOS Homophobie (France)](https://www.sos-homophobie.org/international-content): Non-profit, volunteer-run organization committed to combatting hate-motivated violence and discrimination against LGBTI people.
-
-- [The Trevor Project (US)](https://www.thetrevorproject.org/): Suicide prevention and crisis intervention non-profit organization for LGBTQ+ young people.
-
-- [Trans Rescue (International)](https://transrescue.org/): Organization assisting trans and queer individuals in relocating from dangerous areas to safer places.
-
-- [Twenty10 (Australia)](https://twenty10.org.au/): Sydney-based organization providing a broad range of free support programs to the LGBTIQA+ community.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Stay aware of your data trail</p>
-
-If the traces of this article in your browsing history could put you at risk, visit [our guide](clearing-browsing-data.md) to properly delete this data from your device.
-
-</div>

blog/posts/in-praise-of-tor.md

@@ -1,420 +0,0 @@
----
-date:
-    created: 2025-04-30T20:30:00Z
-    updated: 2025-05-06T18:00:00Z
-categories:
-    - Explainers
-tags:
-    - Tor
-authors:
-    - em
-description: You might have heard of Tor in the news a few times, yet never dared to try it yourself. Despite being around for decades, Tor is still a tool too few people know about. Today, Tor is easy to use for anyone. It not only helps journalists and activists, but anybody who seeks greater privacy online or access to information regardless of location. But what is Tor exactly? How can Tor help you? And why is it such an important tool?
-schema_type: OpinionNewsArticle
-preview:
-  cover: blog/assets/images/in-praise-of-tor/tor-cover.webp
----
-
-# In Praise of Tor: Why You Should Support and Use Tor
-
-![The Tor Project logo over a series of Tor icons on a purple background.](../assets/images/in-praise-of-tor/tor-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Logo and icons: The Tor Project</small>
-
-You might have heard of Tor in the news a few times, yet never dared to try it yourself. Despite being around for decades, Tor is still a tool too few people know about.
-
-Today, Tor is easy to use for anyone. It helps not only journalists and activists, but anybody who seeks greater privacy online or access to information regardless of location. But what is Tor exactly? How can Tor help you? And why is it such an important tool?<!-- more -->
-
-## :simple-torbrowser: What is Tor
-
-Tor is an overlay network that was specifically designed to protect the privacy of its users. The Tor Network uses multiple layers of encryption and relays in order to protect a person's location and other potential identifiers, such as an IP address.
-
-Its name comes from the acronym for **The Onion Router**, a [routing system](https://en.wikipedia.org/wiki/Onion_routing) using multiple layers that can get peeled off at each step, like an onion 🧅
-
-This special network can be easily accessed by anyone, for free, through the Tor Browser. The Tor Browser is as easy to use as any other browser you are familiar with already.
-
-Both the tools for the Tor Network and the Tor Browser are maintained by a nonprofit organization called the Tor Project.
-
-### The Tor Network
-
-The [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)) was deployed in 2002, although its core principle was developed in the mid 1990s. It was first created at the United States Naval Research Laboratory in order to protect intelligence communication online.
-
-In 2004, the laboratory released the project's code under a free and open source license, and the Electronic Frontier Foundation (EFF) began funding its development. A few years later, the onion routing project officially became the Tor Project.
-
-Today, Tor is one of the [largest](https://metrics.torproject.org/) anonymity networks, with thousands of relays and millions of users worldwide.
-
-#### How does it work
-
-The Tor Network is run by a community of volunteers who operate the relays required for the network to function.
-
-Each time someone uses the Tor Network, the communication passes through at least 3 relays: A Guard Relay, a Middle Relay, and an Exit Relay. Each relay has a different function to protect the communication.
-
-**The Guard Relay** knows where the communication is from (IP address), but doesn't know where it's going (which website is visited, for example). This relay only knows that you want to access the Tor Network. Its task is to send your encrypted communication to a Middle Relay, but it cannot read it.
-
-**The Middle Relay** doesn't really know anything. It doesn't know who you are nor where you are going. It only knows a Guard Relay wants to send encrypted data to an Exit Relay. The Middle Relay transfers this communication from one relay to another, and it cannot read it either.
-
-**The Exit Relay** has no idea who you are. It only knows someone, somewhere, wants to access this website (or other content). The Exit Relay will get the information from the website, then send it back to the Middle Relay, so that you can receive it from the Guard Relay. If you only visit pages using HTTPS, the Exit Relay can know someone is visiting this website, but cannot know what they are doing on it. Visiting *non-onion* websites using HTTPS instead of just HTTP is **[very important](https://support.torproject.org/https/https-1/)** for security and privacy.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Onion service websites</p>
-
-Onion service websites are special websites that can only be accessed using the Tor Network.
-
-They are easy to recognize because they use the .onion domain at the end, and are often composed of a long string of seemingly random characters. Onion websites offer protections equivalent to HTTPS.
-
-You can see this represented by the [onion padlock icon](https://support.torproject.org/onionservices/onionservices-5/) in the Tor Browser.
-
-</div>
-
-#### How Tor works using a letter and envelopes analogy
-
-Tor works a bit as if you put a letter (request) into an envelope with someone's address. Then, you put this envelope in another envelope addressed to someone else, with instructions. Finally, you put this second envelope in yet another one.
-
-Each envelope protects the content of the other, and can only be opened one at the time by each recipient. In this analogy, each recipient (relay) has a key that can only open the envelope addressed to them, and not the others.
-
-![Graphic representation of a Tor Circuit composed of a Guard Relay, a Middle Relay, and an Exit Relay using a letter and envelopes analogy.](../assets/images/in-praise-of-tor/tor-diagram.webp)
-<small aria-hidden="true">Illustration: Em / Privacy Guides</small>
-
-#### What is a Tor Circuit
-
-The network of randomly selected relays to complete a request on the Tor Network is called a Tor Circuit. This circuit changes each time a new connection is established.
-
-From the Tor Browser, you can see each relay that was selected for a circuit, and even change it manually. To generate a new circuit, click on the "Tor Circuit" button on the upper-left of the browser, then on "New Tor circuit for this site" at the bottom.
-
-![Screenshot from the Tor Browser showing a popup window from the Tor Circuit button.](../assets/images/in-praise-of-tor/tor-torcircuit.webp)
-
-### The Tor Browser
-
-The [Tor Browser](https://www.torproject.org/download/) was created in 2008 to facilitate access to the Tor Network. It is a modified version of Mozilla's Firefox browser, and can be installed on Linux, macOS, Windows, and Android systems.
-
-The Tor Browser start configuration is private by default. No additional extensions are required to make it more secure or more private. Actually, it's even discouraged to install any additional extensions, as this would weaken its [fingerprinting resistance](https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/).
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Highest security settings</p>
-
-Even if the Tor Browser is configured to be private by default, if you are in an especially sensitive situation, for example if you are using Tor as a whistleblower or a dissident activist, you might want to adjust the Tor Browser security level to "Safest".
-
-For this, click on the shield icon on the upper-right, then on the "Settings" button in blue, and select "Safest" instead of the default "Standard".
-
-**Important:** Each time you change the security level, you **must** make sure to restart the browser to ensure all changes have taken effect. Otherwise, [some changes](tor-security-slider-flaw.md) might not have been applied yet.
-
-</div>
-
-![Screenshot from the Tor Browser showing a warning from the SecureDrop website to adjust Tor security level to Safest.](../assets/images/in-praise-of-tor/tor-safestsetting.webp)
-
-The default search engine is the privacy-focused [DuckDuckGo](https://www.privacyguides.org/en/search-engines/#duckduckgo). You will not even find Google in the options for the default search engine. More browsers should follow this good practice.
-
-The first page opening with the Tor Browser will give the option to Connect to Tor. From there, you can click on "Connect" to start browsing through Tor, or on "Configure Connection" if you need additional settings. For example, if you need to set up a [Bridge](https://bridges.torproject.org/) because Tor is blocked from your country.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Only connect to Tor if it is safe for you</p>
-
-Be careful when using Tor from a country where Tor might be blocked or perceived as suspicious. Similarly, be careful if you connect from a location where revealing you have been using Tor [could](#depending-on-where-you-are-using-tor-is-likely-safe) be dangerous to you.
-
-</div>
-
-![Screenshot from the Tor Browser showing the "Connect to Tor" welcome page.](../assets/images/in-praise-of-tor/tor-torbrowser.webp)
-
-Once connected to the Tor Network, you will be directed to the DuckDuckGo welcome page, and you can search or type any URLs in the address bar, like you would with any other browser.
-
-If you know an organization has an onion site (a website that is only accessible through Tor), you can type this onion address directly in the address bar.
-
-If you don't know if an organization has an onion site, you might find it from its regular URL. For example, if you visit privacyguides.org from the Tor Browser, you will notice a purple button on the right informing you that an onion version of this website is available, click on it to get redirected to it.
-
-![Screenshot from the Tor Browser showing the Privacy Guides website with an onion available purple button right to the address bar.](../assets/images/in-praise-of-tor/tor-privacyguides.webp)
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Mullvad Browser and the Tor Project</p>
-
-If you are familiar with the Mullvad Browser, know that the Mullvad Browser was developed by the Tor Project team!
-
-The Mullvad Browser was born of a [collaboration](https://blog.torproject.org/releasing-mullvad-browser/) between Mullvad VPN and the Tor Project, to build a browser that offers similar privacy features to the Tor Browser, but while using it through a VPN instead of through the Tor Network (both offering different benefits).
-
-The Mullvad Browser can also be used without a VPN, and will still provide better privacy protections than most other browsers. It cannot be used to access the Tor Network, however.
-
-</div>
-
-### The Tor Project
-
-The [Tor Project](https://www.torproject.org/) is the US-based nonprofit organization maintaining the software and community for the Tor Network, and developing and maintaining the Tor Browser. It's also a privacy advocacy organization, with a mission to advance human rights and freedoms around the world through the free technology it creates.
-
-The nonprofit was founded in 2006 and gets its funding from [various sources](https://www.torproject.org/about/supporters/) including government grants, independent contributors, and individual [donations](https://donate.torproject.org/).
-
-## :octicons-lock-16: What Tor can do
-
-### Improve Privacy
-
-Tor is not magical, but it's by far one of the best privacy tool we have. Using Tor will not make you perfectly anonymous online, but it will greatly reduce the traces your leave online.
-
-Here are a few benefits Tor can provide for your privacy:
-
-- Tor can prevent the websites you are visiting from collecting your IP address (and your IP address can indeed lead to identifying *you*).
-
-- Tor can prevent your Internet Service Provider (ISP), Virtual Private Network (VPN) provider, or authorities requesting information from them to collect a list of the websites you have visited. They will know however that you have been using Tor.
-
-- The Tor Browser isolates each website you visit. This prevents ads and trackers from following you around, potentially popping up later in your [Facebook ads and accidentally outing you](https://www.intomore.com/culture/you/facebook-ads-outed-me/).
-
-- The Tor Browser is fingerprinting resistant. This reduces the ways you can be tracked and identified online, even without your IP address.
-
-- When keeping the default settings, the Tor Browser only uses private windows and will not keep any traces of your browsing history. It will also delete all cookies and site data when closing.
-
-### Circumvent censorship
-
-Because of how the Tor Network redirects traffic, it's a perfect tool to resist censorship. Using Tor can give access to websites or services that aren't accessible from a country blocking them.
-
-Even from a region where Tor itself is actively blocked, the network can still be accessed using [pluggable transports](https://tb-manual.torproject.org/circumvention/).
-
-Using this type of measures to circumvent government censorship will make Tor accessible even from countries with heavily censored internet, such as [China](https://support.torproject.org/censorship/connecting-from-china/), [Russia](https://blog.torproject.org/call-for-webtunnel-bridges/), [Iran](https://forum.torproject.org/t/iran-circumventing-censorship-with-tor/4590), and many others.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">If you can't download the Tor Browser from your country</p>
-
-If you cannot download the Tor Browser because of your country's censorship, and **if it is safe for you to do**, you can try downloading the browser from a proxy website such as the [EFF website](https://tor.eff.org/), the [Calyx Institute website](https://tor.calyxinstitute.org/).
-
-You can even directly email **<gettor@torproject.org>** and send the name of your operating system (Linux, macOS, Windows) to get a direct link to download the Tor Browser.
-
-</div>
-
-If you want to help people around the world access the internet freely, you can volunteer to run a [Tor Snowflake](https://snowflake.torproject.org/) proxy. For more tech-savvy volunteers, you can also help by running a [Tor Bridge](https://community.torproject.org/relay/setup/bridge/), or even a [WebTunnel Bridge](https://community.torproject.org/relay/setup/webtunnel/).
-
-## :octicons-heart-16: Why Tor is so important
-
-### Tor is vital for human rights and democracy
-
-Tor is an essential tool for journalists, activists, whistleblowers, dissidents, and people in vulnerable situations everywhere. It is one of the best tool we have to increase privacy online, and to resist censorship from oppressive regimes.
-
-Thanks to Tor, activists have a safe way to continue fighting for human rights.
-
-Some of the most respected human rights organizations use Tor to offer safe access to their services and information. This includes organizations such as [Amnesty International](https://www.amnesty.org/en/latest/news/2023/12/global-amnesty-international-website-launches-on-tor-network-to-help-universal-access/), [Electronic Frontier Foundation](https://www.eff.org/deeplinks/2023/04/eff-now-has-tor-onions), Freedom of The Press Foundation, and of course the Tor Project.
-
-Without Tor, journalists would lose invaluable sources of information provided by courageous whistleblowers reporting in the public interest.
-
-Without Tor, brave citizens fighting against authoritarian governments would be at much greater risk when organizing and bringing vital information to the public's attention.
-
-Without Tor, victims of domestic violence and LGBTQ+ people living in hostile environments could be in much greater danger when researching life-saving information online.
-
-Without Tor, people living in oppressive regimes would not have access to the crucial information they need to fight for freedom, democracy, and peace.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Add an onion service for your organization's website</p>
-
-If you would like to add this service for your website to help more people access it safely, you can [read more](https://blog.torproject.org/more-onions-porfavor/) about onion services on the Tor Project Blog. As of 2021, you can even [get](https://blog.torproject.org/tls-certificate-for-onion-site/) domain-validated certificates for your onion site using HARICA, an operator founded by a nonprofit civil society from Greece.
