Correct configuration

This is done with respect to comment by 128bitpotato - https://discuss.privacyguides.net/t/windows-guide/250/81

.gitattributes

@@ -1,3 +1,23 @@
+# Copyright (c) 2020-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 # Auto detect text files and perform LF normalization
 * text=auto
 

.github/CODEOWNERS

@@ -1,3 +1,23 @@
+# Copyright (c) 2019-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 # Additional Co-Owners are added to the TOP of this file
 
 # High-traffic pages

.github/ISSUE_TEMPLATE/1_Content_Correction.md

@@ -1,8 +0,0 @@
----
-name: "Content Correction"
-about: Report any inaccurate, incorrect, or outdated information on the website.
----
-
-## Description
-
-**URL of affected page:**

.github/ISSUE_TEMPLATE/1_Content_Correction.yml

@@ -0,0 +1,66 @@
+# Copyright (c) 2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+name: "Content Correction"
+description: Report any inaccurate, incorrect, or outdated information on the website.
+labels: ["t:correction"]
+body:
+
+  - type: markdown
+    attributes:
+      value: |
+        This form is for reporting verifiable issues with our website. 
+        If you simply disagree with an opinion on the website, please open a discussion [on our forum](https://discuss.privacyguides.net/) instead.
+  
+  - type: input
+    attributes:
+      label: Affected page
+      description: Please let us know which page the incorrect information can be found on.
+      placeholder: "https://www.privacyguides.org/en/data-redaction/"
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: Please let us know what should be fixed.
+      placeholder: The Google Play Store link for ExifEraser is broken...
+    validations:
+      required: true
+
+  - type: textarea
+    id: source
+    attributes:
+      label: Sources
+      description: Please provide reliable sources that support the change you are requesting.
+    validations:
+      required: true
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Before submitting
+      description: The Code of Conduct helps create a safe space for everyone. We require that everyone agrees to it.
+      options:
+        - label: I am reporting something that is verifiably incorrect, not a suggestion or opinion.
+          required: true
+        - label: I agree to the [Community Code of Conduct](https://www.privacyguides.org/en/code_of_conduct/).
+          required: true

.github/ISSUE_TEMPLATE/2_Website_Issues.md

@@ -1,15 +0,0 @@
----
-name: "Website Issue"
-about: Report a bug with the website. (NO CONTENT ISSUES)
----
-
-<!--
-
-READ ME FIRST:
-This is NOT the place to request changes to the content of the website.
-This is NOT the place to report issues with our services like Matrix.
-This is ONLY for reporting bugs or technical issues with www.privacyguides.org, the website.
-
-Please add screenshots if applicable.
-
--->

.github/ISSUE_TEMPLATE/2_Website_Issues.yml

@@ -0,0 +1,101 @@
+# Copyright (c) 2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+name: "Website Issue"
+description: Report a bug with the website.
+labels: ["t:bug"]
+assignees:
+  - jonaharagon
+body:
+
+  - type: markdown
+    attributes:
+      value: |
+        This form is only for reporting a technical bug __with our website__, like broken images, broken CSS, issues with search or themes, etc.
+        This is not the place to report an issue with Matrix, Discourse, or our other hosted services.
+
+        If you want us to fix inaccurate information on the website, go back and use the content correction form.
+        If you want to make another suggestion, please [use our discussion forum](https://discuss.privacyguides.net/) instead.
+  
+  - type: textarea
+    id: description
+    attributes:
+      label: Bug description
+      description: |
+        Please give a detailed description of the bug. 
+        Explain how the website does not behave as you would expect it to, and be as specific as possible. 
+        If you have found a workaround or a fix for the problem too, please let us know.
+    validations:
+      required: true
+
+  - type: textarea
+    id: affected-pages
+    attributes:
+      label: Affected pages
+      description: |
+        Please list all pages where you've noticed this issue, or let us know if it affects every page on the site.
+      value: |
+        -
+  
+  - type: dropdown
+    id: browser
+    attributes:
+      label: Browser
+      description: |
+        Please select the browser(s) you have noticed this issue with.
+        If your browser is not listed or the version is relevant, you may select _Other_ and provide more details in the description above.
+      multiple: true
+      options:
+        - Firefox
+        - Tor Browser
+        - Chrome
+        - Safari
+        - Edge
+        - Other
+  
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating System
+      description: |
+        Please select the operating system(s) you have noticed this issue with.
+      multiple: true
+      options:
+        - Linux
+        - macOS
+        - Windows
+        - Android
+        - iOS
+        - Other
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Before submitting
+      description: The Code of Conduct helps create a safe space for everyone. We require that everyone agrees to it.
+      options:
+        - label: I am reporting something that is broken on the website, not making a suggestion.
+          required: true
+        - label: I agree to the [Community Code of Conduct](https://www.privacyguides.org/en/code_of_conduct/).
+          required: true
+
+  - type: markdown
+    attributes:
+      value: Thank you for letting us know about this!

.github/ISSUE_TEMPLATE/config.yml

@@ -1,8 +1,29 @@
+# Copyright (c) 2020-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+blank_issues_enabled: false
 contact_links:
-  - name: Suggest a New Provider or Software
+  - name: Suggest Adding or Removing a Tool
     url: https://discuss.privacyguides.net/c/site-development/suggestions
     about: Suggest something new for us to look at, or something we should remove.
-  - name: Suggest a Guide
+  - name: Suggest a New Guide
     url: https://discuss.privacyguides.net/c/site-development/guide-suggestions
     about: Suggest an area where you think guidance might be required.
   - name: Ask a Question

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,31 +1,23 @@
+Changes proposed in this PR:
 
+- 
 
 <!-- SCROLL TO BOTTOM TO AGREE!:
 Please use a descriptive title for your PR, it will be included in our changelog!
 
-Please share with us what you've changed.
-If you are adding a software recommendation, give us a link to its website or
-source code.
-
 If you are making changes that you have a conflict of interest with, please
 disclose this as well (this does not disqualify your PR by any means):
 
 Conflict of interest contributions involve contributing about yourself,
 family, friends, clients, employers, or your financial and other relationships.
 Any external relationship can trigger a conflict of interest.
-
-That someone has a conflict of interest is a description of a situation,
-NOT a judgement about that person's opinions, integrity, or good faith.
-
-If you have a conflict of interest, you MUST disclose who is paying you for
-this contribution, who the client is (if for example, you are being paid by
-an advertising agency), and any other relevant affiliations.
 -->
 
 <!-- Place an x in the boxes below, like: [x] -->
-- [ ] Please check this box to confirm you have disclosed any relevant conflicts of interest in your post.
-- [ ] Please check this box to confirm your agreement to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute your contribution as part of our project.
-- [ ] Please check this box to confirm you are the sole author of this work, or that any additional authors will also reply to this PR on GitHub confirming their agreement to these terms.
+- [ ] I have disclosed any relevant conflicts of interest in my post.
+- [ ] I agree to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute my contribution as part of this project.
+- [ ] I am the sole author of this work. <!-- Do not check this box if you are not -->
+- [ ] I agree to the [Community Code of Conduct](https://www.privacyguides.org/en/code_of_conduct/).
 
 <!-- What's this? When you submit a PR, you keep the Copyright for the work you
 are contributing. We need you to agree to the above terms in order for us to

.github/dependabot.yml

@@ -1,5 +1,33 @@
+# Copyright (c) 2021-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 version: 2
 
+registries:
+
+  github-privacyguides:
+    type: git
+    url: https://github.com
+    username: x-access-token
+    password: ${{secrets.REPO_PAT}}
+
 updates:
 
   # Maintain dependencies for GitHub Actions
@@ -13,3 +41,28 @@ updates:
       - "jonaharagon"
     labels:
       - "fix:github_actions"
+  
+  # Maintain submodules
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    registries:
+      - github-privacyguides
+    schedule:
+      interval: "daily"
+    labels:
+      - "fix:submodules"
+
+  # Maintain dependencies for pipenv
+  - package-ecosystem: "pip"
+    directory: "/"
+    insecure-external-code-execution: allow
+    registries:
+      - github-privacyguides
+    schedule:
+      interval: "daily"
+    assignees:
+      - "jonaharagon"
+    reviewers:
+      - "jonaharagon"
+    labels:
+      - "fix:python"

.github/workflows/crowdin-download.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 name: 💬 Crowdin Download
 
 on:
@@ -17,7 +37,7 @@ jobs:
       uses: actions/checkout@v3
 
     - name: crowdin action
-      uses: crowdin/github-action@v1.7.0
+      uses: crowdin/github-action@v1.7.1
       with:
         upload_sources: false
         upload_translations: false

.github/workflows/crowdin-upload.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 name: 💬 Crowdin Upload
 
 on:
@@ -19,7 +39,7 @@ jobs:
       uses: actions/checkout@v3
 
     - name: crowdin action
-      uses: crowdin/github-action@v1.7.0
+      uses: crowdin/github-action@v1.7.1
       with:
         upload_sources: true
         upload_sources_args: '--auto-update --delete-obsolete'

.github/workflows/mirror.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 name: 🪞 Push to Mirrors
 
 on: [ push, delete, create ]

.github/workflows/pages.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 name: 🛠️ Deploy to GitHub Pages
 
 on:
@@ -35,7 +55,7 @@ jobs:
           python-version: '3.8'
       
       - name: Cache files
-        uses: actions/cache@v3.3.0
+        uses: actions/cache@v3.3.1
         with:
           key: ${{ github.ref }}
           path: .cache

.github/workflows/release.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2021-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 name: 📦 Releases
 
 on: 
@@ -29,7 +49,7 @@ jobs:
           python-version: '3.8'
       
       - name: Cache files
-        uses: actions/cache@v3.3.0
+        uses: actions/cache@v3.3.1
         with:
           key: ${{ github.ref }}
           path: .cache

.markdownlint.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 default: true
 line-length: false
 ul-indent:

CITATION.cff

@@ -1,37 +1,88 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 cff-version: 1.2.0
 title: Privacy Guides
-message: 'If you reference this website, please cite it in your work.'
+message: "If you reference this website, please cite it in your work."
 type: software
 authors:
-  - email: jonah@privacyguides.org
+  - family-names: Aragon
     given-names: Jonah
-    family-names: Aragon
-    orcid: 'https://orcid.org/0000-0001-6996-4965'
-  - name: The Privacy Guides team
-    website: 'https://github.com/orgs/privacyguides/people'
-repository-code: 'https://github.com/privacyguides/privacyguides.org'
+    website: "https://www.jonaharagon.com"
+    orcid: "https://orcid.org/0000-0001-6996-4965"
+  - name: The Privacy Guides Team
+    website: "https://github.com/orgs/privacyguides/people"
+repository-code: "https://github.com/privacyguides/privacyguides.org"
+license:
+  - MIT
+  - CC-BY-ND-4.0
 references:
   - authors:
     - family-names: Donath
       given-names: Martin
-    title: 'mkdocs-material'
+    title: "mkdocs-material"
     type: software
-    repository-code: 'https://github.com/squidfunk/mkdocs-material'
+    repository-code: "https://github.com/squidfunk/mkdocs-material"
+    license: MIT
 preferred-citation:
   type: website
   title: Privacy Guides
   authors:
-    - email: jonah@privacyguides.org
+    - family-names: Aragon
       given-names: Jonah
-      family-names: Aragon
-      orcid: 'https://orcid.org/0000-0001-6996-4965'
-    - given-names: Daniel
-      family-names: Gray
-      email: dngray@privacyguides.org
-    - name: The Privacy Guides team
-      website: 'https://github.com/orgs/privacyguides/people'
-    - name: Various project contributors
-  url: 'https://www.privacyguides.org'
+      website: "https://www.jonaharagon.com"
+      orcid: "https://orcid.org/0000-0001-6996-4965"
+    - family-names: Gray
+      given-names: Daniel
+      alias: dngray
+      website: "https://polarbear.army"
+    - family-names: Wilde
+      given-names: Niek
+      name-particle: de
+      alias: blacklight447
+    - given-names: Freddy
+      website: "https://freddy.lol"
+    - alias: mfwmyfacewhen
+      website: "https://github.com/mfwmyfacewhen"
+    - given-names: Olivia
+      alias: hook
+    - alias: nitrohorse
+      website: "https://nitrohorse.com"
+    - family-names: Suomalainen
+      given-names: Aminda
+      alias: Mikaela
+      website: "https://aminda.eu"
+    - family-names: Potocki
+      given-names: Dawid
+      website: "https://dawidpotocki.com"
+    - alias: matchboxbananasynergy
+      website: "https://banana.omg.lol"
+    - family-names: Tran
+      given-names: Thien
+      alias: Tommy
+      website: "https://tommytran.io"
+    - alias: samsepi0l
+      website: "https://github.com/d4rklynk"
+    - name: Privacy Guides Contributors
+      website: "https://github.com/privacyguides/privacyguides.org/graphs/contributors"
+  url: "https://www.privacyguides.org"
   abstract: >-
     Privacy Guides is a socially motivated website that
     provides information for protecting your data
@@ -44,4 +95,4 @@ preferred-citation:
     - encryption
     - website
     - markdown
-  license: "CC-BY-ND-4.0"
+  license: CC-BY-ND-4.0

LICENSE-CODE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2019 - 2023 Jonah Aragon <jonah@triplebit.net>
+Copyright (c) 2020 - 2023 Privacy Guides contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

Pipfile

@@ -1,20 +1,38 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 [[source]]
 url = "https://pypi.org/simple"
 verify_ssl = true
 name = "pypi"
 
 [packages]
-mkdocs = "*"
-mkdocs-git-revision-date-localized-plugin = "*"
-typing-extensions = "*"
-mkdocs-git-committers-plugin-2 = "*"
-mkdocs-macros-plugin = "*"
-pillow = "*"
-cairosvg = "*"
 mkdocs-material = {path = "./modules/mkdocs-material"}
+mkdocs-git-revision-date-localized-plugin = "~=1.2"
+mkdocs-git-committers-plugin-2 = "~=1.1"
+mkdocs-macros-plugin = "~=0.7"
+pillow = "~=9.4"
+cairosvg = "~=2.7"
 
 [dev-packages]
-scour = "*"
+scour = "~=0.38"
 
 [requires]
 python_version = "3.8"

Pipfile.lock

@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "bbd8e3cc3fd584b0dfa5e2cdf3c7d1b2d1409bcd44cfdb359673fd6b89cae8bd"
+            "sha256": "277944f03f8186276babbd120f5236037510ab2a6a7c61b36ab1ac71c8f00156"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -26,26 +26,26 @@
         },
         "beautifulsoup4": {
             "hashes": [
-                "sha256:0e79446b10b3ecb499c1556f7e228a53e64a2bfcebd455f370d8927cb5b59e39",
-                "sha256:bc4bdda6717de5a2987436fb8d72f45dc90dd856bdfd512a1314ce90349a0106"
+                "sha256:2130a5ad7f513200fae61a17abb5e338ca980fa28c439c0571014bc0217e9591",
+                "sha256:c5fceeaec29d09c84970e47c65f2f0efe57872f7cff494c9691a26ec0ff13234"
             ],
             "markers": "python_version >= '3.6'",
-            "version": "==4.11.2"
+            "version": "==4.12.0"
         },
         "cairocffi": {
             "hashes": [
-                "sha256:509339b32ccd8d7b00c2204c32736cde78db53a32e6a162d312478d25626cd9a"
+                "sha256:d105b49009d9b4970a459e38ff030cb5dfc8c8ee231e867d28f77ee9df44495e"
             ],
             "markers": "python_version >= '3.7'",
-            "version": "==1.4.0"
+            "version": "==1.5.0"
         },
         "cairosvg": {
             "hashes": [
-                "sha256:05069d5316e9f02f33028942f96929e01782db41e6ff07d8454c8d021b5b52f3",
-                "sha256:d5ec93e90101b3b6e82aa245d0546ee9b016cfda0b6344675159830d853d5d04"
+                "sha256:17cb96423a896258848322a95c80160e714a58f1af3dd73b8e1750994519b9f9",
+                "sha256:ac4dc7c1d38b3a15717db2633a3a383012e0be664c727c911637e6af6a49293c"
             ],
             "index": "pypi",
-            "version": "==2.6.0"
+            "version": "==2.7.0"
         },
         "certifi": {
             "hashes": [
@@ -278,11 +278,11 @@
         },
         "importlib-metadata": {
             "hashes": [
-                "sha256:7efb448ec9a5e313a57655d35aa54cd3e01b7e1fbcf72dce1bf06119420f5bad",
-                "sha256:e354bedeb60efa6affdcc8ae121b73544a7aa74156d047311948f6d711cd378d"
+                "sha256:43ce9281e097583d758c2c708c4376371261a02c34682491a8e98352365aad20",
+                "sha256:ff80f3b5394912eb1b108fcfd444dc78b7f1f3e16b16188054bd01cb9cb86f09"
             ],
             "markers": "python_version < '3.10'",
-            "version": "==6.0.0"
+            "version": "==6.1.0"
         },
         "jinja2": {
             "hashes": [
@@ -460,7 +460,7 @@
                 "sha256:8947af423a6d0facf41ea1195b8e1e8c85ad94ac95ae307fe11232e0424b11c5",
                 "sha256:c8856a832c1e56702577023cd64cc5f84948280c1c0fcc6af4cd39006ea6aa8c"
             ],
-            "index": "pypi",
+            "markers": "python_version >= '3.7'",
             "version": "==1.4.2"
         },
         "mkdocs-git-committers-plugin-2": {
@@ -489,7 +489,7 @@
         },
         "mkdocs-material": {
             "path": "./modules/mkdocs-material",
-            "version": "==9.1.1+insiders.4.32.2"
+            "version": "==9.1.3+insiders.4.32.3"
         },
         "mkdocs-material-extensions": {
             "hashes": [
@@ -598,11 +598,11 @@
         },
         "pipdeptree": {
             "hashes": [
-                "sha256:41c9fa55381dedcde3748712536b3d431931090a74f829916cb2264849c1587d",
-                "sha256:787c994f7d2cff9c3d55750590fd212dabc8ff87e4690624eabb449a49dfd41d"
+                "sha256:058b53373ee5bb8a97b36a966af59029378165dc93829c977538efa4e20ba524",
+                "sha256:b0ed2685230c71ca28d35e96b09685406f6f9cc03b81b393264d2c6b14c5cf23"
             ],
             "markers": "python_version >= '3.7'",
-            "version": "==2.5.2"
+            "version": "==2.6.0"
         },
         "pycparser": {
             "hashes": [
@@ -647,7 +647,6 @@
                 "sha256:01a0681c4b9684a28304615eba55d1ab31ae00bf68ec157ec3708a8182dbbcd0",
                 "sha256:78f4f37d8198e0627c5f1143240bb0206b8691d8d7ac6d78fee88b78733f8c4a"
             ],
-            "markers": "python_version < '3.9'",
             "version": "==2022.7.1"
         },
         "pyyaml": {
@@ -853,55 +852,46 @@
             "markers": "python_version >= '3.7'",
             "version": "==1.2.1"
         },
-        "typing-extensions": {
-            "hashes": [
-                "sha256:5cb5f4a79139d699607b3ef622a1dedafa84e115ab0024e0d9c044a9479ca7cb",
-                "sha256:fb33085c39dd998ac16d1431ebc293a8b3eedd00fd4a32de0ff79002c19511b4"
-            ],
-            "index": "pypi",
-            "version": "==4.5.0"
-        },
         "urllib3": {
             "hashes": [
-                "sha256:076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72",
-                "sha256:75edcdc2f7d85b137124a6c3c9fc3933cdeaa12ecb9a6a959f22797a0feca7e1"
+                "sha256:8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305",
+                "sha256:aa751d169e23c7479ce47a0cb0da579e3ede798f994f5816a74e4f4500dcea42"
             ],
             "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'",
-            "version": "==1.26.14"
+            "version": "==1.26.15"
         },
         "watchdog": {
             "hashes": [
-                "sha256:03f342a9432fe08107defbe8e405a2cb922c5d00c4c6c168c68b633c64ce6190",
-                "sha256:0d9878be36d2b9271e3abaa6f4f051b363ff54dbbe7e7df1af3c920e4311ee43",
-                "sha256:0e1dd6d449267cc7d6935d7fe27ee0426af6ee16578eed93bacb1be9ff824d2d",
-                "sha256:2caf77ae137935c1466f8cefd4a3aec7017b6969f425d086e6a528241cba7256",
-                "sha256:3d2dbcf1acd96e7a9c9aefed201c47c8e311075105d94ce5e899f118155709fd",
-                "sha256:4109cccf214b7e3462e8403ab1e5b17b302ecce6c103eb2fc3afa534a7f27b96",
-                "sha256:4cd61f98cb37143206818cb1786d2438626aa78d682a8f2ecee239055a9771d5",
-                "sha256:53f3e95081280898d9e4fc51c5c69017715929e4eea1ab45801d5e903dd518ad",
-                "sha256:564e7739abd4bd348aeafbf71cc006b6c0ccda3160c7053c4a53b67d14091d42",
-                "sha256:5b848c71ef2b15d0ef02f69da8cc120d335cec0ed82a3fa7779e27a5a8527225",
-                "sha256:5defe4f0918a2a1a4afbe4dbb967f743ac3a93d546ea4674567806375b024adb",
-                "sha256:6f5d0f7eac86807275eba40b577c671b306f6f335ba63a5c5a348da151aba0fc",
-                "sha256:7a1876f660e32027a1a46f8a0fa5747ad4fcf86cb451860eae61a26e102c8c79",
-                "sha256:7a596f9415a378d0339681efc08d2249e48975daae391d58f2e22a3673b977cf",
-                "sha256:85bf2263290591b7c5fa01140601b64c831be88084de41efbcba6ea289874f44",
-                "sha256:8a4d484e846dcd75e96b96d80d80445302621be40e293bfdf34a631cab3b33dc",
-                "sha256:8f2df370cd8e4e18499dd0bfdef476431bcc396108b97195d9448d90924e3131",
-                "sha256:91fd146d723392b3e6eb1ac21f122fcce149a194a2ba0a82c5e4d0ee29cd954c",
-                "sha256:95ad708a9454050a46f741ba5e2f3468655ea22da1114e4c40b8cbdaca572565",
-                "sha256:964fd236cd443933268ae49b59706569c8b741073dbfd7ca705492bae9d39aab",
-                "sha256:9da7acb9af7e4a272089bd2af0171d23e0d6271385c51d4d9bde91fe918c53ed",
-                "sha256:a073c91a6ef0dda488087669586768195c3080c66866144880f03445ca23ef16",
-                "sha256:a74155398434937ac2780fd257c045954de5b11b5c52fc844e2199ce3eecf4cf",
-                "sha256:aa8b028750b43e80eea9946d01925168eeadb488dfdef1d82be4b1e28067f375",
-                "sha256:d1f1200d4ec53b88bf04ab636f9133cb703eb19768a39351cee649de21a33697",
-                "sha256:d9f9ed26ed22a9d331820a8432c3680707ea8b54121ddcc9dc7d9f2ceeb36906",
-                "sha256:ea5d86d1bcf4a9d24610aa2f6f25492f441960cf04aed2bd9a97db439b643a7b",
-                "sha256:efe3252137392a471a2174d721e1037a0e6a5da7beb72a021e662b7000a9903f"
+                "sha256:0e06ab8858a76e1219e68c7573dfeba9dd1c0219476c5a44d5333b01d7e1743a",
+                "sha256:13bbbb462ee42ec3c5723e1205be8ced776f05b100e4737518c67c8325cf6100",
+                "sha256:233b5817932685d39a7896b1090353fc8efc1ef99c9c054e46c8002561252fb8",
+                "sha256:25f70b4aa53bd743729c7475d7ec41093a580528b100e9a8c5b5efe8899592fc",
+                "sha256:2b57a1e730af3156d13b7fdddfc23dea6487fceca29fc75c5a868beed29177ae",
+                "sha256:336adfc6f5cc4e037d52db31194f7581ff744b67382eb6021c868322e32eef41",
+                "sha256:3aa7f6a12e831ddfe78cdd4f8996af9cf334fd6346531b16cec61c3b3c0d8da0",
+                "sha256:3ed7c71a9dccfe838c2f0b6314ed0d9b22e77d268c67e015450a29036a81f60f",
+                "sha256:4c9956d27be0bb08fc5f30d9d0179a855436e655f046d288e2bcc11adfae893c",
+                "sha256:4d98a320595da7a7c5a18fc48cb633c2e73cda78f93cac2ef42d42bf609a33f9",
+                "sha256:4f94069eb16657d2c6faada4624c39464f65c05606af50bb7902e036e3219be3",
+                "sha256:5113334cf8cf0ac8cd45e1f8309a603291b614191c9add34d33075727a967709",
+                "sha256:51f90f73b4697bac9c9a78394c3acbbd331ccd3655c11be1a15ae6fe289a8c83",
+                "sha256:5d9f3a10e02d7371cd929b5d8f11e87d4bad890212ed3901f9b4d68767bee759",
+                "sha256:7ade88d0d778b1b222adebcc0927428f883db07017618a5e684fd03b83342bd9",
+                "sha256:7c5f84b5194c24dd573fa6472685b2a27cc5a17fe5f7b6fd40345378ca6812e3",
+                "sha256:7e447d172af52ad204d19982739aa2346245cc5ba6f579d16dac4bfec226d2e7",
+                "sha256:8ae9cda41fa114e28faf86cb137d751a17ffd0316d1c34ccf2235e8a84365c7f",
+                "sha256:8f3ceecd20d71067c7fd4c9e832d4e22584318983cabc013dbf3f70ea95de346",
+                "sha256:9fac43a7466eb73e64a9940ac9ed6369baa39b3bf221ae23493a9ec4d0022674",
+                "sha256:a70a8dcde91be523c35b2bf96196edc5730edb347e374c7de7cd20c43ed95397",
+                "sha256:adfdeab2da79ea2f76f87eb42a3ab1966a5313e5a69a0213a3cc06ef692b0e96",
+                "sha256:ba07e92756c97e3aca0912b5cbc4e5ad802f4557212788e72a72a47ff376950d",
+                "sha256:c07253088265c363d1ddf4b3cdb808d59a0468ecd017770ed716991620b8f77a",
+                "sha256:c9d8c8ec7efb887333cf71e328e39cffbf771d8f8f95d308ea4125bf5f90ba64",
+                "sha256:d00e6be486affb5781468457b21a6cbe848c33ef43f9ea4a73b4882e5f188a44",
+                "sha256:d429c2430c93b7903914e4db9a966c7f2b068dd2ebdd2fa9b9ce094c7d459f33"
             ],
-            "markers": "python_version >= '3.6'",
-            "version": "==2.3.1"
+            "markers": "python_version >= '3.7'",
+            "version": "==3.0.0"
         },
         "webencodings": {
             "hashes": [

README.md

@@ -38,9 +38,11 @@
 
 ## About
 
-**Privacy Guides** is a socially motivated website that provides information for protecting your data security and privacy. We are a non-profit collective operated entirely by volunteer team members and contributors.
+**Privacy Guides** is a socially motivated website that provides information for protecting your data security and privacy. Our mission is to inform the public about the value of digital privacy, and global government initiatives which aim to monitor your online activity. We are a non-profit collective operated entirely by volunteer team members and contributors. Our website is free of advertisements and not affiliated with any of the listed providers.
 
-Our current list of team members can be found [here](https://www.privacyguides.org/about/#our-team). Additionally, [many people](https://github.com/privacyguides/privacyguides.org/graphs/contributors) have made contributions to the project, and you can too!
+The current list of team members can be found [here](https://www.privacyguides.org/about/#our-team). Additionally, [many people](https://github.com/privacyguides/privacyguides.org/graphs/contributors) have made contributions to the project, and you can too!
+
+*Featured on: [Tweakers](https://tweakers.net/reviews/10568/op-zoek-naar-privacyvriendelijke-tools-niek-de-wilde-van-privacy-guides.html), [The New York Times](https://www.nytimes.com/wirecutter/guides/online-security-social-media-privacy/), and [Wired](https://www.wired.com/story/firefox-mozilla-2022/)*
 
 ## Contributing
 
@@ -51,6 +53,8 @@ Our current list of team members can be found [here](https://www.privacyguides.o
   - Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated
   - View some contribution tips on our [contributor's wiki](https://github.com/privacyguides/privacyguides.org/wiki)
 
+All contributors to the site are listed [here](https://github.com/privacyguides/privacyguides.org/graphs/contributors). If you make a substantial (i.e. copyright eligible) contribution to the project and would like to be formally credited, you are welcome to include your information in the appropriate `authors` section in [`CITATION.cff`](/CITATION.cff) as well, just submit a PR or ask @jonaharagon to make the change.
+
 ## Mirrors
 
 [![GitHub](https://img.shields.io/static/v1?logo=github&label=&message=GitHub&color=000&style=for-the-badge)](https://github.com/privacyguides/privacyguides.org)
@@ -59,6 +63,22 @@ Our current list of team members can be found [here](https://www.privacyguides.o
 [![Codeberg](https://img.shields.io/static/v1?logo=codeberg&label=&message=Codeberg&color=000&style=for-the-badge)](https://codeberg.org/privacyguides/privacyguides.org)
 [![SourceHut](https://img.shields.io/static/v1?logo=git&label=&message=SourceHut&color=000&style=for-the-badge)](https://git.sr.ht/~jonaharagon/privacyguides.org)
 
+## License
+
+Copyright © 2019 - 2023 [Privacy Guides contributors](https://github.com/privacyguides/privacyguides.org/graphs/contributors).
+
+Privacy Guides content is licensed under the [Creative Commons Attribution-NoDerivatives 4.0 International Public License](/LICENSE), and the underlying source code used to format and display that content on [www.privacyguides.org](https://www.privacyguides.org) is licensed under the [MIT License](/LICENSE-CODE).
+
+Generally speaking, **content** can be found in the [`/docs`](/docs), [`/theme/assets/img`](/theme/assets/img), [`/includes`](/includes), and [`/i18n`](/i18n) folders; and **source code** and configuration files can be found in the [`/config`](/config) and [`/theme`](/theme) folders, and in the root of this repository. Any source code snippets contained within documentation files are [MIT Licensed](/LICENSE-CODE). Please contact us if you require clarification on any of these terms.
+
+These licenses do not apply to any work where another license is otherwise noted.
+
+**Logos** in the [`/theme/assets/img`](/theme/assets/img) folder may not be original works of Privacy Guides and therefore cannot be (re)licensed by us. We believe that these logos obtained from third-party providers are either in the public domain or **fair use**. In a nutshell, legal [fair use doctrine](https://www.copyright.gov/fair-use/more-info.html) allows the use of copyrighted images in order to identify the subject for purposes of public comment. However, these logos and other images may still be subject to trademark laws in one or more jurisdictions. Before using this content, please ensure that it is used to identify the entity or organization that owns the trademark and that you have the right to use it under the laws which apply in the circumstances of your intended use. *When copying content from this website, you are solely responsible for ensuring that you do not infringe someone else's trademark or copyright.*
+
+You may comply with our license terms in any reasonable manner, but not in any way that suggests Privacy Guides endorses you or your use. You **may not** use the Privacy Guides branding in your own project without express approval from this project. Privacy Guides's brand trademarks include the "Privacy Guides" wordmark and shield logo.
+
+When you contribute to this repository you are doing so under the above licenses, and you are granting Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform and distribute your contribution as part of our project.
+
 ## Developing
 
 Committing to this repository requires [signing your commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) (`git config commit.gpgsign true`) unless you are making edits via the GitHub.com text editor interface. As of August 2022 the preferred signing method is [SSH commit signatures](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#ssh-commit-signature-verification), but GPG signing is also acceptable. You should add your signing key to your GitHub profile.

