Add Real-Time Communication Category to Knowledge Base (#1770 )

Co-authored-by: Morten Lautrup <44033709+purtual@users.noreply.github.com> Signed-off-by: Daniel Gray <dng@disroot.org>
Fix Diceware links (#1772 )
2025-07-03 10:02:44 +00:00 · 2022-09-16 23:17:51 +09:30 · 2022-09-16 22:38:10 +09:30 · 2022-09-16 22:35:10 +09:30 · 2022-09-15 19:21:38 +01:00 · 2022-09-15 11:33:48 -05:00
31 changed files with 442 additions and 508 deletions
--- a/.github/workflows/crowdin.yml
+++ b/.github/workflows/crowdin.yml
@ -14,7 +14,7 @@ jobs:
      uses: actions/checkout@v3

    - name: crowdin action
-      uses: crowdin/github-action@1.4.12
+      uses: crowdin/github-action@1.4.13
      with:
        upload_sources: true
        upload_sources_args: '--auto-update --delete-obsolete'
--- a/1
+++ b/1
@ -9,7 +9,6 @@ mkdocs-material = {path = "./mkdocs-material"}
 mkdocs-static-i18n = "*"
 mkdocs-git-revision-date-localized-plugin = "*"
 typing-extensions = "*"
-mkdocs-minify-plugin = "*"
 mkdocs-rss-plugin = "*"
 mkdocs-git-committers-plugin-2 = "*"
 mkdocs-macros-plugin = "*"
--- a/Pipfile.lock
+++ b/Pipfile.lock
@ -1,7 +1,7 @@
 {
    "_meta": {
        "hash": {
-            "sha256": "bc99c3ae97af3b039c20ec5ed0cb345e76d171f08cb8c1e2aface7fad4bab695"
+            "sha256": "cc061d23a1d1965a032daba80bbc3747582c5ce54374e393e09d1d3b4a3d79bf"
        },
        "pipfile-spec": 6,
        "requires": {
@ -49,11 +49,11 @@
        },
        "certifi": {
            "hashes": [
-                "sha256:84c85a9078b11105f04f3036a9482ae10e4621616db313fe045dd24743a0820d",
-                "sha256:fe86415d55e84719d75f8b69414f6438ac3547d2078ab91b67e779ef69378412"
+                "sha256:43dadad18a7f168740e66944e4fa82c6611848ff9056ad910f8f7a3e46ab89e0",
+                "sha256:cffdcd380919da6137f76633531a5817e3a9f268575c128249fb637e4f9e73fb"
            ],
            "markers": "python_version >= '3.6'",
-            "version": "==2022.6.15"
+            "version": "==2022.6.15.1"
        },
        "cffi": {
            "hashes": [
@ -140,12 +140,6 @@
            "markers": "python_version >= '3.7'",
            "version": "==8.1.3"
        },
-        "csscompressor": {
-            "hashes": [
-                "sha256:afa22badbcf3120a4f392e4d22f9fff485c044a1feda4a950ecc5eba9dd31a05"
-            ],
-            "version": "==0.9.5"
-        },
        "cssselect2": {
            "hashes": [
                "sha256:3a83b2a68370c69c9cd3fcb88bbfaebe9d22edeef2c22d1ff3e1ed9c7fa45ed8",
@ -185,12 +179,6 @@
            "markers": "python_version >= '3.7'",
            "version": "==3.1.27"
        },
-        "htmlmin": {
-            "hashes": [
-                "sha256:50c1ef4630374a5d723900096a961cff426dff46b48f34d194a81bbe14eca178"
-            ],
-            "version": "==0.1.12"
-        },
        "idna": {
            "hashes": [
                "sha256:84d9dd047ffa80596e0f246e2eab0b391788b0503584e8945f2368256d2735ff",
@ -215,12 +203,6 @@
            "markers": "python_version >= '3.7'",
            "version": "==3.1.2"
        },
-        "jsmin": {
-            "hashes": [
-                "sha256:c0959a121ef94542e807a674142606f7e90214a2b3d1eb17300244bbb5cc2bfc"
-            ],
-            "version": "==3.0.1"
-        },
        "lxml": {
            "hashes": [
                "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318",
@ -403,14 +385,6 @@
            "markers": "python_version >= '3.6'",
            "version": "==1.0.3"
        },
-        "mkdocs-minify-plugin": {
-            "hashes": [
-                "sha256:32d9e8fbd89327a0f4f648f517297aad344c1bad64cfde110d059bd2f2780a6d",
-                "sha256:487c31ae6b8b3230f56910ce6bcf5c7e6ad9a8c4f51c720a4b989f30c2b0233f"
-            ],
-            "index": "pypi",
-            "version": "==0.5.0"
-        },
        "mkdocs-rss-plugin": {
            "hashes": [
                "sha256:50671e2030188da4bc01ff421d979903a01cd87b02e2ec5f430fd05d5ed55825",
@ -593,83 +567,97 @@
        },
        "regex": {
            "hashes": [
-                "sha256:02b6dc102123f5178796dcdb5a90f6e88895607fd1a1d115d8de1af8161ca2b4",
-                "sha256:0843cc977b9cc00eb2299b624db6481d25e7f5b093f7a7c2bb727028d4a26eda",
-                "sha256:085ca3dc9360c0210e0a70e5d34d66454a06077644e7679fef6358b1f053e62e",
-                "sha256:0a9d5a64e974bc5f160f30f76aaf993d49eeddb405676be6bf76a5a2c131e185",
-                "sha256:0de0ce11c0835e1117eacbfe8fa6fa98dc0e8e746b486735cb0fdebe46a02222",
-                "sha256:1418d3506a9582b23a27373f125ea2b0da523c581e7cf678a6f036254d134faa",
-                "sha256:14750172c0a616140a8f496dfef28ed24080e87d06d5838e008f959ad307a8c5",
-                "sha256:1b6d2c579ffdcbb3d93f63b6a7f697364594e1c1b6856958b3e61e3ca22c140a",
-                "sha256:1df31eaf147ecff3665ba861acb8f78221cd5501df072c9151dfa341dd24599f",
-                "sha256:21b6f939916aa61beea56393ebc8a9999060632ac22b8193c2cb67d6fd7cb2c3",
-                "sha256:2240fce3af236e4586a045c1be8bbf16c4f8831e68b7df918b72fc31a80143be",
-                "sha256:242f546fc5e49bb7395624ac3b4fc168bf454e11ace9804c58c4c3a90d84e38f",
-                "sha256:25bffa248b99b53a61b1f20fc7d19f711e38e9f0bc90d44c26670f8dc282ad7d",
-                "sha256:2ada67e02fa3fcca9e3b90cf24c2c6bc77f0abc126209937956aea10eeba40c7",
-                "sha256:2c198921afc811bc0f105c6e5150fbdebf9520c9b7d43cfc0ab156ca97f506d7",
-                "sha256:370b1d7aed26e29915c3fb3e72e327f194824a76cedb60c0b9f6c6af53e89d72",
-                "sha256:3aafbbf5076f2a48bcf31ceb42b410323daaa0ddb42544640592957bc906ace6",
-                "sha256:3d3d769b3d485b28d6a591b46723dbacc696e6503f48a3ef52e6fc2c90edb482",
-                "sha256:3d83fd6dd4263595d0e4f595d4abd54397cbed52c0147f7dd148a7b72910301e",
-                "sha256:45cb798095b886e4df6ff4a1f7661eb70620ccdef127e3c3e00a1aaa22d30e53",
-                "sha256:4bd9443f7ff6e6288dd4496215c5d903f851e55cbc09d5963587af0c6d565a0a",
-                "sha256:4bdfd016ab12c4075ef93f025b3cf4c8962b9b7a5e52bb7039ab64cb7755930c",
-                "sha256:4c6554073e3e554fbb3dff88376ada3da32ca789ea1b9e381f684d49ddb61199",
-                "sha256:4dad9d68574e93e1e23be53b4ecfb0f083bd5cc08cc7f1984a4ee3ebf12aa446",
-                "sha256:4e12a3c2d4781ee5d03f229c940934fa1e4ea4f4995e68ab97a2815b139e0804",
-                "sha256:53c9eca0d6070a8a3de42182ad26daf90ba12132eb74a2f45702332762aff84e",
-                "sha256:5910bb355f9517309f77101238dbacb7151ede3434a2f1fad26ecc62f13d8324",
-                "sha256:5c77eab46f3a2b2cd8bbe06467df783543bf7396df431eb4a144cc4b89e9fb3c",
-                "sha256:5d541bc430a74c787684d1ebcd205a5212a88c3de73848143e77489b2c25b911",
-                "sha256:5e7c8f9f8824143c219dd93cdc733c20d2c12f154034c89bcb4911db8e45bd92",
-                "sha256:5f14430535645712f546f1e07013507d1cc0c8abd851811dacce8c7fb584bf52",
-                "sha256:6059ae91667932d256d9dc03abd3512ebcade322b3a42d1b8354bd1db7f66dcc",
-                "sha256:61f6966371fa1cbf26c6209771a02bef80336cdaca0c0af4dfa33d51019c0b93",
-                "sha256:62d56a9d3c1e5a83076db4da060dad7ea35ac2f3cbd3c53ba5a51fe0caedb500",
-                "sha256:634f090a388351eadf1dcc1d168a190718fb68efb4b8fdc1b119cf837ca01905",
-                "sha256:64ecfcc386420192fbe98fdde777d993f7f2dfec9552e4f4024d3447d3a3e637",
-                "sha256:6af38997f178889d417851bae8fb5c00448f7405cfcab38734d771f1dd5d5973",
-                "sha256:6b30c8d299ba48ee919064628fd8bc296bdc6e4827d315491bea39437130d3e1",
-                "sha256:6f0c8807bac16984901c0573725bad786f2f004f9bd5df8476c6431097b6c5b3",
-                "sha256:6f62c8a59f6b8e608880c61b138ae22668184bc266b025d33200dcf2cebe0872",
-                "sha256:74d4aabd612d32282f3cb3ebb4436046fb840d25c754157a755bc9f66e7cd307",
-                "sha256:7658d2dfc1dabfb008ffe12ae47b98559e2aedd8237bee12f5aafb74d90479e3",
-                "sha256:777ceea2860a48e9e362a4e2a9a691782ea97bd05c24627c92e876fdd2c22e61",
-                "sha256:79f34d5833cd0d53ecf48bc030e4da3216bd4846224d17eeb64509be5cb098fd",
-                "sha256:7a52d547259495a53e61e37ffc6d5cecf8d298aeb1bc0d9b25289d65ddb31183",
-                "sha256:840063aa8eeb1dda07d7d7dee15648838bffef1d415f5f79061854a182a429aa",
-                "sha256:8e8ec94d1b1a0a297c2c69a0bf000baf9a79607ca0c084f577f811a9b447c319",
-                "sha256:95fb62a3980cf43e76c2fe95edab06ec70dc495b8aa660975eb9f0b2ffdae1e1",
-                "sha256:9668da78bcc219542467f51c2cd01894222be6aceec4b5efb806705900b794d8",
-                "sha256:99a7c5786de9e92ff5ffee2e8bed745f5d25495206f3f14656c379031e518334",
-                "sha256:a1e283ad918df44bad3ccf042c2fe283c63d17617570eb91b8c370ef677b0b83",
-                "sha256:a25d251546acb5edb1635631c4ae0e330fa4ec7c6316c01d256728fbfb9bbff2",
-                "sha256:abe1adb32e2535aaa171e8b2b2d3f083f863c9974a3e6e7dae6bf4827fc8b983",
-                "sha256:ae85112da2d826b65aa7c7369c56ca41d9a89644312172979cbee5cf788e0b09",
-                "sha256:b3379a83dc63fe06538c751961f9ed730b5d7f08f96a57bbad8d52db5820df1f",
-                "sha256:b3c7c6c4aac19b964c1d12784aecae7f0315314640b0f41dd6f0d4e2bf439072",
-                "sha256:b7ddecc80e87acf12c2cf12bf3721def47188c403f04e706f104b5e71fed2f31",
-                "sha256:bbaf6785d3f1cd3e617b9d0fb3c5528023ef7bc7cc1356234801dc1941df8ce9",
-                "sha256:be6f5b453f7ed2219a9555bb6840663950b9ab1dc034216f68eac64db66633c2",
-                "sha256:c2b6404631b22617b5127c6de2355393ccda693ca733a098b6802e7dabb3457a",
-                "sha256:c4f6609f6e867a58cdf173e1cbe1f3736d25962108bd5cb01ad5a130875ff2c8",
-                "sha256:c76dd2c0615a28de21c97f9f6862e84faef58ff4d700196b4e395ef6a52291e4",
-                "sha256:c78c72f7878071a78337510ec78ab856d60b4bdcd3a95fd68b939e7cb30434b3",
-                "sha256:cb0c9a1476d279524538ba9a00ecec9eadcef31a6a60b2c8bd2f29f62044a559",
-                "sha256:ccb986e80674c929f198464bce55e995178dea26833421e2479ff04a6956afac",
-                "sha256:cfa62063c5eafb04e4435459ce15746b4ae6c14efeae8f16bd0e3d2895dad698",
-                "sha256:d13bd83284b46c304eb10de93f8a3f2c80361f91f4e8a4e1273caf83e16c4409",
-                "sha256:d76e585368388d99ddd2f95989e6ac80a8fe23115e93931faad99fa34550612f",
-                "sha256:dc32029b9cc784a529f9201289d4f841cc24a2ae3126a112cd467bc41bbc2f10",
-                "sha256:e0b55651db770b4b5a6c7d015f24d1a6ede307296bbdf0c47fc5f6a6adc7abee",
-                "sha256:e37886929ee83a5fa5c73164abada00e7f3cc1cbf3f8f6e1e8cfecae9d6cfc47",
-                "sha256:f7b88bc7306136b123fd1a9beed16ca02900ee31d1c36e73fa33d9e525a5562d",
-                "sha256:fac611bde2609a46fcbd92da7171286faa2f5c191f84d22f61cd7dc27213f51d",
-                "sha256:fafed60103132e74cdfbd651abe94801eb87a9765ce275b3dca9af8f3e06622a"
+                "sha256:003a2e1449d425afc817b5f0b3d4c4aa9072dd5f3dfbf6c7631b8dc7b13233de",
+                "sha256:0385d66e73cdd4462f3cc42c76a6576ddcc12472c30e02a2ae82061bff132c32",
+                "sha256:0394265391a86e2bbaa7606e59ac71bd9f1edf8665a59e42771a9c9adbf6fd4f",
+                "sha256:03ff695518482b946a6d3d4ce9cbbd99a21320e20d94913080aa3841f880abcd",
+                "sha256:079c182f99c89524069b9cd96f5410d6af437e9dca576a7d59599a574972707e",
+                "sha256:091efcfdd4178a7e19a23776dc2b1fafb4f57f4d94daf340f98335817056f874",
+                "sha256:0b664a4d33ffc6be10996606dfc25fd3248c24cc589c0b139feb4c158053565e",
+                "sha256:14216ea15efc13f28d0ef1c463d86d93ca7158a79cd4aec0f9273f6d4c6bb047",
+                "sha256:14a7ab070fa3aec288076eed6ed828587b805ef83d37c9bfccc1a4a7cfbd8111",
+                "sha256:14c71437ffb89479c89cc7022a5ea2075a842b728f37205e47c824cc17b30a42",
+                "sha256:18e503b1e515a10282b3f14f1b3d856194ecece4250e850fad230842ed31227f",
+                "sha256:19a4da6f513045f5ba00e491215bd00122e5bd131847586522463e5a6b2bd65f",
+                "sha256:1a901ce5cd42658ab8f8eade51b71a6d26ad4b68c7cfc86b87efc577dfa95602",
+                "sha256:26df88c9636a0c3f3bd9189dd435850a0c49d0b7d6e932500db3f99a6dd604d1",
+                "sha256:2dda4b096a6f630d6531728a45bd12c67ec3badf44342046dc77d4897277d4f2",
+                "sha256:322bd5572bed36a5b39952d88e072738926759422498a96df138d93384934ff8",
+                "sha256:360ffbc9357794ae41336b681dff1c0463193199dfb91fcad3ec385ea4972f46",
+                "sha256:37e5a26e76c46f54b3baf56a6fdd56df9db89758694516413757b7d127d4c57b",
+                "sha256:3d64e1a7e6d98a4cdc8b29cb8d8ed38f73f49e55fbaa737bdb5933db99b9de22",
+                "sha256:3f3b4594d564ed0b2f54463a9f328cf6a5b2a32610a90cdff778d6e3e561d08b",
+                "sha256:4146cb7ae6029fc83b5c905ec6d806b7e5568dc14297c423e66b86294bad6c39",
+                "sha256:4318f69b79f9f7d84a7420e97d4bfe872dc767c72f891d4fea5fa721c74685f7",
+                "sha256:4cdbfa6d2befeaee0c899f19222e9b20fc5abbafe5e9c43a46ef819aeb7b75e5",
+                "sha256:50e764ffbd08b06aa8c4e86b8b568b6722c75d301b33b259099f237c46b2134e",
+                "sha256:518272f25da93e02af4f1e94985f5042cec21557ef3591027d0716f2adda5d0a",
+                "sha256:592b9e2e1862168e71d9e612bfdc22c451261967dbd46681f14e76dfba7105fd",
+                "sha256:59a786a55d00439d8fae4caaf71581f2aaef7297d04ee60345c3594efef5648a",
+                "sha256:59bac44b5a07b08a261537f652c26993af9b1bbe2a29624473968dd42fc29d56",
+                "sha256:5d0dd8b06896423211ce18fba0c75dacc49182a1d6514c004b535be7163dca0f",
+                "sha256:67a4c625361db04ae40ef7c49d3cbe2c1f5ff10b5a4491327ab20f19f2fb5d40",
+                "sha256:6adfe300848d61a470ec7547adc97b0ccf86de86a99e6830f1d8c8d19ecaf6b3",
+                "sha256:6b32b45433df1fad7fed738fe15200b6516da888e0bd1fdd6aa5e50cc16b76bc",
+                "sha256:6c57d50d4d5eb0c862569ca3c840eba2a73412f31d9ecc46ef0d6b2e621a592b",
+                "sha256:6d43bd402b27e0e7eae85c612725ba1ce7798f20f6fab4e8bc3de4f263294f03",
+                "sha256:6e521d9db006c5e4a0f8acfef738399f72b704913d4e083516774eb51645ad7c",
+                "sha256:6fe1dd1021e0f8f3f454ce2811f1b0b148f2d25bb38c712fec00316551e93650",
+                "sha256:73b985c9fc09a7896846e26d7b6f4d1fd5a20437055f4ef985d44729f9f928d0",
+                "sha256:7681c49da1a2d4b905b4f53d86c9ba4506e79fba50c4a664d9516056e0f7dfcc",
+                "sha256:77c2879d3ba51e5ca6c2b47f2dcf3d04a976a623a8fc8236010a16c9e0b0a3c7",
+                "sha256:7b0c5cc3d1744a67c3b433dce91e5ef7c527d612354c1f1e8576d9e86bc5c5e2",
+                "sha256:7fcf7f94ccad19186820ac67e2ec7e09e0ac2dac39689f11cf71eac580503296",
+                "sha256:83cc32a1a2fa5bac00f4abc0e6ce142e3c05d3a6d57e23bd0f187c59b4e1e43b",
+                "sha256:8418ee2cb857b83881b8f981e4c636bc50a0587b12d98cb9b947408a3c484fe7",
+                "sha256:86df2049b18745f3cd4b0f4c4ef672bfac4b80ca488e6ecfd2bbfe68d2423a2c",
+                "sha256:880dbeb6bdde7d926b4d8e41410b16ffcd4cb3b4c6d926280fea46e2615c7a01",
+                "sha256:8aba0d01e3dfd335f2cb107079b07fdddb4cd7fb2d8c8a1986f9cb8ce9246c24",
+                "sha256:8dcbcc9e72a791f622a32d17ff5011326a18996647509cac0609a7fc43adc229",
+                "sha256:944567bb08f52268d8600ee5bdf1798b2b62ea002cc692a39cec113244cbdd0d",
+                "sha256:995e70bb8c91d1b99ed2aaf8ec44863e06ad1dfbb45d7df95f76ef583ec323a9",
+                "sha256:99945ddb4f379bb9831c05e9f80f02f079ba361a0fb1fba1fc3b267639b6bb2e",
+                "sha256:9a165a05979e212b2c2d56a9f40b69c811c98a788964e669eb322de0a3e420b4",
+                "sha256:9bc8edc5f8ef0ebb46f3fa0d02bd825bbe9cc63d59e428ffb6981ff9672f6de1",
+                "sha256:a1aec4ae549fd7b3f52ceaf67e133010e2fba1538bf4d5fc5cd162a5e058d5df",
+                "sha256:a1c4d17879dd4c4432c08a1ca1ab379f12ab54af569e945b6fc1c4cf6a74ca45",
+                "sha256:a2b39ee3b280e15824298b97cec3f7cbbe6539d8282cc8a6047a455b9a72c598",
+                "sha256:a2effeaf50a6838f3dd4d3c5d265f06eabc748f476e8441892645ae3a697e273",
+                "sha256:a59d0377e58d96a6f11636e97992f5b51b7e1e89eb66332d1c01b35adbabfe8a",
+                "sha256:a926339356fe29595f8e37af71db37cd87ff764e15da8ad5129bbaff35bcc5a6",
+                "sha256:a9eb9558e1d0f78e07082d8a70d5c4d631c8dd75575fae92105df9e19c736730",
+                "sha256:ab07934725e6f25c6f87465976cc69aef1141e86987af49d8c839c3ffd367c72",
+                "sha256:ad75173349ad79f9d21e0d0896b27dcb37bfd233b09047bc0b4d226699cf5c87",
+                "sha256:b7b701dbc124558fd2b1b08005eeca6c9160e209108fbcbd00091fcfac641ac7",
+                "sha256:b7bee775ff05c9d519195bd9e8aaaccfe3971db60f89f89751ee0f234e8aeac5",
+                "sha256:b86548b8234b2be3985dbc0b385e35f5038f0f3e6251464b827b83ebf4ed90e5",
+                "sha256:b9d68eb704b24bc4d441b24e4a12653acd07d2c39940548761e0985a08bc1fff",
+                "sha256:c0b7cb9598795b01f9a3dd3f770ab540889259def28a3bf9b2fa24d52edecba3",
+                "sha256:cab548d6d972e1de584161487b2ac1aa82edd8430d1bde69587ba61698ad1cfb",
+                "sha256:ce331b076b2b013e7d7f07157f957974ef0b0881a808e8a4a4b3b5105aee5d04",
+                "sha256:cfa4c956ff0a977c4823cb3b930b0a4e82543b060733628fec7ab3eb9b1abe37",
+                "sha256:d23ac6b4bf9e32fcde5fcdb2e1fd5e7370d6693fcac51ee1d340f0e886f50d1f",
+                "sha256:d2885ec6eea629c648ecc9bde0837ec6b92208b7f36381689937fe5d64a517e8",
+                "sha256:d2a1371dc73e921f3c2e087c05359050f3525a9a34b476ebc8130e71bec55e97",
+                "sha256:d3102ab9bf16bf541ca228012d45d88d2a567c9682a805ae2c145a79d3141fdd",
+                "sha256:d5b003d248e6f292475cd24b04e5f72c48412231961a675edcb653c70730e79e",
+                "sha256:d5edd3eb877c9fc2e385173d4a4e1d792bf692d79e25c1ca391802d36ecfaa01",
+                "sha256:d7430f041755801b712ec804aaf3b094b9b5facbaa93a6339812a8e00d7bd53a",
+                "sha256:d837ccf3bd2474feabee96cd71144e991472e400ed26582edc8ca88ce259899c",
+                "sha256:dab81cc4d58026861445230cfba27f9825e9223557926e7ec22156a1a140d55c",
+                "sha256:db45016364eec9ddbb5af93c8740c5c92eb7f5fc8848d1ae04205a40a1a2efc6",
+                "sha256:df8fe00b60e4717662c7f80c810ba66dcc77309183c76b7754c0dff6f1d42054",
+                "sha256:e6e6e61e9a38b6cc60ca3e19caabc90261f070f23352e66307b3d21a24a34aaf",
+                "sha256:ee7045623a5ace70f3765e452528b4c1f2ce669ed31959c63f54de64fe2f6ff7",
+                "sha256:f06cc1190f3db3192ab8949e28f2c627e1809487e2cfc435b6524c1ce6a2f391",
+                "sha256:f07373b6e56a6f3a0df3d75b651a278ca7bd357a796078a26a958ea1ce0588fd",
+                "sha256:f6e0321921d2fdc082ef90c1fd0870f129c2e691bfdc4937dcb5cd308aba95c4",
+                "sha256:f6e167d1ccd41d27b7b6655bb7a2dcb1b1eb1e0d2d662043470bd3b4315d8b2b",
+                "sha256:fcbd1edff1473d90dc5cf4b52d355cf1f47b74eb7c85ba6e45f45d0116b8edbd",
+                "sha256:fe428822b7a8c486bcd90b334e9ab541ce6cc0d6106993d59f201853e5e14121"
            ],
            "markers": "python_version >= '3.6'",
-            "version": "==2022.8.17"
+            "version": "==2022.9.13"
        },
        "requests": {
            "hashes": [
@ -705,9 +693,11 @@
        },
        "termcolor": {
            "hashes": [
-                "sha256:1d6d69ce66211143803fbc56652b41d73b4a400a2891d7bf7a1cdf4c02de613b"
+                "sha256:6b2cf769e93364a2676e1de56a7c0cff2cf5bd07f37e9cc80b0dd6320ebfe388",
+                "sha256:7e597f9de8e001a3208c4132938597413b9da45382b6f1d150cff8d062b7aaa3"
            ],
-            "version": "==1.1.0"
+            "markers": "python_version >= '3.7'",
+            "version": "==2.0.1"
        },
        "tinycss2": {
            "hashes": [
--- a/docs/android.en.md
+++ b/docs/android.en.md
@ -3,9 +3,17 @@ title: "Android"
 icon: 'simple/android'
 ---