-
-</div>
-
-### Tor is for everyone to use
-
-Tor is a tool that can help so many people. But Tor isn't *only* for people in highly sensitive situations like whistleblowers and journalists, Tor is for everyone!
-
-Of course, people in more dangerous situations will *need* Tor to stay safe, but everyone can benefit from Tor's privacy protections in their daily lives. I personally use Tor when I am forced to visit Google Map. Not because it's dangerous to me, but just because I greatly dislike the idea of Google tracking my location activities.
-
-Tor can also help fighting surveillance capitalism!
-
-Moreover, you can considerably help people in dangerous situations by using Tor for trivial reasons like I do.
-
-By using Tor for banal activities, when you aren't in any danger worse than a nasty ad-attack, you help to normalize the use of Tor and add more noise to the traffic. The more people do this, the more using Tor becomes just something people do when they care about privacy online, and nothing more.
-
-### Who uses Tor?
-
-- Anyone who cares about privacy!
-- Journalists who need to conduct research and protect their sources.
-- Whistleblowers using special websites to communication information to newspapers anonymously.
-- Democracy activists fighting against authoritarian governments who require anonymity online to stay safe from persecution.
-- People living under oppressive regimes who need to circumvent their country's censorship to access information freely.
-- Victims of domestic violence who need to research safe shelters and supportive resources without raising suspicion from their aggressor.
-- LGBTQ+ people living in hostile environments who need to access information online and stay connected with their community.
-- Generous people who want to [help and support](https://blog.torproject.org/support-tor-project-share-your-story/) all the above 💜
-
-The Tor community has gathered this [wonderful collection of anonymous user stories](https://community.torproject.org/outreach/stories/) from people describing why they use Tor.
-
-### Tor is critical public infrastructure
-
-To keep Tor strong for everyone, it's essential to support and grow the network of volunteer-operated relays forming the Tor Network.
-
-Thousands of journalists and activists rely on the Tor Network every day to stay safe and to continue their important work.
-
-Furthermore, **countless privacy-oriented projects depend on the Tor Network**.
-
-To name only a few, the messaging applications [Briar](https://briarproject.org/), [Cwtch](https://docs.cwtch.im/), and [SimpleX](https://simplex.chat/) all use Tor to harden some of their privacy-preserving features.
-
-For whistleblowers to stay safe, both [SecureDrop](https://securedrop.org/) and [Hush Line](https://hushline.app/) use the Tor Network. Many [newsrooms around the world](https://securedrop.org/directory/) host onion services to protect sources, such as The Guardian in the UK, CBC in Canada, ProPublica in the US, and many more.
-
-There's also all the applications protecting people with the highest needs such as [Tails](https://tails.net/), [OnionShare](https://onionshare.org/), and [more](https://github.com/Polycarbohydrate/awesome-tor).
-
-**Losing the Tor Network would mean losing all the applications and features relying on it.**
-
-This would be disastrous for the privacy community, journalists, activists, dissidents, victims of domestic violence, LGBTQ+ population, and so many worldwide.
-
-From a human rights perspective, **we simply cannot afford to lose Tor**.
-
-## :octicons-question-16: Things to consider when using Tor
-
-### Tor compared to VPN protections
-
-When using a VPN, your ISP will not know which websites you visit online (or other activities). Your ISP will see that you are connecting to a VPN, but will not know what you do from there. Your VPN however *could* know which websites you visit. Using a VPN is a transfer of trust from your ISP. When using a VPN, you should always trust your VPN provider more than your ISP.
-
-The websites you visit will see the IP address of your VPN provider instead of yours. This can help protect your identity and location, but they will know this connection uses a VPN.
-
-VPNs can offer great benefits for your privacy. However, if your VPN provider was compelled by law to provide the logs of the websites you visited (or will visit), it is *technically* possible to do for them.
-
-When using the Tor Network correctly, no one knows which websites *you visited*, or other services you accessed. Your ISP or VPN provider will only know you have accessed Tor, but will not know which websites you have visited from there. Even if compelled by law, they could only share that you have accessed Tor, at this specific time.
-
-The websites you have visited also won't know who you are (unless you tell them). They will only know someone accessed their websites through Tor, at this specific time.
-
-The relays used for a Tor Circuit cannot alone re-recreate the link between your IP address and the websites you visit either. This offers much stronger protection for your privacy than a VPN does.
-
-### Who knows you are using Tor
-
-When using the Tor Network, your ISP and the Guard Relay will both know you (the IP address you are using) are using Tor.
-
-To prevent this, you [could](https://www.privacyguides.org/en/advanced/tor-overview/#safely-connecting-to-tor) use Tor from a [trustworthy VPN](https://www.privacyguides.org/en/vpn/).
-
-If you do so, your VPN provider will know you are using Tor, but your ISP will not. Your ISP will only see you are accessing your VPN, and the Tor Guard Relay will see your VPN's IP address instead of yours.
-
-### HTTPS for non-onion websites
-
-The Exit Relay from the Tor Circuit will see someone is accessing this website (or other service).
-
-If you were to use Tor to visit a non-onion website that isn't protected with HTTPS, and log in with your credentials, this Exit Relay *could* technically read this information. Using HTTPS with non-onion websites is *very* important when using Tor. Onion sites offer protections that are equivalent to HTTPS.
-
-### Be careful with files when using Tor
-
-While it's safe to visit secured websites through Tor, be careful when downloading files or opening documents.
-
-Depending on what kind of files it is, there are a number of problems that could arise. For example, it's a [bad idea](https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea) to download torrent files over Tor. Additionally, Tor will not protect you from downloading malware or exposing metadata with shared files.
-
-If you need to share files through Tor with a *trusted* contact, [OnionShare](https://www.privacyguides.org/en/file-sharing/#onionshare) is a good option.
-
-## :octicons-stop-16: Addressing misconceptions
-
-There has been misconceptions floating around about Tor. Most of them repeat similar misinformation attributed to many other privacy tools: Why using this if you have nothing to hide? But this argument is incredibly flawed and comes from a naive understanding of privacy rights and needs.
-
-Most people use privacy tools for protection, and everyone needs protection. Moreover, [privacy is a fundamental right](https://www.privacyguides.org/videos/2025/04/17/is-privacy-dead/) intrinsically connected to democracy and civil liberties.
-
-### The dark web, the deep web, and the surface web
-
-Some misconceptions have spread from confusion on what the *deep* web and the *dark* web are. Because yes, Tor is part of the dark web.
-
-While using the term "dark web" might make for great sensationalist news title, the dark web isn't anything to fear.
-
-It's not "dark" as in "dark intent" or the "dark side of the Force". It's really just dark as in "it's so dark on this road, I can't read the addresses around".
-
-This dark web needs special software, configuration, or authorization to access it. For example, **the Tor Browser is the streetlight you need to navigate on the Onion roads**.
-
-If you use Tor to visit the Privacy Guides onion site, you will be using the dark web. It's a website (or website version) that can only be accessed using a specialized tool. That's it!
-
-The dark web is part of the deep web, which is simply all the online information that isn't indexed by any standard web search engines. Aren't you happy your bank account is on the deep web?
-
-![Illustration of an iceberg where the tip above water represents the surface web, the part underwater represents the deep web, and the part under the iceberg represents the dark web.](../assets/images/in-praise-of-tor/tor-darkweb.webp)
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Inspired by: [Ranjithsiji](https://commons.wikimedia.org/wiki/File:Iceberg_of_Webs.svg)</small>
-
-### Criminals use envelopes, doors, and clothing too
-
-Some fear that Tor is used by criminals. While that might be true some criminals use Tor, a lot of people who aren't criminals at all also use Tor.
-
-This kind of argument really leads nowhere. Criminals also use Google, Facebook, and Twitter (a lot actually). Criminals use envelopes to hide their ransom letters, closed doors to hide their crimes, and clothing to conceal weapons! Are we going to forbid clothing because some (all?) criminals use clothing to hide their weapons?
-
-**We shouldn't ban clothing, and we shouldn't ban Tor either.** There are other better ways to catch criminals than removing a tool millions use to stay safe online.
-
-### Tor receives government funding
-
-Yes, Tor does receive government funding, and that's a good thing. A lot of nonprofit organizations receive government funding as a stable ([usually](https://www.privacyguides.org/articles/2025/02/03/the-future-of-privacy/#the-tools-you-use-might-depend-on-government-funding)) source of income. Our governments *should* be contributing financially to the tools we all use to improve our security and privacy for free, moreover if they are using it themselves.
-
-While any organization should thrive to diversify its sources of income to reduce its dependency on large contributors, it's not always easy to do.
-
-If you feel uneasy about a privacy tool you use receiving government funding, the best thing you can do to fight this is to [donate](https://donate.torproject.org/) directly to reduce its dependence to it.
-
-### Depending on where you are, using Tor is likely safe
-
-If you are not living under an oppressive regime with heavy censorship, it's likely that using Tor is safe for you, and will not put you on "a list". Even if it was putting you on "a list", it likely is a list full of great people working to defend human rights and privacy rights online.
-
-That being said, **if you are living in a region where using Tor is dangerous**, and could put you on a list of anti-regime dissidents, you *should absolutely* be careful and take special measures to hide your usage of Tor.
-
-Additionally, **if you are in a vulnerable situation** where an aggressor has access to your device or ISP information, and could hurt you if they knew you have used Tor, you should use a Tor Bridge and only [access Tor through Tails](https://www.privacyguides.org/articles/2025/01/29/installing-and-using-tails/).
-
-### Tor is fantastic for your privacy, but is not magical
-
-Tor is a great tool to improve your privacy online and make it much harder to identify you, your location, and the content you access online. However, it will not make you magically anonymous.
-
-If you use Tor with files containing metadata about you, this metadata can still identify you.
-
-If you use Tor to log in your Facebook account, then of course Facebook still knows it's you, and now also knows you are using Tor.
-
-If you use Tor to create a new account, but use an email address, phone number, username, or profile picture you used elsewhere when not connected through Tor, then your Tor activity can get linked to your previous activity.
-
-If you use Tor to reveal information so specific that only you, or only someone at your company, or only someone in this small government department could know, then of course authorities can identify you this way.
-
-You should also consider correlation in time when using Tor. If your activity is so specific that it can be narrowed down to only a few people, and your ISP or VPN knows you have accessed Tor at this specific time (and shares this information with authorities), a correlation in time could be enough to de-anonymize you.
-
-### Misconceptions are very detrimental to Tor, and other privacy tools
-
-We need to be extremely careful when spreading information that could be inaccurate or hasn't been verified when talking about Tor (or any other privacy tools).
-
-Misinformation can create mistaken fears and stop people from using a tool they would greatly benefit from.
-
-If someone is so scared of Tor because of some rumor they heard, that they continue their activism from the surface web instead, they could needlessly put themselves at risk.
-
-Furthermore, unjustified bad reputations can severely hurt funding for tools like Tor. This leads to less resources to continue developing the browser, the network, and to advocate for privacy everywhere.
-
-We all have a responsibility to verify which information we share with others, make sure we stop misinformation at its root, and correct harmful misconceptions everywhere we hear them.
-
-## :material-hand-heart-outline: Tor needs our support
-
-**Tor is at risk, and needs our help.** Despite its strength and history, Tor isn't safe from the same attacks oppressive regimes and misinformed legislators direct at encryption and many other privacy-enhancing technologies.
-
-Moreover, due to its US government funding, Tor has already been on the destruction path of the recent hectic government cuts. Thankfully, the US Agency for Global Media finally [rescinded the grant termination](https://www.theregister.com/2025/03/25/otf_tor_lets_encrypt_funding_lawsuit/?td=rt-3a) it had announced on March 15th to the Open Technology Fund, which the Tor Project benefits from. Sadly, considering the unpredictability of the current US administration, this doesn't mean the Tor Project is safe from cuts later on.
-
-As much as the Tor Network relies on generous volunteers to run it, the nonprofit Tor Project relies on grants and donations to survive.
-
-The good news is, we can help with both!
-
-The more individuals donate to the Tor Project, the less it depends on government funding, and the more stable its donation income becomes.
-
-Similarly, the more people volunteer to run a Tor relay, the more stable and reliable the Tor Network becomes.
-
-Tor is a privacy tool so many people, organizations, and applications need to stay safe and secure. It is **our collective responsibility to contribute what we can** to keep Tor strong and thriving for all of us.
-
-### How to support Tor
-
-There are many ways to help Tor survive and thrive! You can help by:
-
-- [Donating to the Tor Project (includes really neat merch!)](https://donate.torproject.org/)
-
-- [Spreading the word about Tor](https://community.torproject.org/outreach/)
-
-- [Joining the Tor community](https://community.torproject.org/)
-
-- [Making your website accessible as an onion service](https://community.torproject.org/onion-services/setup/)
-
-- [Asking your university to run a Tor relay](https://toruniversity.eff.org/)
-
-- [Running a Tor relay yourself](https://community.torproject.org/relay/)
-
-- [Running a Snowflake proxy to help fight censorship](https://community.torproject.org/relay/setup/snowflake/)
-
-- Using Tor for anything from important to trivial
-
-- Sharing this article 💜
-
-## :octicons-bookmark-16: Onion sites you can visit using the Tor Browser
-
-- [Privacy Guides website](http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion/en/) 💛
-- [Privacy Guides forum](http://discuss.6xotdxvg7pexnean3xu6b7ivs7g52zcwsdbnz4mdm4byivc3yfv65aid.onion/)
-- [Amnesty International](https://www.amnestyl337aduwuvpf57irfl54ggtnuera45ygcxzuftwxjvvmpuzqd.onion)
-- [Electronic Frontier Foundation](https://www.iykpqm7jiradoeezzkhj7c4b33g4hbgfwelht2evxxeicbpjy44c7ead.onion/)
-- [Freedom of the Press Foundation](http://fpfjxcrmw437h6z2xl3w4czl55kvkmxpapg37bbopsafdu7q454byxid.onion/)
-- [Secure Drop directory (for whistleblowers)](http://sdolvtfhatvsysc6l34d65ymdwxcujausv7k5jk4cy5ttzhjoi6fzvyd.onion/directory/)
-- [ProPublica](http://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion/)
-- [Internet Archive](https://archivep75mbjunhxc6x4j5mwjmomyxb573v42baldlqu56ruil2oiad.onion/)
-- [OnionShare (file sharing)](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/)
-- [Proton Mail](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/)
-- [Tor Project](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion)
-
-***
-
-For more in-depth information about Tor, you can consult our [Tor Overview](https://www.privacyguides.org/en/advanced/tor-overview/).
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>
-
----
-
-**Update (5/6):** This article was updated to note [the importance of restarting Tor Browser](tor-security-slider-flaw.md) when changing security level settings.