_redirects

@@ -1,3 +1,25 @@
+# Copyright (c) 2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+# Auto detect text files and perform LF normalization
+
 /  /en/  302  Language=en
 /  /fr/  302  Language=fr
 /  /he/  302  Language=he
@@ -9,7 +31,8 @@
 /kb /en/basics/threat-modeling/
 /:lang/kb /:lang/basics/threat-modeling/
 
-/coc/ /en/CODE_OF_CONDUCT/
+/coc /en/CODE_OF_CONDUCT/
+/license https://github.com/privacyguides/privacyguides.org/tree/main/README.md#license
 
 /team /en/about/
 /browsers /en/desktop-browsers/

config/mkdocs.common.yml

@@ -1,4 +1,25 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 extra:
+  context: !ENV [CONTEXT, "production"]
   social:
     - icon: simple/mastodon
       link: https://mastodon.neat.computer/@privacyguides

config/mkdocs.en.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 INHERIT: mkdocs.common.yml
 docs_dir: '../docs'
 site_url: "https://www.privacyguides.org/en/"
@@ -9,9 +29,9 @@ site_description: |
 copyright: |
   <b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy.<br>
   We do not make money from recommending certain products, and we do not use affiliate links.<br>
-  &copy; 2022 Privacy Guides and contributors.
+  &copy; 2019 - 2023 Privacy Guides and contributors.
   <span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span>
-  Content licensed under <a href="/about/"><strong>CC BY-ND 4.0</strong></a>.
+  Content licensed under <a href="/license"><strong>CC BY-ND 4.0</strong></a>.
 edit_uri: edit/main/docs/
 
 extra:
@@ -89,6 +109,11 @@ nav:
       - 'os/android-overview.md'
       - 'os/linux-overview.md'
       - 'os/qubes-overview.md'
+      - Windows Overview:
+        - 'os/windows/index.md'
+        - 'os/windows/hardening.md'
+        - 'os/windows/privacy.md'
+        - 'os/windows/sandboxing.md'
     - Advanced Topics:
       - 'advanced/dns-overview.md'
       - 'advanced/tor-overview.md'

config/mkdocs.fr.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 INHERIT: mkdocs.common.yml
 docs_dir: '../i18n/fr'
 site_url: "https://www.privacyguides.org/fr/"
@@ -9,9 +29,9 @@ site_description: |
 copyright: |
   <b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy.<br>
   We do not make money from recommending certain products, and we do not use affiliate links.<br>
-  &copy; 2022 Privacy Guides and contributors. 
+  &copy; 2019 - 2023 Privacy Guides and contributors. 
   <span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span> 
-  Content licensed under <a href="/about/"><strong>CC BY-ND 4.0</strong></a>.
+  Content licensed under <a href="/license"><strong>CC BY-ND 4.0</strong></a>.
 edit_uri: edit/main/i18n/fr/
 
 extra:
@@ -89,6 +109,11 @@ nav:
       - 'os/android-overview.md'
       - 'os/linux-overview.md'
       - 'os/qubes-overview.md'
+      - Windows Overview:
+        - 'os/windows/index.md'
+        - 'os/windows/hardening.md'
+        - 'os/windows/privacy.md'
+        - 'os/windows/sandboxing.md'
     - "Sujets avancés":
       - 'advanced/dns-overview.md'
       - 'advanced/tor-overview.md'

config/mkdocs.he.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 INHERIT: mkdocs.common.yml
 docs_dir: '../i18n/he'
 site_url: "https://www.privacyguides.org/he/"
@@ -9,9 +29,9 @@ site_description: |
 copyright: |
   <b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy.<br>
   We do not make money from recommending certain products, and we do not use affiliate links.<br>
-  &copy; 2022 Privacy Guides and contributors.
+  &copy; 2019 - 2023 Privacy Guides and contributors.
   <span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span>
-  Content licensed under <a href="/about/"><strong>CC BY-ND 4.0</strong></a>.
+  Content licensed under <a href="/license"><strong>CC BY-ND 4.0</strong></a>.
 edit_uri: edit/main/i18n/he/
 
 extra:
@@ -93,6 +113,11 @@ nav:
       - 'os/android-overview.md'
       - 'os/linux-overview.md'
       - 'os/qubes-overview.md'
+      - Windows Overview:
+        - 'os/windows/index.md'
+        - 'os/windows/hardening.md'
+        - 'os/windows/privacy.md'
+        - 'os/windows/sandboxing.md'
     - "נושאים מתקדמים":
       - 'advanced/dns-overview.md'
       - 'advanced/tor-overview.md'

config/mkdocs.nl.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2022-2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 INHERIT: mkdocs.common.yml
 docs_dir: '../i18n/nl'
 site_url: "https://www.privacyguides.org/nl/"
@@ -9,9 +29,9 @@ site_description: |
 copyright: |
   <b>Privacy Guides</b> is een non-profit, sociaal gemotiveerde website die informatie biedt voor de bescherming van jouw gegevensbeveiliging en privacy.<br>
   Wij verdienen geen geld met het aanbevelen van bepaalde producten, en wij maken geen gebruik van affiliate links.<br>
-  &copy; 2022 Privacy Guides en medewerkers.
+  &copy; 2019 - 2023 Privacy Guides en medewerkers.
   <span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span>
-  Inhoud gelicentieerd onder <a href="/about/"><strong>CC BY-ND 4.0</strong></a>.
+  Inhoud gelicentieerd onder <a href="/license"><strong>CC BY-ND 4.0</strong></a>.
 edit_uri: edit/main/docs/
 
 extra:
@@ -89,6 +109,11 @@ nav:
       - 'os/android-overview.md'
       - 'os/linux-overview.md'
       - 'os/qubes-overview.md'
+      - Windows Overview:
+        - 'os/windows/index.md'
+        - 'os/windows/hardening.md'
+        - 'os/windows/privacy.md'
+        - 'os/windows/sandboxing.md'
     - Gevorderde onderwerpen:
       - 'advanced/dns-overview.md'
       - 'advanced/tor-overview.md'

config/mkdocs.offline.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 INHERIT: mkdocs.common.yml
 docs_dir: '../docs'
 site_url: "https://www.privacyguides.org/"
@@ -9,9 +29,9 @@ site_description: |
 copyright: |
   <b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy.<br>
   We do not make money from recommending certain products, and we do not use affiliate links.<br>
-  &copy; 2022 Privacy Guides and contributors.
+  &copy; 2019 - 2023 Privacy Guides and contributors.
   <span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span>
-  Content licensed under <a href="/about/"><strong>CC BY-ND 4.0</strong></a>.
+  Content licensed under <a href="https://www.privacyguides.org/license"><strong>CC BY-ND 4.0</strong></a>.
 repo_url: ""
 
 extra:
@@ -78,6 +98,11 @@ nav:
       - 'os/android-overview.md'
       - 'os/linux-overview.md'
       - 'os/qubes-overview.md'
+      - Windows Overview:
+        - 'os/windows/index.md'
+        - 'os/windows/hardening.md'
+        - 'os/windows/privacy.md'
+        - 'os/windows/sandboxing.md'
     - Advanced Topics:
       - 'advanced/dns-overview.md'
       - 'advanced/tor-overview.md'

crowdin.yml

@@ -1,3 +1,23 @@
+# Copyright (c) 2023 Jonah Aragon <jonah@triplebit.net>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
 api_token_env: CROWDIN_PERSONAL_TOKEN
 project_id: "509862"
 "preserve_hierarchy": true

docs/about/index.md

@@ -5,14 +5,12 @@ description: Privacy Guides is a socially motivated website that provides inform
 ---
 ![Privacy Guides logo](../assets/brand/png/square/pg-yellow.png){ align=right }
 
-**Privacy Guides** is a socially motivated website that provides [information](/kb) for protecting your data security and privacy. We are a non-profit collective operated entirely by volunteer [team members](https://discuss.privacyguides.net/g/team) and contributors. Our website is free of advertisements and not affiliated with any listed providers.
+**Privacy Guides** is a socially motivated website that provides [information](/kb) for protecting your data security and privacy. Our mission is to inform the public about the value of digital privacy, and global government initiatives which aim to monitor your online activity. We are a non-profit collective operated entirely by volunteer [team members](https://discuss.privacyguides.net/g/team) and contributors. Our website is free of advertisements and not affiliated with any of the listed providers.
 
 [:octicons-home-16:](https://www.privacyguides.org/){ .card-link title=Homepage }
 [:octicons-code-16:](https://github.com/privacyguides/privacyguides.org){ .card-link title="Source Code" }
 [:octicons-heart-16:](donate.md){ .card-link title=Contribute }
 
-The purpose of Privacy Guides is to educate our community on the importance of privacy online and government programs internationally that are designed to monitor all of your online activities.
-
 > To find [privacy-focused alternative] apps, check out sites like Good Reports and **Privacy Guides**, which list privacy-focused apps in a variety of categories, notably including email providers (usually on paid plans) that aren’t run by the big tech companies.
 
 — [New York Times](https://www.nytimes.com/wirecutter/guides/online-security-social-media-privacy/)
@@ -21,7 +19,7 @@ The purpose of Privacy Guides is to educate our community on the importance of p
 
 — [Tweakers.net](https://tweakers.net/reviews/10568/op-zoek-naar-privacyvriendelijke-tools-niek-de-wilde-van-privacy-guides.html) [Translated from Dutch]
 
-Also featured on: [Ars Technica](https://arstechnica.com/gadgets/2022/02/is-firefox-ok/), [Wirecutter](https://www.nytimes.com/wirecutter/guides/practical-guide-to-securing-windows-pc/) [[2](https://www.nytimes.com/wirecutter/guides/practical-guide-to-securing-your-mac/)], and [Wired](https://www.wired.com/story/firefox-mozilla-2022/).
+Also featured on: [Ars Technica](https://arstechnica.com/gadgets/2022/02/is-firefox-ok/), [Wirecutter](https://www.nytimes.com/wirecutter/guides/practical-guide-to-securing-windows-pc/) [[2](https://www.nytimes.com/wirecutter/guides/practical-guide-to-securing-your-mac/)], [NPO Radio 1](https://www.nporadio1.nl/nieuws/binnenland/8eaff3a2-8b29-4f63-9b74-36d2b28b1fe1/ooit-online-eens-wat-doms-geplaatst-ga-jezelf-eens-googlen-en-kijk-dan-wat-je-tegenkomt), and [Wired](https://www.wired.com/story/firefox-mozilla-2022/).
 
 ## History
 
@@ -81,7 +79,9 @@ Our team members review all changes made to the website and handle administrativ
 
 ## Site License
 
-*The following is a human-readable summary of (and not a substitute for) the [license](https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE):*
+!!! danger ""
+
+    The following is a human-readable summary of (and not a substitute for) the [license](/license).
 
 :fontawesome-brands-creative-commons: :fontawesome-brands-creative-commons-by: :fontawesome-brands-creative-commons-nd: Unless otherwise noted, the original content on this website is made available under the [Creative Commons Attribution-NoDerivatives 4.0 International Public License](https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE). This means that you are free to copy and redistribute the material in any medium or format for any purpose, even commercially; as long as you give appropriate credit to `Privacy Guides (www.privacyguides.org)` and provide a link to the license. You may do so in any reasonable manner, but not in any way that suggests Privacy Guides endorses you or your use. If you remix, transform, or build upon the content of this website, you may not distribute the modified material.
 

docs/about/notices.md

@@ -1,7 +1,5 @@
 ---
 title: "Notices and Disclaimers"
-hide:
-    - toc
 ---
 
 ## Legal Disclaimer
@@ -14,21 +12,26 @@ Privacy Guides is an open source project contributed to under licenses that incl
 
 Privacy Guides additionally does not warrant that this website will be constantly available, or available at all.
 
-## Licenses
+## Licensing Overview
 
-Unless otherwise noted, all content on this website is made available under the terms of the [Creative Commons Attribution-NoDerivatives 4.0 International Public License](https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE).
+!!! danger ""
+
+    The following is a human-readable summary of (and not a substitute for) the [license](/license).
+
+Unless otherwise noted, all **content** on this website is made available under the terms of the [Creative Commons Attribution-NoDerivatives 4.0 International Public License](https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE). The underlying **source code** used to generate this website and display that content is released under the [MIT License](https://github.com/privacyguides/privacyguides.org/tree/main/LICENSE-CODE).
 
 This does not include third-party code embedded in this repository, or code where a superseding license is otherwise noted. The following are notable examples, but this list may not be all-inclusive:
 
-* [MathJax](https://github.com/privacyguides/privacyguides.org/blob/main/docs/assets/javascripts/mathjax.js) is licensed under the [Apache License 2.0](https://github.com/privacyguides/privacyguides.org/blob/main/docs/assets/javascripts/LICENSE.mathjax.txt).
-
-Portions of this notice itself were adopted from [opensource.guide](https://github.com/github/opensource.guide/blob/master/notices.md) on GitHub. That resource and this page itself are released under [CC-BY-4.0](https://github.com/github/opensource.guide/blob/master/LICENSE).
+* [MathJax](https://github.com/privacyguides/privacyguides.org/blob/main/theme/assets/javascripts/mathjax.js) is licensed under the [Apache License 2.0](https://github.com/privacyguides/privacyguides.org/blob/main/docs/assets/javascripts/LICENSE.mathjax.txt).
+* The [Bagnard](https://github.com/privacyguides/brand/tree/main/WOFF/bagnard) heading font is licensed under the [SIL Open Font License 1.1](https://github.com/privacyguides/brand/blob/main/WOFF/bagnard/LICENSE.txt).
+* The [Public Sans](https://github.com/privacyguides/brand/tree/main/WOFF/public_sans) font used for most text on the site is licensed under the terms detailed [here](https://github.com/privacyguides/brand/blob/main/WOFF/public_sans/LICENSE.txt).
+* The [DM Mono](https://github.com/privacyguides/brand/tree/main/WOFF/dm_mono) font used for monospaced text on the site is licensed under the [SIL Open Font License 1.1](https://github.com/privacyguides/brand/blob/main/WOFF/dm_mono/LICENSE.txt).
 
 This means that you can use the human-readable content in this repository for your own project, per the terms outlined in the Creative Commons Attribution-NoDerivatives 4.0 International Public License text. You may do so in any reasonable manner, but not in any way that suggests Privacy Guides endorses you or your use. You **may not** use the Privacy Guides branding in your own project without express approval from this project. Privacy Guides's brand trademarks include the "Privacy Guides" wordmark and shield logo.
 
 We believe that the logos and other images in `assets` obtained from third-party providers are either in the public domain or **fair use**. In a nutshell, legal [fair use doctrine](https://www.copyright.gov/fair-use/more-info.html) allows the use of copyrighted images in order to identify the subject matter for purposes of public comment. However, these logos and other images may still be subject to trademark laws in one or more jurisdictions. Before using this content, please ensure that it is used to identify the entity or organization that owns the trademark and that you have the right to use it under the laws which apply in the circumstances of your intended use. *When copying content from this website, you are solely responsible for ensuring that you do not infringe someone else's trademark or copyright.*
 
-When you contribute to this repository you are doing so under the above licenses, and you are granting Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform and distribute your contribution as part of our project.
+When you contribute to our website you are doing so under the above licenses, and you are granting Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform and distribute your contribution as part of our project.
 
 ## Acceptable Use
 
@@ -41,3 +44,7 @@ You must not conduct any systematic or automated data collection activities on o
 * Scraping
 * Data Mining
 * 'Framing' (IFrames)
+
+---
+
+*Portions of this notice itself were adopted from [opensource.guide](https://github.com/github/opensource.guide/blob/master/notices.md) on GitHub. That resource and this page itself are released under [CC-BY-4.0](https://creativecommons.org/licenses/by-sa/4.0/).*

docs/advanced/tor-overview.md

@@ -6,11 +6,19 @@ description: Tor is a free to use, decentralized network designed for using the
 
 Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
 
-## Path Building
+## Path Building to Clearnet Services
 
-Tor works by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
+"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
 
-Every time you connect to Tor, it will choose three nodes to build a path to the internet—this path is called a "circuit." Each of these nodes has its own function:
+Every time you [connect to Tor](../tor.md), it will choose three nodes to build a path to the internet—this path is called a "circuit." 
+
+<figure markdown>
+  ![Tor path showing your device connecting to an entry node, middle node, and exit node before reaching the destination website](../assets/img/how-tor-works/tor-path.svg#only-light)
+  ![Tor path showing your device connecting to an entry node, middle node, and exit node before reaching the destination website](../assets/img/how-tor-works/tor-path-dark.svg#only-dark)
+  <figcaption>Tor circuit pathway</figcaption>
+</figure>
+
+Each of these nodes has its own function:
 
 ### The Entry Node
 
@@ -34,10 +42,16 @@ The exit node will be chosen at random from all available Tor nodes ran with an
 
 [^2]: Relay flag: a special (dis-)qualification of relays for circuit positions (for example, "Guard", "Exit", "BadExit"), circuit properties (for example, "Fast", "Stable"), or roles (for example, "Authority", "HSDir"), as assigned by the directory authorities and further defined in the directory protocol specification. ([https://metrics.torproject.org/glossary.html](https://metrics.torproject.org/glossary.html))
 
-<figure markdown>
-  ![Tor path](../assets/img/how-tor-works/tor-path.svg#only-light)
-  ![Tor path](../assets/img/how-tor-works/tor-path-dark.svg#only-dark)
-  <figcaption>Tor circuit pathway</figcaption>
+## Path Building to Onion Services
+
+"Onion Services" (also commonly referred to as "hidden services") are websites which can only be accessed by the Tor browser. These websites have a long randomly generated domain name ending with `.onion`.
+
+Connecting to an Onion Service in Tor works very similarly to connecting to a clearnet service, but your traffic is routed through a total of **six** nodes before reaching the destination server. Just like before however, only three of these nodes are contributing to *your* anonymity, the other three nodes protect *the Onion Service's* anonymity, hiding the website's true IP and location in the same manner that Tor Browser is hiding yours.
+
+<figure style="width:100%" markdown>
+  ![Tor path showing your traffic being routed through your three Tor nodes plus three additional Tor nodes which hide the website's identity](../assets/img/how-tor-works/tor-path-hidden-service.svg#only-light)
+  ![Tor path showing your traffic being routed through your three Tor nodes plus three additional Tor nodes which hide the website's identity](../assets/img/how-tor-works/tor-path-hidden-service-dark.svg#only-dark)
+  <figcaption>Tor circuit pathway with Onion Services. Nodes in the <span class="pg-blue">blue</span> fence belong to your browser, while nodes in the <span class="pg-red">red</span> fence belong to the server, so their identity is hidden from you.</figcaption>
 </figure>
 
 ## Encryption

docs/assets/img/how-tor-works/tor-path-hidden-service-dark.svg

@@ -0,0 +1,225 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg width="100%" height="100%" viewBox="0 0 1051 447" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linecap:round;stroke-linejoin:round;">
+    <g transform="matrix(1,0,0,1,-101.526,-98.3251)">
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <rect x="87.098" y="355.919" width="154.361" height="165.495" style="fill:rgb(114,159,207);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M164.319,521.414L87.098,521.414L87.098,355.919L241.458,355.919L241.458,521.414L164.319,521.414" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,94.093C481.938,108.602 478.372,122.936 471.566,135.531C464.84,148.041 455.036,158.553 443.368,165.764C431.619,173.061 418.249,176.884 404.715,176.884C391.183,176.884 377.814,173.061 366.146,165.764C354.397,158.553 344.592,148.041 337.867,135.531C331.06,122.934 327.495,108.6 327.495,94.093C327.495,79.585 331.061,65.251 337.867,52.742C344.592,40.145 354.397,29.634 366.065,22.423C377.814,15.126 391.184,11.303 404.718,11.303C418.25,11.303 431.619,15.126 443.287,22.423C455.036,29.634 464.84,40.146 471.566,52.742C478.372,65.252 481.938,79.587 481.938,94.093Z" style="fill:rgb(129,212,26);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,93.965C481.938,108.473 478.372,122.807 471.566,135.403C464.84,147.913 455.036,158.425 443.368,165.635C431.619,172.932 418.249,176.755 404.715,176.755C391.183,176.755 377.814,172.932 366.146,165.635C354.397,158.425 344.592,147.912 337.867,135.403C331.06,122.806 327.495,108.472 327.495,93.965C327.495,79.457 331.061,65.122 337.867,52.614C344.592,40.017 354.397,29.505 366.065,22.295C377.814,14.997 391.184,11.175 404.718,11.175C418.25,11.175 431.619,14.997 443.287,22.295C455.036,29.505 464.84,40.017 471.566,52.614C478.372,65.124 481.938,79.458 481.938,93.965" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,94.18C790.681,108.689 787.116,122.936 780.31,135.531C773.584,148.128 763.78,158.553 752.112,165.764C740.362,173.061 726.993,176.884 713.459,176.884C699.927,176.884 686.558,173.061 674.89,165.764C663.141,158.553 653.336,148.128 646.611,135.531C639.804,122.934 636.239,108.687 636.239,94.18C636.239,79.585 639.804,65.338 646.611,52.742C653.336,40.145 663.141,29.721 674.89,22.51C686.558,15.213 699.928,11.39 713.459,11.39C726.991,11.39 740.361,15.213 752.112,22.51C763.78,29.721 773.584,40.146 780.31,52.742C787.116,65.339 790.681,79.587 790.681,94.18Z" style="fill:rgb(128,0,128);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,94.052C790.681,108.56 787.116,122.807 780.31,135.403C773.584,148 763.78,158.425 752.112,165.635C740.362,172.932 726.993,176.755 713.459,176.755C699.927,176.755 686.558,172.932 674.89,165.635C663.141,158.425 653.336,147.999 646.611,135.403C639.804,122.806 636.239,108.558 636.239,94.052C636.239,79.457 639.804,65.209 646.611,52.614C653.336,40.017 663.141,29.592 674.89,22.382C686.558,15.084 699.928,11.262 713.459,11.262C726.991,11.262 740.361,15.084 752.112,22.382C763.78,29.592 773.584,40.017 780.31,52.614C787.116,65.211 790.681,79.458 790.681,94.052" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139Z" style="fill:rgb(255,128,0);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,432.899C481.938,447.407 478.372,461.655 471.566,474.25C464.84,486.847 455.036,497.272 443.368,504.482C431.619,511.78 418.249,515.602 404.715,515.602C391.183,515.602 377.814,511.78 366.146,504.482C354.397,497.272 344.592,486.847 337.867,474.25C331.06,461.653 327.495,447.406 327.495,432.899C327.495,418.304 331.061,404.057 337.867,391.461C344.592,378.864 354.397,368.439 366.065,361.229C377.814,353.931 391.184,350.109 404.718,350.109C418.25,350.109 431.619,353.931 443.287,361.229C455.036,368.439 464.84,378.865 471.566,391.461C478.372,404.058 481.938,418.305 481.938,432.899Z" style="fill:rgb(129,212,26);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,438.795C481.938,453.303 478.372,467.551 471.566,480.146C464.84,492.743 455.036,503.168 443.368,510.378C431.619,517.676 418.249,521.498 404.715,521.498C391.183,521.498 377.814,517.676 366.146,510.378C354.397,503.168 344.592,492.743 337.867,480.146C331.06,467.549 327.495,453.302 327.495,438.795C327.495,424.2 331.061,409.952 337.867,397.357C344.592,384.76 354.397,374.335 366.065,367.125C377.814,359.827 391.184,356.005 404.718,356.005C418.25,356.005 431.619,359.827 443.287,367.125C455.036,374.335 464.84,384.76 471.566,397.357C478.372,409.954 481.938,424.201 481.938,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,432.899C790.681,447.407 787.116,461.655 780.31,474.25C773.584,486.847 763.78,497.272 752.112,504.482C740.362,511.78 726.993,515.602 713.459,515.602C699.927,515.602 686.558,511.78 674.89,504.482C663.141,497.272 653.336,486.847 646.611,474.25C639.804,461.653 636.239,447.406 636.239,432.899C636.239,418.304 639.804,404.057 646.611,391.461C653.336,378.864 663.141,368.439 674.89,361.229C686.558,353.931 699.928,350.109 713.459,350.109C726.991,350.109 740.361,353.931 752.112,361.229C763.78,368.439 773.584,378.865 780.31,391.461C787.116,404.058 790.681,418.305 790.681,432.899Z" style="fill:rgb(128,0,128);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,438.795C790.681,453.303 787.116,467.551 780.31,480.146C773.584,492.743 763.78,503.168 752.112,510.378C740.362,517.676 726.993,521.498 713.459,521.498C699.927,521.498 686.558,517.676 674.89,510.378C663.141,503.168 653.336,492.743 646.611,480.146C639.804,467.549 636.239,453.302 636.239,438.795C636.239,424.2 639.804,409.952 646.611,397.357C653.336,384.76 663.141,374.335 674.89,367.125C686.558,359.827 699.928,356.005 713.459,356.005C726.991,356.005 740.361,359.827 752.112,367.125C763.78,374.335 773.584,384.76 780.31,397.357C787.116,409.954 790.681,424.201 790.681,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899Z" style="fill:rgb(255,128,0);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043Z" style="fill:rgb(129,212,26);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118Z" style="fill:rgb(128,0,128);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118Z" style="fill:rgb(255,128,0);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,495.206,203.232)">
+            <path d="M1340.44,328.48L1433.95,503.186L1247.02,503.186L1340.44,328.48Z" style="fill:rgb(114,159,207);"/>
+        </g>
+        <g>
+            <g transform="matrix(0.423185,0,0,0.453686,63.5184,110.551)">
+                <g transform="matrix(1,0,0,1,88.7196,550.073)">
+                    <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Your</text>
+                </g>
+                <g transform="matrix(1,0,0,1,88.7196,616.708)">
+                    <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Device</text>
+                </g>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.423185,215.188,217.539)">
+                <g transform="matrix(53.3092,0,0,53.3092,148.162,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Guard</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,342.481,365.105)">
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Relay</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,486.481,214.679)">
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Relay</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.423185,1011.71,453.118)">
+                <g transform="matrix(53.3092,0,0,53.3092,334.953,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">hidden...onion</text>
+            </g>
+            <g transform="matrix(1,0,0,1.13387,0,-13.5981)">
+                <rect x="192.377" y="101.575" width="397.824" height="388.045" style="fill:none;stroke:rgb(97,107,243);stroke-width:6.08px;stroke-linecap:butt;stroke-miterlimit:1.5;stroke-dasharray:6.08,6.08;"/>
+            </g>
+            <g transform="matrix(1,0,0,1.13387,406.832,-13.5981)">
+                <rect x="192.377" y="101.575" width="397.824" height="388.045" style="fill:none;stroke:rgb(218,85,92);stroke-width:6.08px;stroke-linecap:butt;stroke-miterlimit:1.5;stroke-dasharray:6.08,6.08;"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,-1,296.309,499.871)">
+            <g transform="matrix(0.438175,0,0,0.438175,-102.956,170.289)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-102.956,170.289)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,1,599.384,5.09357)">
+            <g transform="matrix(0.438175,0,0,0.438175,-273.231,107.69)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-273.231,107.69)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,-1,927.895,527.537)">
+            <g transform="matrix(0.438175,0,0,0.438175,-37.0942,67.0447)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-34.7625,65.947)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-467.504,185.162)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-467.504,185.162)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,1,-12.9813,-5.07732)">
+            <g transform="matrix(0.438175,0,0,0.438175,70.8116,113.404)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,70.8116,113.404)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,94.093C481.938,108.602 478.372,122.936 471.566,135.531C464.84,148.041 455.036,158.553 443.368,165.764C431.619,173.061 418.249,176.884 404.715,176.884C391.183,176.884 377.814,173.061 366.146,165.764C354.397,158.553 344.592,148.041 337.867,135.531C331.06,122.934 327.495,108.6 327.495,94.093C327.495,79.585 331.061,65.251 337.867,52.742C344.592,40.145 354.397,29.634 366.065,22.423C377.814,15.126 391.184,11.303 404.718,11.303C418.25,11.303 431.619,15.126 443.287,22.423C455.036,29.634 464.84,40.146 471.566,52.742C478.372,65.252 481.938,79.587 481.938,94.093Z" style="fill:rgb(129,212,26);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,93.965C481.938,108.473 478.372,122.807 471.566,135.403C464.84,147.913 455.036,158.425 443.368,165.635C431.619,172.932 418.249,176.755 404.715,176.755C391.183,176.755 377.814,172.932 366.146,165.635C354.397,158.425 344.592,147.912 337.867,135.403C331.06,122.806 327.495,108.472 327.495,93.965C327.495,79.457 331.061,65.122 337.867,52.614C344.592,40.017 354.397,29.505 366.065,22.295C377.814,14.997 391.184,11.175 404.718,11.175C418.25,11.175 431.619,14.997 443.287,22.295C455.036,29.505 464.84,40.017 471.566,52.614C478.372,65.124 481.938,79.458 481.938,93.965" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,94.18C790.681,108.689 787.116,122.936 780.31,135.531C773.584,148.128 763.78,158.553 752.112,165.764C740.362,173.061 726.993,176.884 713.459,176.884C699.927,176.884 686.558,173.061 674.89,165.764C663.141,158.553 653.336,148.128 646.611,135.531C639.804,122.934 636.239,108.687 636.239,94.18C636.239,79.585 639.804,65.338 646.611,52.742C653.336,40.145 663.141,29.721 674.89,22.51C686.558,15.213 699.928,11.39 713.459,11.39C726.991,11.39 740.361,15.213 752.112,22.51C763.78,29.721 773.584,40.146 780.31,52.742C787.116,65.339 790.681,79.587 790.681,94.18Z" style="fill:rgb(128,0,128);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,94.052C790.681,108.56 787.116,122.807 780.31,135.403C773.584,148 763.78,158.425 752.112,165.635C740.362,172.932 726.993,176.755 713.459,176.755C699.927,176.755 686.558,172.932 674.89,165.635C663.141,158.425 653.336,147.999 646.611,135.403C639.804,122.806 636.239,108.558 636.239,94.052C636.239,79.457 639.804,65.209 646.611,52.614C653.336,40.017 663.141,29.592 674.89,22.382C686.558,15.084 699.928,11.262 713.459,11.262C726.991,11.262 740.361,15.084 752.112,22.382C763.78,29.592 773.584,40.017 780.31,52.614C787.116,65.211 790.681,79.458 790.681,94.052" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139Z" style="fill:rgb(255,128,0);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,432.899C481.938,447.407 478.372,461.655 471.566,474.25C464.84,486.847 455.036,497.272 443.368,504.482C431.619,511.78 418.249,515.602 404.715,515.602C391.183,515.602 377.814,511.78 366.146,504.482C354.397,497.272 344.592,486.847 337.867,474.25C331.06,461.653 327.495,447.406 327.495,432.899C327.495,418.304 331.061,404.057 337.867,391.461C344.592,378.864 354.397,368.439 366.065,361.229C377.814,353.931 391.184,350.109 404.718,350.109C418.25,350.109 431.619,353.931 443.287,361.229C455.036,368.439 464.84,378.865 471.566,391.461C478.372,404.058 481.938,418.305 481.938,432.899Z" style="fill:rgb(129,212,26);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,438.795C481.938,453.303 478.372,467.551 471.566,480.146C464.84,492.743 455.036,503.168 443.368,510.378C431.619,517.676 418.249,521.498 404.715,521.498C391.183,521.498 377.814,517.676 366.146,510.378C354.397,503.168 344.592,492.743 337.867,480.146C331.06,467.549 327.495,453.302 327.495,438.795C327.495,424.2 331.061,409.952 337.867,397.357C344.592,384.76 354.397,374.335 366.065,367.125C377.814,359.827 391.184,356.005 404.718,356.005C418.25,356.005 431.619,359.827 443.287,367.125C455.036,374.335 464.84,384.76 471.566,397.357C478.372,409.954 481.938,424.201 481.938,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,432.899C790.681,447.407 787.116,461.655 780.31,474.25C773.584,486.847 763.78,497.272 752.112,504.482C740.362,511.78 726.993,515.602 713.459,515.602C699.927,515.602 686.558,511.78 674.89,504.482C663.141,497.272 653.336,486.847 646.611,474.25C639.804,461.653 636.239,447.406 636.239,432.899C636.239,418.304 639.804,404.057 646.611,391.461C653.336,378.864 663.141,368.439 674.89,361.229C686.558,353.931 699.928,350.109 713.459,350.109C726.991,350.109 740.361,353.931 752.112,361.229C763.78,368.439 773.584,378.865 780.31,391.461C787.116,404.058 790.681,418.305 790.681,432.899Z" style="fill:rgb(128,0,128);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,438.795C790.681,453.303 787.116,467.551 780.31,480.146C773.584,492.743 763.78,503.168 752.112,510.378C740.362,517.676 726.993,521.498 713.459,521.498C699.927,521.498 686.558,517.676 674.89,510.378C663.141,503.168 653.336,492.743 646.611,480.146C639.804,467.549 636.239,453.302 636.239,438.795C636.239,424.2 639.804,409.952 646.611,397.357C653.336,384.76 663.141,374.335 674.89,367.125C686.558,359.827 699.928,356.005 713.459,356.005C726.991,356.005 740.361,359.827 752.112,367.125C763.78,374.335 773.584,384.76 780.31,397.357C787.116,409.954 790.681,424.201 790.681,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899Z" style="fill:rgb(255,128,0);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043Z" style="fill:rgb(129,212,26);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118Z" style="fill:rgb(128,0,128);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118Z" style="fill:rgb(255,128,0);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,613.992,258.963)">
+                <g transform="matrix(53.3092,0,0,53.3092,296.35,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Rendezvous</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,776.886,519.873)">
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Relay</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,924.29,375.575)">
+                <g transform="matrix(53.3092,0,0,53.3092,124.423,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;fill:white;">Entry</text>
+            </g>
+            <g transform="matrix(0.438175,0,0,-0.438175,616.236,496.055)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,-0.438175,618.568,497.152)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,757.768,262.897)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill:white;fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,760.1,261.799)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z" style="fill:white;"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z" style="fill:white;"/>
+            </g>
+        </g>
+    </g>
+</svg>

