Recommend Fedora Atomic Desktops (#2393)

Signed-off-by: Jonah Aragon <jonah@privacyguides.org>
Signed-off-by: Daniel Gray <dngray@privacyguides.org>

.github/workflows/crowdin-upload.yml

@@ -39,7 +39,7 @@ jobs:
       uses: actions/checkout@v4
 
     - name: crowdin action
-      uses: crowdin/github-action@v1.16.0
+      uses: crowdin/github-action@v1.18.0
       with:
         upload_sources: true
         upload_sources_args: '--auto-update --delete-obsolete'

.github/workflows/pages.yml

@@ -56,7 +56,7 @@ jobs:
           cache: 'pipenv'
       
       - name: Cache files
-        uses: actions/cache@v3.3.2
+        uses: actions/cache@v4.0.0
         with:
           key: ${{ github.ref }}
           path: .cache

.github/workflows/release.yml

@@ -63,7 +63,7 @@ jobs:
           cache: 'pipenv'
       
       - name: Cache files
-        uses: actions/cache@v3.3.2
+        uses: actions/cache@v4.0.0
         with:
           key: ${{ github.ref }}
           path: .cache

README.md

@@ -9,17 +9,17 @@
 
   <p><em>Your central privacy and security resource to protect yourself online.</em></p>
 
-  <p><a href="https://mastodon.neat.computer/@privacyguides">
-    <img src="https://img.shields.io/mastodon/follow/109298532634697668?domain=https%3A%2F%2Fmastodon.neat.computer&label=Follow%20%40privacyguides%40neat.computer&style=social">
-  </a>
-  <a href="https://twitter.com/privacy_guides">
-    <img src="https://img.shields.io/twitter/follow/privacy_guides?style=social">
-  </a>
-  <a href="https://discuss.privacyguides.net/">
+  <p><a href="https://discuss.privacyguides.net/">
     <img src="https://img.shields.io/discourse/users?label=Join%20our%20forum&logo=discourse&server=https%3A%2F%2Fdiscuss.privacyguides.net&style=social">
   </a>
   <a href="https://github.com/privacyguides/privacyguides.org/stargazers">
     <img src="https://img.shields.io/github/stars/privacyguides?style=social">
+  </a>
+  <a href="https://mastodon.neat.computer/@privacyguides">
+    <img src="https://img.shields.io/mastodon/follow/109298532634697668?domain=https%3A%2F%2Fmastodon.neat.computer&label=Follow%20%40privacyguides%40neat.computer&style=social">
+  </a>
+  <a href="https://lemmy.one/c/privacyguides">
+    <img src="https://img.shields.io/lemmy/privacyguides%40lemmy.one?style=social">
   </a></p>
 
   <p><a href="https://github.com/privacyguides/privacyguides.org/pulls">
@@ -59,10 +59,10 @@ All contributors to the site are listed [here](https://github.com/privacyguides/
 ## Mirrors
 
 [![GitHub](https://img.shields.io/static/v1?logo=github&label=&message=GitHub&color=000&style=for-the-badge)](https://github.com/privacyguides/privacyguides.org)
-[![Gitea](https://img.shields.io/static/v1?logo=gitea&label=&message=Gitea&color=000&style=for-the-badge)](https://code.privacyguides.dev/privacyguides/privacyguides.org)
 [![GitLab](https://img.shields.io/static/v1?logo=gitlab&label=&message=GitLab&color=000&style=for-the-badge)](https://gitlab.com/privacyguides/privacyguides.org)
 [![Codeberg](https://img.shields.io/static/v1?logo=codeberg&label=&message=Codeberg&color=000&style=for-the-badge)](https://codeberg.org/privacyguides/privacyguides.org)
-[![SourceHut](https://img.shields.io/static/v1?logo=git&label=&message=SourceHut&color=000&style=for-the-badge)](https://git.sr.ht/~jonaharagon/privacyguides.org)
+[![Gitea](https://img.shields.io/static/v1?logo=gitea&label=&message=Gitea&color=000&style=for-the-badge)](https://code.privacyguides.dev/privacyguides/privacyguides.org)
+[![Forgejo](https://img.shields.io/static/v1?logo=forgejo&label=&message=Forgejo&color=000&style=for-the-badge)](https://git.jonaharagon.net/privacyguides/privacyguides.org)
 
 **Hidden service (Tor/onion):** [xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion](http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion/)
 

docs/android.md

@@ -95,13 +95,16 @@ These are the Android operating systems, devices, and apps we recommend to maxim
 
 We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
 
-!!! note
+<div class="admonition note" markdown>
+<p class="admonition-title">Note</p>
 
 End-of-life devices (such as GrapheneOS or CalyxOS's "extended support" devices) do not have full security patches (firmware updates) due to the OEM discontinuing support. These devices cannot be considered completely secure regardless of installed software.
 
+</div>
+
 ### GrapheneOS
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![GrapheneOS logo](assets/img/android/grapheneos.svg#only-light){ align=right }
 ![GrapheneOS logo](assets/img/android/grapheneos-dark.svg#only-dark){ align=right }
@@ -116,6 +119,8 @@ We recommend installing one of these custom Android operating systems on your de
 [:octicons-code-16:](https://grapheneos.org/source){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
 
+</div>
+
 GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as [push notifications](https://firebase.google.com/docs/cloud-messaging/), while giving you full control over their permissions and access, and while containing them to a specific [work profile](os/android-overview.md#work-profile) or [user profile](os/android-overview.md#user-profiles) of your choice.
 
 Google Pixel phones are the only devices that currently meet GrapheneOS's [hardware security requirements](https://grapheneos.org/faq#device-support).
@@ -124,7 +129,7 @@ Google Pixel phones are the only devices that currently meet GrapheneOS's [hardw
 
 ### DivestOS
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![DivestOS logo](assets/img/android/divestos.svg){ align=right }
 
@@ -138,6 +143,8 @@ Google Pixel phones are the only devices that currently meet GrapheneOS's [hardw
 [:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
 
+</div>
+
 DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, and a custom [hosts](https://divested.dev/index.php?page=dnsbl) file. Its hardened WebView, [Mulch](https://gitlab.com/divested-mobile/mulch), enables [CFI](https://en.wikipedia.org/wiki/Control-flow_integrity) for all architectures and [network state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning), and receives out-of-band updates.
 DivestOS also includes kernel patches from GrapheneOS and enables all available kernel security features via [defconfig hardening](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). All kernels newer than version 3.4 include full page [sanitization](https://lwn.net/Articles/334747/) and all ~22 Clang-compiled kernels have [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) enabled.
 
@@ -145,19 +152,22 @@ DivestOS implements some system hardening patches originally developed for Graph
 
 DivestOS uses F-Droid as its default app store. We normally [recommend avoiding F-Droid](#f-droid), but doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repositories ([DivestOS Official](https://divestos.org/fdroid/official/?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467) and [DivestOS WebView](https://divestos.org/fdroid/webview/?fingerprint=FB426DA1750A53D7724C8A582B4D34174E64A84B38940E5D5A802E1DFF9A40D2)). We recommend disabling the official F-Droid app and using [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic/) **with the DivestOS repositories enabled** to keep those components up to date. For other apps, our recommended methods of obtaining them still apply.
 
-!!! warning
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
 
 DivestOS firmware update [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) and quality control varies across the devices it supports. We still recommend GrapheneOS depending on your device's compatibility. For other devices, DivestOS is a good alternative.
 
 Not all of the supported devices have verified boot, and some perform it better than others.
 
+</div>
+
 ## Android Devices
 
 When purchasing a device, we recommend getting one as new as possible. The software and firmware of mobile devices are only supported for a limited time, so buying new extends that lifespan as much as possible.
 
 Avoid buying phones from mobile network operators. These often have a **locked bootloader** and do not support [OEM unlocking](https://source.android.com/devices/bootloader/locking_unlocking). These phone variants will prevent you from installing any kind of alternative Android distribution.
 
-Be very **careful** about buying second hand phones from online marketplaces. Always check the reputation of the seller. If the device is stolen, there's a possibility of [IMEI blacklisting](https://www.gsma.com/security/resources/imei-blacklisting/). There is also a risk involved with you being associated with the activity of the previous owner.
+Be very **careful** about buying second hand phones from online marketplaces. Always check the reputation of the seller. If the device is stolen, there's a possibility of it being entered in the [IMEI database](https://www.gsma.com/get-involved/working-groups/terminal-steering-group/imei-database). There is also a risk involved with you being associated with the activity of the previous owner.
 
 A few more tips regarding Android devices and operating system compatibility:
 
@@ -169,7 +179,7 @@ A few more tips regarding Android devices and operating system compatibility:
 
 Google Pixel phones are the **only** devices we recommend for purchase. Pixel phones have stronger hardware security than any other Android devices currently on the market, due to proper AVB support for third-party operating systems and Google's custom [Titan](https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html) security chips acting as the Secure Element.
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Google Pixel 6](assets/img/android/google-pixel.png){ align=right }
 
@@ -179,6 +189,8 @@ Google Pixel phones are the **only** devices we recommend for purchase. Pixel ph
 
 [:material-shopping: Store](https://store.google.com/category/phones){ .md-button .md-button--primary }
 
+</div>
+
 Secure Elements like the Titan M2 are more limited than the processor's Trusted Execution Environment used by most other phones as they are only used for secrets storage, hardware attestation, and rate limiting, not for running "trusted" programs. Phones without a Secure Element have to use the TEE for *all* of those functions, resulting in a larger attack surface.
 
 Google Pixel phones use a TEE OS called Trusty which is [open source](https://source.android.com/security/trusty#whyTrusty), unlike many other phones.
@@ -199,7 +211,7 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
 
 ### Shelter
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Shelter logo](assets/img/android/shelter.svg){ align=right }
 
@@ -211,15 +223,20 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
 [:octicons-code-16:](https://gitea.angry.im/PeterCxy/Shelter){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://www.patreon.com/PeterCxy){ .card-link title=Contribute }
 
-!!! warning
+</div>
+
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
 
 Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular/) and [Island](https://github.com/oasisfeng/island) as it supports [contact search blocking](https://secure-system.gitlab.io/Insular/faq.html).
 
 When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
 
+</div>
+
 ### Secure Camera
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Secure camera logo](assets/img/android/secure_camera.svg#only-light){ align=right }
 ![Secure camera logo](assets/img/android/secure_camera-dark.svg#only-dark){ align=right }
@@ -231,27 +248,35 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
 [:octicons-code-16:](https://github.com/GrapheneOS/Camera){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.grapheneos.camera.play)
 - [:simple-github: GitHub](https://github.com/GrapheneOS/Camera/releases)
 - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
 
+</details>
+
+</div>
+
 Main privacy features include:
 
 - Auto removal of [Exif](https://en.wikipedia.org/wiki/Exif) metadata (enabled by default)
 - Use of the new [Media](https://developer.android.com/training/data-storage/shared/media) API, therefore [storage permissions](https://developer.android.com/training/data-storage) are not required
 - Microphone permission not required unless you want to record sound
 
-!!! note
+<div class="admonition note" markdown>
+<p class="admonition-title">Note</p>
 
 Metadata is not currently deleted from video files but that is planned.
 
 The image orientation metadata is not deleted. If you enable location (in Secure Camera) that **won't** be deleted either. If you want to delete that later you will need to use an external app such as [ExifEraser](data-redaction.md#exiferaser).
 
+</div>
+
 ### Secure PDF Viewer
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Secure PDF Viewer logo](assets/img/android/secure_pdf_viewer.svg#only-light){ align=right }
 ![Secure PDF Viewer logo](assets/img/android/secure_pdf_viewer-dark.svg#only-dark){ align=right }
@@ -264,17 +289,22 @@ Main privacy features include:
 [:octicons-code-16:](https://github.com/GrapheneOS/PdfViewer){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.grapheneos.pdfviewer.play)
 - [:simple-github: GitHub](https://github.com/GrapheneOS/PdfViewer/releases)
 - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
 
+</details>
+
+</div>
+
 ## Obtaining Applications
 
 ### Obtainium
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Obtainium logo](assets/img/android/obtainium.svg){ align=right }
 
@@ -284,10 +314,15 @@ Main privacy features include:
 [:octicons-code-16:](https://github.com/ImranR98/Obtainium){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://github.com/sponsors/ImranR98){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-github: GitHub](https://github.com/ImranR98/Obtainium/releases)
 
+</details>
+
+</div>
+
 Obtainium allows you to download APK installer files from a wide variety of sources, and it is up to you to ensure those sources and apps are legitimate. For example, using Obtainium to install Signal from [Signal's APK landing page](https://signal.org/android/apk/) should be fine, but installing from third-party APK repositories like Aptoide or APKPure may pose additional risks. The risk of installing a malicious *update* is lower, because Android itself verifies that all app updates are signed by the same developer as the existing app on your phone before installing them.
 
