Change 'MullvadDNS' to 'Mullvad' on Overview (#1267)

Closes #1183: See https://github.com/privacyguides/privacyguides.org/issues/1183#issuecomment-1126581848

README.md

@@ -68,14 +68,25 @@ Our current list of team members can be found [here](https://github.com/orgs/pri
 
 ## Developing
 
-1. Clone this repository and submodules: `git clone --recurse-submodules https://github.com/privacyguides/privacyguides.org`
+This website uses [`mkdocs-material-insiders`](https://squidfunk.github.io/mkdocs-material/insiders/) which offers additional functionality over the open-source `mkdocs-material` project. For obvious reasons we cannot distribute access to the insiders repository. You can install the website locally with the open-source version of `mkdocs-material`:
+
+1. Clone this repository: `git clone https://github.com/privacyguides/privacyguides.org.git`
 2. Install [Python 3.6+](https://www.python.org/downloads/)
-3. Install **pipenv**: `pip install pipenv`
-4. Start a pipenv shell: `pipenv shell`
-5. Install dependencies: `pipenv install --dev`
-6. Serve the site locally: `mkdocs serve`
+3. Install [dependencies](/Pipfile): `pip install mkdocs mkdocs-material mkdocs-static-i18n mkdocs-git-revision-date-localized-plugin typing-extensions`
+4. Serve the site locally: `mkdocs serve`
     - The site will be available at `http://localhost:8000`
     - You can build the site locally with `mkdocs build`
+    - Your local version of the site may be missing functionality, which is expected. If you are submitting a PR, please ensure the automatic preview generated for your PR looks correct, as that site will be built with the production insiders build.
+
+**Team members** should clone the repository with `mkdocs-material-insiders` directly. This method is identical to production:
+
+1. Clone this repository and submodules: `git clone --recurse-submodules https://github.com/privacyguides/privacyguides.org.git`
+2. Install [Python 3.6+](https://www.python.org/downloads/)
+3. Install **pipenv**: `pip install pipenv`
+4. Install dependencies: `pipenv install --dev`
+5. Serve the site locally: `pipenv run mkdocs serve`
+    - The site will be available at `http://localhost:8000`
+    - You can build the site locally with `pipenv run mkdocs build`
     - This version of the site should be identical to the live, production version
 
 ## Releasing

docs/android.en.md

@@ -285,9 +285,9 @@ Main privacy features include:
 
     You should **never** use blur to redact [text in images](https://bishopfox.com/blog/unredacter-tool-never-pixelation). If you want to redact text in an image, draw a box over the text. For this we suggest [Pocket Paint](https://github.com/Catrobat/Paintroid) or [Imagepipe](https://codeberg.org/Starfish/Imagepipe).
 
-## App Stores
+## Obtaining Applications
 
-### GrapheneOS's App Store
+### GrapheneOS App Store
 
 GrapheneOS's app store is available on [GitHub](https://github.com/GrapheneOS/Apps/releases). It supports Android 12 and above and is capable of updating itself. The app store has standalone applications built by the GrapheneOS project such as the [Auditor](https://attestation.app/), [Camera](https://github.com/GrapheneOS/Camera), and [PDF Viewer](https://github.com/GrapheneOS/PdfViewer). If you are looking for these applications, we highly recommend that you get them from GrapheneOS's app store instead of the Play Store, as the apps on their store are signed by the GrapheneOS's project own signature that Google does not have access to.
 
@@ -328,4 +328,44 @@ To mitigate these problems, we recommend [Neo Store](https://github.com/NeoAppli
         - [:fontawesome-brands-android: APK Download](https://android.izzysoft.de/repo/apk/com.looker.droidify)
         - [:fontawesome-brands-github: Source](https://github.com/NeoApplications/Neo-Store)
 