docs/assets/img/how-tor-works/tor-path-hidden-service.svg

@@ -0,0 +1,225 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg width="100%" height="100%" viewBox="0 0 1051 447" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linecap:round;stroke-linejoin:round;">
+    <g transform="matrix(1,0,0,1,-101.526,-98.3251)">
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <rect x="87.098" y="355.919" width="154.361" height="165.495" style="fill:rgb(114,159,207);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M164.319,521.414L87.098,521.414L87.098,355.919L241.458,355.919L241.458,521.414L164.319,521.414" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,94.093C481.938,108.602 478.372,122.936 471.566,135.531C464.84,148.041 455.036,158.553 443.368,165.764C431.619,173.061 418.249,176.884 404.715,176.884C391.183,176.884 377.814,173.061 366.146,165.764C354.397,158.553 344.592,148.041 337.867,135.531C331.06,122.934 327.495,108.6 327.495,94.093C327.495,79.585 331.061,65.251 337.867,52.742C344.592,40.145 354.397,29.634 366.065,22.423C377.814,15.126 391.184,11.303 404.718,11.303C418.25,11.303 431.619,15.126 443.287,22.423C455.036,29.634 464.84,40.146 471.566,52.742C478.372,65.252 481.938,79.587 481.938,94.093Z" style="fill:rgb(129,212,26);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,93.965C481.938,108.473 478.372,122.807 471.566,135.403C464.84,147.913 455.036,158.425 443.368,165.635C431.619,172.932 418.249,176.755 404.715,176.755C391.183,176.755 377.814,172.932 366.146,165.635C354.397,158.425 344.592,147.912 337.867,135.403C331.06,122.806 327.495,108.472 327.495,93.965C327.495,79.457 331.061,65.122 337.867,52.614C344.592,40.017 354.397,29.505 366.065,22.295C377.814,14.997 391.184,11.175 404.718,11.175C418.25,11.175 431.619,14.997 443.287,22.295C455.036,29.505 464.84,40.017 471.566,52.614C478.372,65.124 481.938,79.458 481.938,93.965" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,94.18C790.681,108.689 787.116,122.936 780.31,135.531C773.584,148.128 763.78,158.553 752.112,165.764C740.362,173.061 726.993,176.884 713.459,176.884C699.927,176.884 686.558,173.061 674.89,165.764C663.141,158.553 653.336,148.128 646.611,135.531C639.804,122.934 636.239,108.687 636.239,94.18C636.239,79.585 639.804,65.338 646.611,52.742C653.336,40.145 663.141,29.721 674.89,22.51C686.558,15.213 699.928,11.39 713.459,11.39C726.991,11.39 740.361,15.213 752.112,22.51C763.78,29.721 773.584,40.146 780.31,52.742C787.116,65.339 790.681,79.587 790.681,94.18Z" style="fill:rgb(128,0,128);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,94.052C790.681,108.56 787.116,122.807 780.31,135.403C773.584,148 763.78,158.425 752.112,165.635C740.362,172.932 726.993,176.755 713.459,176.755C699.927,176.755 686.558,172.932 674.89,165.635C663.141,158.425 653.336,147.999 646.611,135.403C639.804,122.806 636.239,108.558 636.239,94.052C636.239,79.457 639.804,65.209 646.611,52.614C653.336,40.017 663.141,29.592 674.89,22.382C686.558,15.084 699.928,11.262 713.459,11.262C726.991,11.262 740.361,15.084 752.112,22.382C763.78,29.592 773.584,40.017 780.31,52.614C787.116,65.211 790.681,79.458 790.681,94.052" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139Z" style="fill:rgb(255,128,0);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,432.899C481.938,447.407 478.372,461.655 471.566,474.25C464.84,486.847 455.036,497.272 443.368,504.482C431.619,511.78 418.249,515.602 404.715,515.602C391.183,515.602 377.814,511.78 366.146,504.482C354.397,497.272 344.592,486.847 337.867,474.25C331.06,461.653 327.495,447.406 327.495,432.899C327.495,418.304 331.061,404.057 337.867,391.461C344.592,378.864 354.397,368.439 366.065,361.229C377.814,353.931 391.184,350.109 404.718,350.109C418.25,350.109 431.619,353.931 443.287,361.229C455.036,368.439 464.84,378.865 471.566,391.461C478.372,404.058 481.938,418.305 481.938,432.899Z" style="fill:rgb(129,212,26);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,438.795C481.938,453.303 478.372,467.551 471.566,480.146C464.84,492.743 455.036,503.168 443.368,510.378C431.619,517.676 418.249,521.498 404.715,521.498C391.183,521.498 377.814,517.676 366.146,510.378C354.397,503.168 344.592,492.743 337.867,480.146C331.06,467.549 327.495,453.302 327.495,438.795C327.495,424.2 331.061,409.952 337.867,397.357C344.592,384.76 354.397,374.335 366.065,367.125C377.814,359.827 391.184,356.005 404.718,356.005C418.25,356.005 431.619,359.827 443.287,367.125C455.036,374.335 464.84,384.76 471.566,397.357C478.372,409.954 481.938,424.201 481.938,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,432.899C790.681,447.407 787.116,461.655 780.31,474.25C773.584,486.847 763.78,497.272 752.112,504.482C740.362,511.78 726.993,515.602 713.459,515.602C699.927,515.602 686.558,511.78 674.89,504.482C663.141,497.272 653.336,486.847 646.611,474.25C639.804,461.653 636.239,447.406 636.239,432.899C636.239,418.304 639.804,404.057 646.611,391.461C653.336,378.864 663.141,368.439 674.89,361.229C686.558,353.931 699.928,350.109 713.459,350.109C726.991,350.109 740.361,353.931 752.112,361.229C763.78,368.439 773.584,378.865 780.31,391.461C787.116,404.058 790.681,418.305 790.681,432.899Z" style="fill:rgb(128,0,128);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,438.795C790.681,453.303 787.116,467.551 780.31,480.146C773.584,492.743 763.78,503.168 752.112,510.378C740.362,517.676 726.993,521.498 713.459,521.498C699.927,521.498 686.558,517.676 674.89,510.378C663.141,503.168 653.336,492.743 646.611,480.146C639.804,467.549 636.239,453.302 636.239,438.795C636.239,424.2 639.804,409.952 646.611,397.357C653.336,384.76 663.141,374.335 674.89,367.125C686.558,359.827 699.928,356.005 713.459,356.005C726.991,356.005 740.361,359.827 752.112,367.125C763.78,374.335 773.584,384.76 780.31,397.357C787.116,409.954 790.681,424.201 790.681,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899Z" style="fill:rgb(255,128,0);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043Z" style="fill:rgb(129,212,26);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118Z" style="fill:rgb(128,0,128);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118Z" style="fill:rgb(255,128,0);"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,63.5184,110.551)">
+            <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+        </g>
+        <g transform="matrix(0.438175,0,0,0.438175,495.206,203.232)">
+            <path d="M1340.44,328.48L1433.95,503.186L1247.02,503.186L1340.44,328.48Z" style="fill:rgb(114,159,207);"/>
+        </g>
+        <g>
+            <g transform="matrix(0.423185,0,0,0.453686,63.5184,110.551)">
+                <g transform="matrix(1,0,0,1,88.7196,550.073)">
+                    <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Your</text>
+                </g>
+                <g transform="matrix(1,0,0,1,88.7196,616.708)">
+                    <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Device</text>
+                </g>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.423185,215.188,217.539)">
+                <g transform="matrix(53.3092,0,0,53.3092,148.162,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Guard</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,342.481,365.105)">
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Relay</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,486.481,214.679)">
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Relay</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.423185,1011.71,453.118)">
+                <g transform="matrix(53.3092,0,0,53.3092,334.953,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">hidden...onion</text>
+            </g>
+            <g transform="matrix(1,0,0,1.13387,0,-13.5981)">
+                <rect x="192.377" y="101.575" width="397.824" height="388.045" style="fill:none;stroke:rgb(62,44,177);stroke-width:6.08px;stroke-linecap:butt;stroke-miterlimit:1.5;stroke-dasharray:6.08,6.08;"/>
+            </g>
+            <g transform="matrix(1,0,0,1.13387,406.832,-13.5981)">
+                <rect x="192.377" y="101.575" width="397.824" height="388.045" style="fill:none;stroke:rgb(208,26,36);stroke-width:6.08px;stroke-linecap:butt;stroke-miterlimit:1.5;stroke-dasharray:6.08,6.08;"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,-1,296.309,499.871)">
+            <g transform="matrix(0.438175,0,0,0.438175,-102.956,170.289)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-102.956,170.289)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,1,599.384,5.09357)">
+            <g transform="matrix(0.438175,0,0,0.438175,-273.231,107.69)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-273.231,107.69)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,-1,927.895,527.537)">
+            <g transform="matrix(0.438175,0,0,0.438175,-37.0942,67.0447)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-34.7625,65.947)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-467.504,185.162)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,-467.504,185.162)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+        </g>
+        <g transform="matrix(1,0,0,1,-12.9813,-5.07732)">
+            <g transform="matrix(0.438175,0,0,0.438175,70.8116,113.404)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,70.8116,113.404)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,94.093C481.938,108.602 478.372,122.936 471.566,135.531C464.84,148.041 455.036,158.553 443.368,165.764C431.619,173.061 418.249,176.884 404.715,176.884C391.183,176.884 377.814,173.061 366.146,165.764C354.397,158.553 344.592,148.041 337.867,135.531C331.06,122.934 327.495,108.6 327.495,94.093C327.495,79.585 331.061,65.251 337.867,52.742C344.592,40.145 354.397,29.634 366.065,22.423C377.814,15.126 391.184,11.303 404.718,11.303C418.25,11.303 431.619,15.126 443.287,22.423C455.036,29.634 464.84,40.146 471.566,52.742C478.372,65.252 481.938,79.587 481.938,94.093Z" style="fill:rgb(129,212,26);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,93.965C481.938,108.473 478.372,122.807 471.566,135.403C464.84,147.913 455.036,158.425 443.368,165.635C431.619,172.932 418.249,176.755 404.715,176.755C391.183,176.755 377.814,172.932 366.146,165.635C354.397,158.425 344.592,147.912 337.867,135.403C331.06,122.806 327.495,108.472 327.495,93.965C327.495,79.457 331.061,65.122 337.867,52.614C344.592,40.017 354.397,29.505 366.065,22.295C377.814,14.997 391.184,11.175 404.718,11.175C418.25,11.175 431.619,14.997 443.287,22.295C455.036,29.505 464.84,40.017 471.566,52.614C478.372,65.124 481.938,79.458 481.938,93.965" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,94.18C790.681,108.689 787.116,122.936 780.31,135.531C773.584,148.128 763.78,158.553 752.112,165.764C740.362,173.061 726.993,176.884 713.459,176.884C699.927,176.884 686.558,173.061 674.89,165.764C663.141,158.553 653.336,148.128 646.611,135.531C639.804,122.934 636.239,108.687 636.239,94.18C636.239,79.585 639.804,65.338 646.611,52.742C653.336,40.145 663.141,29.721 674.89,22.51C686.558,15.213 699.928,11.39 713.459,11.39C726.991,11.39 740.361,15.213 752.112,22.51C763.78,29.721 773.584,40.146 780.31,52.742C787.116,65.339 790.681,79.587 790.681,94.18Z" style="fill:rgb(128,0,128);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,94.052C790.681,108.56 787.116,122.807 780.31,135.403C773.584,148 763.78,158.425 752.112,165.635C740.362,172.932 726.993,176.755 713.459,176.755C699.927,176.755 686.558,172.932 674.89,165.635C663.141,158.425 653.336,147.999 646.611,135.403C639.804,122.806 636.239,108.558 636.239,94.052C636.239,79.457 639.804,65.209 646.611,52.614C653.336,40.017 663.141,29.592 674.89,22.382C686.558,15.084 699.928,11.262 713.459,11.262C726.991,11.262 740.361,15.084 752.112,22.382C763.78,29.592 773.584,40.017 780.31,52.614C787.116,65.211 790.681,79.458 790.681,94.052" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139Z" style="fill:rgb(255,128,0);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,94.139C1099.39,108.647 1095.82,122.894 1089.02,135.49C1082.29,148.087 1072.49,158.512 1060.82,165.722C1049.07,173.019 1035.7,176.842 1022.17,176.842C1008.63,176.842 995.264,173.019 983.596,165.722C971.847,158.512 962.042,148.086 955.317,135.49C948.51,122.893 944.945,108.645 944.945,94.139C944.945,79.544 948.511,65.296 955.317,52.701C962.042,40.104 971.847,29.679 983.596,22.468C995.264,15.171 1008.63,11.348 1022.17,11.348C1035.7,11.348 1049.07,15.171 1060.82,22.468C1072.49,29.679 1082.29,40.104 1089.02,52.701C1095.82,65.298 1099.39,79.545 1099.39,94.139" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,432.899C481.938,447.407 478.372,461.655 471.566,474.25C464.84,486.847 455.036,497.272 443.368,504.482C431.619,511.78 418.249,515.602 404.715,515.602C391.183,515.602 377.814,511.78 366.146,504.482C354.397,497.272 344.592,486.847 337.867,474.25C331.06,461.653 327.495,447.406 327.495,432.899C327.495,418.304 331.061,404.057 337.867,391.461C344.592,378.864 354.397,368.439 366.065,361.229C377.814,353.931 391.184,350.109 404.718,350.109C418.25,350.109 431.619,353.931 443.287,361.229C455.036,368.439 464.84,378.865 471.566,391.461C478.372,404.058 481.938,418.305 481.938,432.899Z" style="fill:rgb(129,212,26);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,438.795C481.938,453.303 478.372,467.551 471.566,480.146C464.84,492.743 455.036,503.168 443.368,510.378C431.619,517.676 418.249,521.498 404.715,521.498C391.183,521.498 377.814,517.676 366.146,510.378C354.397,503.168 344.592,492.743 337.867,480.146C331.06,467.549 327.495,453.302 327.495,438.795C327.495,424.2 331.061,409.952 337.867,397.357C344.592,384.76 354.397,374.335 366.065,367.125C377.814,359.827 391.184,356.005 404.718,356.005C418.25,356.005 431.619,359.827 443.287,367.125C455.036,374.335 464.84,384.76 471.566,397.357C478.372,409.954 481.938,424.201 481.938,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,432.899C790.681,447.407 787.116,461.655 780.31,474.25C773.584,486.847 763.78,497.272 752.112,504.482C740.362,511.78 726.993,515.602 713.459,515.602C699.927,515.602 686.558,511.78 674.89,504.482C663.141,497.272 653.336,486.847 646.611,474.25C639.804,461.653 636.239,447.406 636.239,432.899C636.239,418.304 639.804,404.057 646.611,391.461C653.336,378.864 663.141,368.439 674.89,361.229C686.558,353.931 699.928,350.109 713.459,350.109C726.991,350.109 740.361,353.931 752.112,361.229C763.78,368.439 773.584,378.865 780.31,391.461C787.116,404.058 790.681,418.305 790.681,432.899Z" style="fill:rgb(128,0,128);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,438.795C790.681,453.303 787.116,467.551 780.31,480.146C773.584,492.743 763.78,503.168 752.112,510.378C740.362,517.676 726.993,521.498 713.459,521.498C699.927,521.498 686.558,517.676 674.89,510.378C663.141,503.168 653.336,492.743 646.611,480.146C639.804,467.549 636.239,453.302 636.239,438.795C636.239,424.2 639.804,409.952 646.611,397.357C653.336,384.76 663.141,374.335 674.89,367.125C686.558,359.827 699.928,356.005 713.459,356.005C726.991,356.005 740.361,359.827 752.112,367.125C763.78,374.335 773.584,384.76 780.31,397.357C787.116,409.954 790.681,424.201 790.681,438.795" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899Z" style="fill:rgb(255,128,0);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,432.899C1099.39,447.407 1095.82,461.655 1089.02,474.25C1082.29,486.847 1072.49,497.272 1060.82,504.482C1049.07,511.78 1035.7,515.602 1022.17,515.602C1008.63,515.602 995.264,511.78 983.596,504.482C971.847,497.272 962.042,486.847 955.317,474.25C948.51,461.653 944.945,447.406 944.945,432.899C944.945,418.304 948.511,404.057 955.317,391.461C962.042,378.864 971.847,368.439 983.596,361.229C995.264,353.931 1008.63,350.109 1022.17,350.109C1035.7,350.109 1049.07,353.931 1060.82,361.229C1072.49,368.439 1082.29,378.865 1089.02,391.461C1095.82,404.058 1099.39,418.305 1099.39,432.899" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043Z" style="fill:rgb(129,212,26);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M481.938,756.043C481.938,770.551 478.372,784.798 471.566,797.394C464.84,809.991 455.036,820.416 443.368,827.626C431.619,834.924 418.249,838.746 404.715,838.746C391.183,838.746 377.814,834.924 366.146,827.626C354.397,820.416 344.592,809.991 337.867,797.394C331.06,784.797 327.495,770.549 327.495,756.043C327.495,741.448 331.061,727.2 337.867,714.605C344.592,702.008 354.397,691.583 366.065,684.372C377.814,677.075 391.184,673.253 404.718,673.253C418.25,673.253 431.619,677.075 443.287,684.372C455.036,691.583 464.84,702.008 471.566,714.605C478.372,727.202 481.938,741.449 481.938,756.043" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118Z" style="fill:rgb(128,0,128);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M790.681,756.118C790.681,770.626 787.116,784.874 780.31,797.469C773.584,810.066 763.78,820.491 752.112,827.702C740.362,834.999 726.993,838.822 713.459,838.822C699.927,838.822 686.558,834.999 674.89,827.702C663.141,820.492 653.336,810.066 646.611,797.469C639.804,784.872 636.239,770.625 636.239,756.118C636.239,741.523 639.804,727.276 646.611,714.68C653.336,702.083 663.141,691.658 674.89,684.448C686.558,677.15 699.928,673.328 713.459,673.328C726.991,673.328 740.361,677.15 752.112,684.448C763.78,691.658 773.584,702.083 780.31,714.68C787.116,727.277 790.681,741.525 790.681,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118Z" style="fill:rgb(255,128,0);"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,495.905,117.379)">
+                <path d="M1099.39,756.118C1099.39,770.626 1095.82,784.874 1089.02,797.469C1082.29,810.066 1072.49,820.491 1060.82,827.702C1049.07,834.999 1035.7,838.822 1022.17,838.822C1008.63,838.822 995.264,834.999 983.596,827.702C971.847,820.492 962.042,810.066 955.317,797.469C948.51,784.872 944.945,770.625 944.945,756.118C944.945,741.523 948.511,727.276 955.317,714.68C962.042,702.083 971.847,691.658 983.596,684.448C995.264,677.15 1008.63,673.328 1022.17,673.328C1035.7,673.328 1049.07,677.15 1060.82,684.448C1072.49,691.658 1082.29,702.083 1089.02,714.68C1095.82,727.277 1099.39,741.525 1099.39,756.118" style="fill:none;fill-rule:nonzero;stroke:rgb(52,101,164);stroke-width:0.08px;"/>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,613.992,258.963)">
+                <g transform="matrix(53.3092,0,0,53.3092,296.35,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Rendezvous</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,776.886,519.873)">
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Relay</text>
+            </g>
+            <g transform="matrix(0.423185,0,0,0.453686,924.29,375.575)">
+                <g transform="matrix(53.3092,0,0,53.3092,124.423,0)">
+                </g>
+                <text x="0px" y="0px" style="font-family:'Helvetica';font-size:53.309px;">Entry</text>
+            </g>
+            <g transform="matrix(0.438175,0,0,-0.438175,616.236,496.055)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,-0.438175,618.568,497.152)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,757.768,262.897)">
+                <path d="M330.234,166.032L193.058,348.322L196.941,351.246L334.117,168.955L330.234,166.032Z" style="fill-rule:nonzero;"/>
+            </g>
+            <g transform="matrix(0.438175,0,0,0.438175,760.1,261.799)">
+                <path d="M340.601,156.288L337.671,180.385L318.258,165.776L340.601,156.288Z"/>
+                <path d="M342.547,153.703L339.971,154.795L315.043,165.381L338.945,183.37L342.547,153.703ZM338.657,158.87L336.406,177.398L321.48,166.171L338.657,158.87Z"/>
+            </g>
+        </g>
+    </g>
+</svg>

docs/cloud.md

@@ -3,13 +3,13 @@ title: "Cloud Storage"
 icon: material/file-cloud
 description: Many cloud storage providers require your trust that they will not look at your files. These are private alternatives!
 ---
-Many cloud storage providers require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by either putting you in control of your data or by implementing E2EE.
+Many cloud storage providers require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
 
-If these alternatives do not fit your needs, we suggest you look into [Encryption Software](encryption.md).
+If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
 
 ??? question "Looking for Nextcloud?"
 
-    Nextcloud is [still a recommended tool](productivity.md) for self-hosting a file management suite, however we do not recommend third-party Nextcloud storage providers at the moment, because we do not recommend Nextcloud's built-in E2EE functionality for home users.
+    Nextcloud is [still a recommended tool](productivity.md) for self-hosting a file management suite, however we do not recommend third-party Nextcloud storage providers at the moment, because we do [not recommend](https://discuss.privacyguides.net/t/dont-recommend-nextcloud-e2ee/10352/29) Nextcloud's built-in E2EE functionality for home users.
 
 ## Proton Drive
 
@@ -17,7 +17,7 @@ If these alternatives do not fit your needs, we suggest you look into [Encryptio
 
     ![Proton Drive logo](assets/img/cloud/protondrive.svg){ align=right }
 
-    **Proton Drive** is an E2EE general file storage service by the popular encrypted email provider [Proton Mail](https://proton.me/mail).
+    **Proton Drive** is a Swiss encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail).
 
     [:octicons-home-16: Homepage](https://proton.me/drive){ .md-button .md-button--primary }
     [:octicons-eye-16:](https://proton.me/legal/privacy){ .card-link title="Privacy Policy" }
@@ -29,6 +29,45 @@ If these alternatives do not fit your needs, we suggest you look into [Encryptio
         - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=me.proton.android.drive)
         - [:simple-appstore: App Store](https://apps.apple.com/app/id1509667851)
 
+The Proton Drive web application has been independently audited by Securitum in [2021](https://proton.me/blog/security-audit-all-proton-apps), full details were not made available, but Securitum's letter of attestation states:
+
+> Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest.
+
+Proton Drive's brand new mobile clients have not yet been publicly audited by a third-party.
+
+## Tresorit
+
+!!! recommendation
+
+    ![Tresorit logo](assets/img/cloud/tresorit.svg){ align=right }
+
+    **Tresorit** is a Hungarian encrypted cloud storage provider founded in 2011. Tresorit is owned by the Swiss Post, the national postal service of Switzerland.
+
+    [:octicons-home-16: Homepage](https://tresorit.com/){ .md-button .md-button--primary }
+    [:octicons-eye-16:](https://tresorit.com/legal/privacy-policy){ .card-link title="Privacy Policy" }
+    [:octicons-info-16:](https://support.tresorit.com/hc/en-us){ .card-link title=Documentation}
+
+    ??? downloads
+
+        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.tresorit.mobile)
+        - [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id722163232)
+        - [:simple-windows11: Windows](https://tresorit.com/download)
+        - [:simple-apple: macOS](https://tresorit.com/download)
+        - [:simple-linux: Linux](https://tresorit.com/download)
+
+Tresorit has received a number of independent security audits:
+
+- [2022](https://tresorit.com/blog/tresorit-receives-iso-27001-certification/): ISO/IEC 27001:2013[^1] Compliance [Certification](https://www.certipedia.com/quality_marks/9108644476) by TÜV Rheinland InterCert Kft
+- [2021](https://tresorit.com/blog/fresh-penetration-testing-confirms-tresorit-security/): Penetration Testing by Computest
+    - This review assessed the security of the Tresorit web client, Android app, Windows app, and associated infrastructure.
+    - Computest discovered two vulnerabilities which have been resolved.
+- [2019](https://tresorit.com/blog/ernst-young-review-verifies-tresorits-security-architecture/): Penetration Testing by Ernst & Young.
+    - This review analyzed the full source code of Tresorit and validated that the implementation matches the concepts described in Tresorit's [white paper](https://prodfrontendcdn.azureedge.net/202208011608/tresorit-encryption-whitepaper.pdf).
+    - Ernst & Young additionally tested the web, mobile, and desktop clients: "Test results found no deviation from Tresorit’s data confidentiality claims."
+
+[^1]: [ISO/IEC 27001](https://en.wikipedia.org/wiki/ISO/IEC_27001):2013 compliance relates to the company's [information security management system](https://en.wikipedia.org/wiki/Information_security_management) and covers the sales, development, maintenance and support of their cloud services.
+
+They have also received the Digital Trust Label, a certification from the [Swiss Digital Initiative](https://www.swiss-digital-initiative.org/digital-trust-label/) which requires passing [35 criteria](https://digitaltrust-label.swiss/criteria/) related to security, privacy, and reliability.
 
 ## Criteria
 

docs/email.md

@@ -71,7 +71,7 @@ Proton Mail [accepts](https://proton.me/support/payment-options) cash by mail in
 
 #### :material-check:{ .pg-green } Account Security
 
-Proton Mail supports TOTP [two factor authentication](https://proton.me/support/two-factor-authentication-2fa) only. The use of a U2F security key is not yet supported. Proton Mail is planning to implement U2F upon completion of their [Single Sign On (SSO)](https://reddit.com/comments/cheoy6/comment/feh2lw0/) code.
+Proton Mail supports TOTP [two factor authentication](https://proton.me/support/two-factor-authentication-2fa) and [hardware security keys](https://proton.me/support/2fa-security-key) using FIDO2 or U2F standards. The use of a hardware security key requires setting up TOTP two factor authentication first.
 
 #### :material-check:{ .pg-green } Data Security
 

docs/multi-factor-authentication.md

@@ -28,7 +28,7 @@ For models which support HOTP and TOTP, there are 2 slots in the OTP interface w
 !!! warning
     The firmware of YubiKey is not open-source and is not updatable. If you want features in newer firmware versions, or if there is a vulnerability in the firmware version you are using, you would need to purchase a new key.
 
-### Nitrokey / Librem Key
+### Nitrokey
 
 !!! recommendation
 
@@ -54,14 +54,10 @@ For the models which support HOTP and TOTP, there are 3 slots for HOTP and 15 fo
 
     Resetting the OpenPGP interface on a Nitrokey will also make the password database [inaccessible](https://docs.nitrokey.com/pro/linux/factory-reset).
 
- The Nitrokey Pro 2, Nitrokey Storage 2, and the upcoming Nitrokey 3 supports system integrity verification for laptops with the [Coreboot](https://www.coreboot.org/) + [Heads](https://osresearch.net/) firmware. Purism's [Librem Key](https://puri.sm/products/librem-key/) is a rebranded NitroKey Pro 2 with similar firmware and can also be used for the same purposes.
+The Nitrokey Pro 2, Nitrokey Storage 2, and the upcoming Nitrokey 3 supports system integrity verification for laptops with the [Coreboot](https://www.coreboot.org/) + [Heads](https://osresearch.net/) firmware.
 
 Nitrokey's firmware is open-source, unlike the YubiKey. The firmware on modern NitroKey models (except the **NitroKey Pro 2**) is updatable.
 
