mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-07-10 05:22:37 +00:00
Compare commits
6 Commits
Author | SHA1 | Date | |
---|---|---|---|
cd4ce7b55e | |||
f2a7710aed | |||
5eaceb9a8e | |||
f9d8426174
|
|||
6ee7c34951 | |||
cb498b015e |
2
.github/workflows/crowdin.yml
vendored
2
.github/workflows/crowdin.yml
vendored
@ -14,7 +14,7 @@ jobs:
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: crowdin action
|
||||
uses: crowdin/github-action@1.4.8
|
||||
uses: crowdin/github-action@1.4.9
|
||||
with:
|
||||
upload_sources: true
|
||||
upload_sources_args: '--auto-update --delete-obsolete'
|
||||
|
@ -1,9 +1,6 @@
|
||||
---
|
||||
title: "Web Browsers"
|
||||
icon: octicons/browser-16
|
||||
tags:
|
||||
- HTML5
|
||||
- JavaScript
|
||||
---
|
||||
These are our current web browser recommendations and settings. We recommend keeping extensions to a minimum: they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
|
||||
|
||||
@ -57,43 +54,55 @@ These are our current web browser recommendations and settings. We recommend kee
|
||||
|
||||
#### Recommended Configuration
|
||||
|
||||
Tor Browser is the only way to truly browse the internet anonymously. When you use Firefox we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than Tor will be traceable by *somebody* in some regard or another.
|
||||
|
||||
These options can be found in :material-menu: → **Settings** → **Privacy & Security**.
|
||||
|
||||
##### Enhanced Tracking Protection (ETP)
|
||||
##### Enhanced Tracking Protection
|
||||
|
||||
- Select **Strict**
|
||||
- [x] Enable **Strict** Enhanced Tracking Protection
|
||||
|
||||
This protects you by blocking social media trackers, fingerprinting scripts (note that this does not protect you from *all* fingerprinting), cryptominers, cross-site tracking cookies, and some other tracking content. ETP protects against many common threats, but it does not block all tracking avenues because it is designed to have minimal to no impact on site usability.
|
||||
|
||||
##### Sanitize on Close
|
||||
|
||||
If you want to stay logged in to particular sites, you can allow exceptions in **Cookies and Site Data** → **Manage Exceptions...**
|
||||
|
||||
- Select **Delete cookies and site data when Firefox is closed**
|
||||
- [x] Check **Delete cookies and site data when Firefox is closed**
|
||||
|
||||
This protects you from persistent cookies, but does not protect you against cookies acquired during any one browsing session. When this is enabled, it becomes possible to easily cleanse your browser cookies by simply restarting Firefox. You can set exceptions on a per-site basis, if you wish to stay logged in to a particular site you visit often.
|
||||
|
||||
##### Disable Search Suggestions
|
||||
|
||||
- Clear **Suggestions from the web**
|
||||
- Clear **Suggestions from sponsors**
|
||||
- Clear **Improve the Firefox Suggest experience**
|
||||
- [ ] Uncheck **Suggestions from the web**
|
||||
- [ ] Uncheck **Suggestions from sponsors**
|
||||
- [ ] Uncheck **Improve the Firefox Suggest experience**
|
||||
|
||||
Search suggestion features may not be available in your region.
|
||||
|
||||
Search suggestions send everything you type in the address bar to the default search engine, regardless of whether you submit an actual search. Disabling search suggestions allows you to more precisely control what data you send to your search engine provider.
|
||||
|
||||
##### Disable Telemetry
|
||||
|
||||
- Clear **Allow Firefox to send technical and interaction data to Mozilla**
|
||||
- Clear **Allow Firefox to install and run studies**
|
||||
- Clear **Allow Firefox to send backlogged crash reports on your behalf**
|
||||
- [ ] Uncheck **Allow Firefox to send technical and interaction data to Mozilla**
|
||||
- [ ] Uncheck **Allow Firefox to install and run studies**
|
||||
- [ ] Uncheck **Allow Firefox to send backlogged crash reports on your behalf**
|
||||
|
||||
> Firefox sends data about your Firefox version and language; device operating system and hardware configuration; memory, basic information about crashes and errors; outcome of automated processes like updates, safebrowsing, and activation to us. When Firefox sends data to us, your IP address is temporarily collected as part of our server logs.
|
||||
|
||||
##### HTTPS-Only Mode
|
||||
|
||||
- Select **Enable HTTPS-Only Mode in all windows**
|
||||
- [x] Select **Enable HTTPS-Only Mode in all windows**
|
||||
|
||||
This prevents you from unintentionally connecting to a website in plain-text HTTP. The HTTP protocol is extremely uncommon nowadays, so this should have little to no impact on your day to day browsing.