+### Manually with RSS Notifications
+
+If an app is released on a platform like GitHub, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you be aware of new releases. Using [Secure Camera](#secure-camera) as an example, you would navigate to its [releases page](https://github.com/GrapheneOS/Camera/releases) on GitHub and append `.atom` to the URL:
+
+`https://github.com/GrapheneOS/Camera/releases.atom`
+
+![RSS Feed](./assets/img/android/gfeeds-light.png#only-light)
+![RSS Feed](./assets/img/android/gfeeds-dark.png#only-dark)
+
+#### Verifying APK Fingerprints
+
+If you download APK files to install manually, you can verify their signature with the [`apksigner`](https://developer.android.com/studio/command-line/apksigner) tool, which is a part of Android [build-tools](https://developer.android.com/studio/releases/build-tools).
+
+1. Install [Java JDK](https://www.oracle.com/java/technologies/downloads/).
+
+2. Download the [Android Studio command line tools](https://developer.android.com/studio#command-tools).
+
+3. Extract the downloaded archive:
+
+    ```bash
+    unzip commandlinetools-*.zip
+    cd cmdline-tools
+    ./bin/sdkmanager --sdk_root=./ "build-tools;29.0.3"
+    ```
+
+4. Run the signature verification command:
+
+    ```bash
+    ./build-tools/29.0.3/apksigner verify --print-certs ../Camera-37.apk
+    ```
+
+5. The resulting hashes can then be compared with another source. Some developers such as Signal [show the fingerprints](https://signal.org/android/apk/) on their website.
+
+    ```bash
+    Signer #1 certificate DN: CN=GrapheneOS
+    Signer #1 certificate SHA-256 digest: 6436b155b917c2f9a9ed1d15c4993a5968ffabc94947c13f2aeee14b7b27ed59
+    Signer #1 certificate SHA-1 digest: 23e108677a2e1b1d6e6b056f3bb951df7ad5570c
+    Signer #1 certificate MD5 digest: dbbcd0cac71bd6fa2102a0297c6e0dd3
+    ```
+
 --8<-- "includes/abbreviations.en.md"

docs/browsers.en.md

@@ -26,7 +26,7 @@ These are our currently recommended web browsers and configurations. In general,
         - [:pg-f-droid: F-Droid](https://guardianproject.info/fdroid/)
         - [:fontawesome-brands-git: Source](https://trac.torproject.org/projects/tor)
 
-!!! warning
+!!! danger
     You should **never** install any additional extensions on Tor Browser, including the ones we suggest for Firefox. Browser extensions make you stand out from others on the Tor network, thus making your browser easier to [fingerprint](https://support.torproject.org/glossary/browser-fingerprinting).
 
 ## Desktop Recommendations
@@ -328,7 +328,7 @@ We generally do not recommend installing [any extensions](https://www.sentinelon
 
 !!! warning "Use default filter lists"
 
-    Additional filter lists can impact performance may increase attack surface. Only apply what you need. If there is a [vulnerability in uBlock Origin](https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css) a third party filter could add malicious rules that can potentially steal user data.
+    Additional filter lists can impact performance and may increase attack surface, so only apply what you need. If there is a [vulnerability in uBlock Origin](https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css) a third party filter could add malicious rules that can potentially steal user data.
 
 ### AdGuard for Safari
 

docs/file-sharing.en.md

@@ -71,6 +71,9 @@ Discover how to privately share your files between your devices, with your frien
         - [:fontawesome-brands-windows: Windows](https://syncthing.net/downloads)
         - [:fontawesome-brands-apple: macOS](https://syncthing.net/downloads)
         - [:fontawesome-brands-linux: Linux](https://syncthing.net/downloads)
+        - [:fontawesome-brands-freebsd: FreeBSD](https://syncthing.net/downloads/)
+        - [:pg-openbsd: OpenBSD](https://syncthing.net/downloads/)
+        - [:pg-netbsd: NetBSD](https://syncthing.net/downloads/)
         - [:fontawesome-brands-google-play: Google Play](https://play.google.com/store/apps/details?id=com.nutomic.syncthingandroid)
         - [:pg-f-droid: F-Droid](https://f-droid.org/packages/com.nutomic.syncthingandroid/)
         - [:fontawesome-brands-github: Source](https://github.com/syncthing)

docs/search-engines.en.md

@@ -34,7 +34,7 @@ DuckDuckGo offers two other [versions](https://help.duckduckgo.com/features/non-
     ![Startpage logo](assets/img/search-engines/startpage.svg#only-light){ align=right }
     ![Startpage logo](assets/img/search-engines/startpage-dark.svg#only-dark){ align=right }
 