-These are the Android operating systems, devices, and apps we recommend to maximize your mobile device's security and privacy. We also have additional Android-related information:
+![Android logo](assets/img/android/android.svg){ align=right }

- [General Android Overview and Recommendations :material-arrow-right-drop-circle:](android/overview.md)
+The **Android Open Source Project** is an open-source mobile operating system led by Google which powers the majority of the world's mobile devices. Most phones sold with Android are modified to include invasive integrations and apps such as Google Play Services, so you can significantly improve your privacy on your mobile device by replacing your phone's default installation with a version of Android without these invasive features.
+
+[:octicons-home-16:](https://source.android.com/){ .card-link title=Homepage }
+[:octicons-info-16:](https://source.android.com/docs){ .card-link title=Documentation}
+[:octicons-code-16:](https://cs.android.com/android/platform/superproject/){ .card-link title="Source Code" }
+
+These are the Android operating systems, devices, and apps we recommend to maximize your mobile device's security and privacy. To learn more about Android:
+
+- [General Android Overview :material-arrow-right-drop-circle:](android/overview.md)
 - [Why we recommend GrapheneOS over CalyxOS :material-arrow-right-drop-circle:](android/grapheneos-vs-calyxos.md)

 ## AOSP Derivatives
@ -47,7 +55,7 @@ Google Pixel phones are the only devices that currently meet GrapheneOS's [hardw
    DivestOS inherits many [supported devices](https://divestos.org/index.php?page=devices&base=LineageOS) from LineageOS. It has signed builds, making it possible to have [verified boot](https://source.android.com/security/verifiedboot) on some non-Pixel devices.