|
||||
|
||||
#### Sync
|
||||
|
||||
The [Firefox Sync](https://hacks.mozilla.org/2018/11/firefox-sync-privacy/) service uses E2EE.
|
||||
[Firefox Sync](https://hacks.mozilla.org/2018/11/firefox-sync-privacy/) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices. It is fully E2EE, so it should be safe to use.
|
||||
|
||||
#### Extensions
|
||||
|
||||
We generally do not recommend installing any extensions as they increase your attack surface; however, if you want content blocking, [uBlock Origin](#additional-resources) might be useful to you. The extension is also a :trophy: [Recommended Extension](https://support.mozilla.org/kb/add-on-badges#w_recommended-extensions) by Mozilla.
|
||||
We generally do not recommend installing any extensions as they increase your attack surface. However, if you want content blocking, [uBlock Origin](#additional-resources) might be useful to you. The extension is also a :trophy: [Recommended Extension](https://support.mozilla.org/kb/add-on-badges#w_recommended-extensions) by Mozilla.
|
||||
|
||||
#### Arkenfox (advanced)
|
||||
|
||||
@ -126,13 +135,15 @@ These options can be found in :material-menu: → :gear: **Settings** → **Priv
|
||||
|
||||
##### HTTPS-Only Mode
|
||||
|
||||
- Select **Always use secure connections**
|
||||
- [x] Select **Always use secure connections**
|
||||
|
||||
This prevents you from unintentionally connecting to a website in plain-text HTTP. The HTTP protocol is extremely uncommon nowadays, so this should have little to no impact on your day to day browsing.
|
||||
|
||||
##### Always-on Incognito Mode
|
||||
|
||||
- Select **Open links in incognito tabs always**
|
||||
- Select **Close all open tabs on exit**
|
||||
- Select **Open external links in incognito**
|
||||
- [x] Select **Open links in incognito tabs always**
|
||||
- [x] Select **Close all open tabs on exit**
|
||||
- [x] Select **Open external links in incognito**
|
||||
|
||||
### Safari
|
||||
|
||||
@ -150,9 +161,9 @@ These options can be found in :gear: **Settings** → **Safari** → **Privacy a
|
||||
|
||||
##### Cross-Site Tracking Prevention
|
||||
|
||||
Enable WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp).
|
||||
- [x] Enable **Prevent Cross-Site Tracking**
|
||||
|
||||
- Select **Prevent Cross-Site Tracking** to enable
|
||||
This enables WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp). The feature helps protect against unwanted tracking by using on-device machine learning to stop trackers. ITP protects against many common threats, but it does not block all tracking avenues because it is designed to not interfere with website usability.
|
||||
|
||||
##### Privacy Report
|
||||
|
||||
@ -162,21 +173,23 @@ Privacy Report is accessible through the "**Aa**" icon in the URL bar.
|
||||
|
||||
##### Privacy Preserving Ad Measurement
|
||||
|
||||
This is WebKit's own [implementation](https://webkit.org/blog/8943/privacy-preserving-ad-click-attribution-for-the-web/) of privacy preserving ad click attribution. If you do not wish to participate, you can disable this feature.
|
||||
- [ ] Uncheck **Privacy Preserving Ad Measurement**
|
||||
|
||||
- Select **Privacy Preserving Ad Measurement**
|
||||
Ad click measurement has traditionally used tracking technology that infringes on user privacy. [Private Click Measurement](https://webkit.org/blog/11529/introducing-private-click-measurement-pcm/) is a WebKit feature and proposed web standard aimed towards allowing advertisers to measure the effectiveness of web campaigns without compromising on user privacy.
|
||||
|
||||
The feature has little privacy concerns on its own, so while you can choose to leave it on, we consider the fact that it's automatically disabled in Private Browsing to be an indicator for disabling the feature.
|
||||
|
||||
##### Apple Pay
|
||||
|
||||
If you do not use Apple Pay, you can toggle off the ability for websites to check for it.
|
||||
|
||||
- Select **Check for Apple Pay**
|
||||
- [ ] Uncheck **Allow websites to check for Apple Pay and Apple Card**
|
||||
|
||||
##### Always-on Private Browsing
|
||||
|
||||
Open Safari and press the tabs icon in the bottom right corner. Open Tab Groups, located in the bottom middle.
|
||||
|
||||
- Select **Private**
|
||||
- [x] Select **Private**
|
||||
|
||||
##### iCloud Sync
|
||||
|
||||
|
@ -12,8 +12,8 @@ For everything else, we recommend a variety of email providers based on sustaina
|
||||
|
||||
When using E2EE technology like OpenPGP, email will still have some metadata that is not encrypted in the header of the email. Read more about email metadata.
|
||||
|
||||
OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. How do I protect my private keys?