 ### GrapheneOS App Store
@@ -298,7 +333,7 @@ GrapheneOS's app store is available on [GitHub](https://github.com/GrapheneOS/Ap
 
 The Google Play Store requires a Google account to login which is not great for privacy. You can get around this by using an alternative client, such as Aurora Store.
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Aurora Store logo](assets/img/android/aurora-store.webp){ align=right }
 
@@ -308,10 +343,15 @@ The Google Play Store requires a Google account to login which is not great for
 [:octicons-eye-16:](https://gitlab.com/AuroraOSS/AuroraStore/-/blob/master/POLICY.md){ .card-link title="Privacy Policy" }
 [:octicons-code-16:](https://gitlab.com/AuroraOSS/AuroraStore){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-gitlab: GitLab](https://gitlab.com/AuroraOSS/AuroraStore/-/releases)
 
+</details>
+
+</div>
+
 Aurora Store does not allow you to download paid apps with their anonymous account feature. You can optionally log in with your Google account with Aurora Store to download apps you have purchased, which does give access to the list of apps you've installed to Google, however you still benefit from not requiring the full Google Play client and Google Play Services or microG on your device.
 
 ### Manually with RSS Notifications
@@ -375,18 +415,24 @@ Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https:/
 
 That said, the [F-Droid](https://f-droid.org/en/packages/) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) repositories are home to countless apps, so they can be a useful tool to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgement when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
 
-!!! note "F-Droid Basic"
+<div class="admonition note" markdown>
+<p class="admonition-title">F-Droid Basic</p>
 
 In some rare cases, the developer of an app will only distribute it through F-Droid ([Gadgetbridge](https://gadgetbridge.org/) is one example of this). If you really need an app like that, we recommend using the newer [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic/) client instead of the original F-Droid app to obtain it. F-Droid Basic can do unattended updates without privileged extension or root, and has a reduced feature set (limiting attack surface).
 
+</div>
+
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 ### Operating Systems
 
 - Must be open-source software.

docs/basics/threat-modeling.md

@@ -37,7 +37,7 @@ To answer this question, it's important to identify who might want to target you
 
 *Make a list of your adversaries or those who might want to get ahold of your assets. Your list may include individuals, a government agency, or corporations.*
 
-Depending on who your adversaries are, under some circumstances, this list might be something you want to destroy after you're done security planning.
+Depending on who your adversaries are, this list might be something you want to destroy after you've finished developing your threat model.
 
 ### How likely is it that I will need to protect it?
 

docs/calendar.md

@@ -8,7 +8,7 @@ Calendars contain some of your most sensitive data; use products that implement
 
 ## Tuta
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Tuta logo](assets/img/calendar/tuta.svg){ align=right }
 
@@ -22,7 +22,8 @@ Calendars contain some of your most sensitive data; use products that implement
 [:octicons-code-16:](https://github.com/tutao/tutanota){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://tuta.com/community/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=de.tutao.tutanota)
 - [:simple-appstore: App Store](https://apps.apple.com/us/app/tutanota/id922429609)
@@ -32,9 +33,13 @@ Calendars contain some of your most sensitive data; use products that implement
 - [:simple-flathub: Flathub](https://flathub.org/apps/com.tutanota.Tutanota)
 - [:octicons-browser-16: Web](https://app.tuta.com/)
 
+</details>
+
+</div>
+
 ## Proton Calendar
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Proton](assets/img/calendar/proton-calendar.svg){ align=right }
 
@@ -45,20 +50,30 @@ Calendars contain some of your most sensitive data; use products that implement
 [:octicons-info-16:](https://proton.me/support/proton-calendar-guide){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/ProtonMail/WebClients){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=me.proton.android.calendar)
 - [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id1514709943)
 - [:octicons-browser-16: Web](https://calendar.proton.me)
 
+</details>
+
+</div>
+
+Unfortunately, as of January 2024 Proton has [still](https://discuss.privacyguides.net/t/proton-calendar-is-not-open-source-mobile/14656/8) not released the source code for their mobile Calendar app on Android or iOS. Proton Calendar's web client is open source.
+
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 ### Minimum Qualifications
 
 - Must sync and store information with E2EE to ensure data is not visible to the service provider.

docs/cloud.md

@@ -9,13 +9,16 @@ Many cloud storage providers require your full trust that they will not look at
 
 If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
 
-??? question "Looking for Nextcloud?"
+<details class="TYPE" markdown>
+<summary>Looking for Nextcloud?</summary>
 
 Nextcloud is [still a recommended tool](productivity.md) for self-hosting a file management suite, however we do not recommend third-party Nextcloud storage providers at the moment, because we do [not recommend](https://discuss.privacyguides.net/t/dont-recommend-nextcloud-e2ee/10352/29) Nextcloud's built-in E2EE functionality for home users.
 
+</details>
+
 ## Proton Drive
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Proton Drive logo](assets/img/cloud/protondrive.svg){ align=right }
 
@@ -26,13 +29,18 @@ If these alternatives do not fit your needs, we suggest you look into using encr
 [:octicons-info-16:](https://proton.me/support/drive){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/ProtonMail/WebClients){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=me.proton.android.drive)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id1509667851)
 - [:simple-windows11: Windows](https://proton.me/drive/download)
 - [:simple-apple: macOS](https://proton.me/drive/download)
 
+</details>
+
+</div>
+
 The Proton Drive web application has been independently audited by Securitum in [2021](https://proton.me/blog/security-audit-all-proton-apps), full details were not made available, but Securitum's letter of attestation states:
 
 > Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest.
@@ -41,7 +49,7 @@ Proton Drive's brand new mobile clients have not yet been publicly audited by a
 
 ## Tresorit
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Tresorit logo](assets/img/cloud/tresorit.svg){ align=right }
 
@@ -51,7 +59,8 @@ Proton Drive's brand new mobile clients have not yet been publicly audited by a
 [:octicons-eye-16:](https://tresorit.com/legal/privacy-policy){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://support.tresorit.com/hc/en-us){ .card-link title=Documentation}
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.tresorit.mobile)
 - [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id722163232)
@@ -59,6 +68,10 @@ Proton Drive's brand new mobile clients have not yet been publicly audited by a
 - [:simple-apple: macOS](https://tresorit.com/download)
 - [:simple-linux: Linux](https://tresorit.com/download)
 
+</details>
+
+</div>
+
 Tresorit has received a number of independent security audits:
 
 - [2022](https://tresorit.com/blog/tresorit-receives-iso-27001-certification/): ISO/IEC 27001:2013[^1] Compliance [Certification](https://www.certipedia.com/quality_marks/9108644476) by TÜV Rheinland InterCert Kft
@@ -77,10 +90,13 @@ They have also received the Digital Trust Label, a certification from the [Swiss
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 ### Minimum Requirements
 
 - Must enforce end-to-end encryption.

docs/desktop-browsers.md

@@ -62,7 +62,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
 
 ## Mullvad Browser
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Mullvad Browser logo](assets/img/browsers/mullvad_browser.svg){ align=right }
 
@@ -73,12 +73,17 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
 [:octicons-info-16:](https://mullvad.net/en/help/tag/mullvad-browser/){ .card-link title=Documentation}
 [:octicons-code-16:](https://gitlab.torproject.org/tpo/applications/mullvad-browser){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-windows11: Windows](https://mullvad.net/en/download/browser/windows)
 - [:simple-apple: macOS](https://mullvad.net/en/download/browser/macos)
 - [:simple-linux: Linux](https://mullvad.net/en/download/browser/linux)
 
+</details>
+
+</div>
+
 Like [Tor Browser](tor.md), Mullvad Browser is designed to prevent fingerprinting by making your browser fingerprint identical to all other Mullvad Browser users, and it includes default settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*. Therefore, it is imperative that you do not modify the browser at all outside adjusting the default [security levels](https://tb-manual.torproject.org/security-settings/). Other modifications would make your fingerprint unique, defeating the purpose of using this browser. If you want to configure your browser more heavily and fingerprinting is not a concern for you, we recommend [Firefox](#firefox) instead.
 
 ### Anti-Fingerprinting
@@ -103,7 +108,7 @@ Mullvad Browser comes with DuckDuckGo set as the default [search engine](search-
 
 ## Firefox
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Firefox logo](assets/img/browsers/firefox.svg){ align=right }
 
@@ -115,16 +120,25 @@ Mullvad Browser comes with DuckDuckGo set as the default [search engine](search-
 [:octicons-code-16:](https://hg.mozilla.org/mozilla-central){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://donate.mozilla.org/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-windows11: Windows](https://www.mozilla.org/firefox/windows)
 - [:simple-apple: macOS](https://www.mozilla.org/firefox/mac)
 - [:simple-linux: Linux](https://www.mozilla.org/firefox/linux)
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.mozilla.firefox)
 
-!!! warning
+</details>
+
+</div>
+
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
+
 Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug.cgi?id=1677497#c0) in downloads from Mozilla's website and uses telemetry in Firefox to send the token. The token is **not** included in releases from the [Mozilla FTP](https://ftp.mozilla.org/pub/firefox/releases/).
 
+</div>
+
 ### Recommended Configuration
 
 These options can be found in :material-menu: → **Settings**
@@ -193,17 +207,20 @@ Max Protection enforces the use of DNS over HTTPS, and a security warning will s
 
 ### Arkenfox (advanced)
 
-!!! tip "Use Mullvad Browser for advanced anti-fingerprinting"
+<div class="admonition tip" markdown>
+<p class="admonition-title">Use Mullvad Browser for advanced anti-fingerprinting</p>
 
 [Mullvad Browser](#mullvad-browser) provides the same anti-fingerprinting protections as Arkenfox out of the box, and does not require the use of Mullvad's VPN to benefit from these protections. Coupled with a VPN, Mullvad Browser can thwart more advanced tracking scripts which Arkenfox cannot. Arkenfox still has the advantage of being much more flexible, and allowing per-site exceptions for websites which you need to stay logged in to.
 
+</div>
+
 The [Arkenfox project](https://github.com/arkenfox/user.js) provides a set of carefully considered options for Firefox. If you [decide](https://github.com/arkenfox/user.js/wiki/1.1-To-Arkenfox-or-Not) to use Arkenfox, a [few options](https://github.com/arkenfox/user.js/wiki/3.2-Overrides-[Common]) are subjectively strict and/or may cause some websites to not work properly - [which you can easily change](https://github.com/arkenfox/user.js/wiki/3.1-Overrides) to suit your needs. We **strongly recommend** reading through their full [wiki](https://github.com/arkenfox/user.js/wiki). Arkenfox also enables [container](https://support.mozilla.org/en-US/kb/containers#w_for-advanced-users) support.
 
 Arkenfox only aims to thwart basic or naive tracking scripts through canvas randomization and Firefox's built-in fingerprint resistance configuration settings. It does not aim to make your browser blend in with a large crowd of other Arkenfox users in the same way Mullvad Browser or Tor Browser do, which is the only way to thwart advanced fingerprint tracking scripts. Remember you can always use multiple browsers, for example, you could consider using Firefox+Arkenfox for a few sites that you want to stay logged in on or otherwise trust, and Mullvad Browser for general browsing.
 
 ## Brave
 
-!!! recommendation
+<div class="admonition recommendation annotate" markdown>
 
 ![Brave logo](assets/img/browsers/brave.svg){ align=right }
 
@@ -217,21 +234,29 @@ Arkenfox only aims to thwart basic or naive tracking scripts through canvas rand
 [:octicons-info-16:](https://support.brave.com/){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" }
 
-    ??? downloads annotate
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-github: GitHub](https://github.com/brave/brave-browser/releases)
 - [:simple-windows11: Windows](https://brave.com/download/)
 - [:simple-apple: macOS](https://brave.com/download/)
 - [:simple-linux: Linux](https://brave.com/linux/) (1)
 
+</details>
+
+</div>
+
 1. We advise against using the Flatpak version of Brave, as it replaces Chromium's sandbox with Flatpak's, which is less effective. Additionally, the package is not maintained by Brave Software, Inc.
 