    [:octicons-home-16: Homepage](https://divestos.org){ .md-button .md-button--primary }
-    [:simple-torproject:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://divestos.org/index.php?page=privacy_policy){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://divestos.org/index.php?page=faq){ .card-link title=Documentation}
    [:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Source Code" }
@ -166,7 +174,7 @@ Auditor performs attestation and intrusion detection by:

 No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.

-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](self-contained-networks.md#orbot) or a VPN to hide your IP address from the attestation service.
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
 To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.

 ### Secure Camera
--- a/docs/android/grapheneos-vs-calyxos.en.md
+++ b/docs/android/grapheneos-vs-calyxos.en.md
@ -1,51 +1,59 @@
 ---
-title: "Why we recommend GrapheneOS over CalyxOS"
+title: "GrapheneOS or CalyxOS?"
 icon: 'material/cellphone-cog'
 ---

-GrapheneOS and CalyxOS are commonly compared as similar options for people looking for an alternative Android OS for their Pixel devices. Below are some of the reasons why we recommend GrapheneOS over CalyxOS.
+GrapheneOS and CalyxOS are often compared as similar options for people looking for an alternative Android OS for their Pixel devices. Below are some of the reasons why we recommend GrapheneOS over CalyxOS.

-## Profiles
+## Update Frequency

-CalyxOS includes a device controller app so there is no need to install a third-party app like Shelter.
+CalyxOS has a track record of being slower to apply security and feature updates to its OS and core applications than other custom Android operating systems. Timely security updates are one of the most important factors to consider when determining whether an OS is secure enough for regular use, which is a requirement for privacy.

-GrapheneOS extends the user profile feature, allowing you to end a current session. To do this, select *End Session* which will clear the encryption key from memory. GrapheneOS also provides [cross-profile notification forwarding](https://grapheneos.org/features#notification-forwarding). GrapheneOS plans to introduce nested profile support with better isolation in the future.
+In contrast to that, GrapheneOS manages to stay close to upstream and in some cases even [deliver updates before the stock OS does](https://grapheneos.org/features#more-complete-patching).
+
+As an example, [GrapheneOS's first Android 12 release](https://grapheneos.org/releases#2021102020) was in October 2021, whereas [CalyxOS moved to Android 12](https://calyxos.org/news/2022/01/19/android-12-changelog/) in January 2022.

 ## Sandboxed Google Play vs Privileged microG

-When Google Play services are used on GrapheneOS, they run as a user app and are contained within a user or work profile. Sandboxed Google Play is confined using the highly restrictive, default [`untrusted_app`](https://source.android.com/security/selinux/concepts) domain provided by [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux). Permissions for apps to use Google Play Services can be revoked at any time.
+When Google Play Services are used on GrapheneOS, they are confined using the highly restrictive, default [`untrusted_app`](https://source.android.com/security/selinux/concepts) [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) domain. As a result, you have full control as to what these apps can access via permissions, just like any other app you install. Additionally, you can selectively choose which profile(s) to install the Sandboxed Google Play in.

 microG is a partially open-source re-implementation of Google Play Services.[^1] On CalyxOS, it runs in the highly privileged [`system_app`](https://source.android.com/security/selinux/concepts) SELinux domain like regular Google Play Services, and it uses [signature spoofing](https://github.com/microg/GmsCore/wiki/Signature-Spoofing) to masquerade as Google Play Services. This is less secure than Sandboxed Google Play's approach, which does not need access to sensitive system APIs.

-When using Sandboxed Play Services, you have the option to reroute location requests to the Play Services API back to the OS location API, which uses satellite based location services. With microG, you have the option to choose between different backend location providers, including *shifting trust* to another location backend, like Mozilla; using [DejaVu](https://github.com/n76/DejaVu), a location backend that locally collects and saves RF-based location data to an offline database which can be used when GPS is not available; or to simply not use a network location backend at all.
+When using Sandboxed Google Play, you have the option to reroute location requests to the Play Services API back to the OS location API, which uses satellite based location services. With microG, you have the option to choose between different backend location providers, including *shifting trust* to another location backend, like Mozilla; using [DejaVu](https://github.com/n76/DejaVu), a location backend that locally collects and saves RF-based location data to an offline database which can be used when GPS is not available; or to simply not use a network location backend at all.

 Network location providers like Play Services or Mozilla rely the on the MAC addresses of surrounding WiFi access points and Bluetooth devices being submitted for location approximation. Choosing a network location like Mozilla to use with microG provides little to no privacy benefit over Google because you are still submitting the same data and trusting them to not profile you.

 Local RF location backends like DejaVu require that the phone has a working GPS first for the local RF data collected to be useful. This makes them less effective as location providers, as the job of a location provider is to assist location approximation when satellite based services are not working.

-If your threat model requires protecting your location or the MAC addresses of nearby devices, rerouting location requests to the OS location API is probably the best option. The benefit brought by microG's custom location backend is minimal at best when compared to Sandboxed Play Services.
+If your [threat model](threat-modeling.md) requires protecting your location or the MAC addresses of nearby devices, rerouting location requests to the OS location API is probably the best option. The benefit brought by microG's custom location backend is minimal at best when compared to Sandboxed Google Play.

-In terms of application compatibility, Sandboxed Google Play on GrapheneOS is always going to be more compatible as it is the same code as what is released by Google. microG is a reimplementation of these services. As a result of that it only supports the various parts that have been reimplemented, meaning some things such as [Google Play Games](https://play.google.com/googleplaygames) and [In-app Billing API](https://android-doc.github.io/google/play/billing/api.html) are not yet supported.
+In terms of application compatibility, ==Sandboxed Google Play on GrapheneOS is always going to be more compatible== as it is the same code as what is released by Google. microG is a reimplementation of these services. As a result, it only supports the various parts that have been reimplemented, meaning some things such as [Google Play Games](https://play.google.com/googleplaygames) and [In-app Billing API](https://android-doc.github.io/google/play/billing/api.html) are not yet supported.

-Larger apps, especially games, require Play Delivery to be installed, which is currently not implemented in microG. Authentication using [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) with online services on Android also relies on Play Services, and does not currently work with microG.
+Larger apps, especially games, require [Play Asset Delivery](https://android-developers.googleblog.com/2020/06/introducing-google-play-asset-delivery.html) to be installed, which is currently not implemented in microG. Authentication using [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) with online services on Android also relies on Play Services, and does not currently work with microG.

-[^1]: It should be noted that microG still uses proprietary Google binaries for some of its components such as DroidGuard. Push notifications, if enabled, still go through Google's servers just like with Play Services. Outside of default microG setups like on CalyxOS, it is possible to run microG in the unprivileged [`untrusted app`](https://source.android.com/security/selinux/concepts) SELinux domain and without the signature spoofing patch. However, microG's functionality and compatibility, which is already not nearly as broad as Sandboxed Play Services, will greatly diminish.
+[^1]: It should be noted that microG still uses proprietary Google binaries for some of its components such as DroidGuard. Push notifications, if enabled, still go through Google's servers just like with Play Services. Outside of default microG setups like on CalyxOS, it is possible to run microG in the unprivileged [`untrusted app`](https://source.android.com/security/selinux/concepts) SELinux domain and without the signature spoofing patch. However, microG's functionality and compatibility, which is already not nearly as broad as Sandboxed Google Play, will greatly diminish.

 ## Privileged eSIM Activation Application

 Currently, eSIM activation is tied to a privileged proprietary application by Google. The app has the `READ_PRIVILEGED_PHONE_STATE` permission, giving Google access to your hardware identifiers such as the IMEI.

-On GrapheneOS, the app comes disabled and can be *optionally* enabled by the user after they have installed Sandboxed Play Services.
+On GrapheneOS, the app comes disabled and you can *optionally* enable it after installing Sandboxed Google Play.

-On CalyxOS, the app comes installed by default (regardless of whether you choose to have microG or not) and cannot be opted out. This means Google still has access to your hardware identifiers regardless of whether or not you need eSIM activation and can be accessed persistently.
+On CalyxOS, the app comes installed by default (regardless of whether you choose to have microG or not) and you cannot opt-out. This means that Google still has access to your hardware identifiers regardless of whether or not you need eSIM activation and they can be accessed persistently.

 ## Privileged App Extensions

-Android 12 comes with special support for seamless app updates with [third-party app stores](https://android-developers.googleblog.com/2020/09/listening-to-developer-feedback-to.html). The popular Free and Open-Source Software (FOSS) repository [F-Droid](https://f-droid.org) doesn't implement this feature and requires a [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged) to be included with the Android distribution in order to have unattended app installation.
+Android 12 comes with special support for seamless app updates with [third-party app stores](https://android-developers.googleblog.com/2020/09/listening-to-developer-feedback-to.html). The popular Free and Open-Source Software (FOSS) repository [F-Droid](https://f-droid.org) doesn't implement this feature and requires a [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged) to be included with the Android distribution in order to have unattended app updates.

-GrapheneOS does not include F-Droid, because all updates have to be manually installed, which poses a security risk. However, you can use the [Neo Store](../android.md#neo-store) client for F-Droid which does support seamless (background) app updates in Android 12. GrapheneOS officially recommends [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play) instead. Many FOSS Android apps are also in Google Play but sometimes they are not (like [NewPipe](../video-streaming.md)).
+CalyxOS includes the [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged), which may lower device security.

-CalyxOS includes the [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged), which may lower device security. Seamless app updates should be possible with [Aurora Store](https://auroraoss.com) in Android 12.
+On the other hand, GrapheneOS officially recommends [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play) instead. Many FOSS Android apps are also in Google's Play Store but sometimes they are not (like [NewPipe](../video-streaming.md#newpipe)). In those cases, you can [keep up with updates using RSS](../android.md#manually-with-rss-notifications).
+
+## Profiles
+
+GrapheneOS significantly improves [user profiles](overview.md#user-profiles) in [multiple ways](https://grapheneos.org/features#improved-user-profiles), such as increasing the limit of how many profiles you can create (32 instead of the standard 4), allowing you to log out of user profiles, disabling app installation, and notification forwarding. All of these improvements make it so user profiles can be daily driven without sacrificng too much usability.
+
+CalyxOS doesn't feature any improvements to user profiles over AOSP, and instead includes a device controller app so that the [work profile](overview.md#work-profile) can be used without needing to download a third party app such as [Shelter](../android.md#shelter). However, work profiles are not nearly as flexible (as you're limited to only one) and don't provide the same amount of isolation and security.