blog/posts/keepassium-review.md

@@ -1,696 +0,0 @@
----
-title: "KeePassium Review: A Flexible Password Manager for iOS and macOS"
-template: review-article.html
-schema_type: ReviewNewsArticle
-date:
-    created: 2025-05-13T16:30:00Z
-categories:
-    - Reviews
-authors:
-    - em
-description: "If you need a password manager for iOS or macOS that gives you full control over your data, KeePassium is a fantastic option. KeePassium offers some synchronization features, but keeps your password database offline by default. You choose who to trust to store your passwords, and you can change it whenever you want."
-preview:
-  logo: blog/assets/images/keepassium-review/keepassium.svg
-review:
-  type: SoftwareApplication
-  category: SecurityApplication
-  subcategory: Password Manager
-  name: KeePassium
-  price: 0
-  website: https://keepassium.com/
-  rating: 4.5
-  pros:
-    - Open source.
-    - Free basic plan.
-    - Data portability.
-    - Offline-only option.
-    - No account or personal data required.
-    - Easy to use, beautiful, and customizable.
-    - Excellent documentation.
-  cons:
-    - AutoFill might not work for some websites and browsers.
-    - Some important features only available on paid plans.
-    - No app for Linux, Android, or Windows.
----
-
-![The KeePassium logo over a yellow background showing Apple devices.](../assets/images/keepassium-review/keepassium-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: PicJumbo / Pexels</small>
-
-If you have been looking for a password manager giving you full control over your data, KeePassium is a fantastic option. The application available for iOS and macOS keeps your password database offline by default. KeePassium still offers synchronization and backup options, but allows you to choose which storage provider to trust with your database, and change it whenever you want.<!-- more -->
-
-![KeePassium logo](../assets/images/keepassium-review/keepassium.svg){align=right itemprop="image"}
-
-[KeePassium](https://keepassium.com/) is a commercial open-source application made by KeePassium Labs, based in Luxembourg.
-
-Because it's open-source, anyone can inspect and download its [code](https://github.com/keepassium/KeePassium) if they wish. Anyone could even [build](https://github.com/keepassium/KeePassium?tab=readme-ov-file#is-it-free) the entire application by themselves, and use the advanced features completely for free.
-
-However, if you do not want to bother with code, you can use either the basic plan for free, or pay for a premium plan to access advanced features and to support the project.
-
-KeePassium is a [KeePass](https://keepass.info/)-compatible project. If you are already familiar with any software from the [KeePass ecosystem](https://github.com/lgg/awesome-keepass), you will feel right at home with KeePassium.
-
-KeePassium's strength resides in how it integrates KeePass' security and features into a well-rounded and well-designed application, that is very instinctive to use, while not compromising on flexibility and customizability.
-
-<div class="admonition abstract" markdown>
-<p class="admonition-title">The KeePassium application</p>
-
-For this review, the words "KeePassium" and "application" refer to both the KeePassium iOS and macOS applications simultaneously, unless otherwise specified. The mobile application was tested first and will be more prominent in the examples and screenshots.
-
-</div>
-
-## :material-apple: Platforms and Compatibility
-
-KeePassium is written in Apple's Swift programming language and is available for Apple devices.
-
-### Mobile
-
-- For iPhone and iPad, KeePassium works on iOS 17.0 or later.
-
-### Desktop
-
-- For Mac computers, KeePassium works on macOS 14.0 (Sonoma) or later.
-- KeePassium is compatible with both Apple Silicon and Intel hardware.
-- The desktop application is new and was [released](https://keepassium.com/blog/2024/12/keepassium-2.0/) on December 17th, 2024.
-
-### Apple Vision
-
-- For Apple Vision, KeePassium works on visionOS 1.0 or later.
-
-### Languages
-
-The KeePassium application is available in the following languages: English, Arabic, Czech, Dutch, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, Simplified Chinese, Slovak, Spanish, Swedish, Thai, Traditional Chinese, Turkish, and Ukrainian.
-
-### Cross-compatibility
-
-One great strength of any applications derivative of KeePass is compatibility with other KeePass applications. This is due to implementing of the same `.kdbx` file format for password databases, and often sharing similar features as well.
-
-If you use KeePassium to store your passwords, you will be able to easily transfer your password database to other KeePass-compatible applications, and vice versa. This offers powerful portability for your password database.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">File formats and encryption</p>
-
-KeePassium supports the KDB, KDBX3, and KDBX4 file formats, and implements AES, ChaCha20, Twofish, and Argon2 for encryption algorithms.
-
-Even if compatibility with older database formats is available, it is recommended to use the more recent and [more secure](https://keepass.info/help/kb/kdbx_4.html) KDBX4 format. This latest format will be the default when you create a new database in KeePassium.
-
-</div>
-
-This cross-compatibility is so versatile that you could, for example, use KeePassium on mobile but sync it with [KeePassXC](installing-keepassxc-and-yubikey.md) on desktop.
-
-Similarly, if you have a Mac computer but an Android phone, you could use KeePassium on desktop but KeePassDX on mobile, and so on and so forth. You can consult KeePassium's documentation for a list of all [compatible apps](https://support.keepassium.com/kb/compatible-apps/).
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Testing compatibility</p>
-
-If you plan on using KeePassium with cloud storage and synchronization between devices, make sure to test your settings well before adding all your passwords to it.
-
-</div>
-
-Depending on your usage and settings, glitches in synchronization *could* corrupt your database file. This has more chances to happen if you use a cloud storage that isn't fully supported, or a KeePass-compatible application that isn't listed in KeePassium's documentation.
-
-Ideally, if you use synchronization, create a dummy database at first to test that synchronization works properly with your specific cloud configuration and between all the devices you use.
-
-It's also advisable to enable the backup feature and even keep a backup copy of your database file in a different directory. That way, if your main synced file were to get corrupted or lost somehow, you could always rely on this secondary backup.
-
-This is important because there is no remote database management done by KeePassium. **You are fully in control of your own data, but you are also fully responsible to protect it.**
-
-## :material-wallet-bifold-outline: Pricing
-
-KeePassium can be used completely for free!
-
-That being said, if you need advanced features, you might want to [pay](https://keepassium.com/pricing/) for a [Premium](https://keepassium.com/articles/why-upgrade-to-premium/) plan (monthly or yearly), or a Pro or Business plan. Fortunately, the monthly Premium plan is very affordable, allowing users to test the Premium features one month at the time before committing to a longer subscription.
-
-Alternatively, if you do not need any advanced features but would like to support the project, you could use the free plan and [donate](https://keepassium.com/donate/) a fix amount to KeePassium.
-
-#### Rent-to-own
-
-Something interesting about KeePassium Premium's plan is that it offers a "[rent-to-own](https://support.keepassium.com/kb/license-rent-own/)" license. This means that if you pay for a KeePassium subscription for 12 months or more, you will always "own" the features you've paid for, even if you stop paying.
-
-For example, if you pay for Premium for only one year then stop, you will keep access to all the Premium features that were available while you paid for Premium, but will not have access to new features added after your stopped paying. This is an excellent model that more applications should adopt.
-
-![Screenshot from the KeePassium website's Pricing page with a description of which features are included in each plan.](../assets/images/keepassium-review/keepassium-pricing.webp)
-
-## :octicons-shield-check-16: Security and Trust
-
-Security and trust are without a doubt the most important characteristics of a good password manager.
-
-While functionality and features are also important, there is no point in having a pretty application that doesn't safeguard your passwords properly. It would defeat the whole purpose of the password manager.
-
-KeePassium does not neglect security for convenience, and has done its homework to earn its users' trust. The database format it uses, its transparency with open source, and its independent security audit, are all factors contributing to build trust in KeePassium.
-
-### Trusted database format
-
-The application is using an encrypted database file format developed by [KeePass](https://en.wikipedia.org/wiki/KeePass), an open-source project with a good reputation in the security and privacy community. KeePass' code and formats are trusted by many other KeePass-compatible projects, including KeePassXC, KeeWeb, OneKeePass, ModernKeePass, MacPass, Keepass2Android, and [more](https://github.com/lgg/awesome-keepass).
-
-Even if the KeePassium application is relatively recent with its first [launch](https://keepassium.com/blog/2019/07/introducing-keepassium-for-ios/) in 2019, the formats it uses to secure password databases had many eyes on since the initial KeePass release in 2003. The fact that so many people have inspected, used, tested, and improved the security foundation of this file format through the years contributes to KeePassium's security as well.
-
-### Open-source code
-
-KeePassium was [created](https://keepassium.com/articles/who-created-keepassium/) by [Dr. Andrei Popleteev](https://popleteev.com/), who founded KeePassium Labs, and continues as its director to develop and maintain the app with a small team of [contributors](https://github.com/keepassium/KeePassium/graphs/contributors). Like KeePass, KeePassium's code is open-source under a [GNU General Public License](https://github.com/keepassium/KeePassium/blob/master/LICENSE.txt).
-
-Open-source code isn't magical, but it helps to build trust by providing full transparency. Because all of KeePassium's code is publicly accessible, anyone could inspect it. This can help to detect and reporting potential vulnerabilities early on, and quickly verifying any claims made. Of course, at least *some* independent qualified people have to inspect the code in order to make this meaningful at all. But this is true for any open-source projects.
-
-#### A note on KeePassium's open-source commercial model
-
-More precisely, KeePassium is a *commercial* open-source application. This means its code is fully open and available to inspect, download, and use (within its license's limits). However, users can also purchase paid plans to access advanced features, without having to build and manage the code themselves.
-
-Paid plans provide a source of revenue to KeePassium, which helps to maintain the application adequately to keep it compatible and secure, providing support to customers, and adding new features down the line.
-
-This commercial model can actually add stability to a project, making it more likely to survive long term. This is reassuring considering all the other KeePass-compatible projects that have stopped getting maintained and are unfortunately no longer usable.
-
-Furthermore, there is some [conflict](https://www.engadget.com/2011-01-09-the-gpl-the-app-store-and-you.html) between certain open-source licenses and publication on Apple's App Store. Because it isn't possible to download an iOS app outside of Apple's App Store (unless you adventure in the perilous waters of [jailbreaking](https://en.wikipedia.org/wiki/IOS_jailbreaking)), KeePassium and all other iOS apps are confined to operate within the App Store's requirements.
-
-Also for this reason, the KeePassium projects cannot accept external contributions to its code, but can still [accept contributions](https://github.com/keepassium/KeePassium?tab=readme-ov-file#how-to-contribute) for bug reports, feature suggestions, and translations.
-
-### Independent security audit (iOS)
-
-Perhaps one of the most compelling argument for trusting KeePassium is the [independent security audit](https://support.keepassium.com/kb/security-audits/) the iOS application went through last year.
-
-The Berlin-based cybersecurity firm [Cure53](https://en.wikipedia.org/wiki/Cure53) conducted a full evaluation and professional pentest of the mobile application in November 2024.
-
-The review included an audit of the source code, application, network communications, and the implemented cryptography. The few vulnerabilities found were all fixed following reception of the report.
-
-It's important to note that only KeePassium for iOS was audited, and not KeePassium for macOS, which was released after the audit. However, many aspects of KeePassium for iOS that were included in the audit are likely to be similar for KeePassium for macOS.
-
-Interestingly, Cure53 has [audited](https://cure53.de/) many other well-known security and privacy-focused or open-source applications such as Proton Pass, 1Password, Bitwarden, Obsidian, Mullvad VPN, Onion Browser, Threema, Briar, SecureDrop, Mastodon, and much [more](https://github.com/cure53/Publications).
-
-### Recommended by other applications
-
-Finally, if you already trust KeePassXC for your desktop password manager, know that KeePassium is one of the apps [suggested](https://keepassxc.org/docs/) by KeePassXC to use on iOS.
-
-## :octicons-lock-16: Privacy and Encryption
-
-Data privacy and encryption are fundamental aspects of any password managers. Because pretty much all data stored in a password manager is highly sensitive data, all data should be protected by strong end-to-end encryption.
-
-### Data collection
-
-On this point, KeePassium delivers. First, a quick look at Apple's privacy label indicates that "the developer does not collect any data from this app". This is a good start, and this description is true for both the iOS and macOS applications.
-
-![Screenshot from Apple's App Store for KeePassium's App Privacy label. The label states that the "developer does not collect any data from this app".](../assets/images/keepassium-review/keepassium-applelabel.webp)
-
-Second, in its current version, KeePassium's [Privacy Policy](https://keepassium.com/privacy/app/) is excellent. This is never a guarantee of course, but the app's [security audit](#independent-security-audit-ios) shows the Privacy Policy statements are likely founded.
-
-KeePassium separates its privacy policies for the application and the website. This is an excellent practice way too rarely adopted by companies. This approach provides much more clarity for what data is collected from where, and is a positive sign that an organization understands well data privacy legal requirements.
-
-The Privacy Policy for the app is detailed and thorough, which are essential qualities to any respectable privacy policies.
-
-It starts by stating clearly that KeePassium does not send any personal data to KeePassium Labs, the company developing the app. Then, it lists all instances where data *could* be collected through the purchase or use of KeePassium, and gives clear instructions on how to opt out for each. This is the kind of privacy policy that shows an organization genuinely values and understands data privacy. I highly encourage you to have a look at it from the link above.
-
-Worth noting as well, KeePassium's Privacy Policy for its *website* states it [does not use any cookies](https://keepassium.com/privacy/website/#our-use-of-cookies-and-tracking). This is certainly refreshing to read.
-
-### Encryption
-
-Although the application is compatible with older formats, KeePassium by default will use the newer KDBX4 file format to encrypt password databases.
-
-This is important because the KDBX4 format offers [significant security improvements](https://keepass.info/help/kb/kdbx_4.html) over the previous KDBX3 format. If you import an older database in KeePassium, it is recommended to upgrade it to KDBX4 and use a different main password for the upgraded database if you keep a backup of the previous one.
-
-<div class="admonition success" markdown>
-<p class="admonition-title">Upgrade from KDB to KDBX</p>
-
-If you need to upgrade an older database file to the newest file format to benefit from better security and KeePassium's full functionality, you can follow KeePassium's [instructions](https://support.keepassium.com/kb/convert-kdb-kdbx/).
-
-</div>
-
-To secure the database, and all the content included in it, KeePassium uses AES256, ChaCha20, Twofish, HMAC, and Argon2 (for KDBX4 only). Because the [KeePass database file format](https://keepass.info/help/kb/kdbx.html) (and so KeePassium's as well) encrypts the whole database, this means that not only passwords are encrypted but also usernames, website URLs, notes, attachments, etc.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Encrypting all data, not just passwords</p>
-
-Encrypting all user data contained in a password manager entry is *extremely* important, because encrypting passwords only just isn't enough.
-
-In August 2022, the password manager [LastPass suffered a security breach](https://blog.lastpass.com/posts/notice-of-recent-security-incident) where users' password vaults (databases) were stolen from LastPass' servers.
-
-This is bad enough even with end-to-end encrypted data (because vaults with a weak main password could get cracked), but even worse than this, some important data like website URLs were *not encrypted at all*, so this information was [stolen in plain text](https://www.pwndefend.com/2022/12/24/lastpass-breach-the-danger-of-metadata/).
-
-This is the perfect example of why **encrypting all data *and* metadata** input by the user is *crucial* for data privacy and security.
-
-Additionally, the LastPass' breach is a great argument in favor of keeping one's password database *offline,* whenever possible. Something that KeePassium makes possible even by default.
-
-</div>
-
-#### Encryption algorithms used by KeePassium
-
-[AES256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard): The Advanced Encryption Standard (AES) is a trusted and commonly used block cipher symmetric-key algorithm. It was established in 2001 by NIST, the American National Institute of Standards and Technology. The number following the acronym describes the key size in bits (128, 192, or 256 bits).
-
-[Twofish](https://en.wikipedia.org/wiki/Twofish): Twofish is another block cipher symmetric-key algorithm, which KeePassium can use to secure databases, in 256-bit key size as well. Famous cryptographer Bruce Schneier was part of the team who designed Twofish.
-
-[ChaCha20](https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant) (KDBX4 only): The ChaCha20 algorithm is a variant of Salsa20, both stream ciphers that encrypt and decrypt data in continuous stream instead of blocks. The number refers to the number of rounds in its structure.
-
-[HMAC](https://en.wikipedia.org/wiki/HMAC) (Key Derivative Function): Hash-based Message Authentication Code (HMAC) is a robust hash function. In KeePass-compatible apps, it is used to [verify](https://keepass.info/help/kb/kdbx.html#hbs) the integrity and authenticity of the database before decryption.
-
-[Argon2](https://en.wikipedia.org/wiki/Argon2) (Key Derivative Function, for KDBX4 only): Argon2 is a memory-hard function that offers better resistance against GPU cracking attacks compared to AES-KDF. Argon2 was the winner of the Password Hashing Competition in 2015.
-
-[AES-KDF](https://keepass.info/help/kb/kdbx_4.html#intro) (Key Derivative Function, for KDBX3 only): AES-KDF is a key derivative function based on AES. This method was previously used for the KDBX3 database format, but has since been replaced by Argon2 for KDBX4. This is partly because AES-KDF is not memory-hard, which makes it easier to crack for an attacker using modern technologies.
-
-![Screenshot from the iOS app showing the Encryption Settings.](../assets/images/keepassium-review/keepassium-encryptionoptions.webp){width="400"}
-
-## :octicons-apps-16: Usage and Features
-
-Once solid security and privacy protections have been confirmed, the second important part of a good password manager is how easy it is to use and the features it offers.
-
-In this regard, KeePassium excels again. Not only does KeePassium offer the features users familiar with KeePass-compatible applications will recognize, but importantly, it implements these features with a polished user interface and obvious consideration for accessibility and user experience.
-
-### Starting with KeePassium on iOS
-
-Installing the app from the App Store is a smooth process. Once installed, make sure to go in Apple's "Settings" > "KeePassium" > "Siri & Search" and disable the Siri options you are not using. Apple very annoyingly puts them all on by default for each new app installed.
-
-Additionally, you can follow KeePassium's [instructions](https://keepassium.com/privacy/app/) from its Privacy Policy to opt out of other Apple settings related to KeePassium.
-
-After installing the app, KeePassium will guide you step-by-step to set up an application PIN (you can also enable application lock with biometrics), and import or create a new database.
-
-If you are not familiar with it already, it's a good idea to read each popup from the welcome screen.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the Welcome page after installation.](../assets/images/keepassium-review/keepassium-startwelcome.webp)
-
-![Screenshot from the iOS app showing the page giving options to either create a new database, add an existing database, or connect to a server.](../assets/images/keepassium-review/keepassium-startdatabase.webp)
-
-</div>
-
-<div class="admonition tip" markdown>
-<p class="admonition-title">Secure the application properly</p>
-
-When prompted to select a Passcode to lock the application (which is different from the main password to secure your database), you will have the option to switch from the numeric keypad to a full alphanumeric keyboard. This is recommended to set up a stronger Passcode to protect the application, where your database(s) might be kept unlocked if you choose this option.
-
-</div>
-
-If you create a new database to store your passwords, make sure to choose a [strong main password](https://www.privacyguides.org/en/basics/passwords-overview/#passwords) (or "Master Key") that is *unique*, *complex*, and *long*.
-
-KeePassium will guide you to determine if your main password is sufficiently strong. However, the app cannot know if you have used this password before, so you should make sure that you haven't and this main password is unique.
-
-<div class="admonition danger" markdown>
-<p class="admonition-title">Be careful to remember your main password!</p>
-
-This is the only password that cannot be stored in your password manager, so it's important to secure it properly and also ensure you can **remember it well**.
-
-Due to the nature of end-to-end encryption, there is no way for KeePassium to recover a lost password. Not remembering your main password could mean **getting locked out of your password database permanently**.
-
-</div>
-
-After creating a new database, you will be prompted to unlock it with your new main password ("Master Key").
-
-![Screenshot from the iOS app showing the New Database section.](../assets/images/keepassium-review/keepassium-newdatabase.webp){width="400"}
-
-After you have either created or imported a database, you are ready to explore KeePassium's features.
-
-### Starting with KeePassium on macOS
-
-To download KeePassium on macOS, you will need to go through Apple's App Store. Alternatively, you could also [build](https://github.com/keepassium/KeePassium) the application from the source code, but that is an entirely different process.
-
-![Screenshot from Apple's App Store on macOS showing the KeePassium page.](../assets/images/keepassium-review/keepassium-appstoremac.webp)
-
-Installing the application is a breeze, and the macOS app shares the same welcome sections and features the iOS version has, with a slightly different format.
-
-![Screenshot from the macOS app showing the Welcome page after installation.](../assets/images/keepassium-review/keepassium-startwelcomemac.webp)
-
-The application will guide you to either create or import a database, then you will recognize the same features described below for the iOS version.
-
-![Screenshot from the macOS app showing the New Database section.](../assets/images/keepassium-review/keepassium-newdatabasemac.webp)
-
-### Accessibility
-
-There are a few great accessibility features with KeePassium. First, KeePassium fully works with Apple's VoiceOver. To enable it on iPhone, you can go in the iOS "Settings" > "Accessibility" > "VoiceOver" and enable "VoiceOver".
-
-Second, from the KeePassium app you can tap on the "Settings" gear button on the lower-right to access the "Appearance" menu. From there, you will see a sliding option to adjust the entry's text size. This will change the size of the text in all entries' sections. You also have the option to change the font type from there.
-
-Additionally, when tapping on a Password in an entry section, you can quickly tap on the magnified "a" button (while the blue "Copied" overlay appears) to display the password in large font, with each character separated in an indexed table.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the Appearance page from the Settings with the Text Size option.](../assets/images/keepassium-review/keepassium-textsize.webp)
-
-![Screenshot from the iOS app showing an entry's password selected with the large font option, which displays each character from a password in a separate indexed box.](../assets/images/keepassium-review/keepassium-largeindexedfont.webp)
-
-</div>
-
-### Security features
-
-In the "Access Control" category of "Settings", there are some important options to customize the app's security features:
-
-#### App Protection
-
-This section gives options to secure the application itself. It includes using the device's biometric lock instead of the app's Passcode, changing the app's Passcode, and choosing when the app gets locked.
-
-#### Data Protection
-
-This section gives options to enable or disable if the database(s)' main password(s) is remembered locally in the device's secure keychain, or if it must be re-entered each time to unlock a database. It also allows you to choose when (if remembered) the database will lock itself again, how long to keep data (including copied passwords) in the device's clipboard, and other security preferences.
-
-A fun (and useful) feature you will find there is that you can decide what happens when the device is "shaken". This can be an important security feature for people in sensitive situations.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the App Protection page from the Settings.](../assets/images/keepassium-review/keepassium-appprotection.webp)
-
-![Screenshot from the iOS app showing the Data Protection page from the Settings.](../assets/images/keepassium-review/keepassium-dataprotection.webp)
-
-</div>
-
-#### Protection against weak passwords
-
-When first creating a database, KeePassium will indicate if the main password chosen is too weak and display a warning.
-