 **macOS users:** The download for Brave Browser from their official website is a `.pkg` installer which requires admin privileges to run (and may run other unnecessary scripts on your machine). As an alternative, you can download the latest `Brave-Browser-universal.dmg` file from their [GitHub releases](https://github.com/brave/brave-browser/releases/latest) page, which provides a traditional "drag to Applications folder" install.
 
-!!! warning
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
 
 Brave adds a "[referral code](https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes)" to the file name in downloads from the Brave website, which is used to track which source the browser was downloaded from, for example `BRV002` in a download named `Brave-Browser-BRV002.pkg`. The installer will then ping Brave's server with the referral code at the end of the installation process. If you're concerned about this, you can rename the installer file before opening it.
 
+</div>
+
 ### Recommended Configuration
 
 These options can be found in :material-menu: → **Settings**.
@@ -249,9 +274,13 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
 - [x] Select **Prevent sites from fingerprinting me based on my language preferences**
 - [x] Select **Aggressive** under Trackers & ads blocking
 
-    ??? warning "Use default filter lists"
+<details class="warning" markdown>
+<summary>Use default filter lists</summary>
+
 Brave allows you to select additional content filters within the internal `brave://adblock` page. We advise against using this feature; instead, keep the default filter lists. Using extra lists will make you stand out from other Brave users and may also increase attack surface if there is an exploit in Brave and a malicious rule is added to one of the lists you use.
 
+</details>
+
 - [x] Select **Strict** under **Upgrade connections to HTTPS**
 - [x] (Optional) Select **Block Scripts** (1)
 - [x] Select **Strict, may break sites** under Block fingerprinting
@@ -277,7 +306,12 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
 - [ ] Uncheck **Automatically send diagnostic reports**
 - [ ] Uncheck **Private window with Tor** (1)
 
-    !!! tip "Sanitizing on Close"
+</div>
+
+1. Brave is **not** as resistant to fingerprinting as the Tor Browser and far fewer people use Brave with Tor, so you will stand out. Where [strong anonymity is required](https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-) use the [Tor Browser](tor.md#tor-browser).
+
+<div class="admonition tip" markdown>
+<p class="admonition-title">Sanitizing on close</p>
 
 - [x] Select **Clear cookies and site data when you close all windows** in the *Cookies and other site data* menu
 
@@ -285,8 +319,6 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
 
 </div>
 
-1. Brave is **not** as resistant to fingerprinting as the Tor Browser and far fewer people use Brave with Tor, so you will stand out. Where [strong anonymity is required](https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-) use the [Tor Browser](tor.md#tor-browser).
-
 ##### Extensions
 
 Disable built-in extensions you do not use in **Extensions**
@@ -327,7 +359,7 @@ In general, we recommend keeping your browser extensions to a minimum to decreas
 
 ### uBlock Origin
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![uBlock Origin logo](assets/img/browsers/ublock_origin.svg){ align=right }
 
@@ -338,12 +370,17 @@ In general, we recommend keeping your browser extensions to a minimum to decreas
 [:octicons-info-16:](https://github.com/gorhill/uBlock/wiki){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/gorhill/uBlock){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/ublock-origin/)
 - [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm)
 - [:simple-microsoftedge: Edge](https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak)
 
+</details>
+
+</div>
+
 We suggest following the [developer's documentation](https://github.com/gorhill/uBlock/wiki/Blocking-mode) and picking one of the "modes". Additional filter lists can impact performance and [may increase attack surface](https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css).
 
 These are some other [filter lists](https://github.com/gorhill/uBlock/wiki/Dashboard:-Filter-lists) that you may want to consider adding:
@@ -359,7 +396,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
 - ...you want a more resource (memory/CPU) efficient content blocker[^1]
 - ...your browser only supports Manifest V3 extensions
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![uBlock Origin Lite logo](assets/img/browsers/ublock_origin_lite.svg){ align=right }
 
@@ -370,11 +407,16 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
 [:octicons-info-16:](https://github.com/uBlockOrigin/uBOL-home/wiki){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/gorhill/uBlock/tree/master/platform/mv3){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/addon/ublock-origin-lite/)
 - [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/ublock-origin-lite/ddkjiahejlhfcafbddmgiahcphecmpfh)
 
+</details>
+
+</div>
+
 We only recommend this version of uBlock Origin if you never want to make any changes to your filter lists, because it only supports a few pre-selected lists and offers no additional customization options, including the ability to select elements to block manually. These restrictions are due to limitations in Manifest V3's design.
 
 This version offers three levels of blocking: "Basic" works without requiring any special privileges to view and modify site content, while the "Optimal" and "Complete" levels do require that broad permission, but offer a better filtering experience with additional cosmetic rules and scriptlet injections.
@@ -387,10 +429,13 @@ uBlock Origin Lite only receives block list updates whenever the extension is up
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 ### Minimum Requirements
 
 - Must be open-source software.
@@ -401,7 +446,6 @@ uBlock Origin Lite only receives block list updates whenever the extension is up
 - Blocks third-party cookies by default.
 - Supports [state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning) to mitigate cross-site tracking.[^2]
 
-
 ### Best-Case
 
 Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.

docs/desktop.md

@@ -12,7 +12,7 @@ Linux distributions are commonly recommended for privacy protection and software
 
 ### Fedora Workstation
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Fedora logo](assets/img/linux-desktop/fedora-workstation.svg){ align=right }
 
@@ -22,11 +22,15 @@ Linux distributions are commonly recommended for privacy protection and software
 [:octicons-info-16:](https://docs.fedoraproject.org/en-US/docs/){ .card-link title=Documentation}
 [:octicons-heart-16:](https://whatcanidoforfedora.org/){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 Fedora has a semi-rolling release cycle. While some packages like [GNOME](https://www.gnome.org) are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
 
 ### openSUSE Tumbleweed
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![openSUSE Tumbleweed logo](assets/img/linux-desktop/opensuse-tumbleweed.svg){ align=right }
 
@@ -38,11 +42,15 @@ Fedora has a semi-rolling release cycle. While some packages like [GNOME](https:
 [:octicons-info-16:](https://doc.opensuse.org/){ .card-link title=Documentation}
 [:octicons-heart-16:](https://shop.opensuse.org/){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 Tumbleweed follows a rolling release model where each update is released as a snapshot of the distribution. When you upgrade your system, a new snapshot is downloaded. Each snapshot is run through a series of automated tests by [openQA](https://openqa.opensuse.org) to ensure its quality.
 
 ### Arch Linux
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Arch logo](assets/img/linux-desktop/archlinux.svg){ align=right }
 
@@ -52,6 +60,10 @@ Tumbleweed follows a rolling release model where each update is released as a sn
 [:octicons-info-16:](https://wiki.archlinux.org/){ .card-link title=Documentation}
 [:octicons-heart-16:](https://archlinux.org/donate/){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 Arch Linux has a rolling release cycle. There is no fixed release schedule and packages are updated very frequently.
 
 Being a DIY distribution, you are [expected to set up and maintain](os/linux-overview.md#arch-based-distributions) your system on your own. Arch has an [official installer](https://wiki.archlinux.org/title/Archinstall) to make the installation process a little easier.
@@ -60,19 +72,24 @@ A large portion of [Arch Linux’s packages](https://reproducible.archlinux.org)
 
 ## Immutable Distributions
 
-### Fedora Silverblue
+### Fedora Atomic Desktops
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
-    ![Fedora Silverblue logo](assets/img/linux-desktop/fedora-silverblue.svg){ align=right }
+![Fedora logo](assets/img/linux-desktop/fedora.svg){ align=right }
 
-    **Fedora Silverblue** is an immutable variant of Fedora with a strong focus on container workflows and the [GNOME](https://www.gnome.org/) desktop environment. If you prefer an environment other than GNOME, there are also other variants including [Kinoite](https://fedoraproject.org/kinoite/) (which comes with [KDE](https://kde.org/)) and [Sericea](https://fedoraproject.org/sericea/) (which comes with [Sway](https://swaywm.org/), a [Wayland](https://wayland.freedesktop.org)-only tiling window manager). We don't recommend [Onyx](https://fedoraproject.org/onyx/) at this time as it still [requires X11](https://buddiesofbudgie.org/blog/wayland). All of these variants follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
+**Fedora Atomic Desktops** are the immutable variants of Fedora with a strong focus on containerized workflows and Flatpak for desktop applications. All of these variants follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
 
-    [:octicons-home-16: Homepage](https://fedoraproject.org/silverblue/){ .md-button .md-button--primary }
-    [:octicons-info-16:](https://docs.fedoraproject.org/en-US/fedora-silverblue/){ .card-link title=Documentation}
+[:octicons-home-16: Homepage](https://fedoraproject.org/atomic-desktops/){ .md-button .md-button--primary }
 [:octicons-heart-16:](https://whatcanidoforfedora.org/){ .card-link title=Contribute }
 
-Silverblue and its variants differ from Fedora Workstation as they replace the [DNF](https://docs.fedoraproject.org/en-US/quick-docs/dnf/) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/latest/system-administrators-guide/package-management/rpm-ostree/). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
+</details>
+
+</div>
+
+The [Fedora Atomic Desktops](https://fedoramagazine.org/introducing-fedora-atomic-desktops/) come in a variety of flavors depending on the desktop environment you prefer, such as **Fedora Silverblue** (which comes with [GNOME](https://www.gnome.org/)), **Fedora Kinoite**, (which comes with [KDE](https://kde.org/)), **Fedora Sway Atomic**, or **Fedora Budgie Atomic**. However, we don't recommend the last of these as the Budgie desktop environment [still requires X11](https://buddiesofbudgie.org/blog/wayland).
+
+These operating systems differ from Fedora Workstation as they replace the [DNF](https://docs.fedoraproject.org/en-US/quick-docs/dnf/) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/latest/system-administrators-guide/package-management/rpm-ostree/). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
 
 After the update is complete you will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that you can easily rollback if something breaks in the new deployment. There is also the option to pin more deployments as needed.
 
@@ -82,7 +99,7 @@ As an alternative to Flatpaks, there is the option of [Toolbox](https://docs.fed
 
 ### NixOS
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![NixOS logo](assets/img/linux-desktop/nixos.svg){ align=right }
 
@@ -92,6 +109,10 @@ As an alternative to Flatpaks, there is the option of [Toolbox](https://docs.fed
 [:octicons-info-16:](https://nixos.org/learn.html){ .card-link title=Documentation}
 [:octicons-heart-16:](https://nixos.org/donate.html){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 NixOS’s package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
 
 NixOS also provides atomic updates; first it downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation; you can tell NixOS to activate it after reboot or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
@@ -106,7 +127,7 @@ Nix is a source-based package manager; if there’s no pre-built available in th
 
 ### Whonix
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Whonix logo](assets/img/linux-desktop/whonix.svg){ align=right }
 
@@ -117,6 +138,10 @@ Nix is a source-based package manager; if there’s no pre-built available in th
 [:octicons-info-16:](https://www.whonix.org/wiki/Documentation){ .card-link title=Documentation}
 [:octicons-heart-16:](https://www.whonix.org/wiki/Donate){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
 
 Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
@@ -125,7 +150,7 @@ Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qube
 
 ### Tails
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Tails logo](assets/img/linux-desktop/tails.svg){ align=right }
 
@@ -135,6 +160,10 @@ Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qube
 [:octicons-info-16:](https://tails.boum.org/doc/index.en.html){ .card-link title=Documentation}
 [:octicons-heart-16:](https://tails.boum.org/donate/){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 Tails is great for counter forensics due to amnesia (meaning nothing is written to the disk); however, it is not a hardened distribution like Whonix. It lacks many anonymity and security features that Whonix has and gets updated much less often (only once every six weeks). A Tails system that is compromised by malware may potentially bypass the transparent proxy allowing for the user to be deanonymized.
 