 ## Additional Hardening

--- a/docs/assets/img/self-contained-networks/freenet.svg
+++ b/docs/assets/img/self-contained-networks/freenet.svg
@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><g><g><path fill="#fff" stroke="#356ace" stroke-width="1.5" d="m80.03 122.66c14.46-15.6 24.29-8.67 7.5 2.23-5.34 3.47-3.95 4.48-0.36 3.93 5.07-0.77 7.84 0.2 9.07 1.16 2.94 2.3 4.41 0.59 5.4-1.16 1.97-3.47 8.61 0.3 3.75 3.93-3.8 2.83-3.27 6.02 0.18 7.86 6.39 3.4 20.73 10.14 18.57 17.32-0.88 2.93-2.47 5.69-6.07 1.96-6.75-6.97-11.24-12.92-26.79-15.35-10.04-1.58-20.13-4.21-29.82 0.71-4.56 2.42-10.3 3.98-11.52 1.12-1.59-3.73 6.53-6.8 14.38-7.55 5.1-0.49 9.67-3.83 2.68-5.53-8.61-2.65 1.28-10.2 7.5-8.4 4.05 1.18 4.45-1.06 5.53-2.23z" transform="translate(0 -263.13) matrix(.072143 0 0 .072143 -44.234 303.31) matrix(6.1686 0 0 6.1686 310.87 -1171.1)"/></g></g></g></svg>
--- a/docs/assets/img/self-contained-networks/i2p-dark.svg
+++ b/docs/assets/img/self-contained-networks/i2p-dark.svg
@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="translate(0 -263.13)"><g transform="matrix(.072143 0 0 .072143 -44.234 303.31)"><g transform="matrix(4.2693 0 0 4.2693 375.06 -875.07)"><g fill="#fff"><path d="m55.768 116.33h5.6254v26.531h-5.6254z"/><path d="m83.567 142.86h-18.761v-3.9469l6.7371-6.8105c1.9948-2.0436 3.2979-3.4605 3.9102-4.2498 0.61183-0.78977 1.0522-1.5205 1.3217-2.1937 0.26898-0.67315 0.4037-1.3705 0.4037-2.0928 0-1.0769-0.29639-1.8787-0.8901-2.405-0.59371-0.52589-1.3858-0.78929-2.3772-0.78929-1.0406 0-2.0501 0.23877-3.0289 0.71589-0.97976 0.47756-2.0013 1.1568-3.0661 2.0376l-3.0838-3.6528c1.3217-1.1261 2.4167-1.9214 3.2859-2.3865 0.86873-0.46502 1.8174-0.8232 2.8454-1.0741 1.0281-0.25087 2.1783-0.3763 3.4512-0.3763 1.6766 0 3.1576 0.30615 4.4426 0.91798 1.285 0.61229 2.2824 1.4685 2.9922 2.57 0.70938 1.1015 1.0648 2.3623 1.0648 3.7815 0 1.2367-0.21742 2.3958-0.65178 3.4791-0.43437 1.0829-1.1075 2.1936-2.0195 3.3318-0.91147 1.1382-2.5179 2.76-4.8189 4.8644l-3.4512 3.2496v0.2569h11.694z"/><path d="m92.214 128.81h1.8508c1.73 0 3.0243-0.34145 3.8837-1.0253 0.85851-0.68337 1.2882-1.6785 1.2882-2.9853 0-1.3184-0.36003-2.2922-1.0796-2.9216-0.72008-0.62854-1.8485-0.94352-3.3843-0.94352h-2.5588zm12.703-4.2103c0 2.8557-0.89243 5.0391-2.6768 6.5513-1.7848 1.5126-4.3223 2.2684-7.6128 2.2684h-2.4134v9.4362h-5.6254v-26.531h8.4746c3.218 0 5.6644 0.69266 7.3406 2.078 1.6752 1.3853 2.5133 3.4508 2.5133 6.1968"/></g><path d="m121.18 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#ffc434"/><path d="m121.18 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#60ab60"/><path d="m136.03 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#e15647"/><path d="m136.03 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#ffc434"/><path d="m150.88 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#ffc434"/><path d="m150.88 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#60ab60"/><path d="m165.73 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#60ab60"/><path d="m165.73 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#e15647"/></g></g></g></svg>
--- a/docs/assets/img/self-contained-networks/i2p.svg
+++ b/docs/assets/img/self-contained-networks/i2p.svg
@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="translate(0 -263.13)"><g transform="matrix(.072143 0 0 .072143 -44.234 303.31)"><g transform="matrix(4.2693 0 0 4.2693 375.06 -875.07)"><g fill="#231f20"><path d="m55.768 116.33h5.6254v26.531h-5.6254z"/><path d="m83.567 142.86h-18.761v-3.9469l6.7371-6.8105c1.9948-2.0436 3.2979-3.4605 3.9102-4.2498 0.61183-0.78977 1.0522-1.5205 1.3217-2.1937 0.26898-0.67315 0.4037-1.3705 0.4037-2.0928 0-1.0769-0.29639-1.8787-0.8901-2.405-0.59371-0.52589-1.3858-0.78929-2.3772-0.78929-1.0406 0-2.0501 0.23877-3.0289 0.71589-0.97976 0.47756-2.0013 1.1568-3.0661 2.0376l-3.0838-3.6528c1.3217-1.1261 2.4167-1.9214 3.2859-2.3865 0.86873-0.46502 1.8174-0.8232 2.8454-1.0741 1.0281-0.25087 2.1783-0.3763 3.4512-0.3763 1.6766 0 3.1576 0.30615 4.4426 0.91798 1.285 0.61229 2.2824 1.4685 2.9922 2.57 0.70938 1.1015 1.0648 2.3623 1.0648 3.7815 0 1.2367-0.21742 2.3958-0.65178 3.4791-0.43437 1.0829-1.1075 2.1936-2.0195 3.3318-0.91147 1.1382-2.5179 2.76-4.8189 4.8644l-3.4512 3.2496v0.2569h11.694z"/><path d="m92.214 128.81h1.8508c1.73 0 3.0243-0.34145 3.8837-1.0253 0.85851-0.68337 1.2882-1.6785 1.2882-2.9853 0-1.3184-0.36003-2.2922-1.0796-2.9216-0.72008-0.62854-1.8485-0.94352-3.3843-0.94352h-2.5588zm12.703-4.2103c0 2.8557-0.89243 5.0391-2.6768 6.5513-1.7848 1.5126-4.3223 2.2684-7.6128 2.2684h-2.4134v9.4362h-5.6254v-26.531h8.4746c3.218 0 5.6644 0.69266 7.3406 2.078 1.6752 1.3853 2.5133 3.4508 2.5133 6.1968"/></g><path d="m121.18 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#ffc434"/><path d="m121.18 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#60ab60"/><path d="m136.03 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#e15647"/><path d="m136.03 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#ffc434"/><path d="m150.88 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#ffc434"/><path d="m150.88 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#60ab60"/><path d="m165.73 137.1c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#60ab60"/><path d="m165.73 122.25c0-3.4494-2.7962-6.2456-6.2456-6.2456-3.4494 0-6.2456 2.7962-6.2456 6.2456 0 3.4494 2.7962 6.2456 6.2456 6.2456 3.4494 0 6.2456-2.7962 6.2456-6.2456" fill="#e15647"/></g></g></g></svg>
--- a/docs/assets/stylesheets/extra.css
+++ b/docs/assets/stylesheets/extra.css
@ -186,7 +186,7 @@ h1, h2, h3, .md-header__topic {
 .md-typeset .recommendation > summary::before {
    display: none;
 }
-.md-typeset .recommendation img[align="right"], .md-typeset svg[align="right"] {
+img[align="right"], svg[align="right"] {
    width: 150px;
 }

--- a/docs/basics/passwords-overview.en.md
+++ b/docs/basics/passwords-overview.en.md
@ -15,7 +15,7 @@ This is called [credential stuffing](https://en.wikipedia.org/wiki/Credential_st

 ### Use randomly generated passwords

-==You should **never** rely on yourself to come up with a good password.== We recommend using [randomly generated passwords](#passwords) or [diceware passphrases](#diceware) with sufficient entropy to protect your accounts and devices.
+==You should **never** rely on yourself to come up with a good password.== We recommend using [randomly generated passwords](#passwords) or [diceware passphrases](#diceware-passphrases) with sufficient entropy to protect your accounts and devices.

 All of our [recommended password managers](../passwords.md) include a built-in password generator that you can use.

@ -27,7 +27,7 @@ When it comes to passwords that you don't have to remember (such as passwords st

 !!! Tip "Checking for data breaches"

-    If your password manager lets you check for compromised passwords, make sure to do so and promptly change any password that may have been exposed in a data breach.
+    If your password manager lets you check for compromised passwords, make sure to do so and promptly change any password that may have been exposed in a data breach. Alternatively, you could follow [Have I Been Pwned's Latest Breaches feed](https://feeds.feedburner.com/HaveIBeenPwnedLatestBreaches) with the help of a [news aggregator](../news-aggregators.md).


 ## Creating strong passwords
@ -36,7 +36,7 @@ When it comes to passwords that you don't have to remember (such as passwords st

 A lot of services impose certain criteria when it comes to passwords, including a minimum or maximum length, as well as which special characters, if any, can be used. You should use your password manager's built-in password generator to create passwords that are as long and complex as the service will allow by including capitalized and lowercase letters, numbers and special characters.

-If you need a password you can memorize, we recommend a [diceware passphrase](#diceware).
+If you need a password you can memorize, we recommend a [diceware passphrase](#diceware-passphrases).

 ### Diceware Passphrases

@ -94,13 +94,13 @@ To sum it up, diceware passphrases are your best option when you need something

 The best way to store your passwords is by using a password manager. They allow you to store your passwords in a file or in the cloud and protect them with a single master password. That way, you will only have to remember one strong password, which lets you access the rest of them.

-There are many good options to choose from, both cloud-based and local. Choose one of our recommended password managers and use it to establish strong passwords across all of your accounts. We recommend securing your password manager with a [diceware](#diceware) passphrase comprised of at least seven words.
+There are many good options to choose from, both cloud-based and local. Choose one of our recommended password managers and use it to establish strong passwords across all of your accounts. We recommend securing your password manager with a [diceware passphrase](#diceware-passphrases) comprised of at least seven words.

 [List of recommended password managers](../passwords.md){ .md-button }

 !!! Warning "Don't place your passwords and TOTP tokens inside the same password manager"

-    If you're using TOTP as a [multi-factor authentication](../multi-factor-authentication.md) method for any of your accounts, do not store these tokens, any backup codes for them, or the TOTP secrets themselves in your password manager, as that negates the benefit of multi-factor authentication. You should use a dedicated [TOTP app](../multi-factor-authentication.md/#authenticator-apps) instead.
+    If you're using TOTP as a [multi-factor authentication](../multi-factor-authentication.md) method for any of your accounts, do not store these tokens, any backup codes for them, or the TOTP secrets themselves in your password manager, as that negates the benefit of multi-factor authentication. You should use a dedicated [TOTP app](../multi-factor-authentication.md#authenticator-apps) instead.

 ### Backups

--- a/docs/basics/tor-overview.en.md
+++ b/docs/basics/tor-overview.en.md
@ -70,7 +70,7 @@ Though Tor does provide strong privacy guarantees, one must be aware that Tor is

 If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.

- [Browsers: Tor Browser :material-arrow-right-drop-circle:](../desktop-browsers.md#tor-browser)
+- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)

 ## Additional Resources

--- a/docs/basics/vpn-overview.en.md
+++ b/docs/basics/vpn-overview.en.md
@ -50,18 +50,17 @@ Thus, this feature should be viewed as a convenient way to access the Tor Networ
 A VPN may still be useful to you in a variety of scenarios, such as:

 1. Hiding your traffic from **only** your Internet Service Provider.
-2. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-3. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
+1. Hiding your IP from third-party websites and services, preventing IP based tracking.

 For use cases like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.

 ## Sources and Further Reading

 1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-2. [The self-contained networks](../self-contained-networks.md) recommended by Privacy Guides are able to replace a VPN that allows access to services on local area network
-3. [Tor Network Overview](tor-overview.md) by blacklight447
-4. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-5. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+1. [Tor Network Overview](tor-overview.md) by blacklight447
+1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
+1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.

 ## Related VPN Information

--- a/docs/calendar-contacts.en.md
+++ b/docs/calendar-contacts.en.md
@ -1,6 +1,6 @@
 ---
 title: "Calendar and Contact Sync"
-icon: material/calendar
+icon: material/calendar-account
 ---
 Calendars and contacts contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.

--- a/docs/desktop-browsers.en.md
+++ b/docs/desktop-browsers.en.md
@ -1,37 +1,8 @@
 ---
 title: "Desktop Browsers"
-icon: octicons/browser-16
+icon: material/laptop
 ---
-These are our currently recommended desktop web browsers and configurations. In general, we recommend keeping extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
-
-### Tor Browser
-
-!!! recommendation
-
-    ![Tor Browser logo](assets/img/browsers/tor.svg){ align=right }
-
-    **Tor Browser** is the choice if you need anonymity, as it provides you with access to the Tor Bridges and [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)), along with settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*.
-
-    The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
-
-    For further information about the Tor Browser, we suggest taking a look at the [manual](https://tb-manual.torproject.org/about/).
-
-    [:octicons-home-16: Homepage](https://www.torproject.org){ .md-button .md-button--primary }
-    [:simple-torproject:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title=Onion }
-    [:octicons-info-16:](https://tb-manual.torproject.org/){ .card-link title=Documentation }
-    [:octicons-code-16:](https://gitweb.torproject.org/tor-browser.git/){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-windows11: Windows](https://www.torproject.org/download/)
-        - [:simple-apple: macOS](https://www.torproject.org/download/)
-        - [:simple-linux: Linux](https://www.torproject.org/download/)
-        - [:simple-flathub: Flatpak](https://flathub.org/apps/details/com.github.micahflee.torbrowser-launcher)
-
-!!! danger
-
-    You should **never** install any additional extensions on Tor Browser, including the ones we suggest for Firefox. Nor should you manually enable HTTPS-only mode or edit `about:config` settings. Browser extensions and non-standard settings make you stand out from others on the Tor network, thus making your browser easier to [fingerprint](https://support.torproject.org/glossary/browser-fingerprinting).
+These are our currently recommended desktop web browsers and configurations for standard/non-anonymous browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. In general, we recommend keeping your browser extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.

 ### Firefox

@ -59,7 +30,7 @@ These are our currently recommended desktop web browsers and configurations. In

 #### Recommended Configuration

-Tor Browser is the only way to truly browse the internet anonymously. When you use Firefox, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than [Tor Browser](#tor-browser) will be traceable by *somebody* in some regard or another.
+Tor Browser is the only way to truly browse the internet anonymously. When you use Firefox, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.

 These options can be found in :material-menu: → **Settings** → **Privacy & Security**.

@ -120,7 +91,7 @@ The [Arkenfox project](https://github.com/arkenfox/user.js) provides a set of ca
    Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues.

    [:octicons-home-16: Homepage](https://brave.com/){ .md-button .md-button--primary }
-    [:simple-torproject:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://brave.com/privacy/browser/){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://support.brave.com/){ .card-link title=Documentation}
    [:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" }
@ -135,7 +106,7 @@ The [Arkenfox project](https://github.com/arkenfox/user.js) provides a set of ca

 #### Recommended Configuration

-Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](#tor-browser) will be traceable by *somebody* in some regard or another.
+Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.

 These options can be found in :material-menu: → **Settings**.

@ -189,7 +160,7 @@ Disable built-in extensions you do not use in **Extensions**

 </div>

-1. Brave is **not** as resistant to fingerprinting as the Tor Browser and far fewer people use Brave with Tor, so you will stand out. Where [strong anonymity is required](https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-) use the [Tor Browser](#tor-browser).
+1. Brave is **not** as resistant to fingerprinting as the Tor Browser and far fewer people use Brave with Tor, so you will stand out. Where [strong anonymity is required](https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-) use the [Tor Browser](tor.md#tor-browser).