-!!! tip
-
-    The Nitrokey app, while compatible with Librem Keys, requires `libnitrokey` version 3.6 or above to recognize them. Currently, the package is outdated on Windows, macOS, and most Linux distributions' repository, so you will likely have to compile the Nitrokey app yourself to get it working with the Librem Key. On Linux, you can obtain an up-to-date version from [Flathub](https://flathub.org/apps/details/com.nitrokey.nitrokey-app).
-
 ### Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

docs/os/windows/hardening.md

@@ -0,0 +1,227 @@
+---
+title: System Hardening
+icon: material/monitor-lock
+---
+
+## Setting up Windows after Installation
+
+If you wish to limit the amount of data Microsoft obtains from your device, an [offline/local account](https://answers.microsoft.com/en-us/windows/forum/all/how-to-create-a-local-or-offline-account-in/95097c32-40c4-48c0-8f3b-3bcb67afaf7c) is **recommended**. 
+
+![user-account](../../assets/img/windows/user-account.webp)
+
+!!! note
+    Microsoft is pushing users to use Microsoft accounts for other editions except Education and Enterprise after installation. 
+
+    So, You could also follow the guide by [ghacks.net](https://www.ghacks.net/2022/05/13/how-to-bypass-the-microsoft-account-requirement-during-windows-setup/) to bypass the Microsoft account requirement during setup and use Local account.
+
+While setting up, it is recommended to use a generic name such as `user` and `host` and avoid identifying terms such as your name or operating system. This can make it more difficult for privileged `Win32` apps or attackers to discern your identity.
+
+For security, it's recommended to set up Windows Hello on all of your accounts because it uses the trusted platform module (TPM) if applicable, which protects against brute-force attacks; see the documentation: [How Windows Uses the TPM](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm#windows-hello-for-business)
+
+- [ ] Toggle off all privacy related settings as shown in the image:
+
+![Privacy Settings](../../assets/img/windows/privacy-settings.webp)
+## Encrypting the Drive
+
+After you have installed Windows, turn on full disk encryption (FDE) using BitLocker via the Control Panel. 
+
+!!! info "Choosing the Way to Encrypt"
+    It is recommended to use only the Control Panel because if you go to encrypt via settings app, Microsoft named it as `Device Encryption` and designed it in a way that the encryption keys for BitLocker would be stored on Microsoft's server which is attached to your Microsoft account. This can be dangerous to your privacy and security as anyone who gains access to your account, as could an attacker if they were able to gain access to Microsoft's servers or any Law Enforcement could by a Gag order. 
+
+The best way is to go to the Control Panel by searching for it in the Start Menu or from the context menu (right-click) in File Explorer and set it up for all of the drives that you have.
+
+![Bitlocker in Control Panel](../../assets/img/windows/Bitlocker%20Group%20Policies/bitlocker-control%20panel.webp)
+
+Bitlocker is suggested because of the native implementation by the OS and along with the usage of hardware to be resistant against encryption flaws.
+
+### Security policies for Bitlocker
+
+Enable the Following group policies before you start encrypting your drives.
+
+!!! tip
+    To go to it, search **Group Policy** in the **Windows Search Bar** and press **Enter** or type `gpedit.msc` in ++win+r++. Then, proceed as mentioned below.
+
+General Policies :
+
+Go to `Computer Configuration` > `Administrative Templates` > `Windows Components` > `Bitlocker Drive Encryption`
+
+![Encryption & Cipher](../../assets/img/windows/Bitlocker%20Group%20Policies/encryption-method-and-cipher.webp)
+![Disable DMA](../../assets/img/windows/Bitlocker%20Group%20Policies/Disable%20DMA.webp)
+
+For OS drives : 
+
+Go to `Computer Configuration` > `Administrative Templates` > `Windows Components` > `Bitlocker Drive Encryption` > `Operating System Drives`
+
+Enable Group policies as in the images below <!--(Check images side by side)--> :
+
+![Enforcing full encryption](../../assets/img/windows/Bitlocker%20Group%20Policies/enforce-full-encryption.webp)
+![secure boot integrity validation](../../assets/img/windows/Bitlocker%20Group%20Policies/Secure-boot-integrity-validation.webp)
+![TPM & PIN](../../assets/img/windows/Bitlocker%20Group%20Policies/TPM+PIN.webp)
+![enhanced PINS](../../assets/img/windows/Bitlocker%20Group%20Policies/enhanced-pins.webp)
+![Disallow others changing PIN](../../assets/img/windows/Bitlocker%20Group%20Policies/disallow-user-from-changing-PIN.webp)
+
+For Fixed Drives :
+
+Go to `Computer Configuration` > `Administrative Templates` > `Windows Components` > `Bitlocker Drive Encryption` > `Fixed Data Drives` > `Enforce drive encryption type on fixed data drives`
+
+![Encryption Type](../../assets/img/windows/Bitlocker%20Group%20Policies/fixed-drives.webp)
+
+These policies ensure that your drives are encrypted with `XTS-AES-256` Bit encryption, **fully**.
+
+### Setting up Pre-boot Authentication
+
+!!! warning "Update your TPM"
+    Before enabling Bitlocker in your device,It is strongly recommended to update your TPM chip by downloading package only from **OEM** Websites.
+
+As you are using Windows 11, TPM is used to encrypt and decrypt the drive but it is susceptible to [cold boot attacks](https://blog.elcomsoft.com/2021/01/understanding-bitlocker-tpm-protection/). So, it is recommended to use TPM + PIN to protect the drives
+
+After enabling all the group policies above, Go to Control panel and click on Add PIN. It can be alphanumeric if you had enabled the above policies.
+
+You can check if it's enabled by typing `manage-bde -status`. It will normally show in **Key Protectors**: **Numerical Password** (it's the recovery key) and **TPM And PIN**.
+
+??? abstract "Disabling pre-boot Authentication (Not Recommended)"
+    
+    - open a **terminal** as an **administrator** and type this command `manage-bde -protectors -add c: -TPM`. 
+    - You can again check if it worked by typing `manage-bde -status c:` and it will show you **Numerical Password** and **TPM**
+
+!!! info 
+    The above Group Policy configuration tells the TPM to release the encryption keys after entering PIN instead of releasing it on boot automatically.
+
+    Doing this will set a double password. So, you enter the PIN to release the encryption keys from TPM & boot Windows and another credential to unlock your user account.
+
+    The pre-boot PIN not only protects the OS drive but also other fixed drives used just for storage if bitlocker is enabled for that drive also.
+
+When you do this, the encryption keys of your drive are only unlocked once you enter the PIN, and the decryption happens after. If you forget or lose the PIN, you won't be able to access your drives and OS anymore, and the only way to recover is using the Recovery Key provided during the initial setup of BitLocker. **Make sure you store it in a safe place**, such as a password manager, and keep backups of your Recovery Key or even use an encrypted USB drive.
+
+The preboot authentication is recommend to avoid data being accessed by removal of user Account passwords by methods like this - https://youtu.be/0gOZoroPNuA and access data even though Bitlocker is enabled and managed by TPM
+
+But when you use TPM + Startup PIN, nobody can restart to load the shell and bypass password. Because you need to enter your PIN to go to the Advanced Startup settings as in the video.
+
+Enabling or not-enabling is up to the user's threat model.
+
+If it's a personal device, Startup PIN + TPM is recommended. 
+If a family computer, Normal Bitlocker (Managed by TPM) for OS drive is recommended.
+
+It is recommended to encrypt the OS drive at the least. Encrypting secondary drives either via Bitlocker or other encryption tools such as Veracrypt is upto the user's threat model.
+
+## Creation of User Account and usage
+
+- By Default Windows gives `administrator` access to the user account. Create another `standard` user account to reduce the attack surface enormously as most vulnerabilities today come from the fact that the user is always in `administrator` mode. In addition, you shouldn't use the same password for standard and administrator account.
+
+- Don't use admin account for any of your personal tasks!
+
+- Just restrict it to the standard account created.
+
+- Set [UAC](https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings) settings to the [Highest Privilege](https://support.microsoft.com/en-us/windows/about-user-account-control-settings-d5b2046b-dcb8-54eb-f732-059f321afe18).
+    
+- Only use your account for you, if someone needs to use your computer **ALWAYS** create another standard account, even if it's for a one-time use, even if it's your family or someone you trust. This person can plug a malicious USB, can connect to malicious Wi-Fi network, download infectious files, etc... without you knowing about it.
+
+- You might be afraid that the user accessing your device via another User account can access your Internal drive and access critical files violating your privacy. Refer, [Privacy page](windows/privacy/#restrict-access-to-data-drives) on How to restrict access to certain drives only or use EFS on a per-file basis. You can read more about EFS on [Privacy page](privacy.md).
+
+!!! tip
+    You should ALWAYS do the quick shortcut ++win+l++ to lock your device when you are away to prevent unauthorized access.
+
+- If you don't like managing a standard account, then enforce authentication for Administrator accounts too like Standard ones by following the guide by [Wikihow](https://www.wikihow.tech/Require-UAC-Passwords-on-Administrator-Accounts)
+    - This way, Even administrators need to use Password to approve processes instead of just clicking `Yes` or `No`.
+
+## Securing the Boot chain
+
+- In your BIOS/UEFI settings, disable the booting of USB devices
+- Add a password to your BIOS/UEFI settings which restricts anyone from changing them.
+
+### Enabling Secure Boot
+
+- Windows 11 secures its bootloader by default by using Secure boot with the usage of TPM.
+
+- Windows 10, on the other hand, doesn't come with Secure boot enabled by default except for new devices. 
+
+To enable Secure Boot from the PC BIOS menu. Follow this Step-by-Step Instructions by visiting this [documentation](https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/disabling-secure-boot?view=windows-11#re-enable-secure-boot).
+
+Visit: [https://docs.microsoft.com/en-us/mem/intune/user-help/you-need-to-enable-secure-boot-windows#check-secure-boot-status](https://docs.microsoft.com/en-us/mem/intune/user-help/you-need-to-enable-secure-boot-windows#check-secure-boot-status) on how to verify if enabled after enabling secure boot.
+
+### Firmware Protection
+
+As there are thousands of PC vendors that produce many models with different UEFI BIOS versions, there becomes an incredibly large number of SRTM measurements upon bootup. Two techniques exist to establish trust here—either maintain a list of known 'bad' SRTM measurements (also known as a blocklist), or a list of known 'good' SRTM measurements (also known as an allowlist).
+
+**System Guard** lets the system freely boot into untrusted code initially, but shortly after launches the system into a trusted state by taking control of all CPUs and forcing them down a well-known and measured code path. This has the benefit of allowing untrusted early UEFI code to boot the system, but then being able to securely transition into a trusted and measured state.
+
+- [x] Enable [System Guard](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows) by following the instructions of [Microsoft Docs](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection) to secure the boot chain.
+
+You can also know how to check if it is enabled or not in the guide.
+
+!!! note
+    System Guard is mostly available on Windows Secured-Core PCs not on regular consumer devices. So, Before enabling it check the requirements of your Device.
+## Protection against Malware and Viruses
+
+- Just use the built-in Windows Defender Security to protect against threats and stick to it. Don't use any other Antivirus or Anti-Malware software [as it can weaken your security and your privacy](https://wonderfall.space/windows-hardening/#microsoft-defender-antivirus).
+
+- [x] **Enable** [Windows Defender in a Sandbox](https://www.microsoft.com/security/blog/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/) by launching a **terminal** as an **administrator** and copy/paste this command ```setx /M MP_FORCE_USE_SANDBOX 1```. Restart your device and check if there's a process called **MsMpEngCP.exe** by typing `tasklist` in the terminal to verify.
+    
+- [ ] Disable Autoplay for devices so that malware hidden in USB don't execute on plugging in
+    ![Disable autoplay](../../assets/img/windows/autoplay.webp)
+- [x] Enable [Controlled Folder Access](https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-controlled-folders) in Windows defender settings. So, The Important folders you listed for protection doesn't get attacked or held hostage in case of a ransomware attack and also stops apps from accessing your important folders. This could also be used as a firewall for the filesystem such as Choosing the drives in the protected ones. And allowing each app when it request access to your device.
+
+- [x] Enable [Microsoft Defender Application Guard](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview). After installing by going to "[Turn Windows Features on or off](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard)" you can enable it. This runs Microsoft Edge in an Isolated Hyper-V container preventing unknown Malware from damaging the system.
+
+!!! warning
+    When you use Microsoft Defender Application Guard it bypasses the VPN you are using as when you use WDAG is launching the application in what is essentially a virtual machine, so it bypasses the host, where the VPN is connected. 
+
+- [x] Enable [Memory Integrity](https://support.microsoft.com/en-us/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also called Hypervisor-Protected Code Integrity) in Windows Defender settings which will run important system process isolated in an environment that cannot be attacked by viruses & malware.
+
+- [x] Enable `Display File Extensions` as most problems start here.
+    
+    ??? example  "Enabling file extension"
+        On standard Windows settings, Malware can hide itself if the filename is like: `Secure-File.txt.exe`
+
+        What you see? A file named `Secure-File.txt`
+
+        Of course the attacker can add a different icon to the file, so it looks like you open the file type extension you think.
+
+        And if you open it, the Malware start's.
+
+        Just Open the File Explorer's settings and change it to show File Extensions by clicking on `View` > `Show` or by configuring via [Registry Editor](https://github.com/beerisgood/Windows11_Hardening/blob/master/always%20display%20file%20typ%20extension)
+
+## Apps
+
+- Avoid any types of Cleaning software at all cost. As Microsoft is working on its own implementation specfically designed for windows.
+- To Install apps, using the `winget` (Windows Package manager). More details in [Sandboxing page](/windows/sandboxing/#using-winget-to-install-sofwaret)
+## Security Improvements
+
+- Use [PeaZip](https://peazip.github.io/) archiver instead of 7-zip as it disables [Mark of the Web(MoW)](https://nolongerset.com/mark-of-the-web-details/) [support by default](https://github.com/nmantani/archiver-MOTW-support-comparison#*2) leading to execution of malicious instantly after extracting.
+
+- Using MS edge or brave over Firefox. Edge is recommended with MDAG mode for secure browsing if security is your priority. Brave is recommeded if content blocking is important for you (Brave shields)
+
+- [Check](https://learn.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt#how-to-check-if-kernel-dma-protection-is-enabled) if Kernel DMA protections is turned on.
+
+- Use [Winget](/windows/sandboxing/#using-winget-to-install-sofware) tool to remove Bloatware instead of third party apps.
+
+- [x] Block all incoming connections in Windows firewall.
+    - Go to `Firewall & Network Protection` in Windows defender security.
+    - Go to `Domain`, `Private` and `Public` network settings
+    - Scroll and check the box under **Incoming Connections**
+
+    !!! warning "A note regarding screen casting"
+        If you try to cast your screen to another device or cast another device screen to your device via Wireless display (Optional feature). You won't be able to connect the devices. As we have blocked Incoming connections. Miracast (Wireless casting) requires incoming connection to send data back and forth to show the screen on other or vice versa.
+
+        If you want to cast, then disable incoming connections in public network and cast your device and block connection again.
+
+        There is no problem if you use normal Projection via cable.
+## Keeping your device up-to-date
+
+You should keep your Windows Device up-to-date by enabling automatic updates. It is recommended to do so to keep your device with latest security fixes and new features.
+    
+To get information about the latest updates, you can look at the [Windows Release Information](https://docs.microsoft.com/en-us/windows/release-health/windows11-release-information).
+
+It is recommended to stick to driver updates provided via Optional Updates, as they are thoroughly vetted by Microsoft for the stability of your device, and **do not rely on third-party apps for driver updates**. This way, you get the latest updates and security patches for your drivers along with firmware updates as long as your device is supported by the OEM.
+
+Some Hardware vendors like Nvidia, Intel has their own updater tool which will provide latest drivers.
+
+It is recommended to rather rely on Windows updates or first-party apps.
+
+**Credits** : The page is mostly made based on the recommendations of Windows Hardening Guide by [beerisgood](https://github.com/beerisgood/Windows11_Hardening)
+
+*[TPM]: Trusted Platform Module
+*[FDE]: Full Disk Encryption
+*[UAC]: User Account Control
+*[WDAG]: Windows Defender Application Guard
+*[SRTM]: Static Root-of-Trust Measurement

docs/os/windows/index.md

@@ -0,0 +1,87 @@
+---
+title: Windows Overview
+icon: material/microsoft-windows
+---
+
+## Windows
+
+Windows is a proprietary operating system created by Microsoft Inc. in 1985. It is primarily focused on personal computing and is now the most popular desktop OS, used by about [75%](https://gs.statcounter.com/os-market-share/desktop/worldwide) of all desktop users. However, it has its own privacy and security issues.
+
+## Issues present in Windows
+
+Over the years, Microsoft has demonstrated a lot of privacy-invasive behaviour with their software and services. They have continually taken advantage of the fact that Windows is the most wide-used desktop OS, and that most people don't change the default settings, in order to collect users' personal information.
+
+Windows 10 was [criticized](https://www.theguardian.com/technology/2015/jul/31/windows-10-microsoft-faces-criticism-over-privacy-default-settings) for having default settings that sent a lot of data and telemetry back to Microsoft, including:
+
+!!! quote "[Criticism of Microsoft - Wikipedia](https://en.wikipedia.org/wiki/Criticism_of_Microsoft#Telemetry_and_data_collection)"
+    User's contacts and calendar events, location data and history, "telemetry" (diagnostics data) ... and "advertising ID", as well as further data when the Cortana assistant is enabled.
+
+At launch, telemetry could not be disabled in non-enterprise editions of Windows 10. Only after [criticism](https://www.theverge.com/2016/7/21/12246266/france-microsoft-privacy-windows-10-cnil) from the France data protection commission, the [Electronic Frontier Foundation](https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive) and the [European Union](https://www.reuters.com/article/us-microsoft-dataprotection-eu-idUSKBN15Z1UI), Microsoft changed the way they collect telemetry, allowing users to choose between "Basic" (now renamed as `Required`) and "Full", with "Basic" mode collecting [much less telemetry](https://www.extremetech.com/computing/243079-upcoming-windows-update-reduces-spying-microsoft-still-mum-data-collects). Along with that, Microsoft collects a [lot more data from Windows 10](https://web.archive.org/web/20210711143017/https://privacytools.io/operating-systems/#win10).
+
+With the launch of Windows 11, a lot of [other](https://www.windowscentral.com/one-thing-microsoft-didnt-discuss-windows-11-privacy) [concerns](https://www.pcworld.com/article/539183/windows-11-review-an-unnecessary-replacement-for-windows-10.html) were raised, such as:
+
+- Integration of Microsoft Teams into the OS, which would encourage users to switch to the service, allowing Microsoft to collect even more data.
+- Removing the ability to have local accounts in Windows 11 Home, therefore forcing you to log into a Microsoft account so as to collect more data.
+- Having all data collection options on by default
+- Working with Amazon to bring Android apps to Windows through the Windows Subsystem for Android, likely allowing both Microsoft and Amazon to collect data about Android app usage on Windows.
+- Using users in a P2P way to distribute Windows updates to reduce load in Microsoft's servers without users' consent.
+
+## Choosing your Windows edition
+
+While using Windows, it is better to select either Windows **Enterprise** Edition or **Education** Edition because it gives more control over the system for hardening it for privacy and security by giving access to stops the OS from sending any Telemetry data using GP Editor.
+
+If you cannot get the above editions, you should opt for **Professional** Edition.
+
+#### Editions to avoid 
+
+- It is not recommended to use forks or modified versions of Windows such as Windows AME. It should be avoided at all cost. Since modified versions of Windows, such as AME, don't get updates, antivirus programs like Defender can fall out of date or be disabled entirely, opening you up to attacks.
+
+- Windows **Home** edition is **not** recommended as it does not have many advantages that Professional edition provides such as BitLocker Drive Encryption, Hyper-V, Windows Sandbox, etc. It also uploads Bitlocker Encryption keys to Microsoft servers which actually defies the aspect of the encryption implemented as the key was supposed to be hold by the user.
+
+##### Recommendations
+
+We recommend you choose Windows 11 over Windows 10 as it is the latest version and brings many security-related improvements with it by default such as [Secure Boot](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-secure-boot), [VBS](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-vbs), [HVCI](https://docs.microsoft.com/en-us/windows-hardware/drivers/bringup/device-guard-and-credential-guard), etc. Windows 10 will stop getting updates after [October 14, 2025](https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro).
+
+### Installing Windows
+
+We recommend that you use the official [Media Creation tool](https://www.microsoft.com/software-download/windows11) to flash the ISO to the USB, over third-party options such as Rufus, Balena Etcher, etc., so that you don't tamper the ISO.
+
+#### Downloading ISO
+
+To download the ISO. Follow these steps :
+
+- Download Media Creation tool under `Windows 11 Installation Media`
+- Open a Command prompt terminal in the directory where `mediacreationtool.exe` is downloaded.
+- And Input the following Command :
+    ```
+    mediacreationtool.exe /Eula Accept /Retail /MediaArch x64 /MediaLangCode en-US /MediaEdition Enterprise
+    ```
+- If it asks for Activation key, Use this Generic Key `XGVPP-NMH47-7TTHJ-W3FW7-8HV2C`. This will just allow you to download the ISO but activation is totally upon the user.
+- Accept the UAC prompt
+- Download the ISO file or flash to a USB as you wish
+
+!!! info "Note"
+    - The ISO will consists **only** of Professional, Education & Enterprise edition with a size of ~4.2 GB (Instead of >5.5GB when you download the Multi-Edition ISO) when you download using the above way no other editions such as Home included in it.
+    - If you want to change the Language of the ISO file, Just change the `en-US` part with the appropriate language and country code as per your needs.
+
+### Activating Windows
+
+Activating Education/Enterprise edition is different because for Enterprise Edition it needs to be a part of an enterprise network or buying an enterprise License for several devices and use it for your one device & for Education Edition it needs to be a part of school network or managed by a school administrator.
+
+For activating Professional edition, you can buy the license key from resellers (not recommended) or the [Microsoft Store](https://www.microsoft.com/d/windows-11-pro/dg7gmgf0d8h4?rtc=1).
+
+If you are currently using Pro and want to upgrade to Enterprise. Then, Follow the guide [here](https://www.kapilarya.com/how-to-upgrade-windows-11-pro-to-enterprise-edition)
+
+!!! abstract "Note"
+    This guide will be mostly on Windows 11 but some of the recommendations can be applied to Windows 10 too.
+
+!!! danger "Warning"
+    If you are going to install Windows 11, Then install it only on supported devices and it is not recommended to use tools/scripts that are available online to bypass the requirements which totally breaks the security of Windows 11 which it is aimed for.
+
+    Never download **Pirated ISO Files**
+
+*[GP]: Group Policy
+*[VBS]: Virtualization-Based Security
+*[HVCI]: Hypervisor-Protected Code Integrity
+*[AME]: Ameliorated
+*[P2P]: Peer-to-Peer

docs/os/windows/privacy.md

@@ -0,0 +1,80 @@
+---
+title: Privacy in Windows
+icon: material/incognito
+---
+
+## Using Microsoft account
+
+You should never sign-in to Windows with a Microsoft account. Signing-in to applications like Microsoft Office (which some users are required to do for their school or company) will trigger a dark pattern offering you to sign in to Windows, which will connect your device to your Microsoft account, and make it easier to send data to Microsoft servers and it is critical to reject this offer.
+
+It’s worth noting that according to [this study](https://www.autoriteitpersoonsgegevens.nl/sites/default/files/atoms/files/public_version_dutch_dpa_informal_translation_summary_of_investigation_report.pdf) it seems that Windows collects more telemetry when signed into a Microsoft Account.
+
+![Using account for specific app](../../assets/img/windows/signin-one-app.webp)
+
+You should log in to that specific app only if you need to.
+
+or 
+
+Create another standard user account and connect it to Microsoft account if you are required for School or Work and keep the apps to that account alone. By restricting other data drive access, it is fully isolated from other profiles.
+
+## Telemetry
+
+To disable telemetry at full level, Open Group policy and navigate to `Computer Configuration` > `Administrative Templates` > `Windows Components` > `Data Collection and Preview builds` and choose as required
+
+![Disable telemtry](../../assets/img/windows/disable-telemetry.webp)
+
+The above works only if you use Enterprise or Education edition. If Professional, It will send required (Basic) data.
+
+If you read this article - [https://www.softscheck.com/en/blog/windows-10-enterprise-telemetry-analysis/](https://www.softscheck.com/en/blog/windows-10-enterprise-telemetry-analysis/), Enterprise even sends data even though telemetry is disabled. But there is no updated info about this available.
+
+Disabling full telemtry or sending basic data to Microsoft is totally upto the user's threat model.
+
+- [ ] Disable `Automatic Sample Submission` in Windows Defender will send your files as a sample for Signature Database and might leak your data. You can do it via the below Group Policy so to not prompt you again and again constantly.
+    ```
+    Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > MAPS > Send file samples when further analysis is required to Never Send.
+    ```
+
+- [ ] Disable Windows spotlight by navigating to `User Configuration` > `Administrative Templates` > `Windows Components` > `Cloud Content` and setting **Turn off all Windows Spotlight features** policy to disabled.
+        !!! note
+        This explicitly disables Windows spotlight features in Lockscreen and Desktop to severe unnecessary between Microsoft servers and the device.
+
+- [ ] Disable in Bing integration in Windows search, by navigating to `Computer Configuration\Administrative Templates\Windows Components\Search\Don't search the web or display web results`. This way your search queries for local indexed data is not sent to Microsoft.
+
+- [ ] Disable notification in the Lock screen in Windows settings
+    ![Lock screen notification](../../assets/img/windows/lock-screen-notifications.webp)
+
+- [ ] Disable Online Speech recognition and Voice activation
+        ![Alt text](/docs/assets/img/windows/online-speech.webp)
+        ![Alt text](../../assets/img/windows/voice-activation.webp)
+
+- [ ] Disable delivery optimization in Windows Update settings.
+
+- Check all the App permissions and allow only necessary ones.
+
+## Hide MAC Address
+
+Go to `Settings` > `Network & Internet` > `Wifi`
+
+Enable **Random hardware addresses**
+
+## Restrict access to data drives
+
+To prevent other users from accessing your secondary data drives. Type `gpedit.msc` in Windows Run dialog box.
+
+Go to `User Configuration` > `Administrative Templates` > `Windows Components` > `File Explorer` and set the Group Policy as below.
+
+![Restrict-drive](../../assets/img/windows/drive-restriction.webp)
+
+The above configuration will restrict other users to the OS drive where Windows is installed. Making total isolation between your Account and other user account.
+
+If it's a shared drive with another person but you don't want the user to access sensitive data then use EFS. EFS encrypts the documents so that the user who encrypted it can only access it and not others.
+
+![EFS](../../assets/img/windows/EFS.gif)
+
+It is better to export the Private key certificate and store in a safe place so as to use the file later in other devices. To do so,
+
+Press, ++win+r++, Then type `certmgr.msc`, Under `Personal` > `Certificates`. Click the certificate that contains your username. Right Click and choose export. If you find this too tricky, then after using EFS for first time. You will see an encrypted locker Icon in system tray which help you in exporting on clicking it.
+
+To import in another device, simply open and install this certificate in that device and choose the above location. Then you can access EFS encrypted files in other system too.
+
+*[EFS]: Encrypted File System

docs/os/windows/sandboxing.md

@@ -0,0 +1,147 @@
+---
+title: Application Sandboxing
+icon: octicons/apps-16
+---
+
+## Native Application Sandboxing
+
+### Application Packaging by Windows
+
+Windows has two types of application packaging such as `.exe`/`.msi` (Win32) and `.appx`/`.msix` (UWA).
+
+#### Universal Windows Application (UWA)
+
+UWAs are processes that operate within the `AppContainer` is an application sandbox environment, which implements mechanisms for the restriction of `AppContainer` processes in terms of what system resources they can access. Basically, Application that is fully isolated and only given access to certain resources.
+
+#### Win32 Apps
+
+Win32 is the application platform of choice for developing and running classic Windows applications, that 
+is, Win32 applications, that require direct access to Windows and hardware. 
+
+The core of Win32 is the Win32 API implemented in the Windows SubDLLs (DLLs) and the ntdll.dll library file. With the combination of `SubDLLs` and `ntdll.dll`, the Win32 application has direct access to full system resources.
+
+#### A comparison between UWA and Win32
+
+| UWAs    | Windows |
+| :--------- | :---------------------------------- |
+|UWAs run as restricted, containerized `AppContainer` processes that run by accessing the WinRT API, a subset of COM functionalities and the Win32 API. They have specific properties that define process restrictions in terms of the system resources that processes can access.| Win32 applications run as Windows native, traditional processes that run by accessing the Win32 API and COM functionalities to their full extent and a subset of the WinRT API to directly access all system resources. They do not run as restricted processes, all system functionalities are by design directly available to them.|
+|Only a single instance of a given UWA may run at a given time. | Any number of instances of a given Win32 application may run simultaneously.
+|UWAs are distributed as application packages, archive files with a pre-defined format and required content that is necessary for the deployment and operation of UWAs |The way in which Win32 applications are distributed is not restricted by the operating system. It is defined by the application vendors.
+
+The above comparison gives a clear cut that UWA/UWP apps are the best ones to use in terms of sandboxing the app.
+
+
+### Choosing the way to install software
+
+UWA apps are primarily distributed through Microsoft store and are counter-signed by Microsoft while as third party UWA's are signed by the vendor without Microsoft's signature.
+
+It is recommended to use the UWA apps as they are sandboxed into their own containers.
+
+And for Win32 apps. If you are required to use Win32 apps. Install the application in the host and run it using [Windows Sandbox](/windows/sandboxing/#run-programs-instantly-in-sandbox).
+
+It is **recommended** to install in host and use in Sandbox to reduce your time installing the software again and again in Windows Sandbox.
+
+### Finding Win32 and UWP apps in Windows Store
+
+Generally, apps available in Microsoft store was UWP only before Windows 11 was launched but after the launch both Win32 and UWP apps co-exist in the store.
+
+At this point, it is difficult to differentiate between Win32 and UWP apps. To find which is UWP or Win32. Read below:
+
+When you see an app in store and scroll down to *Additional Information*  section and see if it asks for certain permissions like in the image below:
+
+![UWP in store](../../assets/img/windows/UWP-in-MS-Store.webp)
+
+If the Win32 App, Microsoft store will explicitly state that it is`Provided and Updated by `****` ` and `Uses all System resources` as in the image below:
+
+![Win32 in store](../../assets/img/windows/Win32-in-MS-Store.webp)
+
+!!! note "Un-sandboxed UWP apps"
+    Some UWP apps in the store due to the lift of restrictions in Microsoft store developers can submit the app with a property named `runFullTrust` which disables sandboxing of that UWP application and shows that `Uses all System Resources` in *Additional Information* section such as Firefox. By this you can know if a UWP app is sandboxed or not.
+
+    If it is sandboxed, it will show only certain permissions in *Additional Information* section.
+
+!!! abstract "Note"
+    Most apps will ask that if the app needs to be used for all users or just for your user account. It is best you keep the app to your user Account. So, We achieve better sandboxing between different user accounts.
+
+##### Another way to find
+
+[rg-adguard.net](https://store.rg-adguard.net/) is a third party Microsoft store app which can be used to download `.appx` files (Installer for UWP) and install UWP apps. You can use this site to download Age Restricted apps in store and Install it. **Note** that paid apps don't work unless you connect a Microsoft Account.
+
+
+## Using Winget to Install Sofware
+
+Windows Package Manager winget command-line tool is bundled with Windows 11 and modern versions of Windows 10 by default as the App Installer.
+
+The winget command line tool enables users to discover, install, upgrade, remove and configure applications on Windows 10 and Windows 11 computers. This tool is the client interface to the Windows Package Manager service.
+
+More information here : [https://learn.microsoft.com/en-us/windows/package-manager/winget/](https://learn.microsoft.com/en-us/windows/package-manager/winget/)
+
+The Winget tool is a powerful tool to install apps that are safe, trusted and official ones. This should be used to avoid sketchy installers.
+
+Even you have apps installed via the traditional installer setup. You can continue using winget
+
+A Quick demo by ThioJoe - [https://youtu.be/uxr7m8wDeGA](https://youtu.be/uxr7m8wDeGA)
+
+Detailed info about the tool by Microsoft - [https://youtu.be/Lk1gbe_JTpY](https://youtu.be/Lk1gbe_JTpY)
+
+If you understood about Winget, then this tool - [https://winstall.app/](https://winstall.app/) is suggested to bulk install apps.
+
+Note : Be sure to install via Winget or using MSI installer to upgrade the app easily.
+
+#### Benefits of winget
+
+There are general advantages in having a package manager regardless of the operating system.
+
+- Security : The packages that the package manager includes are usually safe because they’re verified by maintainers.
+- Automation : It’s easier to install or uninstall N applications using a package manager. No need to do it manually.
+- Maintenance : With a package manager usually you can update all your applications, including configurations.
+Exploration. Instead of searching manually in a browser for an application you can use the package manager. Since it’s centralized it should be easier to find what you want.
+
+## Windows Sandbox
+
+Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.
+
+The sandbox is temporary like TailsOS running on a USB drive. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open it.
+
+You can know more from the Official [Documentation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview).
+
+
+**Use case of Sandbox:** The Windows Sandbox can be used to run unknown software or if you want to isolate your Workspace from the host with only Specific set of apps, etc.
+
+### Using Sandbox
+
+To use Sandbox, you can create a configuration file as per the official Microsoft [Documentation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file) for your needs.
+
+So, when opening the file, sandbox opens with the Configurations you had set up in your file.
+
+If you do not understand the documentation, you can use [Windows Sandbox Editor](https://github.com/damienvanrobaeys/Windows_Sandbox_Editor) instead. It is a GUI application that can be used to create configuration files easily.
+
+??? note "Regarding Windows Sandbox Editor"
+    The repository doesn't provide a package. So, you need to download the whole codebase. After, extracting the zip Windows Defender or other Antivirus software may flag the [exe](https://github.com/damienvanrobaeys/Windows_Sandbox_Editor/tree/master/EXE) file as a malware. So, it is recommended to install it via the [Powershell Script](https://github.com/damienvanrobaeys/Windows_Sandbox_Editor/tree/master/Install%20on%20desktop%20(in%20case%20of%20issue%20with%20EXE)) they provide.
+
+    By default, You cannot execute Scripts in Powershell and it is restricted to commands only. It is recommend you allow the Terminal to `Unrestricted` mode and use it to install the editor via Script after that change it back to `Restricted` [execution policy](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7.2) to prevent accidental execution of malicious scripts in the future.
+
+### Run programs instantly in Sandbox
+
+[Run in Sandbox](https://github.com/damienvanrobaeys/Run-in-Sandbox) is a tool to quickly run files in Windows Sandbox with a right click.
+
+We recommend you to use this software as it is convenient and easy to use and even credited by Microsoft. 
+
+A full guide on How to use it can be found here: [https://www.systanddeploy.com/2021/11/run-in-sandbox-quick-way-to-runextract.html](https://www.systanddeploy.com/2021/11/run-in-sandbox-quick-way-to-runextract.html)
+
+Note: The same note of installing sandbox editor via PowerShell also applies here except this doesn't provide an `exe` at all.
+
+This page is based on the German BSI project - [SiSyPHuS Win10](https://www.bsi.bund.de/EN/Topics/Cyber-Security/Recommendations/SiSyPHuS_Win10/SiSyPHuS_node.html)'s Work Package 9 Dcoument.
+
+**For Advanced Users :**
+
+Sandboxie Plus, is a Sandboxing tool which uses File system and registry Virtualization techniques to sandbox every apps and at the same data not being lost like Windows Sandbox.
+
+Use this at your own Risk !
+
+*[UWA]:Universal Windows Applications
+*[UWP]:Universal Windows Platform
+*[SubDLLs]: Subsystem Dynamic link libraries
+*[ntdll.dll]: A core Windows library file that implements functions for interaction with the kernel.
+*[WinRT]: Windows Runtime
+*[COM]: Component Object Model

docs/tools.md

@@ -130,6 +130,7 @@ For more details about each project, why they were chosen, and additional tips o
 <div class="grid cards" markdown>
 
 - ![Proton Drive logo](assets/img/cloud/protondrive.svg){ .twemoji } [Proton Drive](cloud.md#proton-drive)
+- ![Tresorit logo](assets/img/cloud/tresorit.svg){ .twemoji } [Tresorit](cloud.md#tresorit)
 
 </div>
 
@@ -383,7 +384,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 <div class="grid cards" markdown>
 
 - ![YubiKeys](assets/img/multi-factor-authentication/mini/yubico.svg){ .twemoji } [YubiKey](multi-factor-authentication.md#yubikey)
-- ![Nitrokey](assets/img/multi-factor-authentication/mini/nitrokey.svg){ .twemoji } [Nitrokey](multi-factor-authentication.md#nitrokey-librem-key)
+- ![Nitrokey](assets/img/multi-factor-authentication/mini/nitrokey.svg){ .twemoji } [Nitrokey](multi-factor-authentication.md#nitrokey)
 - ![Aegis logo](assets/img/multi-factor-authentication/aegis.png){ .twemoji } [Aegis Authenticator](multi-factor-authentication.md#aegis-authenticator)
 - ![Raivo OTP logo](assets/img/multi-factor-authentication/raivo-otp.png){ .twemoji } [Raivo OTP](multi-factor-authentication.md#raivo-otp)
 

i18n/ar/email.md

@@ -86,9 +86,6 @@ Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to
 
 Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Proton Mail doesn't offer a digital legacy feature.
 