 Tails includes [uBlock Origin](desktop-browsers.md#ublock-origin) in Tor Browser by default, which may potentially make it easier for adversaries to fingerprint Tails users. [Whonix](desktop.md#whonix) virtual machines may be more leak-proof, however they are not amnesic, meaning data may be recovered from your storage device.
@@ -145,7 +174,7 @@ By design, Tails is meant to completely reset itself after each reboot. Encrypte
 
 ### Qubes OS
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Qubes OS logo](assets/img/qubes/qubes_os.svg){ align=right }
 
@@ -158,6 +187,10 @@ By design, Tails is meant to completely reset itself after each reboot. Encrypte
 [:octicons-code-16:](https://github.com/QubesOS/){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://www.qubes-os.org/donate/){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 Qubes OS secures the computer by isolating subsystems (e.g., networking, USB, etc.) and applications in separate *qubes*. Should one part of the system be compromised, the extra isolation is likely to protect the rest of the *qubes* and the core system.
 
 For further information about how Qubes works, read our full [Qubes OS overview](os/qubes-overview.md) page.
@@ -166,7 +199,7 @@ For further information about how Qubes works, read our full [Qubes OS overview]
 
 While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for Desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Kicksecure logo](assets/img/linux-desktop/kicksecure.svg){ align=right }
 
@@ -178,6 +211,10 @@ While we [recommend against](os/linux-overview.md#release-cycle) "perpetually ou
 [:octicons-code-16:](https://github.com/Kicksecure){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://www.kicksecure.com/wiki/Donate){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 ## Criteria
 
 Choosing a Linux distro that is right for you will come down to a huge variety of personal preferences, and this page is **not** meant to be an exhaustive list of every viable distribution. Our Linux overview page has some advice on [choosing a distro](os/linux-overview.md#choosing-your-distribution) in more detail. The distros on *this* page do all generally follow the guidelines we covered there, and all meet these standards:

docs/email-clients.md

@@ -6,7 +6,8 @@ cover: email-clients.webp
 ---
 Our recommendation list contains email clients that support both [OpenPGP](encryption.md#openpgp) and strong authentication such as [Open Authorization (OAuth)](https://en.wikipedia.org/wiki/OAuth). OAuth allows you to use [Multi-Factor Authentication](basics/multi-factor-authentication.md) and prevent account theft.
 
-??? warning "Email does not provide forward secrecy"
+<details class="warning" markdown>
+<summary>Email does not provide forward secrecy</summary>
 
 When using end-to-end encryption (E2EE) technology like OpenPGP, email will still have [some metadata](email.md#email-metadata-overview) that is not encrypted in the header of the email.
 
@@ -14,11 +15,13 @@ Our recommendation list contains email clients that support both [OpenPGP](encry
 
 [Real-time Communication](real-time-communication.md){ .md-button }
 
+</details>
+
 ## Cross-Platform
 
 ### Thunderbird
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Thunderbird logo](assets/img/email-clients/thunderbird.svg){ align=right }
 
@@ -29,13 +32,18 @@ Our recommendation list contains email clients that support both [OpenPGP](encry
 [:octicons-info-16:](https://support.mozilla.org/products/thunderbird){ .card-link title=Documentation}
 [:octicons-code-16:](https://hg.mozilla.org/comm-central){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-windows11: Windows](https://www.thunderbird.net)
 - [:simple-apple: macOS](https://www.thunderbird.net)
 - [:simple-linux: Linux](https://www.thunderbird.net)
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.mozilla.Thunderbird)
 
+</details>
+
+</div>
+
 #### Recommended Configuration
 
 We recommend changing some of these settings to make Thunderbird a little more private.
@@ -59,7 +67,7 @@ These options can be found in :material-menu: → **Settings** → **Privacy & S
 
 ### Apple Mail (macOS)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Apple Mail logo](assets/img/email-clients/applemail.png){ align=right }
 
@@ -69,11 +77,15 @@ These options can be found in :material-menu: → **Settings** → **Privacy & S
 [:octicons-eye-16:](https://www.apple.com/legal/privacy/en-ww/){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://support.apple.com/mail){ .card-link title=Documentation}
 
+</details>
+
+</div>
+
 Apple Mail has the ability to load remote content in the background or block it entirely and hide your IP address from senders on [macOS](https://support.apple.com/guide/mail/mlhl03be2866/mac) and [iOS](https://support.apple.com/guide/iphone/iphf084865c7/ios).
 
 ### Canary Mail (iOS)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Canary Mail logo](assets/img/email-clients/canarymail.svg){ align=right }
 
@@ -83,21 +95,29 @@ Apple Mail has the ability to load remote content in the background or block it
 [:octicons-eye-16:](https://canarymail.io/privacy.html){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://canarymail.zendesk.com/){ .card-link title=Documentation}
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=io.canarymail.android)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id1236045954)
 - [:simple-windows11: Windows](https://canarymail.io/downloads.html)
 
-!!! warning
+</details>
+
+</div>
+
+<details class="warning" markdown>
+<summary>Warning</summary>
 
 Canary Mail only recently released a Windows and Android client, though we don't believe they are as stable as their iOS and Mac counterparts.
 
+</details>
+
 Canary Mail is closed-source. We recommend it due to the few choices there are for email clients on iOS that support PGP E2EE.
 
 ### FairEmail (Android)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![FairEmail logo](assets/img/email-clients/fairemail.svg){ align=right }
 
@@ -109,14 +129,19 @@ Canary Mail is closed-source. We recommend it due to the few choices there are f
 [:octicons-code-16:](https://github.com/M66B/FairEmail){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://email.faircode.eu/donate/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=eu.faircode.email)
 - [:simple-github: GitHub](https://github.com/M66B/FairEmail/releases)
 
+</details>
+
+</div>
+
 ### GNOME Evolution (GNOME)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Evolution logo](assets/img/email-clients/evolution.svg){ align=right }
 
@@ -128,13 +153,18 @@ Canary Mail is closed-source. We recommend it due to the few choices there are f
 [:octicons-code-16:](https://gitlab.gnome.org/GNOME/evolution/){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://www.gnome.org/donate/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.gnome.Evolution)
 
+</details>
+
+</div>
+
 ### K-9 Mail (Android)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![K-9 Mail logo](assets/img/email-clients/k9mail.svg){ align=right }
 
@@ -148,18 +178,26 @@ Canary Mail is closed-source. We recommend it due to the few choices there are f
 [:octicons-code-16:](https://github.com/thundernest/k-9){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://k9mail.app/contribute){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.fsck.k9)
 - [:simple-github: GitHub](https://github.com/thundernest/k-9/releases)
 
-!!! warning
+</details>
+
+</div>
+
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
 
 When replying to someone on a mailing list the "reply" option may also include the mailing list. For more information see [thundernest/k-9 #3738](https://github.com/thundernest/k-9/issues/3738).
 
+</div>
+
 ### Kontact (KDE)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Kontact logo](assets/img/email-clients/kontact.svg){ align=right }
 
@@ -171,14 +209,19 @@ Canary Mail is closed-source. We recommend it due to the few choices there are f
 [:octicons-code-16:](https://invent.kde.org/pim/kmail){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://kde.org/community/donations/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-linux: Linux](https://kontact.kde.org/download)
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.kde.kontact)
 
+</details>
+
+</div>
+
 ### Mailvelope (Browser)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Mailvelope logo](assets/img/email-clients/mailvelope.svg){ align=right }
 
@@ -189,15 +232,20 @@ Canary Mail is closed-source. We recommend it due to the few choices there are f
 [:octicons-info-16:](https://mailvelope.com/faq){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/mailvelope/mailvelope){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/mailvelope)
 - [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke)
 - [:simple-microsoftedge: Edge](https://microsoftedge.microsoft.com/addons/detail/mailvelope/dgcbddhdhjppfdfjpciagmmibadmoapc)
 
+</details>
+
+</div>
+
 ### NeoMutt (CLI)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![NeoMutt logo](assets/img/email-clients/mutt.svg){ align=right }
 
@@ -210,19 +258,27 @@ Canary Mail is closed-source. We recommend it due to the few choices there are f
 [:octicons-code-16:](https://github.com/neomutt/neomutt){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://www.paypal.com/paypalme/russon/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-apple: macOS](https://neomutt.org/distro)
 - [:simple-linux: Linux](https://neomutt.org/distro)
 
+</details>
+
+</div>
+
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 ### Minimum Qualifications
 
 - Apps developed for open-source operating systems must be open source.

docs/email.md

@@ -23,7 +23,6 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
 <div class="grid cards" markdown>
 
 - ![Proton Mail logo](assets/img/email/protonmail.svg){ .twemoji } [Proton Mail](email.md#proton-mail)
-- ![Skiff Mail logo](assets/img/email/skiff-mail.svg){ .twemoji } [Skiff Mail](email.md#skiff-mail)
 - ![Mailbox.org logo](assets/img/email/mailboxorg.svg){ .twemoji } [Mailbox.org](email.md#mailboxorg)
 
 </div>
@@ -92,7 +91,7 @@ Certain information stored in [Proton Contacts](https://proton.me/support/proton
 
 #### :material-check:{ .pg-green } Email Encryption
 
-Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to-use-pgp) in their webmail. Emails to other Proton Mail accounts are encrypted automatically, and encryption to non-Proton Mail addresses with an OpenPGP key can be enabled easily in your account settings. Proton also supports automatic external key discovery with [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This means that emails sent to other providers which use WKD, such as Skiff Mail, will be automatically encrypted with OpenPGP as well, without the need to manually exchange public PGP keys with your contacts. They also allow you to [encrypt messages to non-Proton Mail addresses without OpenPGP](https://proton.me/support/password-protected-emails), without the need for them to sign up for a Proton Mail account.
+Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to-use-pgp) in their webmail. Emails to other Proton Mail accounts are encrypted automatically, and encryption to non-Proton Mail addresses with an OpenPGP key can be enabled easily in your account settings. Proton also supports automatic external key discovery with [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This means that emails sent to other providers which use WKD will be automatically encrypted with OpenPGP as well, without the need to manually exchange public PGP keys with your contacts. They also allow you to [encrypt messages to non-Proton Mail addresses without OpenPGP](https://proton.me/support/password-protected-emails), without the need for them to sign up for a Proton Mail account.
 
 Proton Mail also publishes the public keys of Proton accounts via HTTP from their WKD. This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE. This only applies to email addresses ending in one of Proton's own domains, like @proton.me. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
 
@@ -106,66 +105,6 @@ Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables
 
 Proton Mail doesn't offer a digital legacy feature.
 