 ##### IPFS

@ -233,36 +204,3 @@ We generally do not recommend installing any extensions as they increase your at
        - [:simple-microsoftedge: Edge](https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak)

 We suggest following the [developer's documentation](https://github.com/gorhill/uBlock/wiki/Blocking-mode) and picking one of the "modes". Additional filter lists can impact performance and may increase attack surface, so only apply what you need. If there is a [vulnerability in uBlock Origin](https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css) a third-party filter could add malicious rules that can potentially steal user data.
-
-### Snowflake
-
-!!! recommendation
-
-    ![Snowflake logo](assets/img/browsers/snowflake.svg#only-light){ align=right }
-    ![Snowflake logo](assets/img/browsers/snowflake-dark.svg#only-dark){ align=right }
-
-    **Snowflake** allows you to donate bandwidth to the Tor Project by operating a "Snowflake proxy" within your browser.
-
-    People who are censored can use Snowflake proxies to connect to the Tor network. Snowflake is a great way to contribute to the network even if you don't have the technical know-how to run a Tor relay or bridge.
-
-    [:octicons-home-16: Homepage](https://snowflake.torproject.org/){ .md-button .md-button--primary }
-    [:octicons-info-16:](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/Technical%20Overview){ .card-link title=Documentation}
-    [:octicons-code-16:](https://gitweb.torproject.org/pluggable-transports/snowflake.git/){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/en-US/firefox/addon/torproject-snowflake/){ .card-link title=Firefox }
-        - [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/snowflake/mafpmfcccpbjnhfhjnllmmalhifmlcie){ .card-link title=Chrome }
-        - [:octicons-browser-16: Web](https://snowflake.torproject.org/embed "Leave this page open to be a Snowflake proxy")
-
-??? tip "Embedded Snowflake"
-
-    You can enable Snowflake in your browser by clicking the switch below and ==leaving this page open==. You can also install Snowflake as a browser extension to have it always run while your browser is open, however adding third-party extensions can increase your attack surface.
-
-    <center><iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe></center>
-    <small>If the embed does not appear for you, ensure you are not blocking the third-party frame from `torproject.org`. Alternatively, visit [this page](https://snowflake.torproject.org/embed.html).</small>
-
-Snowflake does not increase your privacy in any way, nor is it used to connect to the Tor network within your personal browser. However, if your internet connection is uncensored, you should consider running it to help people in censored networks achieve better privacy themselves. There is no need to worry about which websites people are accessing through your proxy—their visible browsing IP address will match their Tor exit node, not yours.
-
-Running a Snowflake proxy is low-risk, even moreso than running a Tor relay or bridge which are already not particularly risky endeavours. However, it does still proxy traffic through your network which can be impactful in some ways, especially if your network is bandwidth-limited. Make sure you understand [how Snowflake works](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home) before deciding whether to run a proxy.
--- a/docs/email.en.md
+++ b/docs/email.en.md
@ -31,7 +31,7 @@ For everything else, we recommend a variety of email providers based on sustaina
    **Free**

    [:octicons-home-16: Homepage](https://proton.me/mail){ .md-button .md-button--primary }
-    [:simple-torproject:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://proton.me/legal/privacy){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://proton.me/support/mail){ .card-link title=Documentation}
    [:octicons-code-16:](https://github.com/ProtonMail){ .card-link title="Source Code" }
--- a/docs/file-sharing.en.md
+++ b/docs/file-sharing.en.md
@ -15,7 +15,7 @@ Discover how to privately share your files between your devices, with your frien
    **OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.

    [:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
-    [:simple-torproject:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
    [:octicons-info-16:](https://docs.onionshare.org/){ .card-link title=Documentation}
    [:octicons-code-16:](https://github.com/onionshare/onionshare){ .card-link title="Source Code" }

--- a/docs/linux-desktop.en.md
+++ b/docs/linux-desktop.en.md
@ -110,7 +110,7 @@ Nix is a source-based package manager; if there’s no pre-built available in th

    ![Whonix logo](assets/img/linux-desktop/whonix.svg){ align=right }

-    **Whonix** is based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and anonymity on the internet.
+    **Whonix** is based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and anonymity on the internet. Whonix is best used in conjunction with [Qubes OS](qubes.md).

    [:octicons-home-16: Homepage](https://www.whonix.org/){ .md-button .md-button--primary }
    [:octicons-info-16:](https://www.whonix.org/wiki/Documentation){ .card-link title=Documentation}
@ -130,14 +130,14 @@ Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qube

    ![Tails logo](assets/img/linux-desktop/tails.svg){ align=right }

-    **Tails** is a live operating system based on Debian that routes all communications through Tor.
-
-    It can boot on almost any computer from a DVD, USB stick, or SD card. It aims to preserve privacy and anonymity while circumventing censorship and leaving no trace of itself on the computer it is used on.
+    **Tails** is a live operating system based on Debian that routes all communications through Tor, which can boot on on almost any computer from a DVD, USB stick, or SD card installation. It uses [Tor](tor.md) to preserve privacy and anonymity while circumventing censorship, and it leaves no trace of itself on the computer it is used on after it is powered off.

    [:octicons-home-16: Homepage](https://tails.boum.org/){ .md-button .md-button--primary }
    [:octicons-info-16:](https://tails.boum.org/doc/index.en.html){ .card-link title=Documentation}
    [:octicons-heart-16:](https://tails.boum.org/donate/){ .card-link title=Contribute }

-By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.boum.org/doc/first_steps/persistence/index.en.html) can be configured to store some data.
-
 Tails is great for counter forensics due to amnesia (meaning nothing is written to the disk); however, it is not a hardened distribution like Whonix. It lacks many anonymity and security features that Whonix has and gets updated much less often (only once every six weeks). A Tails system that is compromised by malware may potentially bypass the transparent proxy allowing for the user to be deanonymized.
+
+Tails also installs uBlock Origin in Tor Browser by default, which potentially makes it easier for adversaries to fingerprint Tails users, and increases the attack surface of the browser. For all of these reasons, if your only goal is to browse the internet anonymously, Tails is not as good of a choice as using [Whonix](linux-desktop.md/#whonix) with [Qubes OS](qubes.md), which is much more secure and leakproof. If your goal is to use a computer without leaving any trace afterwards, Tails may be a good solution for you.
+
+By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.boum.org/doc/first_steps/persistence/index.en.html) can be configured to store some data between reboots.
--- a/docs/mobile-browsers.en.md
+++ b/docs/mobile-browsers.en.md
@ -1,34 +1,13 @@
 ---
 title: "Mobile Browsers"
-icon: octicons/device-mobile-16
+icon: material/cellphone-information
 ---
-These are our currently recommended mobile web browsers and configurations. In general, we recommend keeping extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
+These are our currently recommended mobile web browsers and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. In general, we recommend keeping extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.

 ## Android

 On Android, Firefox is still less secure than Chromium-based alternatives: Mozilla's engine, [GeckoView](https://mozilla.github.io/geckoview/), has yet to support [site isolation](https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture) or enable [isolatedProcess](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196).

-### Tor Browser
-
-!!! recommendation
-
-    ![Tor Browser logo](assets/img/browsers/tor.svg){ align=right }
-
-    **Tor Browser** is the choice if you need anonymity, as it provides you with access to the Tor Bridges and [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)), along with settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*.
-
-    The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
-
-    [:octicons-home-16: Homepage](https://www.torproject.org){ .md-button .md-button--primary }
-    [:simple-torproject:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title=Onion }
-    [:octicons-info-16:](https://tb-manual.torproject.org/mobile-tor/){ .card-link title=Documentation }
-    [:octicons-code-16:](https://gitlab.torproject.org/tpo/applications/fenix){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.torbrowser)
-        - [:simple-fdroid: F-Droid](https://guardianproject.info/fdroid/)
-
 ### Brave

 !!! recommendation
@ -40,7 +19,7 @@ On Android, Firefox is still less secure than Chromium-based alternatives: Mozil
    Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues.

    [:octicons-home-16: Homepage](https://brave.com/){ .md-button .md-button--primary }
-    [:simple-torproject:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://brave.com/privacy/browser/){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://support.brave.com/){ .card-link title=Documentation}
    [:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" }
@ -51,7 +30,7 @@ On Android, Firefox is still less secure than Chromium-based alternatives: Mozil

 #### Recommended Configuration

-Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](#tor-browser) will be traceable by *somebody* in some regard or another.
+Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.

 These options can be found in :material-menu: → **Settings** → **Brave Shields & privacy**

--- a/docs/news-aggregators.en.md
+++ b/docs/news-aggregators.en.md
@ -1,6 +1,6 @@
 ---
 title: "News Aggregators"
-icon: octicons/rss-24
+icon: material/rss
 ---

 A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to keep up with your favourite blogs and news sites.
@ -48,7 +48,7 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k

    ![Fluent Reader logo](assets/img/news-aggregators/fluent-reader.svg){ align=right }

-    **Fluent Reader** is a secure cross-platform news aggregator that has useful privacy features such as deletion of cookies on exit, strict [content security policies (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy) and proxy support, meaning you can use it over [Tor](self-contained-networks.md#tor).
+    **Fluent Reader** is a secure cross-platform news aggregator that has useful privacy features such as deletion of cookies on exit, strict [content security policies (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy) and proxy support, meaning you can use it over [Tor](tor.md).

    [:octicons-home-16: Homepage](https://hyliu.me/fluent-reader){ .md-button .md-button--primary }
    [:octicons-eye-16:](https://github.com/yang991178/fluent-reader/wiki/Privacy){ .card-link title="Privacy Policy" }
--- a/docs/qubes.en.md
+++ b/docs/qubes.en.md
@ -9,7 +9,7 @@ icon: simple/qubesos
    **Qubes OS** is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and use most of the Linux drivers.

    [:octicons-home-16: Homepage](https://www.qubes-os.org/){ .md-button .md-button--primary }
-    [:simple-torproject:](http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://www.qubes-os.org/privacy/){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://www.qubes-os.org/doc/){ .card-link title=Documentation}
    [:octicons-heart-16:](https://www.qubes-os.org/donate/){ .card-link title=Contribute }
--- a/docs/real-time-communication.en.md
+++ b/docs/real-time-communication.en.md
@ -2,6 +2,11 @@
 title: "Real-Time Communication"
 icon: material/chat-processing
 ---
+
+These are our recommendations for encrypted real-time communication.
+
+[Types of Communication Networks :material-arrow-right-drop-circle:](./real-time-communication/communication-network-types.md)
+
 ## Cross-Platform Messengers

 ### Signal
@ -34,7 +39,7 @@ The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf)

 We have some additional tips on configuring and hardening your Signal installation:

-[Signal Configuration and Hardening :material-arrow-right-drop-circle:](./advanced/signal-configuration-hardening.md)
+[Signal Configuration and Hardening :material-arrow-right-drop-circle:](./real-time-communication/signal-configuration-hardening.md)

 ### Element

@ -129,102 +134,4 @@ The client software was independently [audited](https://briarproject.org/news/20

 Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec).