 #### :material-information-outline:{ .pg-blue } Account Termination
 
@@ -98,6 +95,8 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
 
 Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
 
+Proton Mail doesn't offer a digital legacy feature.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/S
 
 Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
 
-#### :material-check:{ .pg-green } Digital Legacy
-
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
 
 All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
 
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+
 ## More Providers
 
 These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
@@ -202,10 +199,6 @@ StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/a
 
 StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-StartMail does not offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ On account expiration, StartMail will permanently delete your account after [6 m
 
 StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
 
+StartMail does not offer a digital legacy feature.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encr
 
 Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Tutanota doesn't offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
@@ -274,6 +265,8 @@ Tutanota offers the business version of [Tutanota to non-profit organizations](h
 
 Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
 
+Tutanota doesn't offer a digital legacy feature.
+
 ## Email Aliasing Services
 
 An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.

i18n/bn/email.md

@@ -86,9 +86,6 @@ Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to
 
 Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Proton Mail doesn't offer a digital legacy feature.
 
 #### :material-information-outline:{ .pg-blue } Account Termination
 
@@ -98,6 +95,8 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
 
 Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
 
+Proton Mail doesn't offer a digital legacy feature.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/S
 
 Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
 
-#### :material-check:{ .pg-green } Digital Legacy
-
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
 
 All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
 
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+
 ## More Providers
 
 These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
@@ -202,10 +199,6 @@ StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/a
 
 StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-StartMail does not offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ On account expiration, StartMail will permanently delete your account after [6 m
 
 StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
 
+StartMail does not offer a digital legacy feature.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encr
 
 Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Tutanota doesn't offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
@@ -274,6 +265,8 @@ Tutanota offers the business version of [Tutanota to non-profit organizations](h
 
 Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
 
+Tutanota doesn't offer a digital legacy feature.
+
 ## Email Aliasing Services
 
 An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.

i18n/de/email.md

@@ -86,9 +86,6 @@ Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to
 
 Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Proton Mail doesn't offer a digital legacy feature.
 
 #### :material-information-outline:{ .pg-blue } Account Termination
 
@@ -98,6 +95,8 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
 
 Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
 
+Proton Mail doesn't offer a digital legacy feature.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/S
 
 Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
 
-#### :material-check:{ .pg-green } Digital Legacy
-
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
 
 All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
 
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+
 ## More Providers
 
 These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
@@ -202,10 +199,6 @@ StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/a
 
 StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-StartMail does not offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ On account expiration, StartMail will permanently delete your account after [6 m
 
 StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
 
+StartMail does not offer a digital legacy feature.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encr
 
 Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Tutanota doesn't offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
@@ -274,6 +265,8 @@ Tutanota offers the business version of [Tutanota to non-profit organizations](h
 
 Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
 
+Tutanota doesn't offer a digital legacy feature.
+
 ## Email Aliasing Services
 
 An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.

i18n/el/basics/common-misconceptions.md

@@ -1,60 +1,60 @@
 ---
-title: "Common Misconceptions"
+title: "Συνήθεις παρανοήσεις"
 icon: 'material/robot-confused'
-description: Privacy isn't a straightforward topic, and it's easy to get caught up in marketing claims and other disinformation.
+description: Η ιδιωτικότητα δεν αποτελεί ένα ξεκάθαρο ζήτημα και είναι εύκολο να παρασυρθεί κανείς από διαφημιστικούς ισχυρισμούς και άλλες παραπλανητικές πληροφορίες.
 ---
 
-## "Open-source software is always secure" or "Proprietary software is more secure"
+## «Το λογισμικό ανοιχτού κώδικα είναι πάντοτε ασφαλές» ή « Το ιδιόκτητο λογισμικό είναι πιο ασφαλές»
 
-These myths stem from a number of prejudices, but whether the source code is available and how software is licensed does not inherently affect its security in any way. ==Open-source software has the *potential* to be more secure than proprietary software, but there is absolutely no guarantee this is the case.== When you evaluate software, you should look at the reputation and security of each tool on an individual basis.
+Αυτοί οι μύθοι πηγάζουν από μια σειρά προκαταλήψεων, ωστόσο το αν ο πηγαίος κώδικας είναι διαθέσιμος και πως αδειοδοτείται το λογισμικό δεν επηρεάζουν εγγενώς την ασφάλειά του με οποιονδήποτε τρόπο. ==Το λογισμικό ανοικτού κώδικα έχει τη δυνατότητα ** να είναι πιο ασφαλές από το ιδιόκτητο λογισμικό, αλλά δεν υπάρχει καμία απολύτως εγγύηση ότι αυτό υφίσταται στην πράξη.== Όταν αξιολογείς λογισμικό, θα πρέπει να εξετάζεις τη φήμη και την ασφάλεια κάθε εργαλείου σε ατομική βάση.
 
-Open-source software *can* be audited by third-parties, and is often more transparent about potential vulnerabilities than proprietary counterparts. It also allows you to review the code and disable any suspicious functionality you find yourself. However, *unless you do so*, there is no guarantee that code has ever been evaluated, especially with smaller software projects. The open development process has also sometimes been exploited to introduce new vulnerabilities into even large projects.[^1]
+Το λογισμικό ανοικτού κώδικα *μπορεί να ελεγχθεί από τρίτα μέρη* και είναι συχνά πιο διαφανές όσον αφορά ενδεχόμενες αδυναμίες από ότι τα αντίστοιχα ιδιόκτητα λογισμικά. Επιπροσθέτως σου επιτρέπει να ελέγξεις τον κώδικα και να απενεργοποιήσεις οποιαδήποτε ύποπτη λειτουργία ανακαλύψεις. Ωστόσο, *εκτός και αν προβείς στον παραπάνω έλεγχο*, δεν υπάρχει καμία εγγύηση, ότι ο κώδικας έχει ποτέ αξιολογηθεί, ιδίως στην περίπτωση μικρότερων έργων λογισμικού. Επίσης, η διαδικασία ανάπτυξης λογισμικού ανοιχτού κώδικα έχει σε ορισμένες περιπτώσεις αποτελέσει αντικείμενο εκμετάλλευσης, προκειμένου να εισαχθούν νέα τρωτά σημεία, ακόμα και σε μεγάλα έργα.[^1]
 
-On the flip side, proprietary software is less transparent, but that doesn't imply that it's not secure. Major proprietary software projects can be audited internally and by third-party agencies, and independent security researchers can still find vulnerabilities with techniques like reverse engineering.
+Από την άλλη πλευρά, το ιδιόκτητο λογισμικό είναι λιγότερο διαφανές, αλλά αυτό δε σημαίνει ότι δεν είναι ασφαλές. Σημαντικά έργα ιδιόκτητου λογισμικού μπορούν να ελεγχθούν εσωτερικά, καθώς και από οργανισμούς τρίτων μερών και ανεξάρτητοι ερευνητές ασφάλειας είναι ακόμη σε θέση να βρουν ευπάθειες με τεχνικές όπως η αντίστροφη μηχανική.
 
-To avoid biased decisions, it's *vital* that you evaluate the privacy and security standards of the software you use.
+Για να αποφευχθούν μεροληπτικές αποφάσεις, είναι *ζήτημα ζωτικής σημασίας* να αξιολογείτε τα πρότυπα απορρήτου και ασφάλειας του λογισμικού που χρησιμοποιείτε.
 
-## "Shifting trust can increase privacy"
+## «Η μετατόπιση της εμπιστοσύνης μπορεί να αυξήσει την ιδιωτικότητα»
 
-We talk about "shifting trust" a lot when discussing solutions like VPNs (which shift the trust you place in your ISP to the VPN provider). While this protects your browsing data from your ISP *specifically*, the VPN provider you choose still has access to your browsing data: Your data isn't completely secured from all parties. This means that:
+Μιλάμε συχνά για «μετατόπιση της εμπιστοσύνης», όταν συζητάμε για λύσεις όπως τα Εικονικά Ιδιωτικά Δίκτυα(VPN) (τα οποία μετατοπίζουν την εμπιστοσύνη, που εναποθέτεις στον Πάροχο Υπηρεσιών Διαδικτύου(ISP) σου, προς τον πάροχο του VPN). Ενώ αυτό προστατεύει συγκεκριμένα τα δεδομένα περιήγησης σας από τον ISP σας **, ο πάροχος VPN, που επιλέγετε, εξακολουθεί να έχει πρόσβαση στα δεδομένα περιήγησης σας: Τα δεδομένα σας δεν είναι πλήρως προστατευμένα από όλα τα μέρη. Αυτό σημαίνει οτι:
 
-1. You must exercise caution when choosing a provider to shift trust to.
-2. You should still use other techniques, like E2EE, to protect your data completely. Merely distrusting one provider to trust another is not securing your data.
+1. Πρέπει να είστε προσεκτικοί, όταν επιλέγετε έναν πάροχο στον οποίο θα μεταφέρετε την εμπιστοσύνη σας.
+2. Θα πρέπει να συνεχίσετε να χρησιμοποιείτε άλλες τεχνικές, όπως το E2EE, για να προστατεύσετε πλήρως τα δεδομένα σας. Απλώς το να μην εμπιστεύεστε έναν πάροχο και λόγω αυτής της δυσπιστίας να εμπιστεύεστε έναν άλλο δεν εξασφαλίζει την ασφάλεια των δεδομένων σας.
 
-## "Privacy-focused solutions are inherently trustworthy"
+## «Οι λύσεις που εστιάζουν στην προστασία της ιδιωτικότητας είναι εγγενώς αξιόπιστες»
 
-Focusing solely on the privacy policies and marketing of a tool or provider can blind you to its weaknesses. When you're looking for a more private solution, you should determine what the underlying problem is and find technical solutions to that problem. For example, you may want to avoid Google Drive, which gives Google access to all of your data. The underlying problem in this case is lack of E2EE, so you should make sure that the provider you switch to actually implements E2EE, or use a tool (like [Cryptomator](../encryption.md#cryptomator-cloud)) which provides E2EE on any cloud provider. Switching to a "privacy-focused" provider (that doesn't implement E2EE) doesn't solve your problem: it just shifts trust from Google to that provider.
+Εστιάζοντας αποκλειστικά στις πολιτικές απορρήτου και το μάρκετινγκ ενός εργαλείου ή ενός παρόχου μπορεί να σας τυφλώσει στις αδυναμίες του. Όταν αναζητάτε μια πιο ιδιωτική λύση, θα πρέπει να προσδιορίσετε, ποιο είναι το κυριότερο πρόβλημα και να βρείτε τεχνικές λύσεις για το πρόβλημα αυτό. Για παράδειγμα, κρίνεται εύλογο να αποφύγετε το Google Drive, το οποίο παρέχει στην Google πρόσβαση σε όλα τα δεδομένα σας. Το βασικό πρόβλημα σε αυτή την περίπτωση είναι η έλλειψη E2EE, οπότε θα πρέπει να βεβαιωθείτε, ότι ο πάροχος, που έχετε επιλέξει ως εναλλακτική, υλοποιεί πράγματι E2EE ή να χρησιμοποιήσετε ένα εργαλείο (όπως το [Cryptomator](../encryption.md#cryptomator-cloud)) που παρέχει E2EE σε οποιονδήποτε πάροχο cloud. Η μετάβαση σε έναν πάροχο, που «εστιάζει στην προστασία της ιδιωτικότητας» (ο οποίος δεν εφαρμόζει το E2EE) δε λύνει το πρόβλημά: απλώς μετατοπίζει την εμπιστοσύνη από την Google σε αυτόν τον πάροχο.
 
-The privacy policies and business practices of providers you choose are very important, but should be considered secondary to technical guarantees of your privacy: You shouldn't shift trust to another provider when trusting a provider isn't a requirement at all.
+Οι πολιτικές απορρήτου και οι επιχειρηματικές πρακτικές των παρόχων που επιλέγετε είναι πολύ σημαντικές, αλλά θα πρέπει να θεωρούνται δευτερεύουσες σε σχέση με τις τεχνικές εγγυήσεις του απορρήτου σας: Δεν θα πρέπει να μετατοπίζετε την εμπιστοσύνη σας σε άλλον πάροχο, όταν η εμπιστοσύνη σε έναν πάροχο δεν αποτελεί σε καμία περίπτωση απαίτηση.
 
-## "Complicated is better"
+## « Το περίπλοκο είναι και καλύτερο»
 
-We often see people describing privacy threat models that are overly complex. Often, these solutions include problems like many different email accounts or complicated setups with lots of moving parts and conditions. The replies are usually answers to "What is the best way to do *X*?"
+Συχνά βλέπουμε ανθρώπους να περιγράφουν μοντέλα απειλής της ιδιωτικότητας, που είναι υπερβολικά πολύπλοκα. Συχνά, αυτές οι λύσεις περιλαμβάνουν προβλήματα όπως πολλοί διαφορετικοί λογαριασμοί ηλεκτρονικού ταχυδρομείου ή περίπλοκες ρυθμίσεις με πολλά κινούμενα μέρη και συνθήκες. Οι απαντήσεις αποκρίνονται συνήθως στο ερώτημα "Ποιος είναι ο καλύτερος τρόπος για να κάνουμε *X*?"
 
-Finding the "best" solution for yourself doesn't necessarily mean you are after an infallible solution with dozens of conditions—these solutions are often difficult to work with realistically. As we discussed previously, security often comes at the cost of convenience. Below, we provide some tips:
+Η εύρεση της «καλύτερης» λύσης για τον εαυτό σας δε σημαίνει απαραίτητα, ότι αναζητάτε μια αλάνθαστη λύση με δεκάδες συνθήκες - αυτές οι λύσεις είναι συχνά δύσκολο να εφαρμοστούν ρεαλιστικά. Όπως αναφέραμε προηγουμένως, η ασφάλεια συχνά έχει ως κόστος την ευκολία. Παρακάτω, παρέχουμε ορισμένες συμβουλές:
 
-1. ==Actions need to serve a particular purpose:== think about how to do what you want with the fewest actions.
-2. ==Remove human failure points:== We fail, get tired, and forget things. To maintain security, avoid relying on manual conditions and processes that you have to remember.
-3. ==Use the right level of protection for what you intend.== We often see recommendations of so-called law-enforcement or subpoena-proof solutions. These often require specialist knowledge and generally aren't what people want. There's no point in building an intricate threat model for anonymity if you can be easily de-anonymized by a simple oversight.
+1. ==Οι ενέργειες πρέπει να εξυπηρετούν έναν συγκεκριμένο σκοπό:== Σκεφτείτε, πώς θα κάνετε αυτό που θέλετε, με τις λιγότερες δυνατές ενέργειες.
+2. ==Αφαιρέστε τα σημεία ανθρώπινης αποτυχίας: == Αποτυγχάνουμε, κουραζόμαστε, και ξεχνάμε. Για να διατηρήσετε την ασφάλεια, αποφύγετε να βασίζεστε σε χειροκίνητες συνθήκες και διαδικασίες, που πρέπει να θυμάστε.
+3. ==Χρησιμοποιήστε το σωστό επίπεδο προστασίας για τους σκοπούς σας.== Συχνά βλέπουμε να προτείνονται οι λεγόμενες λύσεις των δυνάμεων ασφαλείας ή οι λύσεις, που καθιστούν αδύνατη την κλήτευση. Αυτές συχνά απαιτούν εξειδικευμένη γνώση και γενικά δεν είναι αυτό που επιθυμούν οι άνθρωποι. Δεν υπάρχει νόημα να δημιουργήσετε ένα περίπλοκο μοντέλο απειλών για την ανωνυμία, αν μπορείτε εύκολα να χάσετε την εν λόγω ανωνυμία, λόγω μιας απλής παράβλεψης.
 
-So, how might this look?
+Έτσι, πώς μπορεί αυτό να φαίνεται;
 
-One of the clearest threat models is one where people *know who you are* and one where they do not. There will always be situations where you must declare your legal name and there are others where you don't need to.
+Ένα από τα πιο ξεκάθαρα μοντέλα απειλών είναι εκείνο, όπου οι άνθρωποι *γνωρίζουν ποιος είστε* και εκείνο όπου δε γνωρίζουν. Πάντα θα υπάρχουν περιπτώσεις, στις οποίες θα πρέπει να δηλώσετε το νόμιμο όνομά σας και άλλες στις οποίες δε χρειάζεται να το κάνετε αυτό.
 
-1. **Known identity** - A known identity is used for things where you must declare your name. There are many legal documents and contracts where a legal identity is required. This could range from opening a bank account, signing a property lease, obtaining a passport, customs declarations when importing items, or otherwise dealing with your government. These things will usually lead to credentials such as credit cards, credit rating checks, account numbers, and possibly physical addresses.
+1. **Πραγματική ταυτότητα** - Η πραγματική ταυτότητα χρησιμοποιείται για πράγματα στα οποία πρέπει να δηλώσετε το όνομά σας. Υπάρχουν πολλά νομικά έγγραφα και συμβόλαια, όπου απαιτείται μία νομική ταυτότητα. Μεταξύ άλλων απαιτείται για το άνοιγμα ενός τραπεζικού λογαριασμού, την υπογραφή ενός μισθωτηρίου ακινήτου, την απόκτηση διαβατηρίου, τις τελωνειακές δηλώσεις, όταν εισαγάγετε αντικείμενα ή για οποιαδήποτε άλλη συναλλαγή με την κυβέρνηση. Αυτά τα πράγματα συνήθως οδηγούν σε διαπιστευτήρια όπως πιστωτικές κάρτες, ελέγχους πιστοληπτικής ικανότητας, αριθμούς λογαριασμών και ενδεχομένως φυσικές διευθύνσεις.
 
-    We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means.
+    Δεν προτείνουμε τη χρήση VPN ή Tor για κανένα από αυτά τα πράγματα, καθώς η ταυτότητά σας είναι ήδη γνωστή μέσα από άλλα μέσα.
 
-    !!! tip
+    !!! συμβουλή
    
-        When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private.
+        Όταν κάνετε ηλεκτρονικές αγορές, η χρήση μίας[θυρίδας δεμάτων] (https://en.wikipedia.org/wiki/Parcel_locker) μπορεί να σας βοηθήσει να διατηρήσετε τη φυσική σας διεύθυνση ιδιωτική.
 
-2. **Unknown identity** - An unknown identity could be a stable pseudonym that you regularly use. It is not anonymous because it doesn't change. If you're part of an online community, you may wish to retain a persona that others know. This pseudonym isn't anonymous because—if monitored for long enough—details about the owner can reveal further information, such as the way they write, their general knowledge about topics of interest, etc.
+2. **Άγνωστη ταυτότητα** - Μια άγνωστη ταυτότητα θα μπορούσε να είναι ένα σταθερό ψευδώνυμο, που χρησιμοποιείτε τακτικά. Δεν είναι ανώνυμο, διότι δεν αλλάζει. Αν είστε μέλος μιας διαδικτυακής κοινότητας, ίσως είναι σκόπιμο να διατηρείτε μια persona, την οποία γνωρίζουν οι άλλοι. Αυτό το ψευδώνυμο δεν είναι ανώνυμο, διότι, αν παρακολουθείται για αρκετό χρονικό διάστημα, λεπτομέρειες σχετικά με τον ιδιοκτήτη μπορούν να αποκαλύψουν περαιτέρω πληροφορίες, όπως ο τρόπος που γράφει, οι γενικές γνώσεις του για θέματα, που τον ενδιαφέρουν κ. λ. π.
 
-    You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://www.getmonero.org/). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC.
+    Ίσως, είναι εύλογο να χρησιμοποιήσετε ένα VPN γι' αυτό, προκειμένου να αποκρύψετε τη διεύθυνση IP σας. Οι οικονομικές συναλλαγές είναι πιο δύσκολο να συγκαλυφθούν: Θα μπορούσατε να εξετάσετε τη χρήση ανώνυμων κρυπτονομισμάτων, όπως το [Monero](https://www.getmonero.org/). Η χρήση altcoin shifting μπορεί επίσης να σας βοηθήσει, να αποκρύψετε την προέλευση των νομισμάτων σας. Συνήθως, τα ανταλλακτήρια απαιτούν την ολοκλήρωση του KYC (know your customer), προτού σας επιτρέψουν να ανταλλάξετε παραστατικό χρήμα( fiat currency) σε οποιοδήποτε είδος κρυπτονομίσματος. Οι επιλογές συνάντησης σε τοπικό επίπεδο μπορούν επίσης να αποτελέσουν μια λύση. Ωστόσο, αυτές είναι συχνά πιο ακριβές και ενδέχεται σε ορισμένες περιπτώσεις να απαιτούν KYC.
 
-3. **Anonymous identity** - Even with experience, anonymous identities are difficult to maintain over long periods of time. They should be short-term and short-lived identities which are rotated regularly.
+3. **Ανώνυμη ταυτότητα** - Ακόμα και όταν υπάρχει εμπειρία, οι ανώνυμες ταυτότητες είναι δύσκολο να διατηρηθούν για μεγάλα χρονικά διαστήματα. Θα πρέπει να είναι βραχυπρόθεσμες και βραχύβιες ταυτότητες, οι οποίες εναλλάσσονται τακτικά.
 
-    Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.)
+    Η χρήση του Tor μπορεί να βοηθήσει με αυτό. Αξίζει επίσης να σημειωθεί ότι η επίτευξη μεγαλύτερης ανωνυμίας είναι δυνατή μέσω της ασύγχρονης επικοινωνίας: Η επικοινωνία σε πραγματικό χρόνο είναι ευάλωτη έναντι μιας ενδεχόμενης ανάλυσης των μοτίβων πληκτρολόγησης (π.χ. περισσότερο κείμενο από μια παράγραφο, το οποίο διανέμεται σε ένα φόρουμ, μέσω ηλεκτρονικού ταχυδρομείου κ.λπ.)
 
-[^1]: One notable example of this is the [2021 incident in which University of Minnesota researchers introduced three vulnerabilities into the Linux kernel development project](https://cse.umn.edu/cs/linux-incident).
+[^1]: Ένα αξιοσημείωτο παράδειγμα αυτού, είναι το περιστατικό [2021, όπου ερευνητές του Πανεπιστημίου της Μινεσότα εισήγαγαν τρία τρωτά σημεία στο έργο ανάπτυξης του πυρήνα Linux](https://cse.umn.edu/cs/linux-incident).

i18n/el/email.md

@@ -86,9 +86,6 @@ Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to
 
 Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Proton Mail doesn't offer a digital legacy feature.
 
 #### :material-information-outline:{ .pg-blue } Account Termination
 
@@ -98,6 +95,8 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
 
 Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
 
+Proton Mail doesn't offer a digital legacy feature.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/S
 
 Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
 
-#### :material-check:{ .pg-green } Digital Legacy
-
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
 
 All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
 
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+
 ## More Providers
 
 These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
@@ -202,10 +199,6 @@ StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/a
 
 StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-StartMail does not offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ On account expiration, StartMail will permanently delete your account after [6 m
 
 StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
 
+StartMail does not offer a digital legacy feature.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encr
 
 Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Tutanota doesn't offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
@@ -274,6 +265,8 @@ Tutanota offers the business version of [Tutanota to non-profit organizations](h
 
 Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
 
+Tutanota doesn't offer a digital legacy feature.
+
 ## Email Aliasing Services
 
 An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.

i18n/eo/email.md

@@ -86,9 +86,6 @@ Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to
 
 Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Proton Mail doesn't offer a digital legacy feature.
 
 #### :material-information-outline:{ .pg-blue } Account Termination
 
@@ -98,6 +95,8 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
 
 Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
 
+Proton Mail doesn't offer a digital legacy feature.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/S
 
 Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
 
-#### :material-check:{ .pg-green } Digital Legacy
-
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
 
 All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
 
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+
 ## More Providers
 
 These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
@@ -202,10 +199,6 @@ StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/a
 
 StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-StartMail does not offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ On account expiration, StartMail will permanently delete your account after [6 m
 
 StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
 
+StartMail does not offer a digital legacy feature.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encr
 
 Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Tutanota doesn't offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
@@ -274,6 +265,8 @@ Tutanota offers the business version of [Tutanota to non-profit organizations](h
 
 Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
 
+Tutanota doesn't offer a digital legacy feature.
+
 ## Email Aliasing Services
 
 An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.

i18n/es/cryptocurrency.md

@@ -1,15 +1,15 @@
 ---
-title: Cryptocurrency
+title: Criptomonedas
 icon: material/bank-circle
 ---
 
-Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
+Realizar pagos en línea es uno de los principales desafíos para la privacidad. Estas criptomonedas le brindan privacidad a sus transacciones (algo que **no** está garantizado por la mayoría de las criptomonedas), permitiéndole tener una alta comprensión de cómo hacer pagos privados correctamente. Le recomendamos encarecidamente que primero lea nuestro apartado de pagos antes de realizar cualquier compra:
 
-[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
+[Hacer pagos privados: :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
 
 !!! peligro
 
-    Many if not most cryptocurrency projects are scams. Make transactions carefully with only projects you trust.
+    Muchas, si no la mayoría de los proyectos de criptomonedas son estafas. Únicamente realice transacciones con los proyectos en los que confíe.
 
 ## Monero
 
@@ -17,37 +17,37 @@ Making payments online is one of the biggest challenges to privacy. These crypto
 
     ![Monero logo](assets/img/cryptocurrency/monero.svg){ align=right }
     
-    **Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+    **Monero** utiliza una cadena de bloques (blockchain) con tecnologías que mejoran la privacidad. Cada transacción realizada con Monero, oculta el monto de la transacción, las direcciones de envío y recepción, además del origen de los fondos sin ningún intermediario, convirtiéndola en una opción ideal para los novatos en las criptomonedas.
     
-    [:octicons-home-16: Homepage](https://www.getmonero.org/){ .md-button .md-button--primary }
+    [:octicons-home-16: Página principal](https://www.getmonero.org/){ .md-button .md-button--primary }
     [:octicons-info-16:](https://www.getmonero.org/resources/user-guides/){ .card-link title=Documentation}
     [:octicons-code-16:](https://github.com/monero-project/monero){ .card-link title="Source Code" }
     [:octicons-heart-16:](https://www.getmonero.org/get-started/contributing/){ .card-link title=Contribute }
 
-With Monero, outside observers cannot decipher addresses trading Monero, transaction amounts, address balances, or transaction histories.
+Con Monero, los observadores externos no pueden descifrar las direcciones transaccionales de Monero, los montos de las transacciones, el balance de las direcciones, o el historial de transacciones.
 
-For optimal privacy, make sure to use a noncustodial wallet where the view key stays on the device. This means that only you will have the ability to spend your funds and see incoming and outgoing transactions. If you use a custodial wallet, the provider can see **everything** you do; if you use a “lightweight” wallet where the provider retains your private view key, the provider can see almost everything you do. Some noncustodial wallets include:
+Para una mejor privacidad, se debe asegurar de utilizar una billetera no monitorizada donde la clave de visualización permanece en el dispositivo. Esto significa que solo usted tiene la capacidad de gastar sus fondos, además de ver las transacciones entrantes y salientes. Si usted utiliza una billetera monitoreada, el proveedor puede ver **todo** lo que hace; si utiliza una billetera "ligera" donde el proveedor retiene su clave privada de visualización, el proveedor puede ver casi todo lo que hace. Algunas billeteras no monitoreadas son:
 
-- [Official Monero client](https://getmonero.org/downloads) (Desktop)
+- [Cliente oficial de Monero](https://getmonero.org/downloads) (Escritorio)
 - [Cake Wallet](https://cakewallet.com/) (iOS, Android)
-    - Cake Wallet supports multiple cryptocurrencies. A Monero-only version of Cake Wallet is available at [Monero.com](https://monero.com/).
-- [Feather Wallet](https://featherwallet.org/) (Desktop)
+    - Cake Wallet soporta múltiples criptomonedas. Una versión de Cake Wallet que únicamente soporta Monero puede obtenerse desde [Monero.com](https://monero.com/).
+- [Feather Wallet](https://featherwallet.org/) (Escritorio)
 - [Monerujo](https://www.monerujo.io/) (Android)
 
-For maximum privacy (even with a noncustodial wallet), you should run your own Monero node. Using another person’s node will expose some information to them, such as the IP address that you connect to it from, the timestamps that you sync your wallet, and the transactions that you send from your wallet (though no other details about those transactions). Alternatively, you can connect to someone else’s Monero node over Tor or i2p.
+Para obtener un nivel máximo de privacidad (incluso con una billetera monitoreada), usted debe ejecutar su propio nodo de Monero. Al utilizar el nodo de otra persona, usted expondrá alguna información a dicha persona, como la dirección IP que utiliza para conectarse, las marcas de tiempo que sincroniza su billetera, y las transacciones que realiza desde su billetera (aunque no hay otros detalles sobre esas transacciones). Alternativamente, usted puede conectarse al nodo de Monero de otra persona a través de Tor o i2p.
 
-In August 2021, CipherTrace [announced](https://finance.yahoo.com/news/ciphertrace-announces-enhanced-monero-tracing-160000275.html) enhanced Monero tracing capabilities for government agencies. Public postings show that the US Department of the Treasury's Financial Crimes Enforcement Network [licensed](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view) CipherTrace's "Monero Module" in late 2022.
+En agosto de 2021, CipherTrace [anunció](https://finance.yahoo.com/news/ciphertrace-announces-enhanced-monero-tracing-160000275.html) mejores capacidades de rastreo de Monero para agencias gubernamentales. Publicaciones públicas muestran cómo la Red de Ejecución de Delitos Financieros del Departamento de Tesorería del Gobierno de los Estados Unidos [licenció](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view) el módulo CipherTrace de Monero a finales de 2022.
 