|
||||
|
||||
OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. [How do I protect my private keys?](email.md#how-do-i-protect-my-private-keys)
|
||||
|
||||
## Recommended Email Providers
|
||||
|
||||
### ProtonMail
|
||||
|
@ -38,7 +38,7 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
|
||||
|
||||
{ align=right }
|
||||
|
||||
**Cryptomator** makes it easy for you to upload files to the cloud in a virtual encrypted file system.
|
||||
**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
|
||||
|
||||
[Homepage](https://cryptomator.org){ .md-button .md-button--primary } [Privacy Policy](https://cryptomator.org/privacy){ .md-button }
|
||||
|
||||
@ -49,11 +49,15 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
|
||||
- [:fontawesome-brands-linux: Linux](https://cryptomator.org/downloads)
|
||||
- [:pg-flathub: Flatpak](https://flathub.org/apps/details/org.cryptomator.Cryptomator)
|
||||
- [:fontawesome-brands-google-play: Google Play](https://play.google.com/store/apps/details?id=org.cryptomator)
|
||||
- [:fontawesome-brands-android: F-Droid repo](https://cryptomator.org/android)
|
||||
- [:pg-f-droid: F-Droid](https://cryptomator.org/android)
|
||||
- [:fontawesome-brands-app-store-ios: App Store](https://apps.apple.com/us/app/cryptomator-2/id1560822163)
|
||||
- [:fontawesome-brands-github: Source](https://github.com/cryptomator)
|
||||
|
||||
Some of the Cryptomator Crypto Libraries have been [audited](https://cryptomator.org/open-source/) by [Cure53](https://cryptomator.org/audits/2017-11-27%20crypto%20cure53.pdf). The scope of those libraries included [cryptolib](https://github.com/cryptomator/cryptolib), [cryptofs](https://github.com/cryptomator/cryptofs), [siv-mode](https://github.com/cryptomator/siv-mode) and [cryptomator-objc-cryptor](https://github.com/cryptomator/cryptomator-objc-cryptor). It did not include [cryptolib-swift](https://github.com/cryptomator/cryptolib-swift) which is now used on iOS.
|
||||
Cryptomator utilizes AES-256 encryption to encrypt both files and filenames. Cryptomator cannot encrypt some metadata such as access, modification, and creation timestamps, nor the number and size of files and folders.
|
||||
|
||||
Some Cryptomator cryptographic libraries have been [audited](https://community.cryptomator.org/t/has-there-been-a-security-review-audit-of-cryptomator/44) by Cure53. The scope of the audited libraries include: [cryptolib](https://github.com/cryptomator/cryptolib), [cryptofs](https://github.com/cryptomator/cryptofs), [siv-mode](https://github.com/cryptomator/siv-mode) and [cryptomator-objc-cryptor](https://github.com/cryptomator/cryptomator-objc-cryptor). The audit did not extend to [cryptolib-swift](https://github.com/cryptomator/cryptolib-swift), which is a library used by Cryptomator for iOS.
|
||||
|
||||
Cryptomator's documentation details its intended [security target](https://docs.cryptomator.org/en/latest/security/security-target/), [security architecture](https://docs.cryptomator.org/en/latest/security/architecture/), and [best practices](https://docs.cryptomator.org/en/latest/security/best-practices/) for use in further detail.
|
||||
|
||||
### Picocrypt
|
||||
|
||||
|
@ -82,7 +82,7 @@ Joplin does not support password/pin protection for the [application itself or i
|
||||
|
||||
{ align=right }
|
||||
|
||||
**Org-mode** is a [major mode](https://www.gnu.org/software/emacs/manual/html_node/elisp/Major-Modes.html) for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system. Synchronization is possible with [file synchronization](/software/file-sharing/#sync) tools.
|
||||
**Org-mode** is a [major mode](https://www.gnu.org/software/emacs/manual/html_node/elisp/Major-Modes.html) for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system. Synchronization is possible with [file synchronization](/file-sharing/#file-sync) tools.
|
||||
|
||||
[Homepage](https://orgmode.org){ .md-button .md-button--primary }
|
||||
|
||||
|
@ -1,6 +1,11 @@
|
||||
{% extends "base.html" %}
|
||||
{% block extrahead %}
|
||||
<link rel="stylesheet" href="{{ 'overrides/home.css' | url }}">
|
||||
<link rel="me" href="https://aragon.sh/@jonah">
|
||||
<link rel="me" href="https://fosstodon.org/@freddy">
|
||||
<link rel="me" href="https://mastodon.social/@dngray">
|
||||
<link rel="me" href="https://mastodon.social/@blacklight447">
|
||||
<link rel="me" href="https://fosstodon.org/@hook54321">
|
||||
{% endblock %}
|
||||
{% block tabs %}
|
||||
{{ super() }}
|
||||
|
Reference in New Issue
Block a user