-This is an important security feature because **a database is only as protected as the strength of its main password**. It goes without saying the main password for a database should always be *unique* (has never been used elsewhere), *complex* (uses a variety of character types), and *long* (is long enough to not be vulnerable to brute-force attacks).
-
-Passwords chosen for each entry will also display an indicator of strength under each field.
-
-#### YubiKey support (Premium)
-
-For users with Premium plans, KeePassium offers [support for YubiKey](https://www.yubico.com/works-with-yubikey/catalog/keepassium/) to add extra protection to a database using the challenge-response implementation.
-
-The same feature is available on KeePassXC on desktop. For more details on this, you can check our [tutorial for KeePassXC](installing-keepassxc-and-yubikey.md), or our tutorial on [how to set up and back up a YubiKey](yubikey-reset-and-backup.md)'s challenge-response.
-
-#### Passwords audit (Premium)
-
-KeePassium offers to audit database's passwords for potential leaks. This feature works by comparing an obfuscated version of a password with the [Have I Been Pwned](https://haveibeenpwned.com/) service. The password is never shared externally during this process. This is helpful information to get an early warning and change a compromised password before the exposed account is attacked.
-
-### Groups and Smart Groups
-
-Before starting to add entries to a new database, it's a good idea to explore the Groups and Smart Groups features. Groups are directories that can be created inside a database to separate categories of passwords.
-
-Smart Groups are simply Groups created from a search query. If you imported a database already full of passwords, you might not feel like sorting them manually. Smart Groups will help to create Groups using queries to [categorize](https://support.keepassium.com/docs/smart-groups/) entries automatically. This can be very convenient to organize larger databases.
-
-When creating a new database, KeePassium will suggest some Groups, which you can be used as provided, changed, or deleted. To add a new Group or Smart Group, tap on the 3-dot button on the upper-right from inside a database and select "New Group" or "New Smart Group".
-
-![Screenshot from the iOS app showing different groups created within a database.](../assets/images/keepassium-review/keepassium-groups.webp){width="400"}
-
-<div class="admonition info" markdown>
-<p class="admonition-title">Separate databases vs Groups</p>
-
-Using separate databases for different categories of passwords, for example one database for personal passwords, work-related passwords, and family-shared passwords is a good idea because it takes advantage of compartmentalization to add extra security and privacy.
-
-Each database will have its own main password, and if one database were to get compromised, the others might still be protected. KeePassium's free plan only allow to use *one* database at the time, however.
-
-Groups mainly serve to organize passwords and do not provide any additional security, privacy, or portability like separate databases do. For free plan users, Groups can still be a great feature to separate passwords when it isn't a security issue to encrypt them all together using a same main password.
-
-</div>
-
-### Entry options
-
-Once inside a database, users can add a new entry there or first create/enter a Group directory. To create a new entry, tap on the 3-dot menu on the upper-right, then select "New Entry".
-
-Each New Entry section will include a field for the entry's name, choice of icon (or option to download the service's favicon), "User Name", "Password", "URL", "Tags", "Notes", and option to "Set up one-time password (OTP)".
-
-Tapping the plus-sign button at the top will create a new custom text field for an entry. Enabling the "Protected Field" option on the lower-right will hide this field as if it was a password field. That being said, all fields from an entry will be fully encrypted with the database.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing a New Entry page with various empty fields.](../assets/images/keepassium-review/keepassium-newentry.webp)
-
-![Screenshot from the iOS app showing the page within a Group with four different entries.](../assets/images/keepassium-review/keepassium-entries.webp)
-
-</div>
-
-An entry section from macOS:
-
-![Screenshot from the macOS app showing an entry section with the "User Name", "Password", "URL", "Tags", and "Notes" fields filled.](../assets/images/keepassium-review/keepassium-entrymac.webp)
-
-Finally, to edit, move, copy or delete an entry on iOS, a long press over its name from the directory will show these options. Swiping left on a password entry will also show the edit and delete options.
-
-![Screenshot from the iOS app showing the options Edit, Move, Copy, and Delete when long-pressing on a listed entry.](../assets/images/keepassium-review/keepassium-moveentry.webp){width="400"}
-
-### Password generator
-
-Conveniently, KeePassium includes a password generator. This is a common feature for password managers, and KeePassium implements this feature very well.
-
-The generator can be used from either the die-shaped button on the right of every password field, the tool-shaped button menu on the lower-left from inside a database selecting "Random Generator", or the die-shaped button on the lower-left from the "Databases" section. The latter is a nice touch if you ever need to generate a random string while your database is locked.
-
-Each time you open the Random Generator, it will automatically generate new random strings for all 3 modes: Basic, Expert, and Passphrase.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the tool menu from within a database. The menu shows options for "Random Generator", "Password Audit", "Download Favicons", "Print", "Change Master Key", "Encryption Settings", and "Lock Database".](../assets/images/keepassium-review/keepassium-databaseoptions.webp)
-
-![Screenshot from the iOS app showing the Random Generator page that displays three random passwords for "Basic", "Expert", and "Passphrase".](../assets/images/keepassium-review/keepassium-generator.webp)
-
-</div>
-
-The Random Generator can also be customized. To customize each mode, tap on the gears-shaped button on the upper-right of the generator and change the mode to adjust the parameters for each. The app will remember the parameters every time it is used.
-
-The customization for Passphrase does not include the options for "MIXED" case at this time, however, considering this option was just added to KeePassXC last month, maybe it will be added to KeePassium as well in the near future.
-
-![Screenshot from the macOS app showing the Random Generator page that displays the options to adjust for generated passphrase.](../assets/images/keepassium-review/keepassium-generatormac.webp)
-
-### One-Time Password (OTP)
-
-KeePassium offers the option to store one-time password codes with each entry. This can be a convenient way to manage second-factor of authentication, and keep these codes stored locally only.
-
-However, this can also introduce additional risks. If a database file was to get compromised at some point, it would also compromise all the OTP codes within it, making this second-factor protection useless against an attack of the whole database.
-
-If this isn't a risk you are concerned with, then KeePassium's OTP can be a useful feature.
-
-OTP codes are easy to set up and can be entered manually or using a QR code. Once set up, the code will be displayed as a field in the entry. Tap on it to copy it.
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing an entry for Mastodon Social with all credential fields filled, and an arrow pointing at a One-Time Password code.](../assets/images/keepassium-review/keepassium-otp.webp)
-
-![Screenshot from the iOS app showing an Entry page with the option to "Set up one-time password (OTP)" selected at the bottom and displaying a menu with the options "Scan QR code" and "Enter manually".](../assets/images/keepassium-review/keepassium-otpentry.webp)
-
-</div>
-
-### AutoFill
-
-Depending on your usage, AutoFill can be an important feature for a password manager. AutoFill will allow KeePassium to recognize a login page and automatically fill all in the login credentials.
-
-To ensure AutoFill works smoothly, it's important to enter the correct website URL for each entry, specifically the page's URL where the credentials will be required.
-
-Ultimately, it's possible some websites will just not work with KeePassium's AutoFill. Some [issues](https://github.com/keepassium/KeePassium/issues/405) have been experienced while testing the app for this review. If you experience the same issue with a website, you can simply copy-paste the credentials manually in each corresponding field.
-
-<div class="admonition failure" markdown>
-<p class="admonition-title">AutoFill issues for some websites</p>
-
-A possible cause of AutoFill issues can be an incorrect entry URL that isn't the proper "Caller ID". To troubleshoot this, you can consult KeePassium's helpful [instructions](https://support.keepassium.com/kb/autofill-matching/) here.
-
-</div>
-
-#### AutoFill for iOS
-
-When set up correctly on iOS, a "Passwords" button should appear above the keyboard for websites where credentials have been stored in your database. If it doesn't, this could mean AutoFill was not set up properly from the [iOS Settings](https://support.keepassium.com/kb/autofill-setup-ios/).
-
-![Screenshot from a mobile browser with the login page for mastodon.social displaying empty credential fields and iOS showing a "Passwords" button over the keyboard.](../assets/images/keepassium-review/keepassium-autofill.webp){width="400"}
-
-#### AutoFill for macOS
-
-There isn't a browser extension available for KeePassium on macOS. The desktop AutoFill feature integrates with the system as a [credential provider](https://www.reddit.com/r/KeePassium/comments/1isvjjd/comment/mdsbwwc/). Browser implementation depends on how each browser integrates this function. The desktop AutoFill feature does work flawlessly with Safari.
-
-To set up AutoFill for KeePassium, you will have to enable it from the [macOS Settings](https://support.keepassium.com/kb/autofill-setup-macos/). KeePassium will guide you through the process with clear instructions to follow:
-
-![Screenshot from the macOS app showing a setting popup to "Uncheck Keychain" with the option to enable KeePassium instead.](../assets/images/keepassium-review/keepassium-autofillmac.webp)
-
-Once enabled, every website with a corresponding URL in your database will display a small key icon on the right of the credential fields.
-
-![Screenshot from Safari showing the cryptpad.fr login page and a key icon on the right of the Username empty field, with the option on the left to select either KeePassium or Keychain to fill the credentials.](../assets/images/keepassium-review/keepassium-loginsafarimac.webp)
-
-Despite lacking a browser extension, integration with Safari and the macOS ecosystem works smoothly, and it will work with applications that aren't browsers as well.
-
-![Screenshot from the ProtonDrive login popup in macOS showing a menu over the Password field to select either KeePassium or Keychain to fill the credentials.](../assets/images/keepassium-review/keepassium-loginappmac.webp)
-
-### Backups
-
-Backing up your database is essential with any KeePass-compatible app. Because there is no remote backup automatically stored by the application, you become responsible for protecting this data properly.
-
-KeePassium offers many options to help users back up their databases.
-
-#### Enable backup copies
-
-The option to back up local copies automatically will be enabled by default. You can disable it if you prefer (ideally not), or enable the option to "Show Backup Files" in "Settings" > "Database Backup". You can also adjust for how long you wish to keep the local backups (the default value is 2 months).
-
-#### Exclude from iCloud/iTunes
-
-There is an important feature to exclude your database file and KeePassium's backups of your database from your device's iCloud or iTunes backups. If you do not trust Apple with your encrypted database, you should enable this everywhere (excluding from iCloud/iTunes is disabled by default).
-
-If your database is stored locally (you might not see the option otherwise): From the "Databases" page, tap on the 3-dot button right to your database name (not the *circled* 3-dot button at the top, the one below). Then tap on "File Info" and *enable* the option "Exclude From iCloud/iTunes Backup" to make sure your database file stays outside your device's iCloud or iTunes backups.
-
-Secondly, to also exclude the backups created by KeePassium, inside a database tap on the "Settings" gear button on the lower-right, then "Database Backup", and *enable* "Exclude Backup Files from System Backup".
-
-<div class="grid" markdown>
-
-![Screenshot from the iOS app showing the File Info page for a database, with the "Exclude From iCloud/iTunes Backup" option enabled in green.](../assets/images/keepassium-review/keepassium-fileinfo.webp)
-
-![Screenshot from the iOS app showing the Database backup page from Settings with the "Exclude Backup Files from System Backup" option enabled in green.](../assets/images/keepassium-review/keepassium-backup.webp)
-
-</div>
-
-You will find the same option on macOS:
-
-![Screenshot from the macOS app showing the File Info for a database, with the "Exclude From iCloud/iTunes Backup" option enabled in yellow.](../assets/images/keepassium-review/keepassium-fileinfomac.webp)
-
-#### Auto-delete backup files
-
-You can choose the backup files to get deleted automatically after a certain period of time. For this, go to "Settings" then the "Database Backup" again, and scroll down to "Keep Backup Files". Select a retention period that is secure for your threat model. You can also tap on "Delete ALL Backup Files" below to delete all backups at any time.
-
-#### Manual backups
-
-Finally, you can simply back up your database `.kdbx` file manually. For this you have the options to transfer the file from KeePassium via cable, cloud storage, local network, AirDrop, email, or even Signal's [Note to Self](https://support.signal.org/hc/en-us/articles/360043272451-Note-to-Self)!
-
-To [transfer](https://support.keepassium.com/kb/database-transfer/) your database file entirely offline to another Apple device, connect your device together via USB cable and follow these [instructions](https://support.apple.com/en-gb/guide/mac-help/mchl4bd77d3a/mac).
-
-If you stored your database locally on iPhone, you will find the file in Apple's "Files" > "On My iPhone" > "KeePassium". From there, you can long press the file to see options to move or share it.
-
-![Screenshot from the iOS Files showing the menu from a long-press over the local database file with the option to "Move" the file circled.](../assets/images/keepassium-review/keepassium-movedatabase.webp){width="400"}
-
-#### Restore database from backup
-
-If you encounter any errors while managing your database, you can always restore it from a backup. Keeping multiple backup versions is a good idea to ensure you always have a functional file. Glitches and bugs are more likely to happen if you handle your database in unusual ways, with other software that may not have been tested for this usage yet.
-
-Restoring a database in KeePassium is a very straightforward operation. In the "Databases" section, tap on the 3-dot button on the upper-right, then select "Show Backup Files", if it isn't already on. Follow KeePassium's [instructions to restore](https://support.keepassium.com/kb/restore-backup/) a previous version.
-
-### Synchronization and direct connection
-
-While you can use KeePassium entirely offline, the app also offers options to synchronize your database with other KeePassium installations or other KeePass-compatible applications.
-
-There are two ways to do this. You can either simply store your database file in a cloud service of your choice and let KeePassium access this file, or you can use KeePassium's direct connection with certain cloud providers.
-
-You can see these two options from the app in "Settings" > "Network Access". From there, you have the option to select "Stay Offline", for maximum privacy, or "Allow Network Access", for maximum functionality.
-
-Whether you choose simple file synchronization or a direct connection, you can consult [this list](https://support.keepassium.com/kb/sync/) of cloud storage providers that have been tested by the KeePassium team and users to determine if your provider is supported.
-
-#### Stay offline, and synchronize through a cloud provider (recommended)
-
-This is KeePassium's [recommended method](https://keepassium.com/articles/cloud-sync-sandboxing/) to synchronize your database file(s) while maximizing privacy and minimizing external accesses. By default, KeePassium will remain offline, but you can store your database file with a cloud provider of your choice.
-
-This way, your cloud provider will manage the network communication, and KeePassium will only take care of decrypting your database. Because of system-enforced sandboxing, KeePassium will not have access to anything else on your cloud storage, only the database file(s) your have granted it access to.
-
-For example, you can store your database file on a cloud storage of your choice, then open it from KeePassium for iOS and also from KeePassXC on desktop. Both applications will access and manage the same file, therefore synchronizing your database.
-
-Be careful however when modifying your database. If synchronization isn't handled properly, this could cause errors that could corrupt your file. This is why it's important to test your setting first, and a good practice to keep a backup in a secure secondary location.
-
-![Screenshot from the iOS app showing the Network Access page with the option "Stay Offline" selected.](../assets/images/keepassium-review/keepassium-offline.webp){width="400"}
-
-<details class="example" markdown>
-<summary>Synchronization through Proton Drive</summary>
-
-Proton Drive isn't part of the recommended and tested list of cloud providers for KeePassium. However, it was briefly tested during this review.
-
-Between KeePassium iOS and KeePassXC on desktop, some synchronization was possible through Proton Drive, but with mixed results.
-
-To make it work, first the Proton Drive app needed to stay unprotected by a PIN or biometrics, which isn't ideal if you have other sensitive files on this drive. There was also some delay to sync the database between mobile and desktop, and a few bugs occurred while testing.
-
-That being said, synchronization was *possible* through Proton Drive between KeePassium for iOS and KeePassXC on desktop, but maybe not recommended. If you choose this setup for yourself, it is *strongly* recommended to conduct adequate testing first using a dummy database, and once set up with your actual database, to keep a secondary backup in a separate location.
-
-Testing couldn't make synchronization work between KeePassium iOS and KeePassium macOS through Proton Drive. Issues seem to come from conflict resolutions on the Proton Drive side. Of course, because Proton Drive isn't even listed by KeePassium as a supported storage, this was simply conducted as an experiment and not an expectation.
-
-Because many of our readers might use Proton Drive as a cloud provider, just be aware it probably isn't a usable synchronization solution at this time.
-
-Using Proton Drive to simply back up a password database file manually without synchronization is still a viable option, however.
-
-</details>
-
-#### Allow network access, to connect directly from KeePassium
-
-In 2022, KeePassium added direct connection options for certain cloud storage providers as a workaround solution for providers that were not integrating well with the system. This should however be a secondary choice only, as it will have some downsides for your data privacy.
-
-You can find this option from the "Data Encryption" welcome window at the start where you can either create a database, import a database, or "Connect to Server".
-
-Although KeePassium will only use what is necessary for this functionality, it [will access](https://keepassium.com/privacy/app/#direct-connections) more data than with the "Stay Offline" synchronization option. The data used for this functionality will however remain between your device and the cloud provider.
-
-#### Supported cloud storage providers
-
-KeePassium offers full support for iCloud Drive, Box, Dropbox, Google Drive, OneDrive, Resilio Sync, Nextcloud, SFTP / WebDAV, and limited support for Mega and Cryptomator.
-
-You might be able to make it work with cloud providers that aren't listed here. However, if you decide to use a provider that isn't fully supported, make sure to properly test your setup with a dummy database first.
-
-### Additional features
-
-This review focused testing on the most commonly used features that are accessible from a free plan. Nonetheless, KeePassium offers many more features, and additional ones for paid plans. Here's a summary of some other interesting features that have not been covered yet:
-
-#### Passkeys
-
-Since December 2024, KeePassium added [support](https://keepassium.com/blog/2024/12/keepassium-2.0/#passkey-support) for passkeys with its 2.0 release.
-
-#### Family sharing (Premium)
-
-You can use Apple's Family Sharing feature to [share](https://support.keepassium.com/kb/family-sharing/) your KeePassium paid license with your family members.
-
-#### Multiple databases (Premium)
-
-With a paid plan, it's possible to create or import multiple databases with KeePassium. This can be very convenient if you use a separate database for work and for your personal life, for example.
-
-#### Printing database
-
-KeePassium has a quick option to print an entire database in plain text, in an easy-to-read format. If this is secure for you, it can be a convenient way to keep a backup paper copy of all your passwords in case of emergency (or for inheritance purposes).
-
-To do this, while inside your database tap on the tool-shaped button on the lower-left, then select "Print". Of course make sure to secure this printed data *very well*, as it could be your weakest link.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Important security warning!</p>
-
-Depending on your printer's settings, you should be *very careful* when using the print function. This data will be sent in plain text to your printer, and even perhaps through a network (depending on your printer's settings).
-
-This **can represent a very high security risk**, depending on your printer setup and situation. The file with your plain text passwords could also remain stored in the printer's queue!
-
-The print function can be [disabled](https://support.keepassium.com/docs/mdm-appconfig/#allowDatabasePrint) for users with a Business license.
-
-</div>
-
-![Screenshot from the iOS app showing a preview to print a database file in plain text. The file lists the database name at the top, then each group, and within each group all entries' credentials including usernames, passwords in plain text, URL, and notes.](../assets/images/keepassium-review/keepassium-print.webp)
-
-#### Read-only database
-
-You can protect a database from accidental changes by enabling this option. This will prevent any entries from being added, removed, or modified.
-
-It can be very useful if you have installed the app for someone who isn't comfortable with technology and want to make sure they cannot inadvertently delete an entry, for example.
-
-To enable it from KeePassium on iOS, go to the "Databases" section, long press on your database file, select "Database Settings", then enable "Read Only" at the top.
-
-#### File storage (attachments)
-
-You can use your database to store files!
-
-It's probably best to stay reasonable with this because files will quickly make your database very heavy. This could significantly slow down the encryption and decryption processes.
-
-That being said, it's a great way to store more sensitive files securely. The files will be encrypted with your database.
-
-You can either add files to an entry already created, or create a new entry named "Files" (or anything else you wish) to store all of your files together.
-
-To add a file, select the paperclip-icon tab at the top of an entry, then tap the plus-sign button at the bottom. Your files (attachments) will be accessible from any other KeePass-compatible application, like KeePassXC for example.
-
-![Screenshot from the macOS app showing the section tab within an Entry to add and view attachment files.](../assets/images/keepassium-review/keepassium-attachmentmac.webp)
-
-Interestingly, KeePassium even uses a quite decent PDF viewer on iOS:
-
-![Screenshot from the iOS app showing a preview for a PDF file, in this case the document for Privacy by Design by Ann Cavoukian.](../assets/images/keepassium-review/keepassium-pdfviewer.webp){width="400"}
-
-## :material-thumb-up-outline: Nice to have
-
-- You can see what was added, changed, or fixed for each KeePassium version from "Settings" in the "What's New" section.
-
-- You can change the KeePassium and database icons from "Settings" > "Appearance" > in "App Icon" and "Database Icons".
-
-- KeePassium has [excellent documentation](https://support.keepassium.com/)! This is handy to learn about features or to troubleshoot if you encounter any errors.
-
-- You can see the full credits for the app from "Settings" in the "About KeePassium" section.
-
-<div class="admonition question" markdown>
-<p class="admonition-title">Check the credits!</p>
-
-KeePassium not only credits its direct contributors but also lists credits for each graphics, code, and encryption algorithms used. You will find the same list of credits on KeePassium's GitHub [page](https://github.com/keepassium/KeePassium?tab=readme-ov-file#author-and-credits). This is a wonderful idea that more software should get inspired by.
-
-</div>
-
-## :material-thumb-down-outline: Downsides
-
-Even if KeePassium is a great secure application that is easy and pleasant to use, there are still a few downsides that should be mentioned:
-
-- People with older versions of iOS or macOS will unfortunately not be able to use the application at all.
-
-- KeePassium only works in the Apple ecosystem, and there are no versions for other systems at this time.
-
-- If you are using a cloud provider that doesn't work smoothly with KeePassium and you need synchronization, you will unfortunately need to synchronize your database manually or change your cloud storage provider.
-
-- AutoFill on iOS might not work for every account. This can be an inconvenience depending on your usage and which of your accounts (if any) are impacted.
-
-- AutoFill on macOS might not work with your favorite browser (if it isn't Safari).
-
-## :octicons-key-16: Conclusion
-
-Overall, KeePassium is a privacy-focused, offline-first application, that has clearly prioritized user experience and user interface, while not neglecting security and privacy.
-
-When used with the basic and supported settings, it works fairly smoothly and allows enough customization to adapt to a variety of user needs and situations.
-
-The fact that KeePassium allows full compatibility with most other KeePass-compatible applications is an immense benefit compared to proprietary password managers.
-
-If you already keep your database in the KeePass file format, there are no downsides in trying KeePassium. If you aren't using this database format yet, this is a great opportunity to start and free yourself from locked-in systems that secure your precious passwords with obscurity rather than with openness.
-
-<small aria-hidden="true">Unless credited otherwise, all screenshots from: Privacy Guides</small>