-Briar supports perfect forward secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
-
-## Types of Communication Networks
-
-There are several network architectures commonly used to relay messages between people. These networks can provide different privacy guarantees, which is why it's worth considering your [threat model](https://en.wikipedia.org/wiki/Threat_model) when making a decision about which app to use.
-
-### Centralized Networks
-
-![Centralized networks diagram](assets/img/layout/network-centralized.svg){ align=left }
-
-Centralized messengers are those where all participants are on the same server or network of servers controlled by the same organization.
-
-Some self-hosted messengers allow you to set up your own server. Self-hosting can provide additional privacy guarantees such as no usage logs or limited access to metadata (data about who is talking to whom). Self-hosted centralized messengers are isolated and everyone must be on the same server to communicate.
-
-**Advantages:**
-
- New features and changes can be implemented more quickly.
- Easier to get started with and to find contacts.
- Most mature and stable features ecosystems, as they are easier to program in a centralized software.
- Privacy issues may be reduced when you trust a server that you're self-hosting.
-
-**Disadvantages:**
-
- Can include [restricted control or access](https://drewdevault.com/2018/08/08/Signal.html). This can include things like:
- Being [forbidden from connecting third-party clients](https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217211165) to the centralized network that might provide for greater customization or a better experience. Often defined in Terms and Conditions of usage.
- Poor or no documentation for third-party developers.
- The [ownership](https://web.archive.org/web/20210729191953/https://blog.privacytools.io/delisting-wire/), privacy policy, and operations of the service can change easily when a single entity controls it, potentially compromising the service later on.
- Self-hosting requires effort and knowledge of how to set up a service.
-
-### Federated Networks
-
-![Federated networks diagram](assets/img/layout/network-decentralized.svg){ align=left }
-
-Federated messengers use multiple, independent, decentralized servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
-
-When self-hosted, members of a federated server can discover and communicate with members of other servers, although some servers may choose to remain private by being non-federated (e.g., work team server).
-
-**Advantages:**
-
- Allows for greater control over your own data when running your own server.
- Allows you to choose who to trust your data with by choosing between multiple "public" servers.
- Often allows for third-party clients which can provide a more native, customized, or accessible experience.
- Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member).
-
-**Disadvantages:**
-
- Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
- Due to the previous point, features can be lacking, or incomplete or working in unexpected ways compared to centralized platforms, such as message relay when offline or message deletion.
- Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
- Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is used.
- Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with members of those servers.
-
-### Peer-to-Peer Networks
-
-![P2P diagram](assets/img/layout/network-distributed.svg){ align=left }
-
-P2P messengers connect to a [distributed network](https://en.wikipedia.org/wiki/Distributed_networking) of nodes to relay a message to the recipient without a third-party server.
-
-Clients (peers) usually find each other through the use of a [distributed computing](https://en.wikipedia.org/wiki/Distributed_computing) network. Examples of this include [Distributed Hash Tables](https://en.wikipedia.org/wiki/Distributed_hash_table) (DHT), used by [torrents](https://en.wikipedia.org/wiki/BitTorrent_(protocol)) and [IPFS](https://en.wikipedia.org/wiki/InterPlanetary_File_System) for example. Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the [Scuttlebutt](https://www.scuttlebutt.nz) social network protocol).
-
-Once a peer has found a route to its contact via any of these methods, a direct connection between them is made. Although messages are usually encrypted, an observer can still deduce the location and identity of the sender and recipient.
-
-P2P networks do not use servers, as peers communicate directly between each other and hence cannot be self-hosted. However, some additional services may rely on centralized servers, such as user discovery or relaying offline messages, which can benefit from self-hosting.
-
-**Advantages:**
-
- Minimal information is exposed to third-parties.
- Modern P2P platforms implement E2EE by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.
-
-**Disadvantages:**
-
- Reduced feature set:
- Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.
- Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.
- Some common messenger features may not be implemented or incompletely, such as message deletion.
- Your IP address and that of the contacts you're communicating with may be exposed if you do not use the software in conjunction with a [VPN](vpn.md) or [self-contained network](self-contained-networks.md), such as [Tor](https://www.torproject.org) or [I2P](https://geti2p.net/). Many countries have some form of mass surveillance and/or metadata retention.
-
-### Anonymous Routing
-
-![Anonymous routing diagram](assets/img/layout/network-anonymous-routing.svg){ align=left }
-
-A messenger using [anonymous routing](https://doi.org/10.1007/978-1-4419-5906-5_628) hides either the identity of the sender, the receiver or evidence that they have been communicating. Ideally, a messenger should hide all three.
-
-There are [many](https://doi.org/10.1145/3182658) different ways to implement anonymous routing. One of the most famous is [onion routing](https://en.wikipedia.org/wiki/Onion_routing) (i.e. [Tor](https://en.wikipedia.org/wiki/Tor_(anonymity_network))), which communicates encrypted messages through a virtual [overlay network](https://en.wikipedia.org/wiki/Overlay_network) that hides the location of each node as well as the recipient and sender of each message. The sender and recipient never interact directly and only meet through a secret rendezvous node, so that there is no leak of IP addresses nor physical location. Nodes cannot decrypt messages nor the final destination; only the recipient can. Each intermediary node can only decrypt a part that indicates where to send the still encrypted message next, until it arrives at the recipient who can fully decrypt it, hence the "onion layers."
-
-Self-hosting a node in an anonymous routing network does not provide the hoster with additional privacy benefits, but rather contributes to the whole network's resilience against identification attacks for everyone's benefit.
-
-**Advantages:**
-
- Minimal to no information is exposed to other parties.
- Messages can be relayed in a decentralized manner even if one of the parties is offline.
-
-**Disadvantages:**
-
- Slow message propagation.
- Often limited to fewer media types, mostly text since the network is slow.
- Less reliable if nodes are selected by randomized routing, some nodes may be very far from the sender and receiver, adding latency or even failing to transmit messages if one of the nodes goes offline.
- More complex to get started as the creation and secured backup of a cryptographic private key is required.
- Just like other decentralized platforms, adding features is more complex for developers than on a centralized platform, hence features may be lacking or incompletely implemented, such as offline message relaying or message deletion.
+Briar supports perfect forward secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
--- a/docs/real-time-communication/communication-network-types.md
+++ b/docs/real-time-communication/communication-network-types.md
@ -0,0 +1,102 @@
+---
+title: "Types of Communication Networks"
+icon: 'material/transit-connection-variant'
+---
+
+There are several network architectures commonly used to relay messages between people. These networks can provide different privacy guarantees, which is why it's worth considering your [threat model](../basics/threat-modeling.md) when deciding which app to use.
+
+[Recommended Instant Messengers](../real-time-communication.md){ .md-button }
+
+## Centralized Networks
+
+![Centralized networks diagram](../assets/img/layout/network-centralized.svg){ align=left }
+
+Centralized messengers are those where all participants are on the same server or network of servers controlled by the same organization.
+
+Some self-hosted messengers allow you to set up your own server. Self-hosting can provide additional privacy guarantees, such as no usage logs or limited access to metadata (data about who is talking to whom). Self-hosted centralized messengers are isolated and everyone must be on the same server to communicate.
+
+**Advantages:**
+
+- New features and changes can be implemented more quickly.
+- Easier to get started with and to find contacts.
+- Most mature and stable features ecosystems, as they are easier to program in a centralized software.
+- Privacy issues may be reduced when you trust a server that you're self-hosting.
+
+**Disadvantages:**
+
+- Can include [restricted control or access](https://drewdevault.com/2018/08/08/Signal.html). This can include things like:
+- Being [forbidden from connecting third-party clients](https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217211165) to the centralized network that might provide for greater customization or a better experience. Often defined in Terms and Conditions of usage.
+- Poor or no documentation for third-party developers.
+- The [ownership](https://web.archive.org/web/20210729191953/https://blog.privacytools.io/delisting-wire/), privacy policy, and operations of the service can change easily when a single entity controls it, potentially compromising the service later on.
+- Self-hosting requires effort and knowledge of how to set up a service.
+
+## Federated Networks
+
+![Federated networks diagram](../assets/img/layout/network-decentralized.svg){ align=left }
+
+Federated messengers use multiple, independent, decentralized servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
+
+When self-hosted, members of a federated server can discover and communicate with members of other servers, although some servers may choose to remain private by being non-federated (e.g., work team server).
+
+**Advantages:**
+
+- Allows for greater control over your own data when running your own server.
+- Allows you to choose whom to trust your data with by choosing between multiple "public" servers.
+- Often allows for third-party clients which can provide a more native, customized, or accessible experience.
+- Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member).
+
+**Disadvantages:**
+
+- Adding new features is more complex because these features need to be standardized and tested to ensure they work with all servers on the network.
+- Due to the previous point, features can be lacking, or incomplete or working in unexpected ways compared to centralized platforms, such as message relay when offline or message deletion.
+- Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
+- Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is used.
+- Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with members of those servers.
+
+## Peer-to-Peer Networks
+
+![P2P diagram](../assets/img/layout/network-distributed.svg){ align=left }
+
+P2P messengers connect to a [distributed network](https://en.wikipedia.org/wiki/Distributed_networking) of nodes to relay a message to the recipient without a third-party server.
+
+Clients (peers) usually find each other through the use of a [distributed computing](https://en.wikipedia.org/wiki/Distributed_computing) network. Examples of this include [Distributed Hash Tables](https://en.wikipedia.org/wiki/Distributed_hash_table) (DHT), used by [torrents](https://en.wikipedia.org/wiki/BitTorrent_(protocol)) and [IPFS](https://en.wikipedia.org/wiki/InterPlanetary_File_System) for example. Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the [Scuttlebutt](https://www.scuttlebutt.nz) social network protocol).
+
+Once a peer has found a route to its contact via any of these methods, a direct connection between them is made. Although messages are usually encrypted, an observer can still deduce the location and identity of the sender and recipient.
+
+P2P networks do not use servers, as peers communicate directly between each other and hence cannot be self-hosted. However, some additional services may rely on centralized servers, such as user discovery or relaying offline messages, which can benefit from self-hosting.
+
+**Advantages:**
+
+- Minimal information is exposed to third-parties.
+- Modern P2P platforms implement E2EE by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.
+
+**Disadvantages:**
+
+- Reduced feature set:
+- Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.
+- Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.
+- Some common messenger features may not be implemented or incompletely, such as message deletion.
+- Your IP address and that of the contacts you're communicating with may be exposed if you do not use the software in conjunction with a [VPN](vpn.md) or [Tor](tor.md). Many countries have some form of mass surveillance and/or metadata retention.
+
+## Anonymous Routing
+
+![Anonymous routing diagram](../assets/img/layout/network-anonymous-routing.svg){ align=left }
+
+A messenger using [anonymous routing](https://doi.org/10.1007/978-1-4419-5906-5_628) hides either the identity of the sender, the receiver, or evidence that they have been communicating. Ideally, a messenger should hide all three.
+
+There are [many](https://doi.org/10.1145/3182658) different ways to implement anonymous routing. One of the most famous is [onion routing](https://en.wikipedia.org/wiki/Onion_routing) (i.e. [Tor](../basics/tor-overview.md)), which communicates encrypted messages through a virtual [overlay network](https://en.wikipedia.org/wiki/Overlay_network) that hides the location of each node as well as the recipient and sender of each message. The sender and recipient never interact directly and only meet through a secret rendezvous node so that there is no leak of IP addresses nor physical location. Nodes cannot decrypt messages, nor the final destination; only the recipient can. Each intermediary node can only decrypt a part that indicates where to send the still encrypted message next, until it arrives at the recipient who can fully decrypt it, hence the "onion layers."
+
+Self-hosting a node in an anonymous routing network does not provide the hoster with additional privacy benefits, but rather contributes to the whole network's resilience against identification attacks for everyone's benefit.
+
+**Advantages:**
+
+- Minimal to no information is exposed to other parties.
+- Messages can be relayed in a decentralized manner even if one of the parties is offline.
+
+**Disadvantages:**
+
+- Slow message propagation.
+- Often limited to fewer media types, mostly text, since the network is slow.
+- Less reliable if nodes are selected by randomized routing, some nodes may be very far from the sender and receiver, adding latency or even failing to transmit messages if one of the nodes goes offline.
+- More complex to get started, as the creation and secured backup of a cryptographic private key is required.
+- Just like other decentralized platforms, adding features is more complex for developers than on a centralized platform. Hence, features may be lacking or incompletely implemented, such as offline message relaying or message deletion.
--- a/docs/real-time-communication/signal-configuration-hardening.en.md
+++ b/docs/real-time-communication/signal-configuration-hardening.en.md
@ -21,14 +21,14 @@ Additionally, your Signal PIN can also double as a registration lock that preven

 If you haven't set up a Signal PIN, or have previously opted out of setting one up, follow these steps on Android/iOS:

- Select :material-dots-vertical: **Settings** > **Account** > **Signal PIN**
+- Select :material-dots-vertical: > **Settings** > **Account** > **Signal PIN**
 - Select **Create new PIN**

 Signal will prompt you to enter a PIN. We suggest using a strong alphanumeric PIN that can be stored in a [password manager](../passwords.md).

 Once you have done that, or if you already have set up a PIN, make sure that **Registration Lock** is also enabled.

- Select :material-dots-vertical: **Settings** > **Account** > **Signal PIN**
+- Select :material-dots-vertical: > **Settings** > **Account** > **Signal PIN**
 - [x] Turn on **Registration Lock**

 !!! Important
@ -75,7 +75,7 @@ It is good practice to set up disappearing messages in Signal's settings so that

 On Android/iOS:

- Select :material-dots-vertical: **Settings** > **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
 - Under **Disappearing messages**, select **Default timer for new chats**
 - Select the desired amount of time and select **Save**

@ -102,7 +102,7 @@ Your recipient doesn't make any requests unless they open the link on their end.

 On Android/iOS:

- Select :material-dots-vertical: **Settings** > **Chats**
+- Select :material-dots-vertical: > **Settings** > **Chats**
 - [ ] Turn off **Generate link previews**

 ### Screen Security
@ -111,12 +111,12 @@ Signal allows you to prevent a preview of the app being shown (i.e., in the app

 On Android:

- Select :material-dots-vertical: **Settings** > **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
 - [x] Turn on **Screen Security**

 On iOS:

- Select :material-dots-vertical: **Settings** > **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
 - [x] Turn on **Hide Screen in App Switcher**

 ### Screen Lock
@ -127,7 +127,7 @@ To mitigate this, you can leverage the Screen Lock option to require additional

 On Android/iOS:

- Select :material-dots-vertical: **Settings** > **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
 - [x] Turn on **Screen Lock**

 ### Notification Privacy
@ -138,13 +138,13 @@ On Signal, you have the ability to hide message content and sender name, or just

 On Android:

- Select :material-dots-vertical: **Settings** > **Notifications**
+- Select :material-dots-vertical: > **Settings** > **Notifications**
 - Select **Show**
 - Select **No name or message** or **Name only** respectively.

 On iOS:

- Select :material-dots-vertical: **Settings** > **Notifications**
+- Select :material-dots-vertical: > **Settings** > **Notifications**
 - Select **Show**
 - Select **No name or Content** or **Name Only** respectively.

@ -154,7 +154,7 @@ Signal allows you to relay all calls (including video calls) through the Signal

 On Android/iOS:

- Select :material-dots-vertical: **Settings** > **Privacy** > **Advanced**
+- Select :material-dots-vertical: > **Settings** > **Privacy** > **Advanced**
 - [x] Turn on **Always Relay Calls**

 For incoming calls from people who are not in your Contacts app, the call will be relayed through the Signal server regardless of how you've set it up.
@ -175,7 +175,7 @@ Signal allows you to see your call history from your regular phone app. This all

 If you use iCloud and you don’t want to share call history on Signal, confirm it’s turned off:

- Select :material-dots-vertical: **Settings** > **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
 - [ ] Turn off **Show Calls in Recents**

 ## Signal Hardening
@ -244,7 +244,7 @@ To supplement the database encryption feature, Molly securely wipes your device'

 While Molly is running, your data is kept in RAM. When any app closes, its data remains in RAM until another app takes the same physical memory pages. That can take seconds or days, depending on many factors. To prevent anyone from dumping the RAM to disk and extracting your data after Molly is locked, the app overrides all free RAM memory with random data when you lock the database.

-There is also the ability to configure a SOCKS proxy in Molly to route its traffic through the proxy or Tor (via [Orbot](../self-contained-networks.md#orbot)). When enabled, all traffic is routed through the proxy and there are no known IP or DNS leaks. When using this feature, [call relaying](#call-relaying) will always be enabled, regardless of the setting.
+There is also the ability to configure a SOCKS proxy in Molly to route its traffic through the proxy or [Tor via Orbot](../tor.md#orbot). When enabled, all traffic is routed through the proxy and there are no known IP or DNS leaks. When using this feature, [call relaying](#call-relaying) will always be enabled, regardless of the setting.

 Signal adds everyone who you have communicated with to its database. Molly allows you to delete those contacts and stop sharing your profile with them.

--- a/docs/search-engines.en.md
+++ b/docs/search-engines.en.md
@ -21,7 +21,7 @@ Consider using a [VPN](vpn.md) or [Tor](https://www.torproject.org/) if your thr
    We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings.

    [:octicons-home-16: Homepage](https://search.brave.com/){ .md-button .md-button--primary }
-    [:simple-torproject:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://search.brave.com/help/privacy-policy){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://search.brave.com/help){ .card-link title=Documentation}

@ -38,7 +38,7 @@ Brave Search is based in the United States. Their [privacy policy](https://searc
    DuckDuckGo is the default search engine for the Tor Browser and is one of the few available options on Apple’s Safari browser.