-Monero transaction graph privacy is limited by its relatively small ring signatures, especially against targeted attacks. Monero's privacy features have also been [called into question](https://web.archive.org/web/20180331203053/https://www.wired.com/story/monero-privacy/) by some security researchers, and a number of severe vulnerabilities have been found and patched in the past, so the claims made by organizations like CipherTrace are not out of the question. While it's unlikely that Monero mass surveillance tools exist like they do for Bitcoin and others, it's certain that tracing tools assist with targeted investigations.
+La privacidad del gráfico transaccional de Monero está limitada por sus firmas de anillo relativamente pequeñas, especialmente contra ataques dirigidos. Las características de privacidad de Monero también han sido [cuestionadas](https://web.archive.org/web/20180331203053/https://www.wired.com/story/monero-privacy/) por algunos investigadores de seguridad, y una serie de vulnerabilidades graves han sido encontradas y corregidas en el pasado, haciendo que los reclamos de organizaciones como CipherTrace no están descartadas. Mientras es poco probable que las herramientas de vigilancia masiva de Monero existan como lo hacen para Bitcoin y otras, es seguro que las herramientas de rastreo ayudan en las investigaciones dirigidas.
 
-Ultimately, Monero is the strongest contender for a privacy-friendly cryptocurrency, but its privacy claims have **not** been definitively proven one way or the other. More time and research is needed to assess whether Monero is resilient enough to attacks to always provide adequate privacy.
+En última instancia, Monero es el principal candidato para una criptomoneda amigable con la privacidad, pero sus argumentos de privacidad **no** han sido definitivamente comprobados de una manera u otra. Más tiempo e investigación es requerida para encontrar los puntos donde Monero es lo suficientemente resistente a los ataques como para proporcionar la privacidad adecuada.
 
-## Criteria
+## Criterios
 
-**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
+**Por favor, tome en cuenta que no estamos asociados con ninguno de los proyectos que recomendamos. ** En adición a [nuestros criterios base](about/criteria.md), hemos desarrollado un claro conjunto de requisitos que nos permiten brindar recomendaciones objetivas. Sugerimos que usted se familiarice con esta lista, antes de elegir utilizar un proyecto y realizar su propia investigación para asegurarse que es la elección ideal para usted.
 
-!!! example "This section is new"
+!!! ejemplo "Esta sección es nueva"
 
-    We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
+    Estamos trabajando en establecer criterios definidos para cada sección de nuestra página, y esto puede estar sujero a cambios. Si tiene alguna pregunta sobre nuestros criterios, por favor [pregunte en nuestro foro](https://discuss.privacyguides.net/latest) y no asuma que no consideramos algo, cuando una recomendación no está listada aquí. Hay muchos factores considerados y discutidos cuando recomendamos un proyecto, y documentamos cada uno como un trabajo en proceso.
 
-- Cryptocurrency must provide private/untraceable transactions by default.
+- Las criptomonedas deben brindar transacciones privadas o imposibles de rastrear por defecto.

i18n/es/dns.md

@@ -1,7 +1,7 @@
 ---
 title: "Resolvers DNS"
 icon: material/dns
-description: These are some encrypted DNS providers we recommend switching to, to replace your ISP's default configuration.
+description: Estos son algunos proveedores de DNS cifrado a los que recomendamos cambiar para reemplazar la configuración predeterminada de tu ISP.
 ---
 
 Un DNS cifrado con servidores de terceros solo debe utilizarse para evitar el [bloqueo de DNS básico](https://en.wikipedia.org/wiki/DNS_blocking) cuando puedas estar seguro de que no habrá ninguna consecuencia. Un DNS encriptado no te ayudará a esconder tu actividad en línea.

i18n/es/email.md

@@ -86,9 +86,6 @@ Proton Mail ha [integrado el cifrado OpenPGP](https://proton.me/support/how-to-u
 
 Proton Mail también admite el descubrimiento de claves públicas a través de HTTP desde su [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). Esto permite a las personas que no utilizan Proton Mail encontrar fácilmente las claves OpenPGP de las cuentas de Proton Mail, para E2EE entre proveedores.
 
-#### :material-alert-outline:{ .pg-orange } Legado digital
-
-Proton Mail no ofrece la función de legado digital.
 
 #### :material-information-outline:{ .pg-blue } Cancelación de la cuenta
 
@@ -98,6 +95,8 @@ Si tiene una cuenta de pago y su factura [no se paga](https://proton.me/support/
 
 Proton Mail ofrece una cuenta "Ilimitada" por 9,99 euros al mes, que también permite acceder a Proton VPN además de proporcionar múltiples cuentas, dominios, alias y 500 GB de almacenamiento.
 
+Proton Mail no ofrece la función de legado digital.
+
 ### Mailbox.org
 
 !!! recomendación
@@ -138,10 +137,6 @@ Mailbox.org tiene [cifrado integrado](https://kb.mailbox.org/display/MBOKBEN/Sen
 
 Mailbox.org también admite el descubrimiento de claves públicas a través de HTTP desde su [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). Esto permite a personas ajenas a Mailbox.org encontrar fácilmente las claves OpenPGP de las cuentas de Mailbox.org, para E2EE entre proveedores.
 
-#### :material-check:{ .pg-green } Legado digital
-
-Mailbox.org tiene una función de legado digital para todos los planes. Puede elegir si desea que alguno de sus datos se transmita a los herederos, siempre que lo soliciten y aporten su testamento. También puede designar a una persona por su nombre y dirección.
-
 #### :material-information-outline:{ .pg-blue } Cancelación de la cuenta
 
 Su cuenta se convertirá en una cuenta de usuario restringida cuando finalice su contrato, después de [30 días se eliminará irrevocablemente](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ Puede acceder a su cuenta de Mailbox.org a través de IMAP/SMTP utilizando su [s
 
 Todas las cuentas vienen con un almacenamiento limitado en la nube que [se puede cifrar](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org también ofrece el alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), que impone el cifrado TLS en la conexión entre servidores de correo; de lo contrario, el mensaje no se enviará en absoluto. Mailbox.org también admite [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) además de protocolos de acceso estándar como IMAP y POP3.
 
+Mailbox.org tiene una función de legado digital para todos los planes. Puede elegir si desea que alguno de sus datos se transmita a los herederos, siempre que lo soliciten y aporten su testamento. También puede designar a una persona por su nombre y dirección.
+
 ## Más proveedores
 
 Estos proveedores almacenan tus correos electrónicos con cifrado de conocimiento cero, lo que los convierte en excelentes opciones para mantener seguros tus correos electrónicos almacenados. Sin embargo, no admiten normas de cifrado interoperables para las comunicaciones E2EE entre proveedores.
@@ -202,10 +199,6 @@ StartMail admite la importación de [contactos](https://support.startmail.com/hc
 
 StartMail tiene [cifrado integrado](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) en su correo web, lo que simplifica el envío de mensajes cifrados con claves públicas OpenPGP. Sin embargo, no son compatibles con el estándar Web Key Directory, lo que hace que el descubrimiento de la clave pública de un buzón de correo Startmail sea más difícil para otros proveedores de correo electrónico o clientes.
 
-#### :material-alert-outline:{ .pg-orange } Legado digital
-
-StartMail no ofrece una función de legado digital.
-
 #### :material-information-outline:{ .pg-blue } Cancelación de la cuenta
 
 Al vencimiento de la cuenta, StartMail eliminará permanentemente su cuenta después de [6 meses en 3 fases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ Al vencimiento de la cuenta, StartMail eliminará permanentemente su cuenta desp
 
 StartMail permite el proxy de imágenes dentro de los correos electrónicos. Si permite que se cargue la imagen remota, el remitente no sabrá cuál es su dirección IP.
 
+StartMail no ofrece una función de legado digital.
+
 ### Tutanota
 
 !!! recomendación
@@ -260,10 +255,6 @@ Tutanota dispone de [cifrado de acceso cero en reposo](https://tutanota.com/faq#
 
 Tutanota [no utiliza OpenPGP](https://www.tutanota.com/faq/#pgp). Las cuentas de Tutanota sólo pueden recibir correos electrónicos cifrados de cuentas de correo electrónico que no son de tutanota cuando se envían a través de un [buzón temporal de Tutanota](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Legado digital
-
-Tutanota no ofrece la función de legado digital.
-
 #### :material-information-outline:{ .pg-blue } Cancelación de la cuenta
 
 Tutanota eliminará [las cuentas gratuitas inactivas](https://tutanota.com/faq#inactive-accounts) después de seis meses. Puedes reutilizar una cuenta gratuita desactivada si pagas.
@@ -274,6 +265,8 @@ Tutanota ofrece la versión empresarial [a las organizaciones sin ánimo de lucr
 
 Tutanota también tiene una función para empresas llamada [Secure Connect](https://tutanota.com/secure-connect/). Esto garantiza que el contacto del cliente con la empresa utilice E2EE. La función cuesta 240 €/año.
 
+Tutanota no ofrece la función de legado digital.
+
 ## Servicios de alias de correo
 
 Un servicio de alias de correo electrónico le permite generar fácilmente una nueva dirección de correo electrónico para cada sitio web en el que se registre. Los alias de correo electrónico que genera se reenvían a una dirección de correo electrónico de su elección, ocultando tanto su dirección de correo electrónico "principal" como la identidad de su proveedor de correo electrónico. El verdadero alias de correo electrónico es mejor que el direccionamiento plus, comúnmente utilizado y admitido por muchos proveedores, que permite crear alias como tunombre+[anythinghere]@ejemplo.com, porque los sitios web, los anunciantes y las redes de seguimiento pueden eliminar trivialmente cualquier cosa después del signo + para conocer tu verdadera dirección de correo electrónico.
@@ -432,79 +425,79 @@ Preferimos que nuestros proveedores recomendados recojan la menor cantidad de da
 **Mínimo para calificar:**
 
 - Proteger la dirección IP del remitente. Filtrarlo para que no aparezca en el campo de cabecera `Recibido`.
-- Don't require personally identifiable information (PII) besides a username and a password.
-- Privacy policy that meets the requirements defined by the GDPR
-- Must not be hosted in the US due to [ECPA](https://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act#Criticism) which has [yet to be reformed](https://epic.org/ecpa/).
-
-**Best Case:**
-
-- Accepts [anonymous payment options](advanced/payments.md) ([cryptocurrency](cryptocurrency.md), cash, gift cards, etc.)
-
-### Seguridad
-
-Email servers deal with a lot of very sensitive data. We expect that providers will adopt best industry practices in order to protect their members.
+- No requiera información personal identificable (PII) aparte de un nombre de usuario y una contraseña.
+- Política de privacidad que cumple los requisitos definidos por el GDPR
+- No debe estar alojado en los Estados Unidos debido a [ECPA](https://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act#Criticism) que aún tiene [que ser reformado](https://epic.org/ecpa/).
 
 **Mejor caso:**
 
-- Protection of webmail with 2FA, such as TOTP.
-- Zero access encryption, builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
-- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) support.
-- No TLS errors or vulnerabilities when being profiled by tools such as [Hardenize](https://www.hardenize.com/), [testssl.sh](https://testssl.sh/), or [Qualys SSL Labs](https://www.ssllabs.com/ssltest); this includes certificate related errors and weak DH parameters, such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
-- A server suite preference (optional on TLSv1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
-- A valid [MTA-STS](https://tools.ietf.org/html/rfc8461) and [TLS-RPT](https://tools.ietf.org/html/rfc8460) policy.
-- Valid [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) records.
-- Valid [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) and [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) records.
-- Have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
-- A server suite preference of TLS 1.2 or later and a plan for [RFC8996](https://datatracker.ietf.org/doc/rfc8996/).
-- [SMTPS](https://en.wikipedia.org/wiki/SMTPS) submission, assuming SMTP is used.
-- Website security standards such as:
-    - [HTTP Strict Transport Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
-    - [Subresource Integrity](https://en.wikipedia.org/wiki/Subresource_Integrity) if loading things from external domains.
-- Must support viewing of [Message headers](https://en.wikipedia.org/wiki/Email#Message_header), as it is a crucial forensic feature to determine if an email is a phishing attempt.
+- Acepte [opciones de pago anónimas](advanced/payments.md) ([criptomonedas](cryptocurrency.md), efectivo, tarjetas regalo, etc.)
 
-**Best Case:**
+### Seguridad
 
-- Support for hardware authentication, i.e. U2F and [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn). U2F and WebAuthn are more secure as they use a private key stored on a client-side hardware device to authenticate people, as opposed to a shared secret that is stored on the web server and on the client side when using TOTP. Furthermore, U2F and WebAuthn are more resistant to phishing as their authentication response is based on the authenticated [domain name](https://en.wikipedia.org/wiki/Domain_name).
-- [DNS Certification Authority Authorization (CAA) Resource Record](https://tools.ietf.org/html/rfc6844) in addition to DANE support.
-- Implementation of [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), this is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
+Los servidores de correo electrónico manejan muchos datos sensibles. Esperamos que los proveedores adopten las mejores prácticas de la industria para proteger a sus miembros.
+
+**Mínimo para calificar:**
+
+- Protección del correo web con 2FA, como TOTP.
+- Cifrado de acceso cero, basado en el cifrado en reposo. El proveedor no disponga de las claves de descifrado de los datos que posee. Esto evita que un empleado deshonesto filtre datos a los que tiene acceso o que un adversario remoto divulgue datos que ha robado al obtener acceso no autorizado al servidor.
+- Compatible con [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions).
+- No haya errores o vulnerabilidades TLS cuando se perfilan con herramientas como [Hardenize](https://www.hardenize.com/), [testssl.sh](https://testssl.sh/)o [Qualys SSL Labs](https://www.ssllabs.com/ssltest); esto incluye errores relacionados con el certificado y parámetros DH débiles, como los que llevaron a [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
+- Una preferencia de suite de servidor (opcional en TLSv1.3) para suites de cifrado potentes que soporten forward secrecy y encriptación autenticada.
+- Una política válida [MTA-STS](https://tools.ietf.org/html/rfc8461) y [TLS-RPT](https://tools.ietf.org/html/rfc8460).
+- Registros válidos de [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities).
+- Registros válidos [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) y [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail).
+- Tenga un registro y una política adecuados de [DMARC](https://en.wikipedia.org/wiki/DMARC) o use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) para la autenticación. Si se utiliza la autenticación DMARC, la política debe establecerse en `rechazar` o `cuarentena`.
+- Una preferencia de conjunto de servidores de TLS 1.2 o posterior y un plan para [RFC8996](https://datatracker.ietf.org/doc/rfc8996/).
+- [Envío de SMTPS](https://en.wikipedia.org/wiki/SMTPS), suponiendo que se utiliza SMTP.
+- Estándares de seguridad del sitio web tales como:
+    - [Seguridad de transporte estricta HTTP](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
+    - [Integridad de subrecurso](https://en.wikipedia.org/wiki/Subresource_Integrity) si se cargan cosas desde dominios externos.
+- Debe admitir la visualización de [Encabezados de mensaje](https://en.wikipedia.org/wiki/Email#Message_header), ya que es una característica forense crucial para determinar si un correo electrónico es un intento de phishing.
+
+**Mejor caso:**
+
+- Soporte para autenticación de hardware, ej. U2F y [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn). U2F y WebAuthn son más seguros ya que utilizan una clave privada almacenada en un dispositivo de hardware del lado del cliente para autenticar a las personas, a diferencia de un secreto compartido que se almacena en el servidor web y en el lado del cliente cuando se utiliza TOTP. Además, U2F y WebAuthn son más resistentes al phishing ya que su respuesta de autenticación se basa en el [nombre de dominio](https://en.wikipedia.org/wiki/Domain_name) autenticado.
+- [Registro de recursos de autorización de autoridad de certificación (CAA) de DNS](https://tools.ietf.org/html/rfc6844) además del soporte de DANE.
+- Implementación de la [cadena recibida autenticada (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), esto es útil para las personas que publican en listas de correo [RFC8617](https://tools.ietf.org/html/rfc8617).
 - Programas de recompensa de errores y/o un proceso coordinado de divulgación de vulnerabilidades.
-- Website security standards such as:
-    - [Content Security Policy (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
+- Estándares de seguridad del sitio web tales como:
+    - [Política de seguridad de contenido (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
     - [RFC9163 Expect-CT](https://datatracker.ietf.org/doc/rfc9163/)
 
 ### Confianza
 
-You wouldn't trust your finances to someone with a fake identity, so why trust them with your email? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.
+No confiarías tus finanzas a alguien con una identidad falsa, así que ¿por qué confiarle tus datos de Internet? Exigimos a nuestros proveedores recomendados que hagan pública su propiedad o liderazgo. También nos gustaría ver informes de transparencia frecuentes, especialmente en lo que se refiere a cómo se gestionan las solicitudes del gobierno.
+
+**Mínimo para calificar:**
+
+- Liderazgo o propiedad de cara al público.
 
 **Mejor caso:**
 
-- Public-facing leadership or ownership.
-
-**Best Case:**
-
-- Public-facing leadership.
+- Liderazgo de cara al público.
 - Informes de transparencia frecuentes.
 
 ### Marketing
 
-With the email providers we recommend we like to see responsible marketing.
+Con los proveedores de correo electrónico que recomendamos nos gusta ver el marketing responsable.
 
 **Mejor caso:**
 
-- Debe tener análisis propios (no Google Analytics, etc.). The provider's site must also comply with [DNT (Do Not Track)](https://en.wikipedia.org/wiki/Do_Not_Track) for those who wish to opt-out.
+- Debe tener análisis propios (no Google Analytics, etc.). El sitio del proveedor también debe cumplir con [DNT (Do Not Track, sin rastreo)](https://en.wikipedia.org/wiki/Do_Not_Track) para las personas que deseen darse de baja.
 
-Must not have any marketing which is irresponsible:
+No debe tener ningún tipo de marketing que sea irresponsable:
 
-- Claims of "unbreakable encryption." Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
+- Reclamaciones de "cifrado irrompible" El cifrado debe usarse con la intención de que no sea secreto en el futuro cuando exista la tecnología para descifrarlo.
 - Garantizar la protección del anonimato al 100%. Cuando alguien afirma que algo es 100% significa que no hay certeza de fracaso. Sabemos que la gente puede desanonimizarse fácilmente de varias maneras, por ejemplo:
 
-- Reusing personal information e.g. (email accounts, unique pseudonyms, etc) that they accessed without anonymity software (Tor, VPN, etc)
+- Reutilizar información personal, por ejemplo (cuentas de correo electrónico, seudónimos únicos, etc.) a la que accedieron sin software de anonimato (Tor, VPN, etc.)
 - [Browser fingerprinting](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
 
-**Best Case:**
+**Mejor Caso:**
 
-- Clear and easy to read documentation. This includes things like, setting up 2FA, email clients, OpenPGP, etc.
+- Documentación clara y fácil de leer. Esto incluye cosas como configurar 2FA, clientes de correo electrónico, OpenPGP, etc.
 
 ### Funcionalidades adicionales
 
-While not strictly requirements, there are some other convenience or privacy factors we looked into when determining which providers to recommend.
+Aunque no son exactamente requisitos, hay algunos otros factores de conveniencia o privacidad que hemos analizado para determinar qué proveedores recomendar.

i18n/es/news-aggregators.md

@@ -1,37 +1,32 @@
 ---
-title: "News Aggregators"
+title: "Lectores de noticias"
 icon: octicons/rss-24
-description: These news aggregator clients let you keep up with your favorite blogs and news sites using internet standards like RSS.
+description: Estos clientes para la lectura de noticias le permiten estar al día con sus páginas de noticias favoritas, utilizando estándares de Internet como RSS.
 ---
 
-A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to keep up with your favorite blogs and news sites.
+Un [lector de noticias](https://en.wikipedia.org/wiki/News_aggregator) es una manera de estar al día con sus páginas de noticias favoritas.
 
-## Clientes agregadores
+## Clientes
 
-### Fluent Reader
+### Akregator
 
 !!! recomendación
 
     ![Akregator logo](assets/img/news-aggregators/akregator.svg){ align=right }
     
-    **Akregator** is a news feed reader that is a part of the [KDE](https://kde.org) project. [Visita hyliu.me](https://hyliu.me/fluent-reader){ .md-button .md-button--primary } [Política de Privacidad](https://github.com/yang991178/fluent-reader/wiki/Privacy){ .md-button }
+    **Akregator** es un lector de fuentes de noticias que es parte del proyecto [KDE](https://kde.org). Este incluye una búsqueda rápida, funcionalidades avanzadas de archivado y un navegador interno para facilitar la lectura de las noticias.
     
-    **Descargas**
-    - [:fontawesome-brands-windows: Windows](https://hyliu.me/fluent-reader)
-    - [:fontawesome-brands-app-store: Mac App Store](https://apps.apple.com/app/id1520907427)
-    - [:fontawesome-brands-github: Código Fuente](https://github.com/yang991178/fluent-reader.git)
-    
-    [:octicons-home-16: Homepage](https://apps.kde.org/akregator){ .md-button .md-button--primary }
+    [:octicons-home-16: Página principal](https://apps.kde.org/akregator){ .md-button .md-button--primary }
     [:octicons-eye-16:](https://kde.org/privacypolicy-apps){ .card-link title="Privacy Policy" }
     [:octicons-info-16:](https://docs.kde.org/?application=akregator){ .card-link title=Documentation}
     [:octicons-code-16:](https://invent.kde.org/pim/akregator){ .card-link title="Source Code" }
     [:octicons-heart-16:](https://kde.org/community/donations/){ .card-link title=Contribute }
     
-    ??? downloads
+    ??? descargas
     
         - [:simple-flathub: Flathub](https://flathub.org/apps/details/org.kde.akregator)
 
-### GNOME Feeds
+### Feeder
 
 !!! recomendación
 

i18n/fa/email.md

@@ -86,9 +86,6 @@ Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to
 
 Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Proton Mail doesn't offer a digital legacy feature.
 
 #### :material-information-outline:{ .pg-blue } Account Termination
 
@@ -98,6 +95,8 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
 
 Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
 
+Proton Mail doesn't offer a digital legacy feature.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/S
 
 Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
 
-#### :material-check:{ .pg-green } Digital Legacy
-
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
 
 All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
 
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+
 ## More Providers
 
 These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
@@ -202,10 +199,6 @@ StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/a
 
 StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-StartMail does not offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ On account expiration, StartMail will permanently delete your account after [6 m
 
 StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
 
+StartMail does not offer a digital legacy feature.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encr
 
 Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Digital Legacy
-
-Tutanota doesn't offer a digital legacy feature.
-
 #### :material-information-outline:{ .pg-blue } Account Termination
 
 Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
@@ -274,6 +265,8 @@ Tutanota offers the business version of [Tutanota to non-profit organizations](h
 
 Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
 
+Tutanota doesn't offer a digital legacy feature.
+
 ## Email Aliasing Services
 
 An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.

i18n/fr/android.md

@@ -43,9 +43,9 @@ Nous vous recommandons d'installer l'un de ces systèmes d'exploitation Android
     [:octicons-code-16:](https://grapheneos.org/source){ .card-link title="Code source" }
     [:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribuer }
 
-GrapheneOS prend en charge [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), qui exécute les [Services Google Play](https://fr.wikipedia.org/wiki/Services_Google_Play) entièrement sandboxed comme toute autre application normale. This means you can take advantage of most Google Play Services, such as [push notifications](https://firebase.google.com/docs/cloud-messaging/), while giving you full control over their permissions and access, and while containing them to a specific [work profile](os/android-overview.md#work-profile) or [user profile](os/android-overview.md#user-profiles) of your choice.
+GrapheneOS prend en charge [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), qui exécute les [Services Google Play](https://fr.wikipedia.org/wiki/Services_Google_Play) entièrement sandboxed comme toute autre application normale. Cela signifie que vous pouvez profiter de la plupart des services Google Play, tels que [les notifications push](https://firebase.google.com/docs/cloud-messaging/), tout en vous donnant un contrôle total sur leurs autorisations et leur accès, et tout en les contenant à un [profil de travail](os/android-overview.md#work-profile) ou un [profil d'utilisateur](os/android-overview.md#user-profiles) spécifique de votre choix.
 
-Google Pixel phones are the only devices that currently meet GrapheneOS's [hardware security requirements](https://grapheneos.org/faq#device-support).
+Les téléphones Google Pixel sont les seuls appareils qui répondent actuellement aux [exigences de sécurité matérielle](https://grapheneos.org/faq#device-support) de GrapheneOS.
 
 ### DivestOS
 
@@ -54,7 +54,7 @@ Google Pixel phones are the only devices that currently meet GrapheneOS's [hardw
     ![Logo DivestOS](assets/img/android/divestos.svg){ align=right }
     
     **DivestOS** est un léger dérivé de [LineageOS](https://lineageos.org/).
-    DivestOS hérite de nombreux [appareils pris en charge](https://divestos.org/index.php?page=devices&base=LineageOS) de LineageOS. Il a des versions signées, ce qui permet d'avoir un [démarrage vérifié](https://source.android.com/security/verifiedboot) sur certains appareils non-Pixel.
+    DivestOS hérite de nombreux [appareils pris en charge](https://divestos.org/index.php?page=devices&base=LineageOS) de LineageOS. Il a des versions signées, ce qui permet d'avoir un [démarrage vérifié](https://source.android.com/security/verifiedboot) sur certains appareils autres que des Pixel.
     
     [:octicons-home-16: Page d'accueil](https://divestos.org){ .md-button .md-button--primary }
     [:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Service oignon" }
@@ -63,11 +63,11 @@ Google Pixel phones are the only devices that currently meet GrapheneOS's [hardw
     [:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Code source" }
     [:octicons-heart-16:](https://divested.dev/index.php?page=donate){ .card-link title=Contribuer }
 
-DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, and a custom [hosts](https://divested.dev/index.php?page=dnsbl) file. Its hardened WebView, [Mulch](https://gitlab.com/divested-mobile/mulch), enables [CFI](https://en.wikipedia.org/wiki/Control-flow_integrity) for all architectures and [network state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning), and receives out-of-band updates. DivestOS also includes kernel patches from GrapheneOS and enables all available kernel security features via [defconfig hardening](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). All kernels newer than version 3.4 include full page [sanitization](https://lwn.net/Articles/334747/) and all ~22 Clang-compiled kernels have [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) enabled.
+DivestOS a une [correction](https://gitlab.com/divested-mobile/cve_checker) automatique des vulnérabilités de noyau ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)), moins de blobs propriétaires, et un fichier [hosts](https://divested.dev/index.php?page=dnsbl) personnalisé. Sa WebView renforcée, [Mulch](https://gitlab.com/divested-mobile/mulch), permet [CFI](https://en.wikipedia.org/wiki/Control-flow_integrity) pour toutes les architectures et [un partitionnement de l'état du réseau](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning), et reçoit des mises à jour hors bande. DivestOS inclut également les correctifs de noyau de GrapheneOS et active toutes les fonctions de sécurité de noyau disponibles via le [renforcement defconfig](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). Tous les noyaux plus récents que la version 3.4 incluent une [désinfection](https://lwn.net/Articles/334747/) complète de la page et tous les ~22 noyaux compilés par Clang ont [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) activé.
 
-DivestOS implements some system hardening patches originally developed for GrapheneOS. DivestOS 16.0 and higher implements GrapheneOS's [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) and SENSORS permission toggle, [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), [exec-spawning](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/#additional-hardening), [JNI](https://en.wikipedia.org/wiki/Java_Native_Interface) [constification](https://en.wikipedia.org/wiki/Const_(computer_programming)), and partial [bionic](https://en.wikipedia.org/wiki/Bionic_(software)) hardening patchsets. 17.1 and higher features GrapheneOS's per-network full [MAC randomization](https://en.wikipedia.org/wiki/MAC_address#Randomization) option, [`ptrace_scope`](https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) control, and automatic reboot/Wi-Fi/Bluetooth [timeout options](https://grapheneos.org/features).
+DivestOS met en œuvre certains correctifs de renforcement du système développés à l'origine pour GrapheneOS. DivestOS 16.0 et plus implémente les autorisations [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) et SENSORS de GrapheneOS, l'[allocateur de mémoire renforcé](https://github.com/GrapheneOS/hardened_malloc), l'[exec-spawning](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/#additional-hardening), la [constification](https://en.wikipedia.org/wiki/Java_Native_Interface) [JNI](https://en.wikipedia.org/wiki/Const_(computer_programming)), et des patchs de renforcement [bioniques](https://en.wikipedia.org/wiki/Bionic_(software)) partiels. Les versions 17.1 et supérieures offrent l'option de GrapheneOS pour [randomiser les adresses MAC](https://en.wikipedia.org/wiki/MAC_address#Randomization) entre réseaux, le contrôle [`ptrace_scope`](https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) et les options de redémarrage/coupure Wi-Fi/coupure Bluetooth automatique [sur délai](https://grapheneos.org/features).
 
-DivestOS uses F-Droid as its default app store. Normally, we would recommend avoiding F-Droid due to its numerous [security issues](#f-droid). However, doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repositories ([DivestOS Official](https://divestos.org/fdroid/official/?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467) and [DivestOS WebView](https://divestos.org/fdroid/webview/?fingerprint=FB426DA1750A53D7724C8A582B4D34174E64A84B38940E5D5A802E1DFF9A40D2)). We recommend disabling the official F-Droid app and using [Neo Store](https://github.com/NeoApplications/Neo-Store/) with the DivestOS repositories enabled to keep those components up to date. For other apps, our recommended methods of obtaining them still apply.
+DivestOS utilise F-Droid comme magasin d'applications par défaut. Normalement, nous recommanderions d'éviter F-Droid en raison de ses nombreux [problèmes de sécurité](#f-droid). Cependant, l'éviter sur DivestOS n'est pas viable ; les développeurs mettent à jour leurs applications via leurs propres dépôts F-Droid ([Official DivestOS](https://divestos.org/fdroid/official/?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467) et [WebView DivestOS](https://divestos.org/fdroid/webview/?fingerprint=FB426DA1750A53D7724C8A582B4D34174E64A84B38940E5D5A802E1DFF9A40D2)). Nous recommandons de désactiver l'application officielle F-Droid et d'utiliser le [Neo Store](https://github.com/NeoApplications/Neo-Store/) avec les dépôts DivestOS activés pour maintenir ces composants à jour. Pour les autres applications, nos méthodes recommandées pour les obtenir restent applicables.
 
 !!! warning "Avertissement"
 
@@ -77,21 +77,21 @@ DivestOS uses F-Droid as its default app store. Normally, we would recommend avo
 
 ## Appareils Android
 
-When purchasing a device, we recommend getting one as new as possible. The software and firmware of mobile devices are only supported for a limited time, so buying new extends that lifespan as much as possible.
+Lorsque vous achetez un appareil, nous vous recommandons d'en prendre un aussi neuf que possible. Les logiciels et les micrologiciels des appareils mobiles ne sont pris en charge que pour une durée limitée. L'achat de nouveaux appareils permet donc de prolonger cette durée de vie autant que possible.
 
-Avoid buying phones from mobile network operators. These often have a **locked bootloader** and do not support [OEM unlocking](https://source.android.com/devices/bootloader/locking_unlocking). These phone variants will prevent you from installing any kind of alternative Android distribution.
+Évitez d'acheter des téléphones auprès des opérateurs de réseaux mobiles. Ces derniers ont souvent un **chargeur d'amorçage verrouillé** et ne supportent pas le [déverrouillage constructeur](https://source.android.com/devices/bootloader/locking_unlocking). Ces variantes de téléphone vous empêcheront d'installer tout type de distribution Android alternative.
 
-Be very **careful** about buying second hand phones from online marketplaces. Always check the reputation of the seller. If the device is stolen, there's a possibility of [IMEI blacklisting](https://www.gsma.com/security/resources/imei-blacklisting/). There is also a risk involved with you being associated with the activity of the previous owner.
+Soyez très **prudent** lorsque vous achetez des téléphones d'occasion sur des marchés en ligne. Vérifiez toujours la réputation du vendeur. Si l'appareil est volé, il est possible que l'[IMEI soit mis sur liste noire](https://www.gsma.com/security/resources/imei-blacklisting/). Il y a également un risque d'être associé à l'activité de l'ancien propriétaire.
 
