privacyguides/privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

Fix conflict with master

Browse Source
This commit is contained in:
Daniel Gray 2019-11-29 17:07:34 +00:00
commit 1bee88b6f5
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
2 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_includes/sections/vpn.html
View File

@ -22,6 +22,8 @@
<blockquote class="blockquote"> <blockquote class="blockquote">
<p class="mb-0">...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p> <p class="mb-0">...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p>
</blockquote> </blockquote>
<h5><span class="badge badge-success">IPv6 Support</span></h5>
<p>Mullvad supports the future of networking <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. Their network allows users to <a href="https://mullvad.net/en/blog/2014/9/15/ipv6-support/">access services hosted on IPv6</a> as opposed to other providers who block IPv6 connections.</p>
<h5><span class="badge badge-success">Accepts Bitcoin</span></h5> <h5><span class="badge badge-success">Accepts Bitcoin</span></h5>
<p>Mullvad in addition to accepting credit/debit cards and PayPal, accepts <strong>Bitcoin</strong>, <strong>Bitcoin Cash</strong>, and <strong>cash/local currency</strong> as anonymous forms of payment. They also accept Swish and bank wire transfers.</p> <p>Mullvad in addition to accepting credit/debit cards and PayPal, accepts <strong>Bitcoin</strong>, <strong>Bitcoin Cash</strong>, and <strong>cash/local currency</strong> as anonymous forms of payment. They also accept Swish and bank wire transfers.</p>
<h5><span class="badge badge-warning">No Mobile Clients</span></h5> <h5><span class="badge badge-warning">No Mobile Clients</span></h5>

31
pages/providers/vpn.html
View File

@ -62,6 +62,7 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
<li>OpenVPN and WireGuard support.</li> <li>OpenVPN and WireGuard support.</li>
<li>Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)</li> <li>Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)</li>
<li>Easy-to-use VPN clients, especially open-source. Even better if the Android version is also <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">available in F-Droid</a>.</li> <li>Easy-to-use VPN clients, especially open-source. Even better if the Android version is also <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">available in F-Droid</a>.</li>
<li>Supports <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.</li>
</ul> </ul>
</div> </div>
@ -124,6 +125,36 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
</ul> </ul>
</div> </div>
<div class="col-12">
<h3><span class="badge badge-info">Marketing</span></h3>
<p>With the VPN providers we recommend we like to see responsible marketing.</p>
</div>
<div class="col-md-6">
<p><strong>Minimum to Qualify:</strong></p>
<ul>
<li>Must self host analytics (no Google Analytics etc). The provider's site must also comply with <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DNT (Do Not Track)</a> for those users who want to opt-out.</li>
</ul>
</li>
<p>Must not have any marketing which is irresponsible:</p>
<ul>
<li>Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, eg:</li>
<ul>
<li>Reusing personal information eg. (email accounts, unique pseudonyms etc) that they accessed without anonymity software (Tor, VPN etc)</li>
<li><a href="https://www.privacytools.io/browsers/#fingerprint">Browser fingerprinting</a></li>
</ul>
<li>Claim that a single circuit VPN is "more anonymous" than Tor, which is a circuit of 3 or more hops that regularly changes.</a></li>
<li>Use responsible language, eg it is okay to say that a VPN is "disconnected" or "not connected", however claiming that a user is "exposed", "vulnerable" or "compromised" is needless use of alarming language that may be incorrect. For example the visiting user might be on another VPN provider's service or using Tor.</li>
</ul>
</div>
<div class="col-md-6">
<p><strong>Best Case:</strong></p>
<p>Responsible marketing that is both educational and useful to the consumer could include:</p>
<ul>
<li>A accurate comparison to when Tor or other <a href="https://www.privacytools.io/software/networks/">Self contained networks</a> should be used.</li>
<li>Availability of the VPN provider's website over a .onion <a href="https://en.wikipedia.org/wiki/.onion">Hidden Service</a></li>
</ul>
</div>
<div class="col-12"> <div class="col-12">
<h3><span class="badge badge-info">Additional Functionality</span></h3> <h3><span class="badge badge-info">Additional Functionality</span></h3>
<p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.</p> <p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.</p>