    [:octicons-home-16: Homepage](https://duckduckgo.com){ .md-button .md-button--primary }
-    [:simple-torproject:](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://duckduckgo.com/privacy){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://help.duckduckgo.com/){ .card-link title=Documentation}

@ -71,7 +71,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy.
    ![Startpage logo](assets/img/search-engines/startpage.svg#only-light){ align=right }
    ![Startpage logo](assets/img/search-engines/startpage-dark.svg#only-dark){ align=right }

-    **Startpage** is a private search engine known for serving Google search results.  One of Startpage's unique features is the [Anonymous View](https://www.startpage.com/en/anonymous-view/), which puts forth efforts to standardize user activity to make it more difficult to be uniquely identified. The feature can be useful for hiding [some](https://support.startpage.com/hc/en-us/articles/4455540212116-The-Anonymous-View-Proxy-technical-details) network and browser properties. Unlike the name suggests, the feature should not be relied upon for anonymity. If you are looking for anonymity, use the [Tor Browser](desktop-browsers.md#tor-browser) instead.
+    **Startpage** is a private search engine known for serving Google search results.  One of Startpage's unique features is the [Anonymous View](https://www.startpage.com/en/anonymous-view/), which puts forth efforts to standardize user activity to make it more difficult to be uniquely identified. The feature can be useful for hiding [some](https://support.startpage.com/hc/en-us/articles/4455540212116-The-Anonymous-View-Proxy-technical-details) network and browser properties. Unlike the name suggests, the feature should not be relied upon for anonymity. If you are looking for anonymity, use the [Tor Browser](tor.md#tor-browser) instead.

    [:octicons-home-16: Homepage](https://www.startpage.com){ .md-button .md-button--primary }
    [:octicons-eye-16:](https://www.startpage.com/en/privacy-policy){ .card-link title="Privacy Policy" }
--- a/docs/self-contained-networks.en.md
+++ b/docs/self-contained-networks.en.md
@ -1,109 +0,0 @@
---
-title: "Self-Contained Networks"
-icon: material/security-network
---
-These networks are designed to keep your traffic anonymous.
-
-## Freenet
-
-!!! recommendation
-
-    ![Freenet logo](assets/img/self-contained-networks/freenet.svg){ align=right }
-
-    **Freenet** is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection.
-
-    [:octicons-home-16: Homepage](https://freenetproject.org){ .md-button .md-button--primary }
-    [:octicons-info-16:](https://freenetproject.org/pages/documentation.html){ .card-link title=Documentation}
-    [:octicons-code-16:](https://github.com/freenet/){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://freenetproject.org/pages/donate.html){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-windows11: Windows](https://freenetproject.org/pages/download.html#windows)
-        - [:simple-apple: macOS](https://freenetproject.org/pages/download.html#os-x)
-        - [:simple-linux: Linux](https://freenetproject.org/pages/download.html#gnulinux-posix)
-        - [:simple-freebsd: FreeBSD](https://freenetproject.org/pages/download.html#gnulinux-posix)
-        - [:simple-openbsd: OpenBSD](https://freenetproject.org/pages/download.html#gnulinux-posix)
-        - [:simple-netbsd: NetBSD](https://freenetproject.org/pages/download.html#gnulinux-posix)
-
-## Invisible Internet Project
-
-!!! recommendation
-
-    ![I2P logo](assets/img/self-contained-networks/i2p.svg#only-light){ align=right }
-    ![I2P logo](assets/img/self-contained-networks/i2p-dark.svg#only-dark){ align=right }
-
-    **I2P** is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses.
-
-    [:octicons-home-16: Homepage](https://geti2p.net){ .md-button .md-button--primary }
-    [:octicons-info-16:](https://geti2p.net/en/faq){ .card-link title=Documentation}
-    [:octicons-code-16:](https://geti2p.net/en/get-involved/guides/new-developers#getting-the-i2p-code){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://geti2p.net/en/get-involved){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-windows11: Windows](https://geti2p.net/en/download#windows)
-        - [:simple-apple: macOS](https://geti2p.net/en/download#mac)
-        - [:simple-linux: Linux](https://geti2p.net/en/download#unix)
-        - [:simple-freebsd: FreeBSD](https://www.freshports.org/security/i2p)
-        - [:simple-openbsd: OpenBSD](https://openports.se/net/i2pd)
-        - [:simple-netbsd: NetBSD](https://pkgsrc.se/wip/i2pd)
-        - [:simple-android: Android](https://geti2p.net/en/download#android)
-        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=net.i2p.android)
-        - [:simple-fdroid: F-Droid](https://f-droid.org/app/net.i2p.android.router)
-
-## Tor
-
-!!! recommendation
-
-    ![Tor logo](assets/img/self-contained-networks/tor.svg){ align=right }
-
-    The **Tor** network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. You use the Tor network by connecting through a series of virtual tunnels rather than making a direct connection to the site you're trying to visit, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool.
-
-    [:octicons-home-16: Homepage](https://www.torproject.org){ .md-button .md-button--primary }
-    [:simple-torproject:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title=Onion }
-    [:octicons-info-16:](https://tb-manual.torproject.org/){ .card-link title=Documentation}
-    [:octicons-code-16:](https://gitweb.torproject.org/tor.git){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-windows11: Windows](https://www.torproject.org/download/)
-        - [:simple-apple: macOS](https://www.torproject.org/download/)
-        - [:simple-linux: Linux](https://www.torproject.org/download/)
-        - [:simple-freebsd: FreeBSD](https://www.freshports.org/security/tor)
-        - [:simple-openbsd: OpenBSD](https://openports.se/net/tor)
-        - [:simple-netbsd: NetBSD](https://pkgsrc.se/net/tor)
-        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.torbrowser)
-        - [:simple-fdroid: F-Droid](https://support.torproject.org/tormobile/tormobile-7/)
-        - [:simple-android: Android](https://www.torproject.org/download/#android)
-
-### Orbot
-
-!!! recommendation
-
-    ![Orbot logo](assets/img/self-contained-networks/orbot.svg){ align=right }
-
-    **Orbot** is a free Tor VPN for smartphones which routes traffic from any app on your device through the Tor network.
-
-    [:octicons-home-16: Homepage](https://orbot.app/){ .md-button .md-button--primary }
-    [:octicons-eye-16:](https://orbot.app/privacy-policy){ .card-link title="Privacy Policy" }
-    [:octicons-info-16:](https://orbot.app/faqs){ .card-link title=Documentation}
-    [:octicons-code-16:](https://orbot.app/code){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://orbot.app/donate){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.android)
-        - [:simple-fdroid: F-Droid](https://guardianproject.info/fdroid)
-        - [:simple-appstore: App Store](https://apps.apple.com/us/app/orbot/id1609461599)
-
-For resistance against traffic analysis attacks, consider enabling *Isolate Destination Address* in :material-menu: → **Settings** → **Connectivity**. This will use a completely different Tor Circuit (different middle relay and exit nodes) for every domain you connect to.
-
-!!! tip "Tips for Android"
-
-    Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN killswitch in :gear: **Settings** → **Network & internet** → **VPN** → :gear: → **Block connections without VPN**.
-
-    Orbot is often outdated on the Guardian Project's [F-Droid repository](https://guardianproject.info/fdroid) and [Google Play](https://play.google.com/store/apps/details?id=org.torproject.android), so consider downloading directly from the [GitHub repository](https://github.com/guardianproject/orbot) instead.
-
-    All versions are signed using the same signature so they should be compatible with each other.
--- a/docs/tools.en.md
+++ b/docs/tools.en.md
@ -11,11 +11,23 @@ If you want assistance figuring out the best privacy tools and alternative progr

 For more details about each project, why they were chosen, and additional tips or tricks we recommend, click the "Learn more" link in each section, or click on the recommendation itself to be taken to that specific section of the page.

+## Tor Network
+
+<div class="grid cards annotate" markdown>
+
+- ![Tor Browser logo](assets/img/browsers/tor.svg){ .twemoji } [Tor Browser](tor.md#tor-browser)
+- ![Orbot logo](assets/img/self-contained-networks/orbot.svg){ .twemoji } [Orbot (Smartphone Tor Proxy)](tor.md#orbot)
+- ![Snowflake logo](assets/img/browsers/snowflake.svg#only-light){ .twemoji }![Snowflake logo](assets/img/browsers/snowflake-dark.svg#only-dark){ .twemoji } [Snowflake](tor.md#snowflake) (1)
+
+</div>
+
+1. Snowflake does not increase privacy, however it allows you to easily contribute to the Tor network and help people in censored networks achieve better privacy.
+
+[Learn more :material-arrow-right-drop-circle:](tor.md)
 ## Desktop Web Browsers

 <div class="grid cards" markdown>

- ![Tor Browser logo](assets/img/browsers/tor.svg){ .twemoji } [Tor Browser](desktop-browsers.md#tor-browser)
 - ![Firefox logo](assets/img/browsers/firefox.svg){ .twemoji } [Firefox](desktop-browsers.md#firefox)
 - ![Brave logo](assets/img/browsers/brave.svg){ .twemoji } [Brave](desktop-browsers.md#brave)

@ -25,22 +37,18 @@ For more details about each project, why they were chosen, and additional tips o

 ### Additional Resources

-<div class="grid cards annotate" markdown>
+<div class="grid cards" markdown>

 - ![uBlock Origin logo](assets/img/browsers/ublock_origin.svg){ .twemoji } [uBlock Origin](desktop-browsers.md#ublock-origin)
- ![Snowflake logo](assets/img/browsers/snowflake.svg#only-light){ .twemoji }![Snowflake logo](assets/img/browsers/snowflake-dark.svg#only-dark){ .twemoji } [Snowflake](desktop-browsers.md#snowflake) (1)

 </div>

-1. Snowflake does not increase privacy, however it allows you to easily contribute to the Tor network and help people in censored networks achieve better privacy.
-
 [Learn more :material-arrow-right-drop-circle:](desktop-browsers.md#additional-resources)

 ## Mobile Web Browsers

 <div class="grid cards" markdown>

- ![Tor Browser logo](assets/img/browsers/tor.svg){ .twemoji } [Tor Browser (Android)](mobile-browsers.md#tor-browser)
 - ![Brave logo](assets/img/browsers/brave.svg){ .twemoji } [Brave (Android)](mobile-browsers.md#brave)
 - ![Safari logo](assets/img/browsers/safari.svg){ .twemoji } [Safari (iOS)](mobile-browsers.md#safari)

@ -407,19 +415,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b

 [Learn more :material-arrow-right-drop-circle:](news-aggregators.md)

-### Self-Contained Networks
-
-<div class="grid cards" markdown>
-
- ![Freenet logo](./assets/img/self-contained-networks/freenet.svg){ .twemoji } [Freenet](self-contained-networks.md#freenet)
- ![I2P logo](./assets/img/self-contained-networks/i2p.svg#only-light){ .twemoji } ![I2P logo](./assets/img/self-contained-networks/i2p-dark.svg#only-dark){ .twemoji } [I2P](self-contained-networks.md#invisible-internet-project)
- ![Tor logo](./assets/img/self-contained-networks/tor.svg){ .twemoji } [Tor](self-contained-networks.md#tor)
- ![Orbot logo](assets/img/self-contained-networks/orbot.svg){ .twemoji } [Orbot (Smartphone Tor Proxy)](self-contained-networks.md#orbot)
-
-</div>
-
-[Learn more :material-arrow-right-drop-circle:](self-contained-networks.md)
-
 ### Video Streaming Clients