-A few more tips regarding Android devices and operating system compatibility:
+Quelques conseils supplémentaires concernant les appareils Android et la compatibilité des systèmes d'exploitation :
 
-- Do not buy devices that have reached or are near their end-of-life, additional firmware updates must be provided by the manufacturer.
-- Do not buy preloaded LineageOS or /e/ OS phones or any Android phones without proper [Verified Boot](https://source.android.com/security/verifiedboot) support and firmware updates. These devices also have no way for you to check whether they've been tampered with.
-- In short, if a device or Android distribution is not listed here, there is probably a good reason. Check out our [forum](https://discuss.privacyguides.net/) to find details!
+- N'achetez pas d'appareils qui ont atteint ou sont sur le point d'atteindre leur fin de vie, des mises à jour supplémentaires du micrologiciel doivent être fournies par le fabricant.
+- N'achetez pas de téléphones LineageOS ou /e/ OS préchargés ou tout autre téléphone Android sans prise en charge adéquate du [Démarrage Vérifié](https://source.android.com/security/verifiedboot) et sans mises à jour du micrologiciel. En outre, ces appareils ne vous permettent pas de vérifier s'ils ont été manipulés.
+- En bref, si un appareil ou une distribution Android ne figure pas dans cette liste, il y a probablement une bonne raison. Consultez notre [forum](https://discuss.privacyguides.net/) pour en savoir plus !
 
 ### Google Pixel
 
-Google Pixel phones are the **only** devices we recommend for purchase. Pixel phones have stronger hardware security than any other Android devices currently on the market, due to proper AVB support for third-party operating systems and Google's custom [Titan](https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html) security chips acting as the Secure Element.
+Les téléphones Google Pixel sont les **seuls** appareils dont nous recommandons l'achat. Les téléphones Pixel ont une sécurité matérielle plus forte que tous les autres appareils Android actuellement sur le marché, grâce à une prise en charge AVB adéquate pour les systèmes d'exploitation tiers et aux puces de sécurité personnalisées [Titan](https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html) de Google faisant office d'Elément Sécurisé.
 
 !!! recommendation
 
@@ -103,22 +103,22 @@ Google Pixel phones are the **only** devices we recommend for purchase. Pixel ph
     
     [:material-shopping: Boutique](https://store.google.com/category/phones){ .md-button .md-button--primary }
 
-Secure Elements like the Titan M2 are more limited than the processor's Trusted Execution Environment used by most other phones as they are only used for secrets storage, hardware attestation, and rate limiting, not for running "trusted" programs. Phones without a Secure Element have to use the TEE for *all* of those functions, resulting in a larger attack surface.
+Les Eléments Sécurisés comme le Titan M2 sont plus limités que le Trusted Execution Environment du processeur utilisé par la plupart des autres téléphones, car ils ne sont utilisés que pour le stockage des secrets, l'attestation matérielle et la limitation du débit, et non pour exécuter des programmes "de confiance". Les téléphones dépourvus d'un Elément Sécurisé doivent utiliser le TEE pour *toutes* ces fonctions, ce qui élargit la surface d'attaque.
 
-Google Pixel phones use a TEE OS called Trusty which is [open-source](https://source.android.com/security/trusty#whyTrusty), unlike many other phones.
+Les téléphones Google Pixel utilisent un OS TEE appelé Trusty qui est [open source](https://source.android.com/security/trusty#whyTrusty), contrairement à de nombreux autres téléphones.
 
-The installation of GrapheneOS on a Pixel phone is easy with their [web installer](https://grapheneos.org/install/web). If you don't feel comfortable doing it yourself and are willing to spend a bit of extra money, check out the [NitroPhone](https://shop.nitrokey.com/shop) as they come preloaded with GrapheneOS from the reputable [Nitrokey](https://www.nitrokey.com/about) company.
+L'installation de GrapheneOS sur un téléphone Pixel est facile avec leur [installateur web](https://grapheneos.org/install/web). Si vous ne vous sentez pas à l'aise pour le faire vous-même et que vous êtes prêt à dépenser un peu plus d'argent, consultez le site [NitroPhone](https://shop.nitrokey.com/shop) car ils sont préchargés avec GrapheneOS et viennent de la société réputée [Nitrokey](https://www.nitrokey.com/about).
 
-A few more tips for purchasing a Google Pixel:
+Quelques conseils supplémentaires pour l'achat d'un Google Pixel :
 
-- If you're after a bargain on a Pixel device, we suggest buying an "**a**" model, just after the next flagship is released. Discounts are usually available because Google will be trying to clear their stock.
-- Consider price beating options and specials offered at physical stores.
-- Look at online community bargain sites in your country. These can alert you to good sales.
-- Google provides a list showing the [support cycle](https://support.google.com/nexus/answer/4457705) for each one of their devices. The price per day for a device can be calculated as: $\text{Cost} \over \text {EOL Date}-\text{Current Date}$, meaning that the longer use of the device the lower cost per day.
+- Si vous cherchez une bonne affaire pour un appareil Pixel, nous vous suggérons d'acheter un modèle "**a**", juste après la sortie du prochain produit phare de la marque. Des remises sont généralement disponibles parce que Google essaie d'écouler son stock.
+- Tenez compte des offres spéciales et réductions proposées par les magasins en dur.
+- Consultez les sites communautaires de bonnes affaires en ligne dans votre pays. Ils peuvent vous alerter lors de bonnes ventes.
+- Google fournit une liste indiquant le [cycle de support](https://support.google.com/nexus/answer/4457705) pour chacun de ses appareils. Le prix par jour d'un appareil peut être calculé comme suit : $\text{Coût} \over \text {Date fin de vie}-\text{Date du jour}$, ce qui signifie que plus l'utilisation de l'appareil est longue, plus le coût par jour est faible.
 
 ## Applications générales
 
-We recommend a wide variety of Android apps throughout this site. The apps listed here are Android-exclusive and specifically enhance or replace key system functionality.
+Nous recommandons une grande variété d'applications Android sur ce site. Les applications répertoriées ici sont exclusives à Android et améliorent ou remplacent les principales fonctionnalités du système.
 
 ### Shelter
 
@@ -142,7 +142,7 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
 
     Shelter est recommandé par rapport à [Insular](https://secure-system.gitlab.io/Insular/) et [Island](https://github.com/oasisfeng/island) car il prend en charge le [blocage de la recherche de contact](https://secure-system.gitlab.io/Insular/faq.html).
     
-    En utilisant Shelter, vous accordez une confiance totale à son développeur, car Shelter agit en tant qu'[Administrateur de l'appareil](https://developer.android.com/guide/topics/admin/device-admin) pour créer le Profil de Travail, et il a un accès étendu aux données stockées dans ce dernier.
+    En utilisant Shelter, vous accordez une confiance totale à son développeur, car Shelter agit en tant qu'[administrateur de l'appareil](https://developer.android.com/guide/topics/admin/device-admin) pour créer le Profil de Travail, et il a un accès étendu aux données stockées dans ce dernier.
 
 ### Auditor
 
@@ -151,7 +151,7 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
     ![Logo d'Auditor](assets/img/android/auditor.svg#only-light){ align=right }
     ![Logo d'Auditor](assets/img/android/auditor-dark.svg#only-dark){ align=right }
     
-    **Auditor** est une application qui exploite les fonctions de sécurité matérielle pour assurer le contrôle de l'intégrité des [appareils pris en charge](https://attestation.app/about#device-support). Actuellement, il ne fonctionne qu'avec GrapheneOS et le système d'exploitation d'origine de l'appareil.
+    **Auditor** est une application qui exploite les fonctions de sécurité matérielle pour assurer le contrôle de l'intégrité des [appareils pris en charge](https://attestation.app/about#device-support). Pour le moment elle ne fonctionne qu'avec GrapheneOS et le système d'exploitation d'origine de l'appareil.
     
     [:octicons-home-16: Page d'accueil](https://attestation.app){ .md-button .md-button--primary }
     [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Politique de confidentialité" }
@@ -165,17 +165,17 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
         - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
         - [:material-cube-outline: Magasin d'application de GrapheneOS](https://github.com/GrapheneOS/Apps/releases)
 
-Auditor performs attestation and intrusion detection by:
+Auditor effectue l'attestation et la détection d'intrusion :
 
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
+- A l'aide d'un modèle de [Confiance lors de la première utilisation (TOFU - Trust On First Use)](https://en.wikipedia.org/wiki/Trust_on_first_use) entre un *auditeur* et un *audité*, la paire établit une clé privée dans le trousseau [matériel](https://source.android.com/security/keystore/) d'*Auditor*.
+- L'*auditeur* peut être une autre instance de l'application Auditor ou le [Service d'Attestation à Distance](https://attestation.app).
+- L'*auditeur* enregistre l'état et la configuration actuels de l'*audité*.
+- En cas d'altération du système d'exploitation de l'*audité* après l'appairage, l'auditeur sera informé de la modification de l'état et des configurations de l'appareil.
+- Vous serez alerté de ce changement.
 
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+Aucune donnée à charactère personnel n'est soumise au service d'attestation. Nous vous recommandons de vous inscrire avec un compte anonyme et d'activer l'attestation à distance pour un contrôle continu.
 
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+Si votre [modèle de menace](basics/threat-modeling.md) nécessite une certaine confidentialité, vous pouvez envisager d'utiliser [Orbot](tor.md#orbot) ou un VPN pour cacher votre adresse IP au service d'attestation. Pour s'assurer de l'authenticité de votre matériel et de votre système d'exploitation, [effectuez une attestation locale](https://grapheneos.org/install/web#verifying-installation) immédiatement après l'installation de l'appareil et avant toute connexion à internet.
 
 ### Secure Camera
 
@@ -197,11 +197,11 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
         - [:simple-github: GitHub](https://github.com/GrapheneOS/Camera/releases)
         - [:material-cube-outline: Magasin d'application de GrapheneOS](https://github.com/GrapheneOS/Apps/releases)
 
-Main privacy features include:
+Les principales caractéristiques de confidentialité comprennent :
 
-- Auto removal of [Exif](https://en.wikipedia.org/wiki/Exif) metadata (enabled by default)
-- Use of the new [Media](https://developer.android.com/training/data-storage/shared/media) API, therefore [storage permissions](https://developer.android.com/training/data-storage) are not required
-- Microphone permission not required unless you want to record sound
+- Suppression automatique des métadonnées [Exif](https://en.wikipedia.org/wiki/Exif) (activée par défaut)
+- Utilisation de la nouvelle API [Media](https://developer.android.com/training/data-storage/shared/media), donc les [autorisations de stockage](https://developer.android.com/training/data-storage) ne sont pas nécessaires
+- L'autorisation microphone n'est pas nécessaire, sauf si vous souhaitez enregistrer des sons
 
 !!! note "À noter"
 
@@ -232,13 +232,13 @@ Main privacy features include:
 
 ## Obtenir des applications
 
-### Magasin d'applications GrapheneOS
+### Magasin d'applications de GrapheneOS
 
-GrapheneOS's app store is available on [GitHub](https://github.com/GrapheneOS/Apps/releases). It supports Android 12 and above and is capable of updating itself. The app store has standalone applications built by the GrapheneOS project such as the [Auditor](https://attestation.app/), [Camera](https://github.com/GrapheneOS/Camera), and [PDF Viewer](https://github.com/GrapheneOS/PdfViewer). If you are looking for these applications, we highly recommend that you get them from GrapheneOS's app store instead of the Play Store, as the apps on their store are signed by the GrapheneOS's project own signature that Google does not have access to.
+Le magasin d'applications de GrapheneOS est disponible sur [GitHub](https://github.com/GrapheneOS/Apps/releases). Il prend en charge Android 12 et plus et est capable de se mettre à jour. Le magasin d'applications contient des applications indépendantes construites par le projet GrapheneOS, telles que [Auditor](https://attestation.app/), [Camera](https://github.com/GrapheneOS/Camera), et [PDF Viewer](https://github.com/GrapheneOS/PdfViewer). Si vous recherchez ces applications, nous vous recommandons vivement de les obtenir à partir du magasin d'applications de GrapheneOS plutôt que du Play Store, car les applications de leur magasin sont signées par la signature du projet GrapheneOS à laquelle Google n'a pas accès.
 
 ### Aurora Store
 
-The Google Play Store requires a Google account to login which is not great for privacy. You can get around this by using an alternative client, such as Aurora Store.
+Le Google Play Store nécessite un compte Google pour se connecter, ce qui n'est pas idéal pour la confidentialité. Vous pouvez contourner ce problème en utilisant un client alternatif, tel que Aurora Store.
 
 !!! recommendation
 
@@ -253,29 +253,29 @@ The Google Play Store requires a Google account to login which is not great for
     
         - [:simple-gitlab: GitLab](https://gitlab.com/AuroraOSS/AuroraStore/-/releases)
 
-Aurora Store does not allow you to download paid apps with their anonymous account feature. You can optionally log in with your Google account with Aurora Store to download apps you have purchased, which does give access to the list of apps you've installed to Google, however you still benefit from not requiring the full Google Play client and Google Play Services or microG on your device.
+Aurora Store ne vous permet pas de télécharger des applications payantes grâce à sa fonction de compte anonyme. Vous pouvez éventuellement vous connecter avec votre compte Google sur Aurora Store pour télécharger les applications que vous avez achetées, ce qui donne accès à la liste des applications que vous avez installées à Google, mais vous bénéficiez toujours de l'avantage de ne pas avoir besoin du client Google Play complet et des services Google Play ou microG sur votre appareil.
 
 ### Manuellement avec les notifications RSS
 
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+Pour les applications publiées sur des plateformes telles que GitHub et GitLab, vous pouvez ajouter un flux RSS à votre [agrégateur d'actualités](/news-aggregators) qui vous aidera à suivre les nouvelles versions.
 
 ![APK RSS](./assets/img/android/rss-apk-light.png#only-light) ![APK RSS](./assets/img/android/rss-apk-dark.png#only-dark) ![Notes de version APK](./assets/img/android/rss-changes-light.png#only-light) ![Notes de version APK](./assets/img/android/rss-changes-dark.png#only-dark)
 
 #### GitHub
 
-On GitHub, using [Secure Camera](#secure-camera) as an example, you would navigate to its [releases page](https://github.com/GrapheneOS/Camera/releases) and append `.atom` to the URL:
+Sur GitHub, en prenant l'exemple de [Secure Camera](#secure-camera), vous naviguez vers sa [page de publications](https://github.com/GrapheneOS/Camera/releases) et ajoutez `.atom` à l'URL :
 
 `https://github.com/GrapheneOS/Camera/releases.atom`
 
 #### GitLab
 
-On GitLab, using [Aurora Store](#aurora-store) as an example, you would navigate to its [project repository](https://gitlab.com/AuroraOSS/AuroraStore) and append `/-/tags?format=atom` to the URL:
+Sur GitLab, en prenant l'exemple de [Aurora Store](#aurora-store), vous naviguez vers son [dépôt de projet](https://gitlab.com/AuroraOSS/AuroraStore) et ajoutez `/-/tags?format=atom` à l'URL :
 
 `https://gitlab.com/AuroraOSS/AuroraStore/-/tags?format=atom`
 
 #### Vérifier les empreintes numériques des APK
 
-If you download APK files to install manually, you can verify their signature with the [`apksigner`](https://developer.android.com/studio/command-line/apksigner) tool, which is a part of Android [build-tools](https://developer.android.com/studio/releases/build-tools).
+Si vous téléchargez des fichiers APK à installer manuellement, vous pouvez vérifier leur signature à l'aide de l'outil [`apksigner`](https://developer.android.com/studio/command-line/apksigner), qui fait partie des [build-tools](https://developer.android.com/studio/releases/build-tools) d'Android.
 
 1. Installez [Java JDK](https://www.oracle.com/java/technologies/downloads/).
 
@@ -295,7 +295,7 @@ If you download APK files to install manually, you can verify their signature wi
     ./build-tools/29.0.3/apksigner verify --print-certs ../Camera-37.apk
     ```
 
-5. Les hachés obtenus peuvent ensuite être comparés avec une autre source. Certains développeurs, comme Signal, [montrent les empreintes numériques](https://signal.org/android/apk/) sur leur site web.
+5. Les hachés obtenus peuvent ensuite être comparés avec une autre source. Certains développeurs, comme Signal, [fournissent les empreintes numériques](https://signal.org/android/apk/) sur leur site web.
 
     ```bash
     Signer #1 certificate DN: CN=GrapheneOS
@@ -308,17 +308,17 @@ If you download APK files to install manually, you can verify their signature wi
 
 ![Logo F-Droid](assets/img/android/f-droid.svg){ align=right width=120px }
 
-==We do **not** currently recommend F-Droid as a way to obtain apps.== F-Droid is often recommended as an alternative to Google Play, particularly in the privacy community. The option to add third-party repositories and not be confined to Google's walled garden has led to its popularity. F-Droid additionally has [reproducible builds](https://f-droid.org/en/docs/Reproducible_Builds/) for some applications and is dedicated to free and open-source software. However, there are [notable problems](https://privsec.dev/posts/android/f-droid-security-issues/) with the official F-Droid client, their quality control, and how they build, sign, and deliver packages.
+==Nous ne recommandons **pas** actuellement F-Droid comme moyen d'obtenir des applications.== F-Droid est souvent recommandé comme une alternative à Google Play, en particulier dans la communauté de la vie privée. La possibilité d'ajouter des dépôts tiers et de ne pas être confiné au jardin clos de Google a conduit à sa popularité. F-Droid dispose en outre de [versions reproductibles](https://f-droid.org/en/docs/Reproducible_Builds/) pour certaines applications et est dédié aux logiciels libres et open source. Cependant, il y a des [problèmes notables](https://privsec.dev/posts/android/f-droid-security-issues/) avec le client officiel F-Droid, leur contrôle de qualité, et la façon dont ils construisent, signent, et livrent les paquets.
 
-Due to their process of building apps, apps in the official F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust.
+En raison de leur processus de construction d'applications, les applications du dépôt officiel de F-Droid sont souvent en retard sur les mises à jour. Les mainteneurs de F-Droid réutilisent également les identifiants des paquets tout en signant les applications avec leurs propres clés, ce qui n'est pas idéal car cela donne à l'équipe F-Droid une confiance ultime.
 
-Other popular third-party repositories such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from GitHub and is the next best thing to the developers' own repositories. However, it is not something that we can recommend, as apps are typically [removed](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) from that respository when they make it to the main F-Droid repository. While that makes sense (since the goal of that particular repository is to host apps before they're accepted into the main F-Droid repository), it can leave you with installed apps which no longer receive updates.
+D'autres dépôts tiers populaires tels que [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) atténuent certains de ces problèmes. Le dépôt IzzyOnDroid récupère les versions directement depuis GitHub et constitue la meilleure alternative aux dépôts des développeurs. Cependant, ce n'est pas quelque chose que nous pouvons recommander, car les applications sont généralement [retirées](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) de ce dépôt lorsqu'elles arrivent dans le dépôt principal de F-Droid. Bien que cela soit logique (puisque le but de ce dépôt particulier est d'héberger des applications avant qu'elles ne soient acceptées dans le dépôt principal de F-Droid), cela peut vous laisser avec des applications installées qui ne reçoivent plus de mises à jour.
 
-That said, the [F-Droid](https://f-droid.org/en/packages/) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) repositories are home to countless apps, so they can be a useful tool to search for and discover open-source apps that you can then download through Play Store, Aurora Store, or by getting the APK directly from the developer. It is important to keep in mind that some apps in these repositories have not been updated in years and may rely on unsupported libraries, among other things, posing a potential security risk. You should use your best judgement when looking for new apps via this method.
+Cela dit, les dépôts [F-Droid](https://f-droid.org/en/packages/) et [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) abritent d'innombrables applications. Ils peuvent donc être un outil utile pour rechercher et découvrir des applications open-source que vous pouvez ensuite télécharger via le Play Store, Aurora Store ou en obtenant l'APK directement auprès du développeur. Il est important de garder à l'esprit que certaines applications de ces dépôts n'ont pas été mises à jour depuis des années et peuvent s'appuyer sur des bibliothèques non maintenues, entre autres, ce qui constitue un risque potentiel pour la sécurité. Vous devez faire preuve de discernement lorsque vous recherchez de nouvelles applications par cette méthode.
 
 !!! note "À noter"
 
-    Dans certains cas rares, le développeur d'une application ne la distribue que par le biais de F-Droid ([Gadgetbridge](https://gadgetbridge.org/) en est un exemple). Si vous avez vraiment besoin d'une telle application, nous vous recommandons d'utiliser [Neo Store](https://github.com/NeoApplications/Neo-Store/) au lieu de l'application officielle F-Droid pour l'obtenir.
+    Dans certains cas rares, le développeur d'une application ne la distribue que par le biais de F-Droid ([Gadgetbridge](https://gadgetbridge.org/) en est un exemple). Si vous avez vraiment besoin d'une telle application, nous vous recommandons d'utiliser le [Neo Store](https://github.com/NeoApplications/Neo-Store/) au lieu de l'application officielle F-Droid pour l'obtenir.
 
 ## Critères
 
@@ -331,23 +331,23 @@ That said, the [F-Droid](https://f-droid.org/en/packages/) and [IzzyOnDroid](htt
 ### Systèmes d'exploitation
 
 - Doit être un logiciel open source.
-- Must support bootloader locking with custom AVB key support.
-- Must receive major Android updates within 0-1 months of release.
-- Must receive Android feature updates (minor version) within 0-14 days of release.
-- Must receive regular security patches within 0-5 days of release.
-- Must **not** be "rooted" out of the box.
-- Must **not** enable Google Play Services by default.
-- Must **not** require system modification to support Google Play Services.
+- Doit prendre en charge le verrouillage du chargeur d'amorçage avec prise en charge d'une clé AVB personnalisée.
+- Doit recevoir les mises à jour majeures d'Android dans le mois suivant leur publication.
+- Doit recevoir les mises à jour des fonctionnalités d'Android (version mineure) dans les 14 jours suivant leur publication.
+- Doit recevoir les correctifs de sécurité réguliers dans les 5 jours suivant leur publication.
+- Ne doit **pas** être fourni "rooté".
+- Ne doit **pas** activer les services Google Play par défaut.
+- Ne doit **pas** nécessiter une modification du système pour prendre en charge les services Google Play.
 
 ### Appareils
 
-- Must support at least one of our recommended custom operating systems.
-- Must be currently sold new in stores.
-- Must receive a minimum of 5 years of security updates.
-- Must have dedicated secure element hardware.
+- Doit prendre en charge au moins l'un des systèmes d'exploitation personnalisés que nous recommandons.
+- Doit être actuellement vendu neuf en magasin.
+- Doit recevoir un minimum de 5 ans de mises à jour de sécurité.
+- Doit disposer d'un matériel dédié aux éléments sécurisés.
 
 ### Applications
 
-- Applications on this page must not be applicable to any other software category on the site.
-- General applications should extend or replace core system functionality.
-- Applications should receive regular updates and maintenance.
+- Les applications de cette page ne doivent pas être applicables à une autre catégorie de logiciels sur le site.
+- Les applications générales doivent étendre ou remplacer les fonctionnalités de base du système.
+- Les applications doivent être régulièrement mises à jour et maintenues.

i18n/fr/dns.md

@@ -4,9 +4,9 @@ icon: material/dns
 description: Voici quelques fournisseurs de DNS chiffrés que nous vous recommandons d'utiliser pour remplacer la configuration par défaut de votre FAI.
 ---
 
-Les DNS cryptés avec des serveurs tiers ne doivent être utilisés que pour contourner le blocage DNS de base [](https://en.wikipedia.org/wiki/DNS_blocking) lorsque vous pouvez être sûr qu'il n'y aura pas de conséquences. Le DNS chiffré ne vous aidera pas à dissimuler vos activités de navigation.
+Les DNS chiffrés avec des serveurs tiers ne doivent être utilisés que pour contourner le [blocage DNS](https://en.wikipedia.org/wiki/DNS_blocking) de base lorsque vous pouvez être sûr qu'il n'y aura pas de conséquences. Le DNS chiffré ne vous aidera pas à dissimuler vos activités de navigation.
 
-[En savoir plus sur DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
+[En savoir plus sur les DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
 
 ## Fournisseurs recommandés
 

i18n/fr/email.md

@@ -86,9 +86,6 @@ Proton Mail a [du chiffrement OpenPGP intégré](https://proton.me/support/how-t
 
 Proton Mail prend également en charge la découverte de clés publiques via HTTP à partir de leur [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). Cela permet aux personnes qui n'utilisent pas Proton Mail de trouver facilement les clés OpenPGP des comptes Proton Mail, pour un E2EE inter-fournisseurs.
 
-#### :material-alert-outline:{ .pg-orange } Héritage numérique
-
-Proton Mail ne propose pas de fonction d'héritage numérique.
 
 #### :material-information-outline:{ .pg-blue } Résiliation du compte
 
@@ -98,6 +95,8 @@ Si vous avez un compte payant et que votre [facture est impayée](https://proton
 
 Proton Mail propose un compte "Illimité" pour 9,99 €/mois, qui permet également d'accéder à Proton VPN en plus de fournir plusieurs comptes, domaines, alias et 500 Go de stockage.
 
+Proton Mail ne propose pas de fonction d'héritage numérique.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -138,10 +137,6 @@ Mailbox.org a [du chiffrement intégré](https://kb.mailbox.org/display/MBOKBEN/
 
 Mailbox.org prend également en charge la découverte de clés publiques via HTTP à partir de leur [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). Cela permet aux personnes extérieures à Mailbox.org de trouver facilement les clés OpenPGP des comptes Mailbox.org, pour un E2EE inter-fournisseurs.
 
-#### :material-check:{ .pg-green } Héritage numérique
-
-Mailbox.org dispose d'une fonction d'héritage numérique pour toutes les offres. Vous pouvez choisir de transmettre certaines de vos données à vos héritiers, à condition d'en faire la demande et de fournir votre testament. Vous pouvez également désigner une personne par son nom et son adresse.
-
 #### :material-information-outline:{ .pg-blue } Résiliation du compte
 
 Votre compte sera défini comme un compte d'utilisateur restreint à la fin de votre contrat, après [30 jours, il sera irrévocablement supprimé](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ Vous pouvez accéder à votre compte Mailbox.org via IMAP/SMTP en utilisant leur
 
 Tous les comptes sont assortis d'un espace de stockage cloud limité qui [peut être chiffré](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org propose également l'alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), qui applique le chiffrement TLS à la connexion entre les serveurs mail, faute de quoi le message ne sera pas envoyé. Mailbox.org prend également en charge [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) en plus des protocoles d'accès standard comme IMAP et POP3.
 
+Mailbox.org dispose d'une fonction d'héritage numérique pour toutes les offres. Vous pouvez choisir de transmettre certaines de vos données à vos héritiers, à condition d'en faire la demande et de fournir votre testament. Vous pouvez également désigner une personne par son nom et son adresse.
+
 ## D'autres fournisseurs
 
 Ces fournisseurs stockent vos emails avec un chiffrement à connaissance zéro, ce qui en fait d'excellentes options pour assurer la sécurité de vos emails stockés. Cependant, ils ne prennent pas en charge les normes de chiffrement interopérables pour des communications E2EE entre fournisseurs.
@@ -202,10 +199,6 @@ StartMail permet d'importer des [contacts](https://support.startmail.com/hc/en-u
 
 StartMail a [du chiffrement intégré](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) dans son webmail, ce qui simplifie l'envoi de messages chiffrés avec des clés publiques OpenPGP. Cependant, ils ne supportent pas la norme Web Key Directory, ce qui rend la découverte de la clé publique d'une boîte mail Startmail plus difficile pour d'autres fournisseurs ou clients email.
 
-#### :material-alert-outline:{ .pg-orange } Héritage numérique
-
-StartMail ne propose pas de fonction d'héritage numérique.
-
 #### :material-information-outline:{ .pg-blue } Résiliation du compte
 
 A l'expiration du compte, StartMail supprimera définitivement votre compte après [6 mois en 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ A l'expiration du compte, StartMail supprimera définitivement votre compte apr
 
 StartMail permet de faire passer les images des emails par leur serveur proxy. Si vous autorisez le chargement de l'image distante, l'expéditeur ne saura pas quelle est votre adresse IP.
 
+StartMail ne propose pas de fonction d'héritage numérique.
+
 ### Tutanota
 
 !!! recommendation
@@ -260,10 +255,6 @@ Tutanota dispose d'un [chiffrement accès zéro au repos](https://tutanota.com/f
 
 Tutanota [n'utilise pas OpenPGP](https://www.tutanota.com/faq/#pgp). Les comptes Tutanota ne peuvent recevoir des emails chiffrés provenant de comptes email non Tutanota que s'ils sont envoyés via une [boîte mail temporaire Tutanota](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } Héritage numérique
-
-Tutanota ne propose pas de fonction d'héritage numérique.
-
 #### :material-information-outline:{ .pg-blue } Résiliation du compte
 
 Tutanota supprimera [les comptes gratuits inactifs](https://tutanota.com/faq#inactive-accounts) après six mois. Vous pouvez réutiliser un compte gratuit désactivé si vous payez.
@@ -274,6 +265,8 @@ Tutanota offre la version professionnelle de [Tutanota aux organisations à but
 
 Tutanota dispose également d'une fonction commerciale appelée [Secure Connect](https://tutanota.com/secure-connect/). Cela garantit que le contact du client avec l'entreprise utilise E2EE. La fonctionnalité coûte 240 €/an.
 
+Tutanota ne propose pas de fonction d'héritage numérique.
+
 ## Services d'alias d'emails
 
 Un service d'alias d'emails vous permet de générer facilement une nouvelle adresse email pour chaque site web auquel vous vous inscrivez. Les alias que vous créez sont ensuite transférés vers une adresse email de votre choix, ce qui permet de masquer à la fois votre adresse email "principale" et l'identité de votre fournisseur d'email. Un véritable alias d'email est mieux que l'adressage plus, couramment utilisé et pris en charge par de nombreux fournisseurs, qui vous permet de créer des alias tels que votrenom+[nimportequoiici]@exemple.fr, car les sites web, les annonceurs et les réseaux de pistage peuvent trivialement supprimer tout ce qui suit le signe + pour connaître votre véritable adresse email.

i18n/he/advanced/communication-network-types.md

@@ -1,7 +1,7 @@
 ---
 title: "סוגי רשתות תקשורת"
 icon: 'material/transit-connection-variant'
-description: An overview of several network architectures commonly used by instant messaging applications.
+description: סקירה כללית של מספר ארכיטקטורות רשת הנפוצות בשימוש יישומי הודעות מיידיות.
 ---
 
 ישנן מספר ארכיטקטורות רשת הנפוצות להעברת הודעות בין אנשים. רשתות אלו יכולות לספק הבטחות פרטיות שונות, וזו הסיבה שכדאי לקחת בחשבון את [מודל האיום](../basics/threat-modeling.md) שלך בעת ההחלטה באיזו אפליקציה להשתמש.

i18n/he/advanced/dns-overview.md

@@ -1,7 +1,7 @@
 ---
 title: "סקירה כללית של DNS"
 icon: material/dns
-description: The Domain Name System is the "phonebook of the internet," helping your browser find the website it's looking for.
+description: מערכת שמות הדומיין היא "ספר הטלפונים של האינטרנט", שעוזרת לדפדפן שלך למצוא את האתר שהוא מחפש.
 ---
 
 [מערכת שמות הדומיין](https://en.wikipedia.org/wiki/Domain_Name_System) היא 'ספר הטלפונים של האינטרנט'. DNS מתרגם שמות דומיין לכתובות IP כך שדפדפנים ושירותים אחרים יכולים לטעון משאבי אינטרנט, דרך רשת מבוזרת של שרתים.

i18n/he/advanced/payments.md

@@ -57,7 +57,7 @@ icon: material/hand-coin
 
 - [מטבעות קריפטוגרפיים מומלצים :material-arrow-right-drop-circle:](../cryptocurrency.md#coins)
 
-מטבעות פרטיות היו נתונים לבדיקה גוברת של סוכנויות ממשלתיות. בשנת 2020, [ IRS פרסם פרס של $625,000 ](https://www.forbes.com/sites/kellyphillipserb/2020/09/14/irs-will-pay-up-to-625000-if-you-can-crack-monero-other-privacy-coins/?sh=2e9808a085cc) עבור כלים שיכולים לשבור את פרטיות העסקאות של Bitcoin Lightning Network ו/או של Monero. בסופו של דבר [הם שילמו לשתי חברות](https://sam.gov/opp/5ab94eae1a8d422e88945b64181c6018/view) (Chainalysis ו-Integra Fec) סך של 1.25 מיליון דולר עבור כלים שמתיימרים לעשות זאת (לא ידוע לאיזו רשת מטבעות קריפטוגרפיים מכוונים הכלים הללו). Due to the secrecy surrounding tools like these, ==none of these methods of tracing cryptocurrencies have been independently confirmed.== However, it is quite likely that tools which assist targeted investigations into private coin transactions exist, and that privacy coins only succeed in thwarting mass surveillance.
+מטבעות פרטיות היו נתונים לבדיקה גוברת של סוכנויות ממשלתיות. בשנת 2020, [ IRS פרסם פרס של $625,000 ](https://www.forbes.com/sites/kellyphillipserb/2020/09/14/irs-will-pay-up-to-625000-if-you-can-crack-monero-other-privacy-coins/?sh=2e9808a085cc) עבור כלים שיכולים לשבור את פרטיות העסקאות של Bitcoin Lightning Network ו/או של Monero. בסופו של דבר [הם שילמו לשתי חברות](https://sam.gov/opp/5ab94eae1a8d422e88945b64181c6018/view) (Chainalysis ו-Integra Fec) סך של 1.25 מיליון דולר עבור כלים שמתיימרים לעשות זאת (לא ידוע לאיזו רשת מטבעות קריפטוגרפיים מכוונים הכלים הללו). בשל הסודיות סביב כלים כמו אלה, ==אף אחת מהשיטות הללו למעקב אחר מטבעות קריפטוגרפיים לא אושרה באופן עצמאי.== עם זאת, סביר מאוד להניח שקיימים כלים המסייעים לחקירות ממוקדות של עסקאות מטבעות פרטיות, ושמטבעות פרטיות מצליחים רק בסיכול מעקב המוני.
 