-### Skiff Mail
-
-<div class="admonition recommendation" markdown>
-
-![Skiff Mail logo](assets/img/email/skiff-mail.svg){ align=right }
-
-**Skiff Mail** is a web based email service with E2EE that began in 2020 that is based in San Francisco with developers worldwide. Accounts start with 10GB of free storage.
-
-[:octicons-home-16: Homepage](https://skiff.com/mail){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://app.skiff.com/docs/db93c237-84c2-4b2b-9588-19a7cd2cd45a#tyGksN9rkqbo2uGYASxsA6HVLjUoly/wTYK8tncTto8=){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://skiff.com/help){ .card-link title=Documentation}
-[:octicons-code-16:](https://github.com/skiff-org/skiff-apps){ .card-link title="Source Code" }
-
-<details class="downloads" markdown>
-<summary>Downloads</summary>
-
-- [:simple-android: Android](https://play.google.com/store/apps/details?id=com.skemailmobileapp&pli=1)
-- [:simple-appstore: iOS](https://apps.apple.com/us/app/skiff-mail/id1619168801)
-- [:octicons-browser-16: Web](https://app.skiff.com/mail)
-
-</details>
-
-</div>
-
-Skiff has undergone a few [audits](https://skiff.com/transparency) during its development.
-
-#### :material-check:{ .pg-green } Custom Domains and Aliases
-
-You can create up to 3 additional @skiff.com email aliases in addition to your primary account address on their free plan. Free accounts can add 1 [custom domain](https://skiff.com/blog/custom-domain-setup), and up to 15 custom domains on a paid plan. You can create unlimited aliases or a [catch-all](https://skiff.com/blog/catch-all-email-alias) alias on your custom domain.
-
-#### :material-alert-outline:{ .pg-orange } Private Payment Methods
-
-Skiff Mail accepts cryptocurrency payments via Coinbase Commerce, including Bitcoin and Ethereum, but they do not accept our recommended [cryptocurrency](cryptocurrency.md), Monero. They also accept credit card payments via Stripe.
-
-#### :material-check:{ .pg-green } Account Security
-
-Skiff Mail supports TOTP two-factor authentication and hardware security keys using FIDO2 or U2F standards. The use of a hardware security key requires setting up TOTP two-factor authentication first.
-
-#### :material-check:{ .pg-green } Data Security
-
-Skiff Mail has zero access encryption at rest for all of your data. This means the messages and other data stored in your account are only readable by you.
-
-#### :material-check:{ .pg-green } Email Encryption
-
-Skiff Mail encrypts messages to other Skiff mailboxes automatically with E2EE. On December 18th, 2023, Skiff added support for PGP and automatic public key discovery via Web Key Directory (WKD). This means that emails sent to other providers which use WKD, such as Proton Mail, will be automatically encrypted with OpenPGP as well without the need to exchange public PGP keys with your contacts. New Skiff Mail accounts should have a PGP key automatically generated, while accounts from before this feature was introduced need to generate a new PGP key for their address (or upload an existing private key) in the account's address settings. Skiff Mail only has support for reading messages encrypted with PGP/MIME, not the older PGP/Inline standard. Sending messages with PGP/MIME is the [recommended approach](https://www.gnupg.org/faq/gnupg-faq.html#use_pgpmime), but may pose compatibility issues in some edge cases.
-
-Skiff Mail also publishes the public keys of Skiff Mail accounts via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Skiff Mail to find the OpenPGP keys of Skiff Mail accounts easily, for cross-provider E2EE. This only applies to email addresses ending in one of Skiff's own domains, like @skiff.com. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
-
-Skiff does not have a "temporary inbox" or "passworded email" feature like some other providers have, so that external users without OpenPGP cannot receive or reply to messages with E2EE.
-
-#### :material-information-outline:{ .pg-blue } Account Termination
-
-Skiff Mail accounts do not expire, but unpaid accounts will be prompted to remove any enabled paid features (such as additional aliases) or renew their plan before the account can be used.
-
-#### :material-information-outline:{ .pg-blue } Additional Functionality
-
-Skiff additionally offers [workspace productivity features](https://discuss.privacyguides.net/t/skiff-pages-drive-productivity-tools/11758/13), but we still prefer [alternative](productivity.md) options for collaborating and file sharing at this time.
-
-Skiff Mail does not offer a digital legacy feature.
-
 ### Mailbox.org
 
 <div class="admonition recommendation" markdown>

docs/financial-services.md

@@ -12,13 +12,16 @@ Making payments online is one of the biggest challenges to privacy. These servic
 
 There are a number of services which provide "virtual debit cards" which you can use with online merchants without revealing your actual banking or billing information in most cases. It's important to note that these financial services are **not** anonymous and are subject to "Know Your Customer" (KYC) laws and may require your ID or other identifying information. These services are primarily useful for protecting you from merchant data breaches, less sophisticated tracking or purchase correlation by marketing agencies, and online data theft; and **not** for making a purchase completely anonymously.
 
-!!! tip "Check your current bank"
+<div class="admonition tip" markdown>
+<p class="admonition-title">Check your current bank</p>
 
 Many banks and credit card providers offer native virtual card functionality. If you use one which provides this option already, you should use it over the following recommendations in most cases. That way you are not trusting multiple parties with your personal information.
 
+</div>
+
 ### Privacy.com (US)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Privacy.com logo](assets/img/financial-services/privacy_com.svg#only-light){ align=right }
 ![Privacy.com logo](assets/img/financial-services/privacy_com-dark.svg#only-dark){ align=right }
@@ -29,11 +32,15 @@ There are a number of services which provide "virtual debit cards" which you can
 [:octicons-eye-16:](https://privacy.com/privacy-policy){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://support.privacy.com/hc/en-us){ .card-link title=Documentation}
 
+</details>
+
+</div>
+
 Privacy.com gives information about the merchants you purchase from to your bank by default. Their paid "discreet merchants" feature hides merchant information from your bank, so your bank only sees that a purchase was made with Privacy.com but not where that money was spent, however that is not foolproof, and of course Privacy.com still has knowledge about the merchants you are spending money with.
 
 ### MySudo (US, Paid)
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![MySudo logo](assets/img/financial-services/mysudo.svg#only-light){ align=right }
 ![MySudo logo](assets/img/financial-services/mysudo-dark.svg#only-dark){ align=right }
@@ -44,16 +51,23 @@ Privacy.com gives information about the merchants you purchase from to your bank
 [:octicons-eye-16:](https://anonyome.com/privacy-policy/){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://support.mysudo.com/hc/en-us){ .card-link title=Documentation}
 
+</details>
+
+</div>
+
 MySudo's virtual cards are currently only available via their iOS app.
 
 ### Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 - Allows the creation of multiple cards which function as a shield between the merchant and your personal finances.
 - Cards must not require you to provide accurate billing address information to the merchant.
 
@@ -63,7 +77,7 @@ These services allow you to purchase gift cards for a variety of merchants onlin
 
 ### CoinCards
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![CoinCards logo](assets/img/financial-services/coincards.svg){ align=right }
 
@@ -73,13 +87,20 @@ These services allow you to purchase gift cards for a variety of merchants onlin
 [:octicons-eye-16:](https://coincards.com/privacy-policy/){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://coincards.com/frequently-asked-questions/){ .card-link title=Documentation}
 
+</details>
+
+</div>
+
 ### Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 - Accepts payment in [a recommended cryptocurrency](cryptocurrency.md).
 - No ID requirement.

docs/mobile-browsers.md

@@ -131,7 +131,7 @@ On iOS, any app that can browse the web is [restricted](https://developer.apple.
 
     ![Safari logo](assets/img/browsers/safari.svg){ align=right }
 
-    **Safari** is the default browser in iOS. It includes [privacy features](https://support.apple.com/guide/iphone/browse-the-web-privately-iphb01fc3c85/15.0/ios/15.0) such as [Intelligent Tracking Prevention](https://webkit.org/blog/7675/intelligent-tracking-prevention/), Privacy Report, isolated and ephemeral Private Browsing tabs, iCloud Private Relay, and fingerprinting reduction by presenting a simplified version of the system configuration to websites so more devices look identical.
+    **Safari** is the default browser in iOS. It includes [privacy features](https://support.apple.com/guide/iphone/browse-the-web-privately-iphb01fc3c85/15.0/ios/15.0) such as [Intelligent Tracking Prevention](https://webkit.org/blog/7675/intelligent-tracking-prevention/), Privacy Report, isolated and ephemeral Private Browsing tabs, iCloud Private Relay, fingerprinting protection by randomizing and presenting a simplified version of the system configuration to websites so more devices look identical, and the ability to lock private tabs with your biometrics/PIN. It also allows you to separate your browsing with different profiles.
 
     [:octicons-home-16: Homepage](https://www.apple.com/safari/){ .md-button .md-button--primary }
     [:octicons-eye-16:](https://www.apple.com/legal/privacy/data/en/safari/){ .card-link title="Privacy Policy" }
@@ -139,14 +139,28 @@ On iOS, any app that can browse the web is [restricted](https://developer.apple.
 
 #### Recommended Configuration
 
-These options can be found in :gear: **Settings** → **Safari** → **Privacy and Security**.
+These options can be found in :gear: **Settings** → **Safari**
 
-##### Cross-Site Tracking Prevention
+##### Profiles
+
+All of your cookies, history, and website data will be separate for each profile. You should use different profiles for different purposes e.g. Shopping, Work, or School.
+
+##### Privacy & Security
 
 - [x] Enable **Prevent Cross-Site Tracking**
 
     This enables WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp). The feature helps protect against unwanted tracking by using on-device machine learning to stop trackers. ITP protects against many common threats, but it does not block all tracking avenues because it is designed to not interfere with website usability.
 
+- [x] Enable **Require Face ID to Unlock Private Browsing**
+
+    This setting allows you to lock your private tabs behind biometrics/PIN when not in use.
+
+##### Advanced → Privacy
+
+The **Advanced Tracking and Fingerprinting Protection** setting will randomize certain values so that it's more difficult to fingerprint you:
+
+- [x] Select **All Browsing** or **Private Browsing**
+
 ##### Privacy Report
 
 Privacy Report provides a snapshot of cross-site trackers currently prevented from profiling you on the website you're visiting. It can also display a weekly report to show which trackers have been blocked over time.

docs/news-aggregators.md

@@ -11,7 +11,7 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k
 
 ### Akregator
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Akregator logo](assets/img/news-aggregators/akregator.svg){ align=right }
 
@@ -23,13 +23,38 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k
 [:octicons-code-16:](https://invent.kde.org/pim/akregator){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://kde.org/community/donations/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.kde.akregator)
 
+</details>
+
+</div>
+
+### NewsFlash
+
+<div class="admonition recommendation" markdown>
+
+![NewsFlash logo](assets/img/news-aggregators/newsflash.png){ align=right }
+
+**NewsFlash** is an open-source, modern, simple and easy to use GTK4 news feed reader for Linux. It can be used offline or used with services like [NextCloud News](https://apps.nextcloud.com/apps/news) or [Inoreader](https://inoreader.com). It has a search feature and even a pre-defined list of sources like [TechCrunch](https://techcrunch.com) that you can add directly. It is only available as a Flatpak (on the Flathub repository).
+
+[:octicons-repo-16: Repository](https://gitlab.com/news-flash/news_flash_gtk){ .md-button .md-button--primary }
+[:octicons-code-16:](https://gitlab.com/news-flash/news_flash_gtk){ .card-link title="Source Code" }
+
+<details class="downloads" markdown>
+<summary>Downloads</summary>
+
+- [:simple-flathub: Flathub](https://flathub.org/apps/io.gitlab.news_flash.NewsFlash)
+
+</details>
+
+</div>
+
 ### Feeder
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Feeder logo](assets/img/news-aggregators/feeder.png){ align=right }
 
@@ -39,13 +64,18 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k
 [:octicons-code-16:](https://github.com/spacecowboy/Feeder){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://ko-fi.com/spacecowboy){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.nononsenseapps.feeder.play)
 
+</details>
+
+</div>
+
 ### Fluent Reader
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Fluent Reader logo](assets/img/news-aggregators/fluent-reader.svg){ align=right }
 
@@ -57,45 +87,40 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k
 [:octicons-code-16:](https://github.com/yang991178/fluent-reader){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://github.com/sponsors/yang991178){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-windows11: Windows](https://hyliu.me/fluent-reader)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id1520907427)
 
-### GNOME Feeds
+</details>
 
-!!! recommendation
-
-    ![GNOME Feeds logo](assets/img/news-aggregators/gfeeds.svg){ align=right }
-
-    **GNOME Feeds** is an [RSS](https://en.wikipedia.org/wiki/RSS) and [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)) news reader for [GNOME](https://www.gnome.org). It has a simple interface and is quite fast.
-
-    [:octicons-home-16: Homepage](https://gfeeds.gabmus.org){ .md-button .md-button--primary }
-    [:octicons-code-16:](https://gitlab.gnome.org/World/gfeeds){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://liberapay.com/gabmus/){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-linux: Linux](https://gfeeds.gabmus.org/#install)
-        - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.gabmus.gfeeds)
+</div>
 
 ### Miniflux
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Miniflux logo](assets/img/news-aggregators/miniflux.svg#only-light){ align=right }
 ![Miniflux logo](assets/img/news-aggregators/miniflux-dark.svg#only-dark){ align=right }
 
 **Miniflux** is a web-based news aggregator that you can self-host. It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)), [RDF](https://en.wikipedia.org/wiki/RDF%2FXML) and [JSON Feed](https://en.wikipedia.org/wiki/JSON_Feed).
 
+<details class="downloads" markdown>
+<summary>Downloads</summary>
+
 [:octicons-home-16: Homepage](https://miniflux.app){ .md-button .md-button--primary }
 [:octicons-info-16:](https://miniflux.app/docs/index.html){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/miniflux/v2){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://miniflux.app/#donations){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 ### NetNewsWire
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![NetNewsWire logo](assets/img/news-aggregators/netnewswire.png){ align=right }
 
@@ -106,14 +131,19 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k
 [:octicons-info-16:](https://netnewswire.com/help/){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/Ranchero-Software/NetNewsWire){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-appstore: App Store](https://apps.apple.com/us/app/netnewswire-rss-reader/id1480640210)
 - [:simple-apple: macOS](https://netnewswire.com)
 
+</details>
+
+</div>
+
 ### Newsboat
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Newsboat logo](assets/img/news-aggregators/newsboat.svg){ align=right }
 
@@ -123,14 +153,19 @@ A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to k
 [:octicons-info-16:](https://newsboat.org/releases/2.27/docs/newsboat.html){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/newsboat/newsboat){ .card-link title="Source Code" }
 
+</div>
+
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 - Must be open-source software.
 - Must operate locally, i.e. must not be a cloud service.
 