 <div class="grid cards" markdown>
--- a/docs/tor.en.md
+++ b/docs/tor.en.md
@ -0,0 +1,126 @@
+---
+title: "Tor Network"
+icon: simple/torproject
+---
+
+![Tor logo](assets/img/self-contained-networks/tor.svg){ align=right }
+
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+
+[:octicons-home-16:](https://www.torproject.org){ .card-link title=Homepage }
+[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
+[:octicons-info-16:](https://tb-manual.torproject.org/){ .card-link title=Documentation}
+[:octicons-code-16:](https://gitweb.torproject.org/tor.git){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
+
+Tor works by routing your internet traffic through those volunteer-operated servers, instead of making a direct connection to the site you're trying to visit. This obfuscates where the traffic is coming from, and no server in the connection path is able to see the full path of where the traffic is coming from and going to, meaning even the servers you are using to connect cannot break your anonymity.
+
+<figure markdown>
+  ![Tor path](assets/img/how-tor-works/tor-path.svg#only-light)
+  ![Tor path](assets/img/how-tor-works/tor-path-dark.svg#only-dark)
+  <figcaption>Tor circuit pathway - Nodes in the path can only see the servers they are directly connected to, for example the "Entry" node shown can see your IP address, and the address of the "Middle" node, but has no way to see which website you are visiting.</figcaption>
+</figure>
+
+- [More information about how Tor works :material-arrow-right-drop-circle:](basics/tor-overview.md)
+
+## Connecting to Tor
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](linux-desktop.md/#whonix) on [Qubes OS](qubes.md), which provide even greater security and protections than the standard Tor Browser.
+
+### Tor Browser
+
+!!! recommendation
+
+    ![Tor Browser logo](assets/img/browsers/tor.svg){ align=right }
+
+    **Tor Browser** is the choice if you need anonymity, as it provides you with access to the Tor network and bridges, and it includes default settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*.
+
+    [:octicons-home-16: Homepage](https://www.torproject.org){ .md-button .md-button--primary }
+    [:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
+    [:octicons-info-16:](https://tb-manual.torproject.org/){ .card-link title=Documentation }
+    [:octicons-code-16:](https://gitweb.torproject.org/tor-browser.git/){ .card-link title="Source Code" }
+    [:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
+
+    ??? downloads
+
+        - [:simple-windows11: Windows](https://www.torproject.org/download/)
+        - [:simple-apple: macOS](https://www.torproject.org/download/)
+        - [:simple-linux: Linux](https://www.torproject.org/download/)
+        - [:simple-freebsd: FreeBSD](https://www.freshports.org/security/tor)
+        - [:simple-openbsd: OpenBSD](https://openports.se/net/tor)
+        - [:simple-netbsd: NetBSD](https://pkgsrc.se/net/tor)
+        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.torbrowser)
+        - [:simple-fdroid: F-Droid](https://support.torproject.org/tormobile/tormobile-7/)
+        - [:simple-android: Android](https://www.torproject.org/download/#android)
+
+!!! danger
+
+    You should **never** install any additional extensions on Tor Browser, including the ones we suggest for Firefox. Nor should you manually enable HTTPS-only mode or edit `about:config` settings. Browser extensions and non-standard settings make you stand out from others on the Tor network, thus making your browser easier to [fingerprint](https://support.torproject.org/glossary/browser-fingerprinting).
+
+The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+
+### Orbot
+
+!!! recommendation
+
+    ![Orbot logo](assets/img/self-contained-networks/orbot.svg){ align=right }
+
+    **Orbot** is a free Tor VPN for smartphones which routes traffic from any app on your device through the Tor network.
+
+    [:octicons-home-16: Homepage](https://orbot.app/){ .md-button .md-button--primary }
+    [:octicons-eye-16:](https://orbot.app/privacy-policy){ .card-link title="Privacy Policy" }
+    [:octicons-info-16:](https://orbot.app/faqs){ .card-link title=Documentation}
+    [:octicons-code-16:](https://orbot.app/code){ .card-link title="Source Code" }
+    [:octicons-heart-16:](https://orbot.app/donate){ .card-link title=Contribute }
+
+    ??? downloads
+
+        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.android)
+        - [:simple-fdroid: F-Droid](https://guardianproject.info/fdroid)
+        - [:simple-github: GitHub](https://github.com/guardianproject/orbot/releases)
+        - [:simple-appstore: App Store](https://apps.apple.com/us/app/orbot/id1609461599)
+
+For resistance against traffic analysis attacks, consider enabling *Isolate Destination Address* in :material-menu: → **Settings** → **Connectivity**. This will use a completely different Tor Circuit (different middle relay and exit nodes) for every domain you connect to.
+
+!!! tip "Tips for Android"
+
+    Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN killswitch in :gear: **Settings** → **Network & internet** → **VPN** → :gear: → **Block connections without VPN**.
+
+    Orbot is often outdated on the Guardian Project's [F-Droid repository](https://guardianproject.info/fdroid) and [Google Play](https://play.google.com/store/apps/details?id=org.torproject.android), so consider downloading directly from the [GitHub repository](https://github.com/guardianproject/orbot/releases) instead.
+
+    All versions are signed using the same signature so they should be compatible with each other.
+
+## Relays and Bridges
+
+### Snowflake
+
+!!! recommendation
+
+    ![Snowflake logo](assets/img/browsers/snowflake.svg#only-light){ align=right }
+    ![Snowflake logo](assets/img/browsers/snowflake-dark.svg#only-dark){ align=right }
+
+    **Snowflake** allows you to donate bandwidth to the Tor Project by operating a "Snowflake proxy" within your browser.
+
+    People who are censored can use Snowflake proxies to connect to the Tor network. Snowflake is a great way to contribute to the network even if you don't have the technical know-how to run a Tor relay or bridge.
+
+    [:octicons-home-16: Homepage](https://snowflake.torproject.org/){ .md-button .md-button--primary }
+    [:octicons-info-16:](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/Technical%20Overview){ .card-link title=Documentation}
+    [:octicons-code-16:](https://gitweb.torproject.org/pluggable-transports/snowflake.git/){ .card-link title="Source Code" }
+    [:octicons-heart-16:](https://donate.torproject.org/){ .card-link title=Contribute }
+
+    ??? downloads
+
+        - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/en-US/firefox/addon/torproject-snowflake/)
+        - [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/snowflake/mafpmfcccpbjnhfhjnllmmalhifmlcie)
+        - [:octicons-browser-16: Web](https://snowflake.torproject.org/embed "Leave this page open to be a Snowflake proxy")
+
+??? tip "Embedded Snowflake"
+
+    You can enable Snowflake in your browser by clicking the switch below and ==leaving this page open==. You can also install Snowflake as a browser extension to have it always run while your browser is open, however adding third-party extensions can increase your attack surface.
+
+    <center><iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe></center>
+    <small>If the embed does not appear for you, ensure you are not blocking the third-party frame from `torproject.org`. Alternatively, visit [this page](https://snowflake.torproject.org/embed.html).</small>
+
+Snowflake does not increase your privacy in any way, nor is it used to connect to the Tor network within your personal browser. However, if your internet connection is uncensored, you should consider running it to help people in censored networks achieve better privacy themselves. There is no need to worry about which websites people are accessing through your proxy—their visible browsing IP address will match their Tor exit node, not yours.
+
+Running a Snowflake proxy is low-risk, even moreso than running a Tor relay or bridge which are already not particularly risky endeavours. However, it does still proxy traffic through your network which can be impactful in some ways, especially if your network is bandwidth-limited. Make sure you understand [how Snowflake works](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home) before deciding whether to run a proxy.
--- a/docs/vpn.en.md
+++ b/docs/vpn.en.md
@ -146,7 +146,7 @@ Find a no-logging VPN operator who isn’t out to sell or read your web traffic.
    **EUR €60/year**

    [:octicons-home-16: Homepage](https://mullvad.net){ .md-button .md-button--primary }
-    [:simple-torproject:](http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion){ .card-link title=Onion }
+    [:simple-torbrowser:](http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion){ .card-link title="Onion Service" }
    [:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy/){ .card-link title="Privacy Policy" }
    [:octicons-info-16:](https://mullvad.net/en/help/){ .card-link title=Documentation}
    [:octicons-code-16:](https://github.com/mullvad){ .card-link title="Source Code" }
@ -218,7 +218,7 @@ We require all our recommended VPN providers to provide OpenVPN configuration fi
 - Support for strong protocols such as WireGuard & OpenVPN.
 - Killswitch built in to clients.
 - Multihop support. Multihopping is important to keep data private in case of a single node compromise.
- If VPN clients are provided, they should be [open-source](https://en.wikipedia.org/wiki/Open_source), like the VPN software they generally have built into them. We believe that [source code](https://en.wikipedia.org/wiki/Source_code) availability provides greater transparency about what your device is actually doing. We like to see these applications [available in F-Droid](https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html).
+- If VPN clients are provided, they should be [open-source](https://en.wikipedia.org/wiki/Open_source), like the VPN software they generally have built into them. We believe that [source code](https://en.wikipedia.org/wiki/Source_code) availability provides greater transparency about what your device is actually doing.

 **Best Case:**

@ -226,7 +226,7 @@ We require all our recommended VPN providers to provide OpenVPN configuration fi
 - Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)
 - Easy-to-use VPN clients
 - Supports [IPv6](https://en.wikipedia.org/wiki/IPv6). We expect that servers will allow incoming connections via IPv6 and allow you to access services hosted on IPv6 addresses.
- Capability of [remote port forwarding](https://en.wikipedia.org/wiki/Port_forwarding#Remote_port_forwarding) assists in creating connections when using P2P ([Peer-to-Peer](https://en.wikipedia.org/wiki/Peer-to-peer)) file sharing software, Freenet, or hosting a server (e.g., Mumble).
+- Capability of [remote port forwarding](https://en.wikipedia.org/wiki/Port_forwarding#Remote_port_forwarding) assists in creating connections when using P2P ([Peer-to-Peer](https://en.wikipedia.org/wiki/Peer-to-peer)) file sharing software or hosting a server (e.g., Mumble).

 ### Privacy

@ -292,8 +292,8 @@ Must not have any marketing which is irresponsible:

 Responsible marketing that is both educational and useful to the consumer could include:

- An accurate comparison to when Tor or other [self-contained networks](self-contained-networks.md) should be used.
- Availability of the VPN provider's website over a .onion [Hidden Service](https://en.wikipedia.org/wiki/.onion)
+- An accurate comparison to when [Tor](tor.md) should be used instead.
+- Availability of the VPN provider's website over a .onion [Onion Service](https://en.wikipedia.org/wiki/.onion)

 ### Additional Functionality

--- a/includes/abbreviations.en.md
+++ b/includes/abbreviations.en.md
@ -28,7 +28,6 @@
 *[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
 *[HTTPS]: Hypertext Transfer Protocol Secure
 *[HTTP]: Hypertext Transfer Protocol
-*[I2P]: Invisible Internet Project
 *[ICCID]: Integrated Circuit Card Identifier
 *[IMAP]: Internet Message Access Protocol
 *[IMEI]: International Mobile Equipment Identity
--- a/mkdocs.production.yml
+++ b/mkdocs.production.yml
@ -1,9 +1,5 @@
 INHERIT: mkdocs.yml
 plugins:
-  minify:
-    minify_html: true
-    htmlmin_opts:
-        remove_comments: true
  privacy:
    externals_exclude:
      - cdn.jsdelivr.net/npm/mathjax@3/*
--- a/mkdocs.yml
+++ b/mkdocs.yml
@ -139,13 +139,16 @@ nav:
      - 'linux-desktop/overview.md'
      - 'linux-desktop/hardening.md'
      - 'linux-desktop/sandboxing.md'
+    - 'Real-Time Communication':
+      - 'real-time-communication/communication-network-types.md'
+      - 'real-time-communication/signal-configuration-hardening.md'
    - 'Advanced':
      - 'advanced/integrating-metadata-removal.md'
      - 'advanced/erasing-data.md'
-      - 'advanced/signal-configuration-hardening.md'
  - 'Recommendations':
    - 'tools.md'
-    - 'Browsers':
+    - 'Internet Browsing':
+      - 'tor.md'
      - 'desktop-browsers.md'
      - 'mobile-browsers.md'
    - 'Operating Systems':
@ -171,7 +174,6 @@ nav:
      - 'passwords.md'
      - 'productivity.md'
      - 'real-time-communication.md'
-      - 'self-contained-networks.md'
      - 'video-streaming.md'
  - 'About':
    - 'about.md'
Author	SHA1	Message	Date
matchboxbananasynergy	f2162cf28a	Add Real-Time Communication Category to Knowledge Base (#1770 ) Co-authored-by: Morten Lautrup <44033709+purtual@users.noreply.github.com> Signed-off-by: Daniel Gray <dng@disroot.org>	2022-09-16 23:17:51 +09:30
matchboxbananasynergy	4c159a3261	Fix Diceware links (#1772 ) Signed-off-by: Daniel Gray <dng@disroot.org>	2022-09-16 22:38:10 +09:30
matchboxbananasynergy	b3a254463d	Change hidden to onion, remove F-droid mention (#1771 ) Signed-off-by: Daniel Gray <dng@disroot.org>	2022-09-16 22:35:10 +09:30
Jonah Aragon	2b58befda4	Change GrapheneOS/CalyxOS comparison page name (#1768 ) * use 'or' instead	2022-09-15 19:21:38 +01:00
dependabot[bot]	0b8edd035c	Bump crowdin/github-action from 1.4.12 to 1.4.13 (#1766 ) Signed-off-by: dependabot[bot] <support@github.com>	2022-09-15 11:33:48 -05:00
matchboxbananasynergy	9f6cd454a8	Fix TOTP app link (#1767 )	2022-09-15 10:24:42 -05:00
matchboxbananasynergy	8309e56cb3	Add GitHub Releases to Orbot's Downloads (#1765 )	2022-09-14 19:20:23 +00:00
matchboxbananasynergy	c88dc960d2	Add mention of HIBP's Latest Breaches Feed To Passwords Knowledge Base Article (#1761 )	2022-09-14 09:17:52 +00:00
Jonah Aragon	2c5707a9ba	Update Tails description (#1760 ) Co-Authored-By: matchboxbananasynergy <107055883+matchboxbananasynergy@users.noreply.github.com>	2022-09-13 18:20:00 -05:00
matchboxbananasynergy	cc3bcd9d94	Increase GrapheneOS user profile count to 32 (#1758 )	2022-09-13 22:40:29 +00:00
matchboxbananasynergy	982dc64730	Clarify Qubes OS mention in Tor Page (#1759 )	2022-09-13 22:29:55 +00:00
matchboxbananasynergy	0660fbf119	GrapheneOS/CalyxOS Comparison Page Improvements (#1753 ) Co-authored-by: mfwmyfacewhen <94880365+mfwmyfacewhen@users.noreply.github.com> Co-authored-by: Jonah Aragon <github@aragon.science>	2022-09-13 17:53:59 +00:00
Jonah Aragon	9d14330cde	Remove I2P and Freenet (#1756 )	2022-09-13 12:48:10 -05:00
Jonah Aragon	16cb2daf2a	Improve Android introduction (#1757 )	2022-09-13 18:42:14 +01:00
Jonah Aragon	173a9b6d30	Disable HTML Minification (#1755 )	2022-09-13 10:34:39 -05:00
				`@ -1 +0,0 @@`
				<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><g><g><path fill="#fff" stroke="#356ace" stroke-width="1.5" d="m80.03 122.66c14.46-15.6 24.29-8.67 7.5 2.23-5.34 3.47-3.95 4.48-0.36 3.93 5.07-0.77 7.84 0.2 9.07 1.16 2.94 2.3 4.41 0.59 5.4-1.16 1.97-3.47 8.61 0.3 3.75 3.93-3.8 2.83-3.27 6.02 0.18 7.86 6.39 3.4 20.73 10.14 18.57 17.32-0.88 2.93-2.47 5.69-6.07 1.96-6.75-6.97-11.24-12.92-26.79-15.35-10.04-1.58-20.13-4.21-29.82 0.71-4.56 2.42-10.3 3.98-11.52 1.12-1.59-3.73 6.53-6.8 14.38-7.55 5.1-0.49 9.67-3.83 2.68-5.53-8.61-2.65 1.28-10.2 7.5-8.4 4.05 1.18 4.45-1.06 5.53-2.23z" transform="translate(0 -263.13) matrix(.072143 0 0 .072143 -44.234 303.31) matrix(6.1686 0 0 6.1686 310.87 -1171.1)"/></g></g></g></svg>