 ### מטבעות אחרים (ביטקוין, את'ריום וכו')
 

i18n/he/android.md

@@ -1,7 +1,7 @@
 ---
 title: "אנדרואיד"
 icon: 'simple/android'
-description: You can replace the operating system on your Android phone with these secure and privacy-respecting alternatives.
+description: אתה יכול להחליף את מערכת ההפעלה בטלפון האנדרואיד שלך בחלופות מאובטחות ומכבדות פרטיות אלה.
 ---
 
 ![לוגו אנדרואיד](assets/img/android/android.svg){ align=right }

i18n/he/basics/account-creation.md

@@ -1,7 +1,7 @@
 ---
 title: "יצירת חשבון"
 icon: 'material/account-plus'
-description: Creating accounts online is practically an internet necessity, take these steps to make sure you stay private.
+description: יצירת חשבונות מקוונים היא למעשה צורך באינטרנט, בצע את הצעדים האלה כדי לוודא שאתה נשאר פרטי.
 ---
 
 לעתים קרובות אנשים נרשמים לשירותים מבלי לחשוב. אולי זה שירות סטרימינג כדי שתוכל לצפות בתוכנית החדשה שכולם מדברים עליה, או חשבון שנותן לך הנחה למקום האוכל המהיר האהוב עליך. לא משנה מה המקרה, עליך לשקול את ההשלכות על הנתונים שלך כעת ובהמשך בהמשך הקו.

i18n/he/basics/account-deletion.md

@@ -1,7 +1,7 @@
 ---
 title: "מחיקת חשבון"
 icon: 'material/account-remove'
-description: It's easy to accumulate a large number of internet accounts, here are some tips on how to prune your collection.
+description: קל לצבור מספר רב של חשבונות אינטרנט, הנה כמה טיפים כיצד לגזום את האוסף שלך.
 ---
 
 עם הזמן, זה יכול להיות קל לצבור מספר חשבונות מקוונים, שרבים מהם אולי כבר לא תשתמשו בהם. מחיקת חשבונות שאינם בשימוש היא צעד חשוב בהחזרת הפרטיות שלך, מכיוון שחשבונות רדומים חשופים לפרצות מידע. פרצת נתונים היא כאשר אבטחת השירות נפגעת ומידע מוגן נצפה, מועבר או נגנב על ידי שחקנים לא מורשים. פרצות מידע הן למרבה הצער כולן [נפוצות מדי](https://haveibeenpwned.com/PwnedWebsites) בימינו, ולכן תרגול היגיינה דיגיטלית טובה היא הדרך הטובה ביותר למזער את ההשפעה שיש להן על חייך. המטרה של מדריך זה היא אם כן לעזור לנווט אותך בתהליך המעיק של מחיקת חשבון, שלעתים קרובות מקשה על ידי [עיצוב מטעה](https://www.deceptive.design/), למען השיפור של הנוכחות המקוונת שלך.

i18n/he/basics/common-misconceptions.md

@@ -1,7 +1,7 @@
 ---
 title: "תפיסות מוטעות נפוצות"
 icon: 'material/robot-confused'
-description: Privacy isn't a straightforward topic, and it's easy to get caught up in marketing claims and other disinformation.
+description: פרטיות היא לא נושא פשוט, וקל להיקלע לטענות שיווקיות ודיסאינפורמציה אחרת.
 ---
 
 ## "תוכנת קוד פתוח תמיד מאובטחת" או "תוכנה קניינית מאובטחת יותר"

i18n/he/basics/common-threats.md

@@ -1,7 +1,7 @@
 ---
 title: "איומים נפוצים"
 icon: 'material/eye-outline'
-description: Your threat model is personal to you, but these are some of the things many visitors to this site care about.
+description: מודל האיום שלך הוא אישי עבורך, אך אלו הם חלק מהדברים שמהם אכפת למבקרים רבים באתר זה.
 ---
 
 באופן כללי, אנו מסווגים את ההמלצות שלנו ל[איומים](threat-modeling.md) או יעדים שחלים על רוב האנשים. ==ייתכן שאתה מודאג מאף אחת, אחת, כמה, או מכל האפשרויות האלה==, והכלים והשירותים שבהם אתה משתמש תלויים במטרותיך. ייתכן שיש לך איומים ספציפיים גם מחוץ לקטגוריות האלה, וזה בסדר גמור! החלק החשוב הוא פיתוח הבנה של היתרונות והחסרונות של הכלים שבהם אתה בוחר להשתמש, כי למעשה אף אחד מהם לא יגן עליך מכל איום.

i18n/he/basics/email-security.md

@@ -1,7 +1,7 @@
 ---
 title: אבטחת אימייל
 icon: material/email
-description: Email is inherently insecure in many ways, and these are some of the reasons it isn't our top choice for secure communications.
+description: אימייל הוא מטבעו לא מאובטח במובנים רבים, ואלה חלק מהסיבות שהוא לא הבחירה המובילה שלנו לתקשורת מאובטחת.
 ---
 
 אימייל הוא צורת תקשורת לא מאובטחת כברירת מחדל. אתה יכול לשפר את אבטחת האימייל שלך עם כלים כגון OpenPGP, שמוסיפים הצפנה מקצה לקצה להודעות שלך, אך ל-OpenPGP עדיין יש מספר חסרונות בהשוואה להצפנה ביישומי הודעות אחרים, וחלק מנתוני הדוא"ל לעולם אינם יכולים להיות מוצפנים מטבעם. לאופן עיצוב האימייל.

i18n/he/basics/passwords-overview.md

@@ -1,7 +1,7 @@
 ---
 title: "מבוא לסיסמאות"
 icon: 'material/form-textbox-password'
-description: These are some tips and tricks on how to create the strongest passwords and keep your accounts secure.
+description: אלו הם כמה טיפים וטריקים כיצד ליצור את הסיסמאות החזקות ביותר ולשמור על אבטחת החשבונות שלך.
 ---
 
 סיסמאות הן חלק חיוני מחיינו הדיגיטליים היומיומיים. אנו משתמשים בהם כדי להגן על החשבונות שלנו, המכשירים והסודות שלנו. למרות היותם לעתים קרובות הדבר היחיד בינינו לבין יריב שרודף אחרי המידע הפרטי שלנו, לא מושקעת בהם הרבה מחשבה, מה שמוביל לרוב לכך שאנשים משתמשים בסיסמאות שניתן לנחש בקלות או להכריח אותן.

i18n/he/basics/vpn-overview.md

@@ -1,12 +1,12 @@
 ---
 title: סקירה כללית של VPN
 icon: material/vpn
-description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
+description: רשתות וירטואליות פרטיות מעבירות את הסיכון מספק שירותי האינטרנט שלך לצד שלישי שאתה סומך עליו. כדאי לזכור את הדברים האלה.
 ---
 
 רשתות וירטואליות פרטיות הן דרך להרחיב את הקצה של הרשת שלך ליציאה למקום אחר בעולם. ספק שירותי אינטרנט יכול לראות את זרימת תעבורת האינטרנט הנכנסת ויוצאת ממכשיר סיום הרשת שלך (כלומר מודם).
 
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+פרוטוקולי הצפנה כגון HTTPS נמצאים בשימוש נפוץ באינטרנט, כך שהם אולי לא יוכלו לראות בדיוק מה אתה מפרסם או קורא, אבל הם יכולים לקבל מושג על [הדומיינים שאתה מבקש](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
 
 VPN יכול לעזור מכיוון שהוא יכול להעביר אמון לשרת במקום אחר בעולם. כתוצאה מכך, ספק שירותי האינטרנט רואה רק שאתה מחובר ל-VPN ושום דבר לגבי הפעילות שאתה מעביר אליו.
 

i18n/he/calendar.md

@@ -1,7 +1,7 @@
 ---
 title: "סנכרון לוח שנה"
 icon: material/calendar
-description: Calendars contain some of your most sensitive data; use products that implement encryption at rest.
+description: לוחות שנה מכילים חלק מהנתונים הרגישים ביותר שלך; השתמש במוצרים המטמיעים הצפנה במנוחה.
 ---
 
 לוחות שנה מכילים חלק מהנתונים הרגישים ביותר שלך; השתמש במוצרים המיישמים E2EE ב - מנוחה כדי למנוע מספק לקרוא אותם.

i18n/he/cloud.md

@@ -1,7 +1,7 @@
 ---
 title: "אחסון בענן"
 icon: material/file-cloud
-description: Many cloud storage providers require your trust that they will not look at your files. These are private alternatives!
+description: ספקי אחסון בענן רבים דורשים את האמון שלך שהם לא יסתכלו על הקבצים שלך. אלו חלופות פרטיות!
 ---
 
 ספקי אחסון ענן רבים דורשים את האמון המלא שלך בכך שהם לא יסתכלו על הקבצים שלך. החלופות המפורטות להלן מבטלות את הצורך באמון על ידי מתן שליטה על הנתונים שלך או על ידי יישום E2EE.

i18n/he/data-redaction.md

@@ -1,7 +1,7 @@
 ---
 title: "הפחתת נתונים ומטא נתונים"
 icon: material/tag-remove
-description: Use these tools to remove metadata like GPS location and other identifying information from photos and files you share.
+description: השתמש בכלים אלה כדי להסיר מטא נתונים כמו מיקום GPS ומידע מזהה אחר מתמונות וקבצים שאתה משתף.
 ---
 
 בעת שיתוף קבצים, הקפד להסיר מטא נתונים משויכים. קבצי תמונה כוללים בדרך כלל [נתוני Exif](https://en.wikipedia.org/wiki/Exif). תמונות לפעמים אפילו כוללות קואורדינטות GPS במטא-נתונים של הקובץ.

i18n/he/desktop-browsers.md

@@ -1,7 +1,7 @@
 ---
 title: "דפדפנים שולחניים"
 icon: material/laptop
-description: Firefox and Brave are our recommendations for standard/non-anonymous browsing.
+description: Firefox ו-Brave הן ההמלצות שלנו לגלישה רגילה/לא אנונימית.
 ---
 
 אלה הדפדפנים והתצורות המומלצים כרגע לגלישה רגילה/לא אנונימית. אם אתה צריך לגלוש באינטרנט באופן אנונימי, אתה צריך להשתמש [Tor](tor.md) במקום. באופן כללי, אנו ממליצים לשמור על הרחבות הדפדפן שלך למינימום; יש להם גישה מורשית בתוך הדפדפן שלך, דורשים ממך לסמוך על המפתח, יכולים לגרום לך [להתבלט](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), ו[להחליש](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) את בידוד האתר.

i18n/he/dns.md

@@ -1,7 +1,7 @@
 ---
 title: "ספקי DNS"
 icon: material/dns
-description: These are some encrypted DNS providers we recommend switching to, to replace your ISP's default configuration.
+description: אלו הם כמה ספקי DNS מוצפנים שאנו ממליצים לעבור אליהם, כדי להחליף את תצורת ברירת המחדל של ספק שירותי האינטרנט שלך.
 ---
 
 יש להשתמש ב-DNS מוצפן עם שרתי צד שלישי רק כדי לעקוף [חסימת DNS](https://en.wikipedia.org/wiki/DNS_blocking) בסיסית כאשר אתה יכול להיות בטוח שלא יהיו השלכות. DNS מוצפן לא יעזור לך להסתיר את פעילות הגלישה שלך.

i18n/he/email-clients.md

@@ -1,7 +1,7 @@
 ---
 title: "לקוחות אימייל"
 icon: material/email-open
-description: These email clients are privacy-respecting and support OpenPGP email encryption.
+description: לקוחות אימייל אלה מכבדים פרטיות ותומכים בהצפנת אימייל OpenPGP.
 ---
 
 רשימת ההמלצות שלנו מכילה לקוחות אימייל התומכים הן ב[OpenPGP](encryption.md#openpgp) והן באימות חזק כגון [הרשאת פתוחה ](https://en.wikipedia.org/wiki/OAuth)(OAuth). OAuth מאפשר לך להשתמש ב - [אימות רב - גורמי](basics/multi-factor-authentication.md) ולמנוע גניבת חשבון.

i18n/he/email.md

@@ -1,7 +1,7 @@
 ---
 title: "שירותי אימייל"
 icon: material/email
-description: These email providers offer a great place to store your emails securely, and many offer interoperable OpenPGP encryption with other providers.
+description: ספקי אימייל אלה מציעים מקום מצוין לאחסן את המיילים שלך בצורה מאובטחת, ורבים מציעים הצפנת OpenPGP הניתנת להפעלה הדדית עם ספקים אחרים.
 ---
 
 אימייל הוא למעשה הכרח לשימוש בכל שירות מקוון, אולם איננו ממליצים עליו לשיחות מאדם לאדם. דואר אלקטרוני הוא למעשה הכרח שימוש בכל שירות מקוון, אולם איננו ממליצים עליו לשיחות מאדם לאדם.
@@ -68,7 +68,7 @@ description: These email providers offer a great place to store your emails secu
 
 #### :material-check:{ .pg-green } שיטות תשלום פרטיות
 
-Proton Mail [accepts](https://proton.me/support/payment-options) cash by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
+Proton Mail [מקבל](https://proton.me/support/payment-options) מזומן בדואר בנוסף לתשלומי אשראי/חיוב רגילים, [ביטקוין](advanced/payments.md#other-coins-bitcoin-ethereum-etc) ופייפאל.
 
 #### :material-check:{ .pg-green } אבטחת חשבון
 
@@ -86,9 +86,6 @@ Proton Mail [שילבה הצפנת OpenPGP](https://proton.me/support/how-to-use
 
 Proton Mail תומך גם בגילוי מפתחות ציבוריים באמצעות HTTP מ[ספריית מפתחות האינטרנט (WKD)](https://wiki.gnupg.org/WKD) שלהם. זה מאפשר לאנשים שאינם משתמשים ב-Proton Mail למצוא בקלות את מפתחות OpenPGP של חשבונות Proton Mail, עבור E2EE חוצה ספקים.
 
-#### :material-alert-outline:{ .pg-orange } מורשת דיגיטלית
-
-Proton Mail אינו מציע תכונה מורשת דיגיטלית.
 
 #### :material-information-outline:{ .pg-blue } סגירת חשבון
 
@@ -98,6 +95,8 @@ Proton Mail אינו מציע תכונה מורשת דיגיטלית.
 
 Proton Mail מציע חשבון "ללא הגבלה" במחיר של €9.99/חודש, המאפשר גם גישה ל-Proton VPN בנוסף לאספקת מספר חשבונות, דומיינים, כינויים ושטח אחסון של 500GB.
 
+Proton Mail אינו מציע תכונה מורשת דיגיטלית.
+
 ### Mailbox.org
 
 !!! recommendation
@@ -120,7 +119,7 @@ Mailbox.org מאפשר לך להשתמש בדומיין משלך, והם תומ
 
 #### :material-check:{ .pg-green } שיטות תשלום פרטיות
 
-Mailbox.org doesn't accept any cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. עם זאת, הם מקבלים מזומן בדואר, תשלום במזומן לחשבון בנק, העברה בנקאית, כרטיס אשראי, PayPal ועוד כמה מעבדים ספציפיים לגרמניה: paydirekt ו-Sofortüberweisung.
+Mailbox.org אינו מקבל מטבעות קריפטוגרפיים כלשהם כתוצאה מכך שמעבד התשלומים BitPay השהה את הפעולות בגרמניה. עם זאת, הם מקבלים מזומן בדואר, תשלום במזומן לחשבון בנק, העברה בנקאית, כרטיס אשראי, PayPal ועוד כמה מעבדים ספציפיים לגרמניה: paydirekt ו-Sofortüberweisung.
 
 #### :material-check:{ .pg-green } אבטחת חשבון
 
@@ -138,10 +137,6 @@ Mailbox.org מאפשר הצפנה של דואר נכנס באמצעות [תיב
 
 Mailbox.org תומך גם בגילוי מפתחות ציבוריים באמצעות HTTP מ-[Web Key Directory (WKD)](https://wiki.gnupg.org/WKD) שלהם. זה מאפשר לאנשים מחוץ Mailbox.org למצוא את מפתחות OpenPGP של חשבונות Mailbox.org בקלות, עבור E2EE חוצה ספקים.
 
-#### :material-check:{ .pg-green } מורשת דיגיטלית
-
-Mailbox.org כולל תכונת מורשת דיגיטלית לכל התוכניות. אתה יכול לבחור אם אתה רוצה שכל הנתונים שלך יועברו ליורשים בתנאי שהם חלים ומספקים את הצוואה שלך. לחלופין, ניתן למנות אדם לפי שם וכתובת.
-
 #### :material-information-outline:{ .pg-blue } סגירת חשבון
 
 החשבון שלך יוגדר לחשבון משתמש מוגבל כאשר החוזה שלך יסתיים, לאחר [30 יום הוא יימחק באופן בלתי הפיך](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
@@ -152,6 +147,8 @@ Mailbox.org כולל תכונת מורשת דיגיטלית לכל התוכני
 
 כל החשבונות מגיעים עם אחסון ענן מוגבל ש[ניתן להצפנה](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org מציעה גם את הכינוי [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), אשר אוכף את הצפנת TLS על החיבור בין שרתי דואר, אחרת ההודעה לא תישלח כלל. Mailbox.org תומך גם ב-[Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) בנוסף לפרוטוקולי גישה סטנדרטיים כמו IMAP ו-POP3.
 
+Mailbox.org כולל תכונת מורשת דיגיטלית לכל התוכניות. אתה יכול לבחור אם אתה רוצה שכל הנתונים שלך יועברו ליורשים בתנאי שהם חלים ומספקים את הצוואה שלך. לחלופין, ניתן למנות אדם לפי שם וכתובת.
+
 ## עוד ספקים
 
 ספקים אלה מאחסנים את המיילים שלך עם הצפנת אפס ידע, מה שהופך אותם לאפשרויות נהדרות לשמירה על אבטחת המיילים המאוחסנים שלך. עם זאת, הם אינם תומכים בתקני הצפנה הניתנים להפעלה הדדית עבור תקשורת E2EE בין ספקים.
@@ -186,7 +183,7 @@ Mailbox.org כולל תכונת מורשת דיגיטלית לכל התוכני
 
 #### :material-alert-outline:{ .pg-orange } שיטות תשלום פרטיות
 
-StartMail מקבלת ויזה, מאסטרקארד, אמריקן אקספרס ו - Paypal. StartMail also has other [payment options](https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods) such as [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc) (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.
+StartMail מקבלת ויזה, מאסטרקארד, אמריקן אקספרס ו - Paypal. ל-StartMail יש גם [אפשרויות תשלום](https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods) אחרות כגון [ביטקוין](advanced/payments.md#other-coins-bitcoin-ethereum-etc) (כרגע רק עבור חשבונות אישיים) ו-SEPA ישיר עבור חשבונות מעל שנה.
 
 #### :material-check:{ .pg-green } אבטחת חשבון
 
@@ -202,10 +199,6 @@ StartMail תומך בייבוא [אנשי קשר](https://support.startmail.com/
 
 ל-StartMail [הצפנה משולבת](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) בדואר האינטרנט שלהם, מה שמקל על שליחת הודעות מוצפנות עם מפתחות OpenPGP ציבוריים. עם זאת, הם אינם תומכים בתקן Web Key Directory, מה שהופך את גילוי המפתח הציבורי של תיבת דואר של Startmail למאתגר יותר עבור ספקי אימייל או לקוחות אחרים.
 
-#### :material-alert-outline:{ .pg-orange } מורשת דיגיטלית
-
-StartMail אינו מציע תכונה דיגיטלית מדור קודם.
-
 #### :material-information-outline:{ .pg-blue } סגירת חשבון
 
 עם פקיעת החשבון, StartMail תמחק לצמיתות את חשבונך לאחר [ 6 חודשים בשלושה שלבים](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
@@ -214,6 +207,8 @@ StartMail אינו מציע תכונה דיגיטלית מדור קודם.
 
 StartMail מאפשר פרוקסי של תמונות בתוך הודעות דוא"ל. אם תאפשרו את טעינת התמונה המרוחקת, השולח לא יידע מהי כתובת ה-IP שלכם.
 
+StartMail אינו מציע תכונה דיגיטלית מדור קודם.
+
 ### Tutanota
 
 !!! recommendation
@@ -246,7 +241,7 @@ Tutanota אינה משתמשת בפרוטוקול [IMAP](https://tutanota.com/fa
 
 #### :material-information-outline:{ .pg-blue } שיטות תשלום פרטיות
 
-Tutanota only directly accepts credit cards and PayPal, however [cryptocurrency](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tutanota.com/faq/#cryptocurrency) with Proxystore.
+Tutanota מקבל ישירות כרטיסי אשראי ופייפאל, אולם ניתן להשתמש ב[מטבע קריפטוגרפי](cryptocurrency.md) לרכישת כרטיסי מתנה באמצעות [שותפות](https://tutanota.com/faq/#cryptocurrency) שלהם עם Proxystore.
 
 #### :material-check:{ .pg-green } אבטחת חשבון
 
@@ -256,14 +251,10 @@ Tutanota תומך ב[אימות דו-שלבי](https://tutanota.com/faq#2fa) ע
 
 ל-Tutanota יש [הצפנת גישה אפס בזמן מנוחה](https://tutanota.com/faq#what-encrypted) עבור המיילים, [אנשי הקשר בפנקס](https://tutanota.com/faq#encrypted-address-book) הכתובות ו[היומנים](https://tutanota.com/faq#calendar) שלך. משמעות הדבר היא שההודעות ונתונים אחרים המאוחסנים בחשבונך ניתנים לקריאה רק על ידך.
 
-#### :material-information-outline:{ .pg-blue } Email Encryption
+#### :material-information-outline:{ .pg-blue } הצפנת אימייל
 
 Tutanota [אינו משתמש ב-OpenPGP](https://www.tutanota.com/faq/#pgp). חשבונות Tutanota יכולים לקבל אימיילים מוצפנים רק מחשבונות אימייל שאינם של Tutanota כאשר הם נשלחים דרך [תיבת דואר זמנית של Tutanota](https://www.tutanota.com/howto/#encrypted-email-external).
 
-#### :material-alert-outline:{ .pg-orange } מורשת דיגיטלית
-
-Tutanota לא מציעה פיצ'ר מורשת דיגיטלית.
-
 #### :material-information-outline:{ .pg-blue } סגירת חשבון
 
 Tutanota [ימחק חשבונות בחינם לא פעילים](https://tutanota.com/faq#inactive-accounts) לאחר שישה חודשים. אם ברצונך לשלם, באפשרותך להשתמש שוב בחשבון חינמי שהושבת.
@@ -274,6 +265,8 @@ Tutanota מציעה את הגרסה העסקית של [Tutanota לארגונים
 
 ל-Tutanota יש גם תכונה עסקית בשם [חיבור מאובטח](https://tutanota.com/secure-connect/). זה מבטיח שיצירת קשר עם הלקוח לעסק משתמשת ב- E2EE. התכונה עולה 240 אירו לשנה.
 
+Tutanota לא מציעה פיצ'ר מורשת דיגיטלית.
+
 ## שירותי כינוי דוא"ל
 
 שירות כינוי דוא"ל מאפשר לך ליצור בקלות כתובת דוא"ל חדשה עבור כל אתר שאתה נרשם אליו. כינויי הדואר האלקטרוני שאתה יוצר מועברים לאחר מכן לכתובת דוא"ל שתבחר, תוך הסתרת כתובת הדוא"ל "הראשית" שלך וגם זהות ספק הדוא"ל שלך. כינוי דוא"ל אמיתי טוב יותר מאשר כתובת פלוס הנפוצה בשימוש ונתמך על ידי ספקים רבים, מה שמאפשר לך ליצור כינויים כמו yourname+[anythinghere]@example.com, מכיוון שאתרים, מפרסמים ורשתות מעקב יכולים להסיר כל דבר לאחר סימן + כדי לדעת את כתובת הדוא"ל האמיתית שלך.

i18n/he/encryption.md

@@ -1,7 +1,7 @@
 ---
 title: "תוכנת הצפנה"
 icon: material/file-lock
-description: הצפנה של נתונים היא הדרך היחידה לשלוט מי יכול לגשת אליו. These tools allow you to encrypt your emails and any other files.
+description: הצפנה של נתונים היא הדרך היחידה לשלוט מי יכול לגשת אליו. כלים אלה מאפשרים לך להצפין את המיילים שלך וכל קובץ אחר.
 ---
 
 הצפנה של נתונים היא הדרך היחידה לשלוט מי יכול לגשת אליו. אם אינך משתמש כעת בתוכנת הצפנה עבור הדיסק הקשיח, הודעות הדוא"ל או הקבצים שלך, עליך לבחור אפשרות כאן.

i18n/he/financial-services.md

@@ -15,20 +15,20 @@ icon: material/bank
 
     בנקים וספקי כרטיסי אשראי רבים מציעים פונקציונליות מקורית של כרטיסים וירטואליים. אם אתה משתמש באחד שכבר מספק את האפשרות הזו, עליך להשתמש בו על פני ההמלצות הבאות ברוב המקרים. כך אינך סומך על מספר צדדים עם המידע האישי שלך.
 
-### Privacy.com (US)
+### Privacy.com (ארה"ב)
 
 !!! recommendation
 
     ![Privacy.com לוגו](assets/img/financial-services/privacy_com.svg#only-light){ align=right }
     ![Privacy.com לוגו](assets/img/financial-services/privacy_com-dark.svg#only-dark){ align=right }
     
-    התוכנית החינמית של **Privacy.com** מאפשרת לך ליצור עד 12 כרטיסים וירטואליים בחודש, להגדיר מגבלות הוצאות על כרטיסים אלה ולכבות כרטיסים באופן מיידי. Their paid plan allows you to create up to 36 cards per month, get 1% cash back on purchases, and hide transaction information from your bank.
+    התוכנית החינמית של **Privacy.com** מאפשרת לך ליצור עד 12 כרטיסים וירטואליים בחודש, להגדיר מגבלות הוצאות על כרטיסים אלה ולכבות כרטיסים באופן מיידי. התוכנית בתשלום שלהם מאפשרת לך ליצור עד 36 כרטיסים בחודש, לקבל החזר של 1% מזומן על רכישות ולהסתיר מידע של העסקה מהבנק שלך.
     
     [:octicons-home-16: דף הבית](https://privacy.com){ .md-button .md-button--primary }
     [:octicons-eye-16:](https://privacy.com/privacy-policy){ .card-link title="מדיניות פרטיות" }
     [:octicons-info-16:](https://support.privacy.com/hc/en-us){ .card-link title=תיעוד}
 
-Privacy.com gives information about the merchants you purchase from to your bank by default. Their paid "discreet merchants" feature hides merchant information from your bank, so your bank only sees that a purchase was made with Privacy.com but not where that money was spent, however that is not foolproof, and of course Privacy.com still has knowledge about the merchants you are spending money with.
+Privacy.com מספק מידע על הסוחרים מהם אתה רוכש לבנק שלך כברירת מחדל. תכונת "סוחרים דיסקרטיים" בתשלום שלהם מסתירה מידע סוחר מהבנק שלך, כך שהבנק שלך רואה רק שבוצעה רכישה עם Privacy.com אבל לא איפה הכסף הזה הוצא, אבל זה לא חסין תקלות, וכמובן ש-Privacy.com עדיין יש ידע על הסוחרים שאיתם אתה מוציא כסף.
 
 ### MySudo (ארה"ב, בתשלום)
 

i18n/he/frontends.md

@@ -1,7 +1,7 @@
 ---
 title: "חזיתות"
 icon: material/flip-to-front
-description: These open-source frontends for various internet services allow you to access content without JavaScript or other annoyances.
+description: ממשקי קוד פתוח אלה לשירותי אינטרנט שונים מאפשרים לך לגשת לתוכן ללא JavaScript או מטרדים אחרים.
 ---
 
 לפעמים שירותים ינסו לאלץ אותך להירשם לחשבון על ידי חסימת גישה לתוכן עם חלונות קופצים מעצבנים. הם יכולים להישבר גם ללא הפעלת JavaScript. חזיתות אלה יכולות לאפשר לך לעקוף את ההגבלות הללו.

i18n/he/kb-archive.md

@@ -1,7 +1,7 @@
 ---
 title: ארכיון KB
 icon: material/archive
-description: Some pages that used to be in our knowledge base can now be found on our blog.
+description: חלק מהדפים שהיו בעבר במאגר הידע שלנו נמצאים כעת בבלוג שלנו.
 ---
 
 # דפים הועברו לבלוג

i18n/he/mobile-browsers.md

@@ -1,7 +1,7 @@
 ---
 title: "דפדפני אינטרנט לנייד"
 icon: material/cellphone-information
-description: These browsers are what we currently recommend for standard/non-anonymous internet browsing on your phone.
+description: דפדפנים אלו הם מה שאנו ממליצים כיום עבור גלישה רגילה/לא אנונימית באינטרנט בטלפון שלך.
 ---
 
 אלו הם דפדפני האינטרנט הניידים המומלצים כרגע והתצורות שלנו לגלישה רגילה/לא אנונימית באינטרנט. אם אתה צריך לגלוש באינטרנט באופן אנונימי, אתה צריך להשתמש [Tor](tor.md) במקום. באופן כללי, אנו ממליצים לשמור על הרחבות למינימום; יש להם גישה מוסמכת בתוך הדפדפן שלך, דורשים ממך לסמוך על המפתח, יכולים לגרום לך [להיות בולט](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), [ולהחליש](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) את בידוד האתר.

i18n/he/multi-factor-authentication.md

@@ -1,7 +1,7 @@
 ---
 title: "מאמתים מרובי גורמים"
 icon: 'material/two-factor-authentication'
-description: These tools assist you with securing your internet accounts with Multi-Factor Authentication without sending your secrets to a third-party.
+description: כלים אלה מסייעים לך באבטחת חשבונות האינטרנט שלך באמצעות אימות רב-גורמי מבלי לשלוח את הסודות שלך לצד שלישי.
 ---
 
 ## מפתחות אבטחה של חומרה