@@ -142,33 +177,44 @@ Some social media services also support RSS although it's not often advertised.
 
 Reddit allows you to subscribe to subreddits via RSS.
 
-!!! example
-    Replace `subreddit_name` with the subreddit you wish to subscribe to.
+<div class="admonition example" markdown>
+<p class="admonition-title">Example</p>
+
+Replace `[SUBREDDIT]` with the subreddit you wish to subscribe to.
 
 ```text
-    https://www.reddit.com/r/{{ subreddit_name }}/new/.rss
+https://www.reddit.com/r/[SUBREDDIT]/new/.rss
 ```
 
+</div>
+
 ### Twitter
 
-Using any of the Nitter [instances](https://github.com/zedeus/nitter/wiki/Instances) you can easily subscribe using RSS.
+Using any of the Nitter [instances](https://status.d420.de/) you can easily subscribe using RSS.
+
+<div class="admonition example" markdown>
+<p class="admonition-title">Example</p>
 
-!!! example
 1. Pick an instance and set `nitter_instance`.
 2. Replace `twitter_account` with the account name.
 
 ```text
-       https://{{ nitter_instance }}/{{ twitter_account }}/rss
+https://[nitter_instance]/[twitter_account]/rss
 ```
 
+</div>
+
 ### YouTube
 
 You can subscribe YouTube channels without logging in and associating usage information with your Google Account.
 
-!!! example
+<div class="admonition example" markdown>
+<p class="admonition-title">Example</p>
 
 To subscribe to a YouTube channel with an RSS client, first look for its [channel code](https://support.google.com/youtube/answer/6180214). The channel code can be found on the about page of the YouTube channel you wish to subscribe to, under: **About** > **Share** > **Copy channel ID**. Replace `[CHANNEL ID]` below:
 
 ```text
 https://www.youtube.com/feeds/videos.xml?channel_id=[CHANNEL ID]
 ```
+
+</div>

docs/os/ios-overview.md

@@ -124,6 +124,12 @@ If you use biometrics, you should know how to turn them off quickly in an emerge
 
 On some older devices, you may have to press the power button five times to disable biometrics instead, or for devices with Touch ID you may just have to hold down the power button and nothing else. Make sure you try this in advance so you know which method works for your device.
 
+**Stolen Data Protection** is a new feature in iOS 17.3 which adds additional security intended to protect your personal data if your device is stolen while unlocked. If you use biometrics and the Find My Device feature in your Apple ID settings, we recommend enabling this new protection:
+
+- [x] Select **Turn On Protection**
+
+After enabling stolen data protection, [certain actions](https://support.apple.com/en-us/HT212510) will require biometric authentication without a password fallback (in the event that a shoulder surfer has obtained your PIN), such as using password autofill, accessing payment information, and disabling lost mode. It also adds a security delay to certain actions performed away from your home or other "familiar location," such as requiring a 1-hour timer to reset your Apple ID password or sign out of your Apple ID. This delay is intended to give you time to enable Lost Mode and secure your account before a thief can reset your device.
+
 **Allow Access When Locked** gives you options for what you can allow when your phone is locked. The more of these options you disable, the less someone without your password can do, but the less convenient it will be for you. Pick and choose which of these you don't want someone to have access to if they get their hands on your phone.
 
 - [ ] Turn off **Today View and Search**

docs/photo-management.md

@@ -53,8 +53,8 @@ Most cloud photo management solutions like Google Photos, Flickr, and Amazon Pho
 <details class="downloads" markdown>
 <summary>Downloads</summary>
 
-- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=io.ente.photos)
-- [:simple-android: Android](https://play.google.com/store/apps/details?id=org.stingle.photos)
+- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.stingle.photos)
+- [:simple-android: Android](https://f-droid.org/en/packages/org.stingle.photos/)
 - [:simple-appstore: App Store](https://apps.apple.com/in/app/stingle-photos/id1582535448)
 - [:simple-github: GitHub](https://github.com/stingle)
 

docs/real-time-communication.md

@@ -16,7 +16,7 @@ These messengers are great for securing your sensitive communications.
 
 ### Signal
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Signal logo](assets/img/messengers/signal.svg){ align=right }
 
@@ -30,7 +30,8 @@ These messengers are great for securing your sensitive communications.
 [:octicons-code-16:](https://github.com/signalapp){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://signal.org/donate/){ .card-link title=Contribute }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id874139669)
@@ -39,6 +40,10 @@ These messengers are great for securing your sensitive communications.
 - [:simple-apple: macOS](https://signal.org/download/macos)
 - [:simple-linux: Linux](https://signal.org/download/linux)
 
+</details>
+
+</div>
+
 Signal supports [private groups](https://signal.org/blog/signal-private-group-system/). The server has no record of your group memberships, group titles, group avatars, or group attributes. Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender/) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server. Sealed Sender is only enabled for people in your contacts list, but can be enabled for all recipients with the increased risk of receiving spam. Signal requires your phone number as a personal identifier.
 
 The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf) in 2016. The specification for the Signal protocol can be found in their [documentation](https://signal.org/docs/).
@@ -49,7 +54,7 @@ We have some additional tips on configuring and hardening your Signal installati
 
 ### SimpleX Chat
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Simplex logo](assets/img/messengers/simplex.svg){ align=right }
 
@@ -60,7 +65,8 @@ We have some additional tips on configuring and hardening your Signal installati
 [:octicons-info-16:](https://github.com/simplex-chat/simplex-chat/tree/stable/docs){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/simplex-chat){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=chat.simplex.app)
 - [:simple-appstore: App Store](https://apps.apple.com/us/app/simplex-chat/id1605771084)
@@ -69,13 +75,17 @@ We have some additional tips on configuring and hardening your Signal installati
 - [:simple-apple: macOS](https://simplex.chat/downloads/#desktop-app)
 - [:simple-linux: Linux](https://simplex.chat/downloads/#desktop-app)
 
+</details>
+
+</div>
+
 SimpleX Chat [was audited](https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html) by Trail of Bits in October 2022.
 
 SimpleX Chat supports basic group chatting functionality, direct messaging, and editing of messages and markdown. E2EE Audio and Video calls are also supported. Your data can be exported, and imported onto another device, as there are no central servers where this is backed up.
 
 ### Briar
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Briar logo](assets/img/messengers/briar.svg){ align=right }
 
@@ -87,13 +97,18 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
 [:octicons-code-16:](https://code.briarproject.org/briar/briar){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://briarproject.org/){ .card-link title="Donation options are listed on the bottom of the homepage" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.briarproject.briar.android)
 - [:simple-windows11: Windows](https://briarproject.org/download-briar-desktop/)
 - [:simple-linux: Linux](https://briarproject.org/download-briar-desktop/)
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.briarproject.Briar)
 
+</details>
+
+</div>
+
 To add a contact on Briar, you must both add each other first. You can either exchange `briar://` links or scan a contact’s QR code if they are nearby.
 
 The client software was independently [audited](https://briarproject.org/news/2017-beta-released-security-audit/), and the anonymous routing protocol uses the Tor network which has also been audited.
@@ -104,17 +119,20 @@ Briar supports Forward Secrecy by using the Bramble [Handshake](https://code.bri
 
 ## Additional Options
 
-!!! warning
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
 
 These messengers do not have [Forward Secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications.
 
+</div>
+
 ### Element
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Element logo](assets/img/messengers/element.svg){ align=right }
 
-    **Element** is the reference client for the [Matrix](https://matrix.org/docs/guides/introduction) protocol, an [open standard](https://matrix.org/docs/spec) for secure decentralized real-time communication.
+**Element** is the reference [client](https://matrix.org/ecosystem/clients/) for the [Matrix](https://matrix.org/docs/guides/introduction) protocol, an [open standard](https://matrix.org/docs/spec) for secure decentralized real-time communication.
 
 Messages and files shared in private rooms (those which require an invite) are by default E2EE as are one to one voice and video calls.
 
@@ -123,7 +141,8 @@ Briar supports Forward Secrecy by using the Bramble [Handshake](https://code.bri
 [:octicons-info-16:](https://element.io/help){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/vector-im){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=im.vector.app)
 - [:simple-appstore: App Store](https://apps.apple.com/app/vector/id1083446067)
@@ -133,6 +152,10 @@ Briar supports Forward Secrecy by using the Bramble [Handshake](https://code.bri
 - [:simple-linux: Linux](https://element.io/get-started)
 - [:octicons-globe-16: Web](https://app.element.io)
 
+</details>
+
+</div>
+
 Profile pictures, reactions, and nicknames are not encrypted.
 
 Group voice and video calls are [not](https://github.com/vector-im/element-web/issues/12878) E2EE, and use Jitsi, but this is expected to change with [Native Group VoIP Signalling](https://github.com/matrix-org/matrix-doc/pull/3401). Group calls have [no authentication](https://github.com/vector-im/element-web/issues/13074) currently, meaning that non-room participants can also join the calls. We recommend that you do not use this feature for private meetings.
@@ -143,7 +166,7 @@ The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matr
 
 ### Session
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Session logo](assets/img/messengers/session.svg){ align=right }
 
@@ -156,7 +179,8 @@ The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matr
 [:octicons-info-16:](https://getsession.org/faq){ .card-link title=Documentation}
 [:octicons-code-16:](https://github.com/oxen-io){ .card-link title="Source Code" }
 
-    ??? downloads
+<details class="downloads" markdown>
+<summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=network.loki.messenger)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id1470168868)
@@ -165,6 +189,10 @@ The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matr
 - [:simple-apple: macOS](https://getsession.org/download)
 - [:simple-linux: Linux](https://getsession.org/download)
 
+</details>
+
+</div>
+
 Session allows for E2EE in one-on-one chats or closed groups which allow for up to 100 members. Open groups have no restriction on the number of members, but are open by design.
 
 Session does [not](https://getsession.org/blog/session-protocol-technical-information) support PFS, which is when an encryption system automatically and frequently changes the keys it uses to encrypt and decrypt information, such that if the latest key is compromised it exposes a smaller portion of sensitive information.
@@ -177,10 +205,13 @@ Session has a [whitepaper](https://arxiv.org/pdf/2002.04609.pdf) describing the
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 - Must have open-source clients.
 - Must use E2EE for private messages by default.
 - Must support E2EE for all messages.

docs/router.md

@@ -8,7 +8,7 @@ Below are a few alternative operating systems, that can be used on routers, Wi-F
 
 ## OpenWrt
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![OpenWrt logo](assets/img/router/openwrt.svg#only-light){ align=right }
 ![OpenWrt logo](assets/img/router/openwrt-dark.svg#only-dark){ align=right }
@@ -20,11 +20,15 @@ Below are a few alternative operating systems, that can be used on routers, Wi-F
 [:octicons-code-16:](https://github.com/openwrt/openwrt){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://openwrt.org/donate){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 You can consult OpenWrt's [table of hardware](https://openwrt.org/toh/start) to check if your device is supported.
 
 ## OPNsense
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![OPNsense logo](assets/img/router/opnsense.svg){ align=right }
 
@@ -35,16 +39,23 @@ You can consult OpenWrt's [table of hardware](https://openwrt.org/toh/start) to
 [:octicons-code-16:](https://github.com/opnsense){ .card-link title="Source Code" }
 [:octicons-heart-16:](https://opnsense.org/donate/){ .card-link title=Contribute }
 
+</details>
+
+</div>
+
 OPNsense was originally developed as a fork of [pfSense](https://en.wikipedia.org/wiki/PfSense), and both projects are noted for being free and reliable firewall distributions which offer features often only found in expensive commercial firewalls. Launched in 2015, the developers of OPNsense [cited](https://docs.opnsense.org/history/thefork.html) a number of security and code-quality issues with pfSense which they felt necessitated a fork of the project, as well as concerns about Netgate's majority acquisition of pfSense and the future direction of the pfSense project.
 
