From 5e38994584aa9ec670da831ab9ee607c3397bd6b Mon Sep 17 00:00:00 2001
From: Daniel Nathan Gray <dng@disroot.org>
Date: Fri, 29 Nov 2019 09:01:06 +0000
Subject: [PATCH 1/2] IPv6 badge for Mullvad  (#1537)

IPv6 badge for Mullvad
Add IPv6 to Best Case for Technology
---
 _includes/sections/vpn.html | 2 ++
 pages/providers/vpn.html    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html
index 81a9b996..94860ea9 100644
--- a/_includes/sections/vpn.html
+++ b/_includes/sections/vpn.html
@@ -22,6 +22,8 @@
     <blockquote class="blockquote">
       <p class="mb-0">...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p>
     </blockquote>
+    <h5><span class="badge badge-success">IPv6 Support</span></h5>
+    <p>Mullvad supports the future of networking <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. Their network allows users to <a href="https://mullvad.net/en/blog/2014/9/15/ipv6-support/">access services hosted on IPv6</a> as opposed to other providers who block IPv6 connections.</p>
     <h5><span class="badge badge-success">Accepts Bitcoin</span></h5>
     <p>Mullvad in addition to accepting credit/debit cards and PayPal, accepts <strong>Bitcoin</strong>, <strong>Bitcoin Cash</strong>, and <strong>cash/local currency</strong> as anonymous forms of payment. They also accept Swish and bank wire transfers.</p>
     <h5><span class="badge badge-warning">No Mobile Clients</span></h5>
diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index dca3bab3..55a8274c 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -62,6 +62,7 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
         <li>OpenVPN and WireGuard support.</li>
         <li>Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)</li>
         <li>Easy-to-use mobile clients, especially open-source.</li>
+        <li>Supports <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.</li>
       </ul>
     </div>
 

From 475b0334800aa273cd382ee18d872d2e7fb61890 Mon Sep 17 00:00:00 2001
From: Daniel Nathan Gray <dng@disroot.org>
Date: Fri, 29 Nov 2019 16:52:21 +0000
Subject: [PATCH 2/2] Addition of responsible marketing section (#1538)

Addition of responsible marketing section with mention of self-hosting analytics
---
 pages/providers/vpn.html | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index 55a8274c..79d3e6bd 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -125,6 +125,36 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
       </ul>
     </div>
 
+    <div class="col-12">
+      <h3><span class="badge badge-info">Marketing</span></h3>
+      <p>With the VPN providers we recommend we like to see responsible marketing.</p>
+    </div>
+    <div class="col-md-6">
+      <p><strong>Minimum to Qualify:</strong></p>
+      <ul>
+          <li>Must self host analytics (no Google Analytics etc). The provider's site must also comply with <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DNT (Do Not Track)</a> for those users who want to opt-out.</li>
+      </ul>
+      </li>
+      <p>Must not have any marketing which is irresponsible:</p>
+        <ul>
+          <li>Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, eg:</li>
+          <ul>
+            <li>Reusing personal information eg. (email accounts, unique pseudonyms etc) that they accessed without anonymity software (Tor, VPN etc)</li>
+            <li><a href="https://www.privacytools.io/browsers/#fingerprint">Browser fingerprinting</a></li>
+          </ul>
+          <li>Claim that a single circuit VPN is "more anonymous" than Tor, which is a circuit of 3 or more hops that regularly changes.</a></li>
+          <li>Use responsible language, eg it is okay to say that a VPN is "disconnected" or "not connected", however claiming that a user is "exposed", "vulnerable" or "compromised" is needless use of alarming language that may be incorrect. For example the visiting user might be on another VPN provider's service or using Tor.</li>
+        </ul>
+    </div>
+    <div class="col-md-6">
+      <p><strong>Best Case:</strong></p>
+      <p>Responsible marketing that is both educational and useful to the consumer could include:</p>
+      <ul>
+        <li>A accurate comparison to when Tor or other <a href="https://www.privacytools.io/software/networks/">Self contained networks</a> should be used.</li>
+        <li>Availability of the VPN provider's website over a .onion <a href="https://en.wikipedia.org/wiki/.onion">Hidden Service</a></li>
+      </ul>
+    </div>
+
     <div class="col-12">
       <h3><span class="badge badge-info">Additional Functionality</span></h3>
       <p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.</p>