blog/posts/monero-server-using-truenas.md

@@ -1,362 +0,0 @@
----
-date:
-    created: 2025-06-12T18:15:00Z
-categories:
-    - Tutorials
-tags:
-    - Self-Hosting
-    - Cryptocurrency
-    - TrueNAS
-authors:
-    - justin
-description: In this guide, we will walk you through setting up a very powerful Monero server on TrueNAS.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/monero-server-using-truenas/cover.webp
----
-# Creating a Tricked-Out Monero Server with TrueNAS
-
-![A cover image for this post showing an illustration of a NAS and stacks of coins imprinted with the Monero logo](../assets/images/monero-server-using-truenas/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-In this guide, we will walk you through setting up a very powerful [Monero](https://www.privacyguides.org/en/cryptocurrency/#monero) server on TrueNAS. By completing these steps, you will be able to connect to your own self-hosted Monero node with the official Monero wallet and Cake Wallet, and you will be able to connect to your own self-hosted Monero LWS server with Edge Wallet and MyMonero.<!-- more -->
-
-<div class="admonition note" markdown>
-<p class="admonition-title">Guest Contributor</p>
-
-Please welcome Justin Ehrenhofer as a first-time guest contributor! Justin is the president of MAGIC Grants, a nonprofit which supports public cryptocurrency infrastructure and promotes privacy, and operates as Privacy Guides' [fiscal host](privacy-guides-partners-with-magic-grants-501-c-3.md). Privacy Guides does not publish guest posts in exchange for compensation, and this tutorial was independently reviewed by our editorial team prior to publication.
-
-</div>
-
-This guide assumes that you are using TrueNAS for the first time. TrueNAS is an open-source operating system that is meant to function primarily as a NAS, and it supports running arbitrary Docker apps. [MAGIC Grants](https://magicgrants.org) spent the last few months making dedicated apps on the TrueNAS store to make this setup process simpler than starting from scratch.
-
-## Advantages of Running Your Own Node
-
-Monero is a cryptocurrency with strong privacy properties by default, and it is the only cryptocurrency currently [recommended](https://www.privacyguides.org/en/cryptocurrency/) by Privacy Guides.
-
-Despite Monero's privacy protections, your wallet needs to communicate with the rest of the Monero network. There are two main options:
-
-1. Connecting to someone else's node; or
-2. Connecting to your own node.
-
-By connecting to your own node, you do not need to reveal when you are using your wallet and what transactions you send to the node operator.
-
-By following this guide, your transaction broadcasts will be protected with the Tor and/or I2P [networks](https://www.privacyguides.org/en/alternative-networks/).
-
-In short, if you *can* run your own node, you *should* run your own node.
-
-## Hardware/Software Recommendations
-
-* A spare machine (e.g., an old desktop computer) with:
-    * One or more SSDs with >100 GB of free space
-    * 4+ CPU cores
-    * 4GB+ of RAM
-    * TrueNAS already installed
-* A domain name (optional, for encrypted clearnet connections)
-
-It's possible to undercut these recommendations, but please don't do that to yourself.
-
-## What We Will Set Up
-
-All of these applications are optional. You can set up nearly any combination of these. For example, you can skip just the I2P app if you don't plan to use I2P.
-
-| Software | Description | Purpose |
-| -------- | -------- | -------- |
-| Arti | A [Tor](https://www.privacyguides.org/en/advanced/tor-overview) client written in Rust. | Connect to Tor nodes, broadcast transactions over Tor, and connect to TrueNAS apps over Tor. |
-| Java I2P | The officially distributed app to connect to the [I2P network](https://www.privacyguides.org/en/alternative-networks/#i2p-the-invisible-internet-project). | Connect to I2P nodes, broadcast transactions over I2P, and connect to TrueNAS apps over I2P. |
-| Monero Node | The officially distributed app for communicating with the Monero network. | The app provides the necessary information to send and receive Monero transactions. Most wallets (including the official Monero wallets and Cake Wallet) connect to Monero nodes. |
-| Monero-LWS | A "**L**ight**w**eight **S**erver" that allows "lightweight" wallets to send and receive Monero transactions. | Lightweight Monero wallet apps (including Edge Wallet and MyMonero) can connect to this server so that the wallet itself does not need to scan/sync Monero history; the server handles this scanning/syncing. |
-
-## Configure TrueNAS Storage
-
-We will configure storage for the Monero blockchain, and we will use default storage settings for other purposes. If you are an advanced user, you can configure the storage yourself.
-
-### Create a Monero Pool
-
-In TrueNAS, a pool is a collection of hard drives for a specific use-case. For simplicity, we will configure the entirety of a single SSD for Monero's use.
-
-1. Click **Storage**.
-2. Click **Create Pool**.
-3. Type `monero-pool` for the name. Leave encryption disabled (this will only store public blockchain data). Click **Next**.
-4. Choose the layout that you will be using. We will pick **Stripe** in this guide.
-5. Select the entire storage space for the SSD. Click **Next**.
-6. Skip all the remaining options for metadata, log, cache, spare, and dedup. Keep clicking **Next**.
-7. Finish creating the pool by clicking **Create Pool**.
-
-### Create a Monero Dataset
-
-A dataset is effectively a folder inside a pool. We will make one folder for the Monero blockchain data:
-
-1. Click **Datasets**.
-2. Click on the `monero-pool` pool.
-3. Click **Add Dataset**.
-4. Set the name to `monero-blockchain`
-5. Set the dataset preset to **Apps**.
-6. Click **Save**.
-
-![Screenshot showing the Datasets list in TrueNAS](../assets/images/monero-server-using-truenas/01-datasets.webp)
-
-Next, we will assign the ownership of that folder to the `apps` user:
-
-1. While the `monero-blockchain` dataset is selected, click **Edit** under Permissions.
-2. At the top, change the **Owner** and **Owner Group** from `root` to `apps`.
-3. Check the boxes for **Apply Owner** and **Apply Group**.
-4. Check **Apply permissions recursively**.
-5. Click **Save Access Control List**.
-
-![Screenshot showing the ACL settings for monero-blockchain](../assets/images/monero-server-using-truenas/02-edit-acl.webp)
-
-## Configure Arti (Tor)
-
-<div class="admonition example" markdown>
-<p class="admonition-title">Experimental software</p>
-
-Arti is experimental software. At the time of writing, Arti should not be used for privacy-critical applications. Connecting to your own Monero node is "low risk" in most circumstances. However, if you have very sensitive requirements you should not use Arti until it has been tested further by the community. By using Arti today, you are helping to make Arti better!
-
-</div>
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Arti`. Click on the **Arti** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Hidden Services**, click **Add**. For each of the functions below that you want to support, create a new hidden service:
-    1. Monero Node (for incoming P2P connections)
-        1. Name: `monerodp2p`
-        2. App Port: `18084`
-        3. Hidden Service Port: `18084`
-    2. Monero Node (for incoming RPC (wallet) connections)
-        1. Name: `monerodrpc`
-        2. App Port: `18089`
-        3. Hidden Service Port: `18089`
-    3. Monero LWS
-        1. Name: `monerolws`
-        2. App Port: `18090`
-        3. Hidden Service Port: `18090`
-6. Leave the other settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, click on the shell icon under Workloads and to the right of `arti – Running` (not `config` or `perms`).
-
-![Screenshot showing how to click the Arti shell icon](../assets/images/monero-server-using-truenas/03-arti-shell.webp)
-
-In the shell, type the command `arti hss --nickname monerodp2p onion-address`. This will return a string that ends in `.onion`. In notepad, Excel, or another app, save the `.onion` address and the service it is associated with (`monerodp2p`). You might need to copy from the shell with ++ctrl+ins++.
-
-![Screenshot showing the command and response to get the onion address](../assets/images/monero-server-using-truenas/04-arti-shell.webp)
-
-Do this again for the following two commands as well:
-
-```console
-arti hss --nickname monerodrpc onion-address
-arti hss --nickname monerolws onion-address
-```
-
-You should have three saved and unique `.onion` addresses.
-
-## Configure I2P
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `I2P`. Click on the **I2P** app.
-4. Click **Install**. This will pull up a form.
-5. Change the **Port Bind Mode** for **I2P HTTP Proxy Port** to `None`.
-6. Change the **Port Bind Mode** for **I2P HTTPS Proxy Port** to `None`.
-7. To the right of **Additional Ports**, click **Add**.
-8. In the newly exposed fields, set the Port Number as `4447`.
-9. In the same newly exposed fields, set the Container Port as `4447`.
-10. Leave the other settings as default. Click **Install**.
-
-![Screenshot showing the I2P installation settings](../assets/images/monero-server-using-truenas/05-i2p-install.webp)
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, open a browser and direct it to the I2P configuration wizard. This is available at `<hostname>:7657`, for example `192.168.1.100:7657`.
-
-Complete the initial I2P wizard using the default settings.
-
-### Create I2P SOCKS Proxy
-
-1. Click **Local Tunnels**.
-2. Click on the I2P HTTP Proxy.
-3. Uncheck **Automatically start tunnel when router starts**.
-4. Click **Save**.
-5. To the right of the I2P HTTP Proxy, click **Stop**.
-6. Click on the I2P HTTPS Proxy.
-7. Uncheck **Automatically start tunnel when router starts**.
-8. Click **Save**.
-9. To the right of the I2P HTTP Proxy, click **Stop**.
-10. At the bottom and to the right of **New client tunnel:**, change the type in the dropdown from `Standard` to `SOCKS 4/4a/5` and click **Create**.
-    1. Set the name as `monerod`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the Access Point **Port** to `4447`.
-    4. Set **Reachable by** to `0.0.0.0`.
-    5. Click **Save**.
-
-### Create I2P Hidden Services
-
-There is an optional step below to reduce the hidden service tunnel length from the default of 3 to 1. This will substantially increase the reliability of the server at the cost of anonymity.
-
-However, the server's connection to the I2P network for connecting to Monero wallets and the rest of the Monero network is typically not sensitive, unless you want to completely conceal that you are running a Monero node. Thus, most users will prefer the higher performance of the shorter tunnel length.
-
-We do not recommend shortening the tunnel lengths for the I2P SOCKS Proxy (in the previous section above) on the other hand, since transaction broadcasts tend to be sensitive.
-
-1. Under **I2P Hidden Services** and to the right of **New hidden service:**, change the type in the dropdown from `HTTP` to `Standard` and click **Create**.
-    1. Set the name as `monerodp2p`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18085`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-2. Create another `Standard` hidden service.
-    1. Set the name as `monerodrpc`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18089`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-3. Create another `Standard` hidden service.
-    1. Set the name as `monerolws`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18090`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-
-You will see the three I2P Hidden Services that you configured. Under each, you will see a `.b32.i2p` address after **Destination:**. You will need to use the destination `.b32.i2p` addresses in later steps (just like the `.onion` addresses), so keep them handy.
-
-![Screenshot showing I2P Hidden Services settings](../assets/images/monero-server-using-truenas/06-i2p-settings.webp)
-
-## Configure Monero Node
-
-### Initial Setup
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero Node`. Click on the **Monero Node** app.
-4. Click **Install**. This will pull up a form.
-5. *Optional:* Uncheck **Prune the blockchain**. This will use significantly more storage.
-6. Under **Storage Configuration** and **Blockchain storage location**, change the **Type** from `ixVolume` to `Host Path`.
-7. Under **Host Path**, use the folder picker to select the `monero-blockchain` dataset. This should usually be `/mnt/monero-pool/monero-blockchain`.
-8. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the node sync faster.
-9. Leave the other settings as default. Click **Install**.
-
-#### Why not configure Tor and I2P settings to begin with?
-
-Some users may be sensitive to a privacy risk where your Tor and I2P addresses could be matched with your public IPV4 address while it is syncing. By waiting to configure these settings until after your node is already fully synced, we minimize this risk.
-
-### Check on the Sync Status
-
-It will take a day or more for most systems to fully sync the Monero blockchain from scratch.
-
-To check the status, go to the app page and click on the `monerod` app. Under Workloads and to the right of `monerod – Running`, click on the shell icon.
-
-![Screenshot showing how to click the Monero Node shell icon](../assets/images/monero-server-using-truenas/07-monero-shell.webp)
-
-Type `monerod status` and press enter.
-
-If the status reports `Height: ####/#### (100.0%) on mainnet`, then your node is fully synced. You can proceed to the next step.
-
-![Screenshot showing the Monero Node sync status command](../assets/images/monero-server-using-truenas/08-monero-shell.webp)
-
-### Add Tor and I2P
-
-After your Monero node is fully synced, click on the `monerod` app and then click **Edit**. This will bring up the same form that you configured when installing the app.
-
-1. Check **Enable Tor connections**.
-2. Set the **Tor IP** as your hostname, for example `192.168.1.100`.
-3. Set the **Tor port** as `9150`.
-4. Check **Enable inbound Tor connections**.
-5. Set the **Inbound onion address** as the `.onion` address for `monerodp2p` that you observed earlier.
-6. Check **Enable inbound I2P connections**.
-7. Set the **I2P IP** as your hostname, for example `192.168.1.100`.
-8. Set the **I2P Port** as `4447`.
-9. Check **Enable inbound I2P connections**.
-10. Set the **Inbound I2P base32 address** as the `.b32.i2p` address for `monerodp2p` that you observed earlier.
-11. If you wish to enable Monero LWS, under **ZMQ RPC Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-12. If you wish to enable Monero LWS, under **ZMQ Pub Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-13. Under **Tor inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-14. Under **I2P inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-15. Click **Update**.
-
-![Screenshot showing the Monero Node install settings](../assets/images/monero-server-using-truenas/09-monero-install.webp)
-
-## Configure Monero LWS
-
-For security reasons, the Monero LWS app only accepts requests from allowlisted Monero addresses. Requests from other users will be rejected.
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero LWS`. Click on the **Monero LWS** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Accounts**, you can add sets of allowlisted Monero wallets that will be supported by this server. Click **Add** to add a wallet. For each wallet, include the `Address`, `View Key`, and `Restore Height`. If a restore height is not provided, it will scan the entire blockchain (which is thorough but inefficient).
-6. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the server scan multiple wallets faster.
-7. After you have added all the wallets, click **Install**.
-
-You can add new Monero wallets in the future by adding them to the list of accounts.
-
-## Configure Secure Clearnet Connections
-
-It is insecure to connect your wallet to your server over an unencrypted connection.
-
-If you only configure your wallet to connect to your server over its I2P or Tor addresses, then you're all set. The connection is already encrypted.
-
-There are different ways to connect to your node over an encrypted clearnet connection, each with their pros and cons:
-
-| Method | Pros | Cons |
-| --- | --- | --- |
-| Tor | No additional configuration necessary. Private. Secure. Reliable. | Slow for non-LWS wallets. |
-| I2P | No additional configuration necessary. Private. Secure. | Slow. Unreliable. |
-| Nginx Proxy Manager | High degree of user control. Secure. Reliable. Fast. | Requires a domain. Requires configuration. |
-| Cloudflare Tunnels | Secure. Reliable. Fast. Easy to set up. Extra security settings. | Requires a domain. Decrypted traffic is shared with Cloudflare. |
-
-### Nginx Proxy Manager (Recommended)
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Nginx Proxy Manager`. Click on the **Nginx Proxy Manager** app.
-4. Click **Install**. This will pull up a form.
-5. Leave the settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Nginx Proxy Manager app shows the status as **Running**, open a browser to `<hostname>:30020`, for example `192.168.1.100:30020`.
-
-#### Configure Your Domain and Router
-
-You will need to create A and (optionally) AAAA records with your DNS provider that point to your public IPV4 and IPV6 IP addresses, respectively. You will then need to forward the ports in your router to your TrueNAS hostname. These steps are out of scope for this guide.
-
-#### Add Proxy Hosts to Nginx Proxy Manager
-
-From the Nginx Proxy Manager browser interface, click **Hosts**, **Proxy Hosts**, then **Add Proxy Host**. We recommend creating proxy hosts as follows:
-
-| Domain Name | Scheme | Forward Hostname / IP | Forward Port |
-| --- | --- | --- | --- |
-| `monerod-rpc.<domain>` | `http` | `<hostname>` | `18089` |
-| `monero-lws.<domain>` | `http` | `<hostname>` | `18090` |
-
-For each entry, enable **Block common exploits**.  Configure the SSL settings with **Request a new SSL Certificate**, **Force SSL** enabled, and **HTTP/2 Support** enabled.
-
-Optionally assign an access list.
-
-You should now be able to access these services using your domain!
-
-## A Note About Clearnet Networking
-
-Making clearnet connections without encryption (without SSL/TLS) is insecure. This guide uses the Nginx Proxy Manager app to configure these secure connections, but you can alternatively use another approach such as Cloudflare Tunnels, Tailscale, or WireGuard.
-
-## What About Bitcoin?
-
-Bitcoin is not recommended by Privacy Guides due to its very weak privacy properties by default. Nevertheless, MAGIC Grants has made several Bitcoin oriented applications in the TrueNAS store that you may benefit from if you need to use Bitcoin.
-
-## Test Connections
-
-We will test connections to our node over Tor using [Cake Wallet](https://cakewallet.com), [Edge Wallet](https://edge.app), and [Orbot](https://orbot.app). Make sure you have these apps installed and already have Monero wallets set up.
-
-Use **Full Device VPN** mode with Orbot for this guide.
-
-### Test with Cake Wallet
-
-Cake Wallet will connect to your Monero node. Follow [these steps](https://docs.cakewallet.com/features/advanced/tor-with-orbot/#switch-back-to-cake-wallet) to change the Monero node that Cake Wallet uses. Provide your `monerodrpc` onion address for the Monero Node app as the node address, `18089` as the port, no username, no password, and **Use SSL** unchecked.
-
-You should see a green dot next to this newly added node, and you should notice that your wallet is able to sync. Syncing performance to a Monero node over Tor is slow.
-
-### Test with Edge Wallet
-
-Edge Wallet will connect to your Monero-LWS server. In Edge Wallet, click on the upper right hamburger menu, then **Settings**, then **Asset Settings**, then **Monero**. Select **Custom Light Wallet Server** and provide your `monerolws` onion address with the port. For example, `http://monerolws.onion:18090`, replacing `monerolws.onion` with your correct onion address.
-
-Back in the main wallet overview, you should see that your Monero wallet is fully synced.