-    **Startpage** is a private search engine known for serving Google search results. Startpage's flagship feature is [Anonoymous View](https://www.startpage.com/en/anonymous-view/), which puts forth efforts to standardize user activity to make it more difficult to be uniquely identified. Unlike the name suggests, the feature should not be relied upon for anonymity. If you are looking for anonymity, use the Tor Browser instead. The feature can be useful for hiding some network and browser properties—see the [technical document](https://support.startpage.com/index.php?/Knowledgebase/Article/View/1185/0/the-anonymous-view-proxy---technical-details=undefined) for more details.
+    **Startpage** is a private search engine known for serving Google search results. Startpage's flagship feature is [Anonymous View](https://www.startpage.com/en/anonymous-view/), which puts forth efforts to standardize user activity to make it more difficult to be uniquely identified. Unlike the name suggests, the feature should not be relied upon for anonymity. If you are looking for anonymity, use the Tor Browser instead. The feature can be useful for hiding some network and browser properties—see the [technical document](https://support.startpage.com/index.php?/Knowledgebase/Article/View/1185/0/the-anonymous-view-proxy---technical-details=undefined) for more details.
 
     Startpage has been known to refuse access to those using a VPN service or Tor, so your mileage may vary.
 

docs/tools.en.md

@@ -119,7 +119,7 @@ For your convenience, everything we recommend is listed below with a link to the
 
 ### DNS
 
-We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers based on a variety of criteria, such as [MullvadDNS](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) and [Quad9](https://quad9.net/) amongst others. We recommend for you to read our pages on DNS before choosing a provider. In many cases, using an alternative DNS provider is not recommended.
+We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers based on a variety of criteria, such as [Mullvad](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) and [Quad9](https://quad9.net/) amongst others. We recommend for you to read our pages on DNS before choosing a provider. In many cases, using an alternative DNS provider is not recommended.
 <br>
 <br>
 [Learn more :material-arrow-right:](dns.md)

docs/vpn.en.md

@@ -40,12 +40,14 @@ Find a no-logging VPN operator who isn’t out to sell or read your web traffic.
 
     [Website](https://mullvad.net){ .md-button .md-button--primary } [:pg-tor:](http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion){ .md-button }
 
-??? check "35 Countries"
+??? check annotate "38 Countries"
 
-    Mullvad has [servers in 35 countries](https://mullvad.net/en/servers/) at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+    Mullvad has [servers in 38 countries](https://mullvad.net/servers/) (1). Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
 
     We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
 
+1. As of 2022/05/17
+
 ??? check "Independently Audited"
 
     Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report [published at cure53.de](https://cure53.de/pentest-report_mullvad_v2.pdf). The security researchers concluded:
@@ -100,12 +102,14 @@ Find a no-logging VPN operator who isn’t out to sell or read your web traffic.
 
     [Website](https://protonvpn.com/){ .md-button .md-button--primary }
 
-??? check "44 Countries"
+??? check annotate "63 Countries"
 
-    ProtonVPN has [servers in 44 countries](https://protonvpn.com/vpn-servers) at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+    ProtonVPN has [servers in 63 countries](https://protonvpn.com/vpn-servers) (1). Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
 
     We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
 
+1. As of 2022/05/17
+
 ??? check "Independently Audited"
 
     As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to your device or traffic. You can view individual reports for each platform at [protonvpn.com](https://protonvpn.com/blog/open-source/).
@@ -148,12 +152,14 @@ Find a no-logging VPN operator who isn’t out to sell or read your web traffic.
 
     [Website](https://www.ivpn.net/){ .md-button .md-button--primary }
 
-??? check "32 Countries"
+??? check annotate "32 Countries"
 
-    IVPN has [servers in 32 countries](https://www.ivpn.net/server-locations) at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+    IVPN has [servers in 32 countries](https://www.ivpn.net/server-locations) (1). Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
 
     We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
 
+1. As of 2022/05/17
+
 ??? check "Independently Audited"
 
     IVPN has undergone a [no-logging audit from Cure53](https://cure53.de/audit-report_ivpn.pdf) which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a [comprehensive pentest report Cure53](https://cure53.de/summary-report_ivpn_2019.pdf) in January 2020. IVPN has also said they plan to have [annual reports](https://www.ivpn.net/blog/independent-security-audit-concluded) in the future.