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 - Must be open source.
 - Must receive regular updates.
 - Must support a wide variety of hardware.

docs/search-engines.md

@@ -13,7 +13,7 @@ Consider using a [VPN](vpn.md) or [Tor](https://www.torproject.org/) if your thr
 
 ## Brave Search
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Brave Search logo](assets/img/search-engines/brave-search.svg){ align=right }
 
@@ -28,11 +28,15 @@ Consider using a [VPN](vpn.md) or [Tor](https://www.torproject.org/) if your thr
 [:octicons-eye-16:](https://search.brave.com/help/privacy-policy){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://search.brave.com/help){ .card-link title=Documentation}
 
+</details>
+
+</div>
+
 Brave Search is based in the United States. Their [privacy policy](https://search.brave.com/help/privacy-policy) states they collect aggregated usage metrics, which includes the operating system and browser in use, however no personally identifiable information is collected. IP addresses are temporarily processed, but are not retained.
 
 ## DuckDuckGo
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![DuckDuckGo logo](assets/img/search-engines/duckduckgo.svg){ align=right }
 
@@ -45,13 +49,17 @@ Brave Search is based in the United States. Their [privacy policy](https://searc
 [:octicons-eye-16:](https://duckduckgo.com/privacy){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://help.duckduckgo.com/){ .card-link title=Documentation}
 
+</details>
+
+</div>
+
 DuckDuckGo is based in the United States. Their [privacy policy](https://duckduckgo.com/privacy) states they **do** log your searches for product improvement purposes, but not your IP address or any other personally identifying information.
 
 DuckDuckGo offers two [other versions](https://help.duckduckgo.com/features/non-javascript/) of their search engine, both of which do not require JavaScript. These versions do lack features, however. These versions can also be used in conjunction with their [Tor onion address](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/) by appending [/lite](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/lite) or [/html](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/html) for the respective version.
 
 ## SearXNG
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![SearXNG logo](assets/img/search-engines/searxng.svg){ align=right }
 
@@ -61,6 +69,10 @@ DuckDuckGo offers two [other versions](https://help.duckduckgo.com/features/non-
 [:octicons-server-16:](https://searx.space/){ .card-link title="Public Instances"}
 [:octicons-code-16:](https://github.com/searxng/searxng){ .card-link title="Source Code" }
 
+</details>
+
+</div>
+
 SearXNG is a proxy between you and the search engines it aggregates from. Your search queries will still be sent to the search engines that SearXNG gets its results from.
 
 When self-hosting, it is important that you have other people using your instance so that the queries would blend in. You should be careful with where and how you are hosting SearXNG, as people looking up illegal content on your instance could draw unwanted attention from authorities.
@@ -69,7 +81,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy.
 
 ## Startpage
 
-!!! recommendation
+<div class="admonition recommendation" markdown>
 
 ![Startpage logo](assets/img/search-engines/startpage.svg#only-light){ align=right }
 ![Startpage logo](assets/img/search-engines/startpage-dark.svg#only-dark){ align=right }
@@ -80,10 +92,17 @@ When you are using a SearXNG instance, be sure to go read their privacy policy.
 [:octicons-eye-16:](https://www.startpage.com/en/privacy-policy){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://support.startpage.com/hc/en-us/categories/4481917470356-Startpage-Search-Engine){ .card-link title=Documentation}
 
-!!! warning
+</details>
+
+</div>
+
+<div class="admonition warning" markdown>
+<p class="admonition-title">Warning</p>
 
 Startpage regularly limits service access to certain IP addresses, such as IPs reserved for VPNs or Tor. [DuckDuckGo](#duckduckgo) and [Brave Search](#brave-search) are friendlier options if your threat model requires hiding your IP address from the search provider.
 
+</div>
+
 Startpage is based in the Netherlands. According to their [privacy policy](https://www.startpage.com/en/privacy-policy/), they log details such as: operating system, type of browser, and language. They do not log your IP address, search queries, or other personally identifying information.
 
 Startpage's majority shareholder is System1 who is an adtech company. We don't believe that to be an issue as they have a distinctly separate [privacy policy](https://system1.com/terms/privacy-policy). The Privacy Guides team reached out to Startpage [back in 2020](https://web.archive.org/web/20210118031008/https://blog.privacytools.io/relisting-startpage/) to clear up any concerns with System1's sizeable investment into the service. We were satisfied with the answers we received.
@@ -92,10 +111,13 @@ Startpage's majority shareholder is System1 who is an adtech company. We don't b
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 
-!!! example "This section is new"
+<div class="admonition example" markdown>
+<p class="admonition-title">This section is new</p>
 
 We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
 
+</div>
+
 ### Minimum Requirements
 
 - Must not collect personally identifiable information per their privacy policy.

docs/tools.md

@@ -121,7 +121,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 
 - ![Proton Mail logo](assets/img/email/protonmail.svg){ .twemoji } [Proton Mail](email.md#proton-mail)
 - ![Mailbox.org logo](assets/img/email/mailboxorg.svg){ .twemoji } [Mailbox.org](email.md#mailboxorg)
-- ![Skiff Mail logo](assets/img/email/skiff-mail.svg){ .twemoji } [Skiff Mail](email.md#skiff-mail)
 - ![Tuta logo](assets/img/email/tuta.svg){ .twemoji } [Tuta](email.md#tuta)
 
 </div>
@@ -356,9 +355,9 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 <div class="grid cards" markdown>
 
 - ![Akregator logo](assets/img/news-aggregators/akregator.svg){ .twemoji } [Akregator](news-aggregators.md#akregator)
+- ![NewsFlash logo](assets/img/news-aggregators/newsflash.png){ .twemoji } [NewsFlash](news-aggregators.md#newsflash)
 - ![Feeder logo](assets/img/news-aggregators/feeder.png){ .twemoji} [Feeder (Android)](news-aggregators.md#feeder)
 - ![Fluent Reader logo](assets/img/news-aggregators/fluent-reader.svg){ .twemoji } [Fluent Reader](news-aggregators.md#fluent-reader)
-- ![GNOME Feeds logo](assets/img/news-aggregators/gfeeds.svg){ .twemoji } [GNOME Feeds](news-aggregators.md#gnome-feeds)
 - ![Miniflux logo](assets/img/news-aggregators/miniflux.svg#only-light){ .twemoji }![Miniflux logo](assets/img/news-aggregators/miniflux-dark.svg#only-dark){ .twemoji } [Miniflux](news-aggregators.md#miniflux)
 - ![NetNewsWire logo](assets/img/news-aggregators/netnewswire.png){ .twemoji } [NetNewsWire](news-aggregators.md#netnewswire)
 - ![Newsboat logo](assets/img/news-aggregators/newsboat.svg){ .twemoji } [Newsboat](news-aggregators.md#newsboat)
@@ -457,10 +456,10 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 <div class="grid cards" markdown>
 
 - ![Qubes OS logo](assets/img/qubes/qubes_os.svg){ .twemoji } [Qubes OS (Xen VM Distribution)](desktop.md#qubes-os)
-- ![Fedora logo](assets/img/linux-desktop/fedora-workstation.svg){ .twemoji } [Fedora Workstation](desktop.md#fedora-workstation)
+- ![Fedora logo](assets/img/linux-desktop/fedora.svg){ .twemoji } [Fedora Workstation](desktop.md#fedora-workstation)
 - ![openSUSE Tumbleweed logo](assets/img/linux-desktop/opensuse-tumbleweed.svg){ .twemoji } [OpenSUSE Tumbleweed](desktop.md#opensuse-tumbleweed)
 - ![Arch logo](assets/img/linux-desktop/archlinux.svg){ .twemoji } [Arch Linux](desktop.md#arch-linux)
-- ![Fedora Silverblue logo](assets/img/linux-desktop/fedora-silverblue.svg){ .twemoji } [Fedora Silverblue & Kinoite](desktop.md#fedora-silverblue)
+- ![Fedora logo](assets/img/linux-desktop/fedora.svg){ .twemoji } [Fedora Atomic Desktops](desktop.md#fedora-atomic-desktops)
 - ![nixOS logo](assets/img/linux-desktop/nixos.svg){ .twemoji } [NixOS](desktop.md#nixos)
 - ![Whonix logo](assets/img/linux-desktop/whonix.svg){ .twemoji } [Whonix (Tor)](desktop.md#whonix)
 - ![Tails logo](assets/img/linux-desktop/tails.svg){ .twemoji } [Tails (Live Boot)](desktop.md#tails)

docs/vpn.md

@@ -84,9 +84,11 @@ Proton VPN [recommends](https://protonvpn.com/blog/wireguard/) the use of WireGu
 
 Proton VPN currently only supports ephemeral remote [port forwarding](https://protonvpn.com/support/port-forwarding/) via NAT-PMP, with 60 second lease times. The Windows app provides an easy to access option for it, while on other operating systems you'll need to run your own [NAT-PMP client](https://protonvpn.com/support/port-forwarding-manual-setup/). Torrent applications often support NAT-PMP natively.
 
-#### :material-check:{ .pg-green } Censorship Circumvention
+#### :material-information-outline:{ .pg-orange } Censorship Circumvention
 
-Proton VPN has their [Stealth](https://protonvpn.com/blog/stealth-vpn-protocol/) protocol which helps in situations where VPN protocols like OpenVPN or Wireguard are blocked. Stealth works by using an obfuscated TLS tunnel over TCP making it more difficult for deep packet inspection (DPI) to block.
+Proton VPN has their [Stealth](https://protonvpn.com/blog/stealth-vpn-protocol/) protocol which *may* help in situations where VPN protocols like OpenVPN or Wireguard are blocked with various rudimentary techniques. Stealth encapsulates the VPN tunnel in TLS session in order to look like more generic internet traffic.
+
+Unfortunately it does not work very well in countries where sophisticated filters are deployed that analyze all outgoing traffic in an attempt to discover encrypted tunnels. Stealth is also not yet available on [Windows](https://github.com/ProtonVPN/win-app/issues/64) or Linux.
 
 #### :material-check:{ .pg-green } Mobile Clients
 
@@ -269,6 +271,7 @@ We require all our recommended VPN providers to provide OpenVPN configuration fi
 - Easy-to-use VPN clients
 - Supports [IPv6](https://en.wikipedia.org/wiki/IPv6). We expect that servers will allow incoming connections via IPv6 and allow you to access services hosted on IPv6 addresses.
 - Capability of [remote port forwarding](https://en.wikipedia.org/wiki/Port_forwarding#Remote_port_forwarding) assists in creating connections when using P2P ([Peer-to-Peer](https://en.wikipedia.org/wiki/Peer-to-peer)) file sharing software or hosting a server (e.g., Mumble).
+- Obfuscation technology which pads data packets with random data to circumvent internet censorship.
 