blog/posts/privacy-guides-hires-three-staff-members.md

@@ -17,7 +17,7 @@ At Privacy Guides, we are always looking for ways to be more effective at our mi
 
 ## Em – Journalist
 
-![](https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/em/288/8211_2.png){ align=right }
+![](https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/ematprivacyguides/288/8211_2.png){ align=right }
 
 We’re excited to welcome Em (she/her), our new journalist, who will play an important role in taking our [articles](https://www.privacyguides.org/articles/) to the next level. She will be focusing on creating in-depth, interesting posts that explore the most important topics in the world of online privacy, security, and digital rights. Em will also conduct interviews with experts in the industry, analyze reports and studies, and produce investigative news stories to keep our readers informed.
 

blog/posts/privacy-means-safety.md

@@ -155,7 +155,7 @@ The 26-year-old American who incorrectly identified the Australian girl and shar
 
 ### Targeted research, attack, and spyware
 
-For targeted attacks, aggressors will often use simple techniques to find a victim's data from what is already leaked online or openly shared on social media. For more sophisticated attacks, perpetrators might use criminal methods such as impersonation for [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). When attackers have more resources, such as state-backed attackers, more sophisticated processes might be used, like device infection with [NSO Group's spyware](https://citizenlab.ca/tag/nso-group).
+For targeted attacks, aggressors will often use simple techniques to find a victim's data from what is already leaked online, or openly shared on social media. For more sophisticated attacks, perpetrators might use criminal methods such as impersonation for [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). When attackers have more resources, such as a state-backed attackers, more sophisticated processes might be used, like device infection with [NSO Group's spyware](https://citizenlab.ca/tag/nso-group/).
 
 ### Maliciously stolen or negligently leaked
 

blog/posts/private-european-alternatives.md

@@ -226,7 +226,7 @@ Element is based in the United Kingdom, which is of course no longer in the Euro
 
 <div class="admonition recommendation" markdown>
 
-![Element logo](../assets/img/social-networks/element.svg){ align=right }
+![Element logo](../assets/img/messengers/element.svg){ align=right }
 
 **Element** is the flagship client for the [Matrix](https://matrix.org/docs/chat_basics/matrix-for-im) protocol, an [open standard](https://spec.matrix.org/latest) for secure decentralized real-time communication.
 

blog/posts/queer-dating-apps-beware-who-you-trust.md

@@ -1,572 +0,0 @@
----
-date:
-    created: 2025-06-24T21:00:00Z
-categories:
-    - News
-tags:
-    - Pride Month
-authors:
-    - em
-description: At the intersection of data privacy and LGBTQ+ experiences, it's inevitable to talk about queer dating apps. Unfortunately, most are horrible for data privacy.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp
----
-
-# Queer Dating Apps: Beware Who You Trust With Your Intimate Data
-
-![Photo of a hand holding a phone with a rainbow gradient and a white heart on it. The hand holds the phone in front of a vertical rainbow background with an open eye displayed transparently over it, symbolizing surveillance.](../assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Surasak Ch / Unsplash</small>
-
-When discussing the intersection of data privacy and LGBTQ+ experiences, it's inevitable to also talk about queer dating apps. Due to a smaller percentage of the population and a number of factors complicating in-person dating, people part of the queer community are more likely to seek online platforms to meet lovers and friends. Unfortunately, using queer dating apps can be very dangerous for privacy, and even for safety.<!-- more -->
-
-Dating apps are generally horrible for everyone's privacy, but the queer population is at an even higher risk of harm due to discrimination, and even [criminalization in certain regions](https://www.humandignitytrust.org/lgbt-the-law/map-of-criminalisation/).
-
-Despite the risks, LGBTQ+ people still need to fulfill their social and romantic needs like anyone else.
-
-This isn't an easy task outside the online realm either. Discrimination can be much worse in physical environments that aren't specifically catering to the queer community. In some regions, this can even mean a greater risk of physical aggression.
-
-LGBTQ+ people aren't necessarily safe to date in the same ways cisgender heterosexual people are, increasing the need for safe spaces.
-
-Another important factor is that a smaller percentage of the population necessarily creates a smaller dating pool. Even if someone were to avoid entirely online services, if they aren't located in a town large enough to host LGBTQ+ venues and events, or if they live in an environment where revealing their queer identity could be unsafe to them, online spaces might be their only viable option to [find connections](stay-safe-but-stay-connected.md).
-
-Sadly, this isn't ideal. In today's world, it seems very few services (if any) are considering the importance of data privacy for dating apps seriously enough.
-
-For this reason, it is crucial to acknowledge the dangers, and learn about ways to minimize the risks, and to stay safe while looking for romantic or sexual partners online.
-
-## Dating apps are horrible for data privacy
-
-Unfortunately, whether it's dating apps catering to everyone or to a narrower segment of the population, they are pretty much *all horrible for data privacy*.
-
-Some apps might be worse than others, but at this time, there are no good, largely used, *and* privacy-respectful dating apps.
-
-Due to the nature of dating apps, a major problem is that any dating app will unavoidably collect at least some of very sensitive personal data. This can include photos, intimate photos, sexual preferences, intimate conversations, detailed physical descriptions, and likely much more.
-
-Because of this, a good privacy-respectful dating app would need to implement considerably stronger protections for this data, and obviously not share it with any third party. Regrettably, this isn't what is happening *at all*.
-
-### They collect very sensitive information, legally and illegally
-
-Necessarily, most dating apps will collect *at minimum* a nickname, email, photo, and descriptions of your personality and physical appearance. But, the majority of apps do not stop there.
-
-Most dating apps also collect your location, IP address, and phone number (a strong quasi-static identifier that can be linked to your other accounts and legal identity).
-
-Then, you might upload additional sensitive information, such as a detailed physical description, detailed personality description, health condition, religion, political views, sexual preferences, and even intimate photos in private chats. All this information is collected and stored by the dating app, and maybe even shared with third parties.
-
-According to a [report from Mozilla](https://www.mozillafoundation.org/en/privacynotincluded/articles/data-hungry-dating-apps-are-worse-than-ever-for-your-privacy/), about 25% of apps also collect metadata on uploaded content. This means that if you do not [remove metadata](https://www.privacyguides.org/en/data-redaction/) from your photos and videos (or other file types) before uploading them, the dating app could collect it. This can include very precise information on where and when a photo or video was taken, for example.
-
-Additionally, dating apps can collect a scandalous amount of information from your social media accounts if you use them to sign up with the app. Already in 2017 (this is likely much worse 8 years later into surveillance capitalism), The Guardian journalist Judith Duportail [reported](https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold) on her experience with Tinder after requesting a copy of her account data. Tinder had kept 800 pages of information on her, including Facebook likes, number of Facebook friends, Instagram photo links, ages of men she was interested in, and so on. From her experience she wrote:
-
-> What will happen if this treasure trove of data gets hacked, is made public or simply bought by another company? I can almost feel the shame I would experience.
-
-She is not alone in this. Every dating-app user is at risk of having their intimate data exposed if their account or the app's servers gets hacked, or if the company otherwise leaks or shares their data.
-
-Tragically, data breaches and companies acquisitions aren't rare occurrences. It's more a matter of "when" than "if".
-
-#### Identity verification
-
-Moreover, many apps now require to "verify identity" by requesting users to submit a video selfie, official ID, or other means of verification.
-
-This practice is intrusive at best, and straight out *dangerous* at worst. Any verification practice requiring a piece of official ID or a facial scan has the potential of endangering this data, and increases the risk of a data leak exposing your intimate dating information while being strongly linked to your legal identity.
-
-No dating app should be requiring such sensitive information. Fighting bots and fake accounts isn't worth the risk this represents to users.
-
-#### Biometric data
-
-Even for users who might be careful to choose more privacy-respectful apps, or feel protected by stronger local legislation, trust can be broken.
-
-In 2024, Bumble and Badoo settled a [class action lawsuit](https://www.the-sun.com/money/12327292/bumble-settlement-badoo-payment/) for allegedly infringing the privacy rights of users residing in Illinois US, by violating the [Biometric Information Privacy Act](https://en.wikipedia.org/wiki/Biometric_Information_Privacy_Act) (BIPA). The complainants alleged the apps, both owned by Bumble Inc, were capturing and storing users' facial scan biometrics it extracted from profile's content without the users' consent.
-
-While users located in Illinois were entitled to financial compensation from the [settlement](https://topclassactions.com/lawsuit-settlements/closed-settlements/40m-bumble-badoo-bipa-class-action-settlement/), others located in regions with weaker local regulation didn't receive any compensation for this violation of their consent.
-
-#### Artificial intelligence features
-
-Finally, most dating services have now [integrated AI features in their platforms](https://www.platformer.news/grindr-ai-boyfriend-wingman-monetization-paid-taps/). This is dreadful for privacy.
-
-The problem with current AI features is that most will not just generate data but will also *collect* data. Once data is integrated into a model, it's incredibly difficult (if not impossible) to delete it later.
-
-Grindr's terms of service include a section specifying that, when using the platform, [you grant an irrevocable right to Grindr](https://www.grindr.com/terms-of-service) to "exploit Your User Content" to train "AI Technologies". **Your content is up for AI-grabs on Grindr.**
-
-Horrifyingly, most other dating apps aren't better.
-
-While other apps might be careful not to directly name "AI" or "training" in their terms of service, risking scaring users away, OkCupid, Hinge, and Plenty of Fish (all part of the Texas-based dating service conglomerate Match Group), describe a similar clause in their terms of service that could potentially include AI technologies training on users' content (if not already).
-
-For example, OkCupid specifies in clause 7 of their [Terms & Conditions](https://okcupid-app.zendesk.com/hc/en-us/articles/23941864418203-Terms-Conditions) (emphasis added for clarity):
-
-> By creating an account, **you grant to OkCupid a worldwide, perpetual, transferable**, sub-licensable, royalty-free **right and license to** host, store, use, copy, display, reproduce, adapt, edit, publish, translate, modify, reformat, **incorporate into other works, advertise, distribute and otherwise make available to the general public Your Content**, including any information you authorize us to access from Facebook or other third- party sources (if applicable), in whole or in part, and **in any way and in any format or medium currently known or developed in the future.** OkCupid's license to Your Content shall be non-exclusive, except that OkCupid's license shall be exclusive with respect to derivative works created through use of our Services. For example, **OkCupid would have an exclusive license to screenshots of our Services that include Your Content.**
-
-Of course "any medium developed in the future" could include AI technologies, and/or anything else.
-
-OkCupid has already integrated AI features in users' dating experience using OpenAI's ChatGPT for its services. Michael Kaye, OkCupid's head of communications, excitedly [told Mashable](https://mashable.com/article/okcupid-chatgpt-questions) that "daters who think ChatGPT is a lifesaver get almost 40 percent more Matches on OkCupid than those who think it's too big brother".
-
-Well, perhaps users who accurately think "it's too big brother" have simply already left the app...
-
-### They can expose legal identities
-
-Besides the data privacy dangers created by integrating AI features in dating apps, [identity and age verification is another growing problem](age-verification-wants-your-face.md).
-
-Unfortunately, it seems dating apps are more concerned with fighting fake accounts than protecting users' data, and are willing to sacrifice the latter for the former.
-
-Of course, this security measure is only theatrical. Criminals will easily go around identity verification systems, while the inevitable data breaches will endanger and harm all trustworthy users at once.
-
-#### Identity verification endangers the most vulnerable
-
-Each time a dating application asks for a video selfie or an official piece of ID to prove identity or age, this data risks getting leaked and stolen later.
-
-Moreover, requiring official IDs and face scans severely harm the most vulnerable users who need [protective practices to stay safe online](stay-safe-but-stay-connected.md/#practices-and-tools-that-help-in-various-contexts), for example by using a pseudonym. This is true for victims of domestic violence, victims of online stalking, as well as for the LGBTQ+ community.
-
-Exposed legal identities, particularly in conjunction with dating data, can lead to identity theft, online harassment, doxxing, non-consensual outing, extortion, loss of employment, arrest, and even sexual and physical violence.
-
-Pseudonymity can save lives online. Fighting pseudonymity isn't fighting crime, it's [fighting against the safety](https://journals.sagepub.com/doi/full/10.1177/17416590221111827) of the most vulnerable in our society.
-
-#### Biometric data and dystopian third party
-
-Continuing this horrifying trend, Match Group has announced this spring they are partnering with the [dystopian World App](sam-altman-wants-your-eyeball.md) to start testing age verification for Tinder in Japan. The World App generates unique identifiers based on biometric iris scan.
-
-If having to scan your official ID to continue using Tinder is *bad*, having to scan your eyeball from a questionable third party app is even *worse*.
-
-This practice will start for Tinder in Japan, but it's likely the verification process could be expanded to all users of Match Group apps in the near future.  Soon, the only way to avoid having to share biometric data with the World App to continue using your favorite dating app could be to leave the app entirely.
-
-#### Payment information
-
-Finally, payment information can also create a link between your dating account and your legal identity.
-
-If you provide a credit card under your legal name to use a dating app, then this profile is inevitably linked to your legal identity.
-
-It's possible that some application *might* use third-party software to manage payments, and that this data *might* not leak associated with your dating profile. However, this depends on which payment services the dating app works with, and what the company's security practices are.
-
-### They sell users' data to data brokers
-
-Sadly, not only most dating apps collect *way too much data* they don't secure properly, but they also willingly share this data with data brokers.
-
-If you are not familiar with the [data broker industry](https://www.eff.org/deeplinks/2021/07/data-brokers-are-problem), data brokers are usually private for-profit companies that specialize in collecting personal information on everyone, using and scraping public records, social media accounts, various websites, other online sources, and any applications willing to work with them.
-
-They then make this information [available to anyone](https://gizmodo.com/alleged-minnesota-shooter-used-data-brokers-to-find-lawmakers-addresses-2000616975) for sale. They do not care about your consent nor your safety, at all.
-
-**Data brokers are the archenemy of privacy rights.**
-
-And yes, dating apps share your dating data with them. California's Privacy Protection Agency even uses dating apps in its [example](https://cppa.ca.gov/data_broker_registry/) for the Data Broker Registry it keeps:
-
-> For example, if a person signs up for a dating app, a data broker may buy all recent sign ups of that dating app from the app developer and sell the information to a gym that is looking to target potential new customers.
-
-The chosen example of a data broker selling dating app data to a gym is quite mild. As explained in the next section, [what actually happens](#hateful-groups-tracking-users) with this data if often much more grim.
-
-One type of data often [bought by data brokers](https://www.eff.org/issues/location-data-brokers) is location data. Location data can easily be used to precisely identify a user, a user's home address, a user's work address, a user's favorite venues, and a user's connections with others. **Many dating apps share location data.**
-
-In 2022, The Markup [published](https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker) the results of an investigation from a 2018-2019 sample dataset they obtained from the data broker X-Mode. The dataset compiled location data collected from 107 different apps, including the dating app Bro "for bi, gay, and open-minded men".
-
-While conducting research on apps from the Google app store in 2020, the Yale Privacy Lab uncovered several other queer dating apps selling data to X-Mode. At that time, the dating apps Wapo, Wapa, MEET MARKET, and FEM were all sharing users' location data with the same data broker.
-
-Replying to journalists, Bro App's founder confirmed that the company no longer shares users' location with X-Mode.
-
-But what other data and which other data brokers dating apps might be working with? How many other dating apps similarly share location data?
-
-Seven years after this dataset was examined, and in a world where data is being collected from users exponentially more, how many dating apps have simply normalized this practice entirely?
-
-This isn't a new problem, and this [isn't just about location data](https://www.vice.com/en/article/shady-data-brokers-are-selling-online-dating-profiles-by-the-millions/). But this problem is getting increasingly worse, and users must be properly informed on how their intimate data is used and shared.
-
-With the advancements in computer performance over the years, collecting and storing data is cheaper than ever. Corporations and governments alike are eager to access this data for advertising and surveillance purposes. The same is true for special interest and criminal groups of all kinds.
-
-**The data broker industry is thriving on exploiting our data without consent**, even in our most intimate activities.
-
-### They monetize data for advertising
-
-Data brokers and ad-tech companies are working together in similar ways to extract values from every data point they can find about you online. They feed each other in some sort of twisted exploitative synergy.
-
-Dating apps are working with them as well.
-
-In 2021, [Grindr was fined](https://www.bbc.com/news/technology-59651703) €6.5m by the Norwegian Data Protection Authority for sharing users' data without prior explicit consent. The data shared with advertisers included age, gender, advertising ID, IP address, GPS location, and the fact that someone used Grindr. This makes the data even more sensitive, potentially revealing a user's sexual orientation (which is a special category under the [GDPR Article 9](https://gdpr-info.eu/art-9-gdpr/)).
-
-Last year, Grindr was sued for allegations of [sharing users' HIV status](https://www.bbc.com/news/articles/cj7mxnvz42no) with advertisers, in violation of UK's data privacy laws. Two years before, Grindr was [reprimanded](https://ico.org.uk/media2/migrated/4023128/grindr-reprimand.pdf) by the UK's Information Commissioner's Office (ICO) for its data protection (mal)practices.
-
-In 2020, the CPO Magazine [reported](https://www.cpomagazine.com/data-privacy/many-of-the-major-dating-apps-are-leaking-personal-data-to-advertisers/) about tests conducted by the Norwegian Consumer Council that found some of the most popular dating apps sharing sensitive personal information with advertisers. Tinder, Grindr (again), and OkCupid were all found to share age, gender, device information, IP address, and GPS location with advertising and analytics platforms owned by Google, Facebook, Twitter (X), Amazon, and more.
-
-Worse, it was also found that some of these apps sometime shared users' data related to their sexual orientation and dating interests. OkCupid even shared users data related to drug use and political views.
-
-The same year, Tinder announced a partnership with the app Noonlight to implement a "panic button" feature to connect users with help in case of emergency. This seems great at first, but the problem is, it is yet another app that hasn't done its privacy homework properly to protect users. Gizmodo [found](https://gizmodo.com/tinders-new-panic-button-is-sharing-your-data-with-ad-t-1841184919) the partnering app was sharing users' data with major ad-tech businesses *every minute*, including with Facebook and Google.
-
-Even your safety is being monetized and shared with Facebook.
-
-### They don't safeguard data properly
-
-In addition to collecting and monetizing a *large* amount of very sensitive data on every user, many dating apps have the unfortunate tendency to not take securing this data seriously enough.
-
-Data breaches and leaks of all sorts are rampant with dating apps. Assume all data you upload there might become public, sooner than later. If you are not out publicly, be aware **a dating app data breach could out you against your will**.
-
-Here are a few examples of past incidents:
-
-- 2025: [Grindr, Tinder data breach](https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/?guccounter=1)
-
-- 2025: [Translove, Pink, Brish data leak](https://cybernews.com/security/ios-dating-apps-leak-private-photos/)
-
-- 2025: [Gay Daddy data leak](https://cybernews.com/security/gay-daddy-ios-app-exposes-users/)
-
-- 2025: [Raw data leak](https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information/)
-
-- 2025: [Headero data leak](https://beyondmachines.net/event_details/headero-dating-app-leaks-data-exposing-4-million-user-records-5-n-4-z-a/gD2P6Ple2L)
-
-- 2023: [Coffee Meets Bagel data breach](https://www.bleepingcomputer.com/news/security/coffee-meets-bagel-says-recent-outage-caused-by-destructive-cyberattack/)
-
-- 2023: [419 Dating, Meet You, Speed Dating App For American data leak](https://ciso.economictimes.indiatimes.com/news/data-breaches/dating-app-that-claims-50-million-users-suffer-data-breach/101910331)
-
-- 2021: [MeetMindful data breach](https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/)
-
-- 2019: [Coffee Meets Bagel data breach](https://www.independent.co.uk/tech/coffee-meets-bagel-dating-app-hack-a8781176.html)
-
-- 2019: [Heyyo data leak](https://www.zdnet.com/article/heyyo-dating-app-leaked-users-personal-data-photos-location-data-more/)
-
-- 2019: [MobiFriends data breach](https://www.infosecurity-magazine.com/news/data-breach-exposes-four-million/)
-
-These are only a few examples, and from all the examples of data exposure out there, it's important to remember these are likely only *a fraction* of the data breaches truly happening. The small fraction that actually gets detected and reported.
-
-While nothing is ever 100% secure, **application developers must do much more** to protect users data adequately.
-
-The constant news about data breaches and leaks is demonstrating how better security and better privacy is urgently needed, especially for such sensitive information.
-
-### They can make deleting data difficult
-
-One excellent practice every dating app should adopt is data minimization. Applications should only require users to *provide the absolute minimum* information necessary to run the service.
-
-Then, as soon as this data is no longer required, data should be *thoroughly and permanently deleted*. For example, data should be *thoroughly deleted* when a user deletes it on their end, officially requests to have their data or their account deleted, or when an account becomes inactive after a certain period of time.
-
-This practices greatly reduces the risk of data breaches and leaks, and releases the company from this legal responsibility. **You cannot endanger the data you do not have.**
-
-Every organization and software developer *should* follow the [wise advice](https://www.schneier.com/blog/archives/2016/03/data_is_a_toxic.html) from renown cryptographer Bruce Schneier, and treat data like it's a toxic asset.
-
-#### Data retention practices
-
-It's difficult to know for sure for how long certain dating apps retain data behind the scene. Many lack transparency about their data retention practices.
-
-Data retention periods should always be the shortest possible to provide the service. Sadly, many businesses might be tempted to retain it for much longer, especially in the age of AI-training datasets.
-
-#### Data deletion practices
-
-Additionally, not all dating apps have adopted proper data deletion practices.
-
-The ideal practice is to empower users to be able to delete the data they wish to delete from within their account (e.g. being able to delete one message or one conversation). But also, companies should provide an option to request a *complete* and *permanent* account and data deletion from within the account, *without requiring additional information* from a user, and without requiring to email the company.
-
-Many applications have implemented data deletion processes similar to the model described above to manage user's requests, but not all of them (yet).
-
-Of course, organizations *must* also follow through, and *properly* delete this data in the *backend* as well as in the frontend.
-
-This has important legal implications, because even for organizations lacking transparency and honesty, users could soon find out the truth in the next data breach. If the data was not fully deleted after a deletion request was made, this could have *severe* legal and financial consequences.
-
-#### Investigating an app's data deletion process *before* creating an account
-
-Unfortunately, some dating apps seem to have neglected this important process in their relationship with users.
-
-Some applications and services are requiring *more* data to submit a data deletion request than what was even required to create the account in the first place. **This is bad.**
-
-Despite being rated the best (or perhaps the "least bad") on [Mozilla's Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/), the queer dating app Lex seems to require users to fill a *Google Form* that mandates providing first and last name, date of birth, email, phone number, and even a *home address*. One of the form seems to imply an official piece of ID might also be required. This is *extremely* intrusive.
-
-Moreover, this practice would be directly sharing this personal information *with Google,* outing that this person (with this legal name, and at this home address) is queer and uses or used Lex.
-
-Google Forms aren't a private way to share sensitive data. This isn't a great data privacy practice, to say the least.
-
-It's also [unclear](https://help.lex.lgbt/article/69-how-can-i-delete-my-data) if Lex respond to data deletion requests from users located outside the protection of the GDPR (Europe) or the CCPA (California US) at all. Despite a number of regions worldwide benefiting from privacy laws granting rights similar to the [GDPR's Article 17](https://gdpr-info.eu/art-17-gdpr/).
-
-Even if you have been careful to provide only minimal information when creating your account, it seems a simple data deletion request once you are done using the app would require you to share all this *extremely sensitive and identifying information* with Lex (and Google!).
-