 ### Privacy
 

theme/assets/img/email/skiff-mail.svg

@@ -1,21 +0,0 @@
-<svg width="1024" height="1024" viewBox="0 0 1024 1024" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g clip-path="url(#clip0_1040_16600)">
-<rect width="1024" height="1024" fill="#7DC1E2"/>
-<path d="M-0.000976562 222.265C-0.000976562 99.5121 99.5101 0.000976563 222.263 0.000976563L801.736 0.000976562C924.489 0.000976562 1024 99.5122 1024 222.265V458.669V801.738C1024 924.492 924.49 1024 801.736 1024H222.263C99.5102 1024 -0.000976562 924.492 -0.000976562 801.739V222.265Z" fill="#2797CF"/>
-<path d="M501.97 719.75C1068.49 378.465 457.375 747.425 1023.9 406.14V820.77L935.824 985.196L501.97 719.75Z" fill="#FFFFFE" fill-opacity="0.4"/>
-<path d="M-0.00909221 794.094L-0.00923334 401.753L912.258 957.162L841.016 1003.28L82.3688 958.64L-0.00909221 794.094Z" fill="#FFFFFE" fill-opacity="0.4"/>
-<path opacity="0.1" fill-rule="evenodd" clip-rule="evenodd" d="M0.00359587 293.197L0.00341797 236.661L512.001 551.59L1024.04 237.345V293.884L512.003 608.128L0.00359587 293.197Z" fill="black"/>
-<path d="M513.484 548.89L-0.00099021 236.672L-0.000990216 224C-0.00099028 100.288 100.642 0.000666987 224.79 0.000661561L799.209 0.000636452C924.511 0.00069201 1025.63 102.089 1023.98 226.939L1023.85 236.672L513.484 548.89Z" fill="#FFFFFE" fill-opacity="0.4"/>
-<path d="M2.52333 202.342L512 514.753L1021.78 202.634L1023.36 224.18V241.186L512 554.257L0.642578 241.186V222.199L2.52333 202.342Z" fill="#B1DAEE"/>
-<path d="M512 711.276L0.642578 398.204V437.709L982.347 1042.32L1005.57 1035.53L1035.91 1027.97L544.038 731.165L1023.36 437.709V398.204L512 711.276Z" fill="#B1DAEE"/>
-<path d="M908.899 998.203L879.132 978.358L837.458 998.203L889.055 1018.05L908.899 998.203Z" fill="#7DC1E2"/>
-<path d="M1025.99 202.419H1.98353L-7.93896 0H1025.99V202.419Z" fill="#7DC1E2"/>
-<path d="M946.606 1022.02L-1.98443 714.42L-63.5039 1069.65L946.606 1022.02Z" fill="#7DC1E2"/>
-<path d="M1704.68 986.296L1000.19 801.738L910.884 952.56L984.311 996.219L1704.68 986.296Z" fill="#7DC1E2"/>
-</g>
-<defs>
-<clipPath id="clip0_1040_16600">
-<rect width="1024" height="1024" fill="white"/>
-</clipPath>
-</defs>
-</svg>

theme/assets/img/linux-desktop/fedora-silverblue.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><rect width="33.79" height="33.56" x=".038" y=".153" fill="#fff" rx="7.884" ry="7.884" style="paint-order:normal"/><path fill="#8d9fb4" d="m7.9686 0.15319c-4.4146 0-7.9686 3.5539-7.9686 7.9686 0 9.1039 0.07644 25.592 0.07644 25.592h25.822c4.4146 0 7.9686-3.5539 7.9686-7.9686v-25.592zm-0.25096 5.176c1.2539 0 2.2868 1.0326 2.2868 2.2865 0 0.97544-0.62626 1.8145-1.4942 2.1402v14.471l7.76-7.7342v-6.7055c-0.9126-0.30083-1.5799-1.1643-1.5799-2.1719 3e-6 -1.2539 1.0326-2.2865 2.2865-2.2865 1.2539 0 2.2868 1.0326 2.2868 2.2865 0 0.9688-0.6177 1.8032-1.4764 2.1336v5.2317l6.4098-6.3884c-0.14254-0.29726-0.22489-0.62784-0.22489-0.97689 0-1.2539 1.0326-2.2865 2.2865-2.2865 1.2539 0 2.2868 1.0326 2.2868 2.2865 0 1.2539-1.0329 2.2865-2.2868 2.2865-0.35546 0-0.69177-0.0854-0.99318-0.23289l-6.3707 6.3496h5.2981c0.33047-0.85866 1.1651-1.4761 2.1339-1.4761 1.2539 0 2.2865 1.0327 2.2865 2.2865s-1.0326 2.2865-2.2865 2.2865c-1.0076 0-1.8712-0.66726-2.1721-1.5798h-6.7819l-7.7855 7.7597h14.574c0.30629-0.90334 1.1647-1.5621 2.1656-1.5621 1.2539 0 2.2865 1.0326 2.2865 2.2865 0 1.2539-1.0326 2.2868-2.2865 2.2868-0.97544 0-1.8147-0.62626-2.1404-1.4942h-17.193v-17.032c-0.90333-0.30621-1.5621-1.1644-1.5621-2.1653 0-1.2539 1.0326-2.2865 2.2865-2.2865zm0 1.517c-0.43403 0-0.76948 0.33551-0.76948 0.76948 0 0.43398 0.33545 0.76948 0.76948 0.76948s0.76978-0.3355 0.76978-0.76948c0-0.43398-0.33574-0.76948-0.76978-0.76948zm9.2593 0c-0.43404 0-0.76948 0.33551-0.76948 0.76948 2e-6 0.43398 0.33545 0.76948 0.76948 0.76948 0.43404 0 0.76978-0.3355 0.76978-0.76948 0-0.43398-0.33574-0.76948-0.76978-0.76948zm9.2818 0c-0.43403 0-0.76948 0.33551-0.76948 0.76948 0 0.43398 0.33545 0.76948 0.76948 0.76948 0.43404 0 0.76978-0.3355 0.76978-0.76948 0-0.43398-0.33574-0.76948-0.76978-0.76948zm0.06815 9.2136c-0.43404 0-0.76978 0.33551-0.76978 0.76949 0 0.43397 0.33574 0.76948 0.76978 0.76948s0.76948-0.33551 0.76948-0.76948c0-0.43398-0.33545-0.76949-0.76948-0.76949zm0 9.1908c-0.43404 0-0.76978 0.3355-0.76978 0.76947 0 0.43398 0.33574 0.76979 0.76978 0.76979s0.76948-0.33581 0.76948-0.76979c0-0.43397-0.33545-0.76947-0.76948-0.76947z" style="paint-order:normal"/><path fill="#436795" d="m33.828 0.15319-5.9443 5.904c0.38457 0.40988 0.62311 0.95808 0.62311 1.5585 0 1.2539-1.0329 2.2865-2.2868 2.2865-0.35546 0-0.69177-0.0854-0.99318-0.23289l-6.3707 6.3496h5.2981c0.33047-0.85866 1.1651-1.4761 2.1339-1.4761 1.2539 0 2.2865 1.0327 2.2865 2.2865s-1.0326 2.2865-2.2865 2.2865c-1.0076 0-1.8712-0.66726-2.1721-1.5798h-6.7819l-7.7855 7.7597h14.574c0.30629-0.90334 1.1647-1.5621 2.1656-1.5621 1.2539 0 2.2865 1.0326 2.2865 2.2865 0 1.2539-1.0326 2.2868-2.2865 2.2868-0.97544 0-1.8147-0.62626-2.1404-1.4942h-17.162l-6.9481 6.9007h25.822c4.4146 0 7.9686-3.5539 7.9686-7.9686zm-7.0163 6.9686-1.0895 1.0821c0.13324 0.11205 0.30458 0.18133 0.49778 0.18133 0.43404 0 0.76978-0.3355 0.76978-0.76948 0-0.19127-0.06797-0.36121-0.17807-0.49392zm-0.52356 8.9381c-0.43404 0-0.76978 0.33551-0.76978 0.76949 0 0.43397 0.33574 0.76948 0.76978 0.76948s0.76948-0.33551 0.76948-0.76948c0-0.43398-0.33545-0.76949-0.76948-0.76949zm0 9.1908c-0.43404 0-0.76978 0.3355-0.76978 0.76947 0 0.43398 0.33574 0.76979 0.76978 0.76979s0.76948-0.33581 0.76948-0.76979c0-0.43397-0.33545-0.76947-0.76948-0.76947z"/></g></svg>

theme/assets/img/news-aggregators/gfeeds.svg

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><defs><linearGradient id="g" x1="69.009" x2="180.21" y1="487.9" y2="487.9" gradientTransform="translate(-60,-206)" gradientUnits="userSpaceOnUse"><stop stop-color="#c0bfbc" offset="0"/><stop stop-color="#dcdbd8" offset=".065"/><stop stop-color="#c0bfbc" offset=".11"/><stop stop-color="#c0bfbc" offset=".846"/><stop stop-color="#deddda" offset=".923"/><stop stop-color="#c0bfbc" offset="1"/></linearGradient><linearGradient id="h" x1="144" x2="144" y1="-84" y2="366.07" gradientTransform="matrix(.25 0 0 .25 4 43)" gradientUnits="userSpaceOnUse"><stop stop-color="#edece9" offset="0"/><stop stop-color="#fff" offset="1"/></linearGradient><linearGradient id="a" x1="344" x2="340" y1="76" y2="72" gradientTransform="matrix(.25 0 0 .25 180 83)" gradientUnits="userSpaceOnUse"><stop stop-color="#d5d3cf" offset="0"/><stop stop-color="#fff" offset="1"/></linearGradient><clipPath id="b"><path d="m252 116 28-28v-8h-36v36z" fill="#e74747"/></clipPath></defs><g transform="matrix(.30174 0 0 .30174 -2.4139 -3.8864)"><path d="m16 40c-4.432 0-8 3.568-8 8v60c0 4.432 3.568 8 8 8h96c4.432 0 8-3.568 8-8v-60c0-4.432-3.568-8-8-8z" fill="#ffa348"/><path transform="translate(0,-172)" d="m16 210c-4.432 0-8 3.568-8 8v60c0 4.432 3.568 8 8 8h96c4.432 0 8-3.568 8-8v-60c0-4.432-3.568-8-8-8z" fill="url(#g)" style="fill:url(#g)"/><path d="m16 22c-4.432 0-8 3.568-8 8v70c0 4.432 3.568 8 8 8h96c4.432 0 8-3.568 8-8v-70c0-4.432-3.568-8-8-8h-48z" fill="url(#h)" style="fill:url(#h)"/><g transform="matrix(.59642 0 0 .59642 -7.5708 -502)"><g transform="matrix(4.9684,0,0,4.9684,126.94,884.48)" fill="#ffa348"><path d="m6 12a2 2 0 0 1-2 2 2 2 0 0 1-2-2 2 2 0 0 1 2-2 2 2 0 0 1 2 2z" overflow="visible"/><path d="m2 6h1.014v1.014h-1.014zm7.014 7.014h0.986v0.986h-0.986zm4 0h0.986v0.986h-0.986zm-11.014-11.014h1.014v1.014h-1.014z"/><path d="m3.014 8.014c2.774 0 5 2.227 5 5h2c0-3.854-3.145-7-7-7z" font-family="sans-serif" font-weight="400" overflow="visible" style="font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;isolation:auto;mix-blend-mode:normal;shape-padding:0;text-decoration-color:#000000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none" white-space="normal"/><path d="m 3.014,4.028 a 8.972,8.972 0 0 1 8.987,8.986 h 2 C 14,6.96 9.07,2.028 3.014,2.028 Z" font-family="sans-serif" font-weight="400" overflow="visible" style="font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;isolation:auto;mix-blend-mode:normal;shape-padding:0;text-decoration-color:#000000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none" white-space="normal"/><path d="m4 7a1 1 0 0 1-1 1 1 1 0 0 1-1-1 1 1 0 0 1 1-1 1 1 0 0 1 1 1zm0-4a1 1 0 0 1-1 1 1 1 0 0 1-1-1 1 1 0 0 1 1-1 1 1 0 0 1 1 1zm6 10a1 1 0 0 1-1 1 1 1 0 0 1-1-1 1 1 0 0 1 1-1 1 1 0 0 1 1 1zm4 0a1 1 0 0 1-1 1 1 1 0 0 1-1-1 1 1 0 0 1 1-1 1 1 0 0 1 1 1z" overflow="visible"/></g><g transform="translate(9.375)" stroke-width="1.875"><rect x="33.75" y="894.42" width="53.75" height="7.5" ry="0" fill="#ffa348"/><g fill="#deddda"><rect x="33.75" y="909.42" width="60" height="7.5" ry="0"/><rect x="33.75" y="924.42" width="51.469" height="7.5" ry="0"/><rect x="33.75" y="939.42" width="60" height="7.5" ry="0"/><rect x="33.75" y="954.42" width="60" height="7.5" ry="0"/><rect x="33.75" y="969.42" width="60" height="7.5" ry="0"/><rect x="33.75" y="984.42" width="39.999" height="7.5" ry="0"/><rect x="33.75" y="999.42" width="60" height="7.5" ry="0"/></g></g><g fill="#deddda" stroke-width="1.875"><rect x="136.88" y="984.42" width="60" height="7.5" ry="0"/><rect x="136.88" y="999.42" width="60" height="7.5" ry="0"/><rect x="136.88" y="969.42" width="39.999" height="7.5" ry="0"/></g></g><rect transform="matrix(0 .63036 .63036 0 47.118 -68.269)" x="252" y="88" width="36" height="36" rx="11.2" ry="11.2" clip-path="url(#b)" enable-background="new" fill="url(#a)" style="fill:url(#a);paint-order:normal"/></g></svg>