-At the time of this article's publication, Lex's current [privacy policy](https://help.lex.lgbt/article/51-privacy-policy) links to these two forms required from users to fill for [GDPR's Right to Erasure requests](https://docs.google.com/forms/d/e/1FAIpQLSdhK2fkBounO1PeN75s7OU0Ey1tmMpGEQYd9lD8EQWAH8DPKA/viewform) and [CCPA's Right to Delete requests](https://docs.google.com/forms/d/e/1FAIpQLScz7bDrVbjvB4uSiWjJky0JeePyv4Q-g3Cejz6pCCHiXlUEVw/viewform).
-
-It goes without saying that you shouldn't email a copy of your passport to anyone, and you should never have to provide *more* information than the app already has on you to get your data deleted. This is especially true if all the data mentioned above gets shared with a third-party advertising company like Google, through the use of Google Forms.
-
-Privacy Guides has reached out to Lex for clarification on its data deletion practices, but has not received any response at the time of this publication.
-
-Before creating an account with a dating app (or any other app for that matter), it's important to find information on what will be the process to delete your data and account once you are done with the app.
-
-That way, you can choose to only use applications that will thoroughly respect your privacy rights, and your rights to delete your own data.
-
-## Queer dating apps can be targeted
-
-At this time, almost all popular dating apps are *horrible* for data privacy. But queer dating apps (or queer people using any dating app) are especially vulnerable targets for malicious actors.
-
-Unfortunately, hateful groups, criminals, and even governments have been weaponizing dating apps to harass, exploit, arrest, or even attack queer people.
-
-Dating app companies are partly responsible for facilitating this harm by selling users' data to data brokers and advertisers, and by repeatedly missing opportunities for improvements to secure their users' data.
-
-Additionally, each time there is a new dating app data leak, whether from negligence, incompetence, greed, or malice, this leak risks [outing people against their will](importance-of-privacy-for-the-queer-community.md/#being-outed-against-ones-will). This alone can have devastating consequences, from feeling violated to getting arrested, or even killed.
-
-In Morocco, where being gay is still illegal, a social media influencer [asked](https://www.levantx.com/series-source/violence-in-lockdown-sofia-talouni-and-gay-male-outings-in-morocco-under-covid) people in 2020 to join dating apps to out gay men around them. This resulted in a violent online harassment campaign with many gay men being outed against their will, chased from their homes, shunned by their family, and horrifyingly even led to some suicides.
-
-Regrettably, even in countries where being queer is legal and generally accepted, [targeted harassment](privacy-means-safety.md/#trans-and-queer-activists) and attacks can happen.
-
-For people who aren't out publicly, data revealed about their dating life could potentially out them immediately. But even for people who are out publicly, making details about their dating life public could trigger online hate, targeted harassment, and endanger them in many ways.
-
-Queer dating apps have an even greater responsibility to protect their users' data.
-
-Data related to one's sexual orientation is categorized as especially sensitive information by many privacy laws, generally requiring additional protections. For example, GDPR's [Article 9](https://gdpr-info.eu/art-9-gdpr/) specifies special conditions for handling data related to a "person's sex life or sexual orientation".
-
-Companies and software developers must take this responsibility much more seriously.
-
-### Hateful groups tracking users
-
-In 2023, the Washington Post [revealed](https://www.pcmag.com/news/a-catholic-group-spent-millions-on-dating-app-data-to-out-gay-priests) that an American Catholic group based in Colorado had bought data brokers datasets from queer dating apps.
-
-The religious group spent millions of dollars to access data from Grindr, Scruff, Growlr, Jack'd, and OkCupid in an attempt to out gay and bisexual priests. The group used these datasets to cross-reference locations with church residences. This level of hate and insidious spying seems quite ungodly.
-
-Tragically, dating apps selling users' data to brokers and advertisers makes this type of targeting by hateful groups easily accessible to anyone willing to pay.
-
-### Governments and authorities prosecuting users
-
-In countries where homosexuality and transgender people are criminalized, even governments are guilty of these cruel practices.
-
-In 2017, Human Rights Watch [reported](https://www.hrw.org/news/2017/05/01/south-koreas-military-sodomy-law-should-go) allegations of the South Korean army cracking down on gay service members using published screenshots from dating app chats. Although homosexuality isn't illegal for civilians in South Korea, same-sex intercourse is illegal in the military. This oppressive rule is aggravated by the fact that South Korean men are [obligated to enroll](https://en.wikipedia.org/wiki/LGBTQ_rights_in_South_Korea) for a mandatory period of service under the conscript system.
-
-In 2018, organization Article 19 [completed](https://www.article19.org/resources/apps-arrests-abuse-egypt-lebanon-iran/) an investigation on the risk of dating apps usage by the LGBTQ+ community in Egypt, Lebanon, and Iran. The report demonstrates how authorities in Egypt used the geolocation feature of dating apps to entrap and arrest gay and transgender users.
-
-In 2022, Article 19 supported another report [focusing](https://www.article19.org/wp-content/uploads/2022/03/Digital-Crime-Scenes-Report-3.pdf) on the persecution of queer people in Egypt, Lebanon, and Tunisia. The report explains how authorities in these regions used dating apps to set up trap meetings with users, and to collect digital "evidences" to charge queer users.
-
-In 2025, Human Rights Watch [published](https://www.hrw.org/news/2025/05/26/uganda-anti-lgbt-law-unleashed-abuse-0) a report documenting the actions of authorities in Uganda following the 2023 enactment of the Anti-Homosexuality Act. In addition to spreading misinformation and hatred against LGBTQ+ people, leading to harassment and attacks, authorities have started to use dating apps to extort, entrap, and arrest queer people.
-
-Sadly, if LGBTQ+ rights continue to regress like we have observed in the past months, this sort of government-sanctioned persecution might even become normalized in the UK and the US as well.
-
-### Criminals blackmailing and attacking users
-
-Along with hateful groups and authoritarian regimes, criminals are also targeting the queer community on dating apps. This type of crime is exponentially worse for users located in regions where being queer is criminalized, but it is still a danger for anyone worldwide.
-
-Criminals have been [targeting](https://www.bleepingcomputer.com/news/security/lgbtq-plus-community-warned-of-extortionists-abusing-dating-apps/) users on queer dating apps for extortion scams. According to a report from the US Federal Trade Commission, criminals pose as potential dates sending explicit photos, then request users to reciprocate. If they get a reply, they blackmail the victim under threat of revealing this information. This type of extortion can have devastating consequences.
-
-Dating apps are worsening this problem when requesting users to provide legal identification such as facial scans, official IDs, or home addresses. If this information leaks in the future, criminals will have an even easier time to extort and attack their victims, regardless of if they're still on the app or not.
-
-## Reducing the risks when using dating apps
-
-Despite how bad dating apps are for your privacy (and maybe also your safety), your social, sexual, and romantic needs are important to consider as well.
-
-The best alternative for your data privacy is probably to favor in-person meetups and venues, whenever possible.
-
-However, if this isn't accessible to you, and you decide using a dating app is worth the risks, here are a few things to keep in mind that can help to improve your privacy and to reduce the dangers when using a dating app.
-
-### Investigating before creating an account
-
-Before creating an account on a dating app (or any other apps), it's a good idea to take a look at its privacy policy (or privacy notice) and terms of service.
-
-#### Researching privacy policy and terms of service
-
-Most people *hate* doing this, but it can really help to discern which apps are better than others.
-
-You don't have to read it all, but make sure to at least check the sections on what data they collect, with whom they share it, and how they use it.
-
-Important pro-tip: Using your browser, search the page for an "@" sign to verify if the privacy policy includes a contact email address. It *should* have one. Sometimes, it will be a link to a contact page instead. If you cannot find any way to contact anyone at this organization by email, be suspicious.
-
-If you decide to use this dating app, keep a local copy of its privacy policy and terms of service using the "Save to PDF" function from your browser. This *can* help legally by keeping a proof in time of what were the terms when you signed up (of course, they might change later, but that's a start).
-
-#### Investigating usage of AI systems
-
-Look in the privacy policy and terms of service for any mention of AI systems. Sometimes, it's not named directly and might be called something else like "automated system" or other expressions.
-
-Be especially vigilant to check if the company **might use your content data to train these systems**. Make sure you have a way to at least opt out, or deactivate of any such training. AI systems training on your data is *atrocious* for your privacy.
-
-#### Confirming data deletion processes and retention periods
-
-Again usually through the app's policies, look at what the process will be when you'll want to get your data and account with this app fully deleted.
-
-This is important because deleting your data once you are done using the app will greatly improve your data privacy and security, by protecting it from potential data breaches and undisclosed usage in the future (if the deletion is done thoroughly).
-
-Additionally, deleting your data and account once you no longer need it minimizes the risk of an abandoned-account takeover by a criminal.
-
-When you abandon an account without closing it and deleting its data properly, criminals might break in and start using your account and data without your knowledge. The longer the account sits there, the greater the risk.
-
-Make sure the app describes a clear process you can manage yourself *from within* the account to fully delete your data and account, and that **it doesn't require more information** to delete your account than you had to provide to create it in the first place.
-
-#### Evaluating reputation from history of data breaches
-
-Finally, conduct a short research on the history of security practices for this dating app.
-
-Look for trustworthy third-party reviews and information about the app. Always assume information and promises from the company itself are biased.
-
-Check the news for reports of data breaches and leaks. Checks what security researchers and privacy professionals have to say about this app. Make sure to find trustworthy sources, and remain vigilant about AI-generated articles and review articles that are advertising in disguise.
-
-### Choosing a dating app
-
-As stated at length in this article, there aren't any *good* dating apps for your privacy, sadly. There are only "slightly less horrible" dating apps.
-
-For more details on each, you can take a look at Mozilla's [Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/) for dating apps. Check the details for each app you are interested in, not just the rating. However, keep in mind that even Lex, the first app listed there, doesn't seem to have great practices in regard to [data deletion](#investigating-an-apps-data-deletion-process-before-creating-an-account), and you might be unable to delete your account data fully if you decide to use this app. This might also be the case for some other apps listed there.
-
-Alternatively, there are a few free dating apps that might offer a different approach with open source code. Applications that are open-source have the benefit of full transparency to examine its code, and potentially detecting any undisclosed data collection.
-
-That being said, open-source applications aren't magically secure, and don't necessarily grant better privacy either. But code transparency helps to audit the application, and to detect any false claim related to privacy and security. The German dating app Alovoa is an example of this. You can take a look at its [code](https://github.com/Alovoa/Alovoa/) on GitHub.
-
-However, the downside of any dating app that isn't massively popular is it will have fewer users, possibly making finding matches more difficult.
-
-Nevertheless, using a niche dating app that fits better your values *could* potentially increase the chances of finding a match that also fit better your values.
-
-Specifically to data privacy however, privacy-conscious people looking for a date online might have to wait for a truly privacy-respectful app to be developed, and to get more popular in the future.
-
-### Minimizing the data shared
-
-When using any dating app, you should always be careful with the information you share, not just for data privacy, but also for your physical safety.
-
-Using a dating app still means talking with a lot of strangers online, and these strangers might have different intentions and goals than yours.
-
-Of course, to find genuine matches, you also do need to share at least some information about yourself, and you shouldn't lie to potential partners.
-
-The idea isn't to use fake information, the idea is simply to *minimize* the information you share, to increase your data privacy with the app, and your safety when interacting with strangers.
-
-Once you have developed a certain level of trust with a dating app match, then you can [move to safer channels](stay-safe-but-stay-connected.md/#private-messaging-one-on-one-and-group-chats) to share more with them (if you wish) in a more secure and more private environment. You could share your Signal username with them to chat in an end-to-end encrypted environment, for example.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Warning: Only share when you fully trust!</p>
-
-Remember that there will be no content moderation in this end-to-end encrypted environment, because it is *truly private*. You should **never share any intimate details with someone you do not trust fully**, even on Signal (or any other end-to-end encrypted apps).
-
-</div>
-
-#### Sign up credentials
-
-When signing up for a dating app, **never use a social media account**. Many applications now gives the option to sign up or sign in using your Google, Facebook, or Instagram account.
-
-While this might seem convenient at first, it allows the applications to exchange data, and this is *incredibly bad for your privacy*.
-
-Instead, always sign up for a dating service using new credential information that you have not used anywhere else before (new username, new email, new password). This will reduce the risk of your other accounts being linked with your dating app data, and vice versa.
-
-#### Email address
-
-To use a unique email address, you might want to create a proxy address known as an alias.
-
-Email aliasing is a great technique to improve your privacy online. It allows you to register for services using a unique email address for each. You can also use these unique email addresses to give to your dating prospects to communicate with them. For email aliasing, SimpleLogin is a great service that we [recommend](https://www.privacyguides.org/en/email-aliasing/).
-
-#### Phone number
-
-Using a unique phone number is much more complicated, unfortunately.
-
-From some countries, you might be able to find a trustworthy phone number proxy service, but those aren't always accepted to sign up for new accounts.
-
-Generally, it's much harder to use proxy for a phone number, and account requiring phone numbers to sign up aren't the best for privacy.
-
-A phone number is an identifier that most people rarely change, and that is strongly attached to your legal identity. If this data leaks in the future, your dating data could be linked to your legal identity, and to your other accounts in all sorts of ways.
-
-Additionally, using a phone number or a verification code sent to your phone through SMS to log in makes your account vulnerable to [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). Avoid apps that are requiring a phone number to sign up if you can.
-
-If you absolutely cannot avoid it, then consider getting a secondary phone number on a spare phone that you only use for dating.
-
-#### IP address
-
-Your IP address is an identifier attached to the internet service you use, and can reveal your location (more or less accurately). Additionally, an IP address can potentially reveal your legal identity, and be linked to your other internet activities.
-
-Any online services and websites you use and visit will know your IP address, including dating apps.
-
-To protect from this, you would need to use a [trustworthy Virtual Private Network (VPN)](https://www.privacyguides.org/en/vpn/) provider. However, know that using a VPN is only a transfer of trust, from your Internet Service Provider (ISP) to your VPN provider.
-
-If using a queer dating app could be dangerous in your country, keep in mind that your VPN provider would know you have visited one. You would need additional protections to go around this, such as using a service like [Tor](https://www.privacyguides.org/en/advanced/tor-overview/) (which might not be possible with some services).
-
-Moreover, some dating services might not allow connection from a VPN server at all, or could trigger additional security checks and requirements to log in.
-
-#### Mobile app permissions
-
-After installing a dating app on a mobile device, make sure to go through your phone's settings to disable all the permissions you can.
-
-Keep it at the absolute *minimum* required for you to use the app. **Don't give permissions for the app to access your contacts or photos.**
-
-If enabled by default, disable accesses. Also disable accesses to your location, if you do not use this feature with the app. Ideally, enter your broad location instead (e.g. city only), and never allow precise geolocation from your phone.
-
-#### Privacy settings and opting out
-
-Before adding any information to your dating profile, go through the app's settings to select the strongest options available to protect your privacy.
-
-Sometimes, apps make it hard to find where to opt out data sharing and AI training, but *be persistent* and look everywhere you can. This is worth the effort!
-
-#### Account security
-
-Securing your account is also important to protect your privacy. If you do not use a [strong and unique password](https://www.privacyguides.org/en/basics/passwords-overview/), a criminal could easily snoop in or even takeover your account.
-
-In addition to choosing a long, complex, and unique password, make sure to enable multifactor authentication. Ideally, use an [authenticator app](https://www.privacyguides.org/en/multi-factor-authentication/) or [security key](https://www.privacyguides.org/en/security-keys/) for this.
-
-If the only option you have is to enable multifactor authentication with a phone number, *and you have already signed up for the app using a phone number*, then this is better than nothing. If you have *not* signed up with the app using a phone number, then it might be better to not use this at all. It's preferable to not give your phone number to the app, if you can avoid it.
-
-#### Name, nickname, and full name
-
-Be careful with the name you choose to publish. Avoid sharing your last name with anyone until you have met them, trust them, and are discussing on safer channels with them.
-
-Perhaps only use a nickname on the app, your fist name only, or a shortened version of your name if you can. **Do not lie, but avoid providing your complete legal identity from the app.**
-
-#### Photos and videos
-
-For photos, try to keep an awareness of whom will be able to see them. Some apps make your main profile picture visible to the entire internet!
-
-If this is true for the app you use, perhaps choose a photo hiding your features a little as your main photo. Then, add more detailed photos inside your profile, if photos have more restricted visibility there.
-
-No matter which photos you upload in a dating app, **do not ever use the same photos you have used on social media!**
-
-This could allow *anyone* to cross-reference your dating profile with your social media accounts using this photo (or other accounts and websites where you used the same photo). Depending on your situation, this can be incredibly dangerous.
-
-Ideally, only upload photos on the dating app that are new, or that you have only used with dating services.
-
-Additionally, be extremely careful about which *other* information is visible in the photos you share.
-
-Remain mindful of anything that could identify your home or work location, such as street signs, bus stops, street addresses, city landscapes, etc. Pay special attention to reflections in glasses, windows, mirrors, and other reflective surfaces.
-
-#### Photo metadata
-
-Furthermore, make sure to **[remove the metadata](https://www.privacyguides.org/en/data-redaction/)** from the photos and videos you want to upload, *before* you uploaded them in the dating app.
-
-Photo metadata can reveal a lot about you. This includes device models as well as the precise date, time, and geolocation where a photo was taken, or a video was filmed. Any metadata attached to images and videos uploaded to the app, is likely to be collected by the app.
-
-#### Intimate photos
-
-Finally, if you trust a match enough to start sharing more intimate pictures, consider the dating app might not be the safest space for this.
-
-Dating apps do not use end-to-end encryption, and *all* the data you upload there can be accessed by the company, and could be stolen in a data breach. Some dating apps were already [called out](https://www.techradar.com/pro/security/major-dating-app-data-breach-may-have-exposed-1-5-million-private-user-images-online) for this earlier this year.
-
-Moreover, keep in mind that criminals are regularly hunting for victims on dating apps, requesting intimate pictures for [nefarious purposes](https://www.bbc.co.uk/news/articles/cyvjy0871dqo). Students and younger people are a growing target for extortion, [sextortion](https://www.tandfonline.com/doi/full/10.1080/01639625.2024.2317904), and even [sex trafficking](https://www.investigatewest.org/investigatewest-reports/a-washington-teen-was-trafficked-by-a-man-she-met-on-tinder-she-says-two-years-later-shes-still-waiting-for-justice-17706687) on dating apps.
-
-*Always* keep in mind this risk when sharing intimate photos and videos with someone, *even on end-to-end encrypted platforms*.
-
-#### Private conversations
-
-When chatting in private with matches, remember that this conversation might not be as private as it feels.
-
-As explained above, the company can technically still **read and collect all of your private conversations**, and this data could also leak in a data breach.
-
-Additionally, nothing prevents anyone you are talking with from taking screenshots and publishing this information online. Unfortunately, this despicable practice isn't that uncommon.
-
-Make sure you trust the person you are chatting with enough before sharing any details that strongly identifies you, your location, or your work location. Consider moving to safer encrypted channels when the conversation becomes more personal.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">A note on anonymity</p>
-
-Keep in mind that all these measures will *not* make you completely anonymous on a dating app.
-
-It will only *reduce* the data you expose to the company and its advertisers, to potential data breaches and leaks, as well as to criminal and governmental non-consensual accesses.
-
-Achieving total anonymity online is very difficult. But following these privacy-enhancing practices will effectively help to reduce the risks, and keep you safer online.
-
-</div>
-
-## Let's hope for better dating apps in the future
-
-It's disheartening to discuss a topic such as dating apps when the reality is there **aren't any good alternatives** to propose.
-
-Dating *offline* is the best data privacy-preserving solution so far, but dating apps, moreover queer dating apps, exist for a reason: It's hard to find occasions to meet people to date in-person these days.
-
-Many opportunities for this have slowly disappeared from our society in the past years. Online dating does provide a solution to meet people looking to date as well.
-
-The even sadder truth is, technically, we *could* have great privacy-respectful dating apps.
-
-However, the for-profit business model of most applications (not just dating apps) has incentive everyone to share and monetize users' data in horribly intrusive and abusive ways. This isn't a problem limited to dating apps.
-
-Nonetheless, dating apps should be built with much greater protections for users' privacy. The unavoidable sensitive data they collect warrants exemplary security and privacy measures.
-
-Let's hope that one day we will see a trustworthy dating-app developer come with a *truly* privacy-respectful dating app. One that uses serious security measures, data minimization practices, proper data deletion processes, code transparency, honest and complete policies, fully end-to-end encrypted private chat, and that doesn't sell nor share users' data with anyone.
-
-Until then, stay safe out there. And keep in mind your privacy and safety when using queer dating apps.
-
-## Additional resources
-
-### Helplines
-
-If you are feeling isolated, depressed, or suicidal, do not hesitate to reach out for help. These helplines are here to listen:
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): Confidential support helpline for people who identify as trans, agender, gender-fluid or non-binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support (Phone number US: 877-565-8860 / Canada: 877-330-6366)
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 (Phone number: 988)
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.