No Ads, No Google Analytics, No Affiliates, No Cross-Site Requests.privacytools.io is a socially motivated website that provides information for protecting your data security and privacy. Never trust any company with your privacy, always encrypt.View our privacy policy.
-
Tor v3: privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion (Learn More)
+ No Ads, No Google Analytics, No Affiliates, No Cross-Site Requests.
+ privacytools.io is a socially motivated website that provides information for protecting your data security and privacy. Never trust any company with your privacy, always encrypt.
+ View our privacy policy.
+
+
+ Tor v3: privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion
+ (Learn More)
+
- Improve your privacy with these excellent Firefox add-ons.
+ Improve your privacy with these browser add-ons.
@@ -12,10 +12,9 @@ description="Privacy Badger is a browser add-on that stops adve
website="https://www.eff.org/privacybadger"
forum="https://forum.privacytools.io/t/discussion-privacy-badger/265"
github="https://github.com/EFForg/privacybadger"
-firefox=""
-chrome=""
-opera=""
-android=""
+firefox="https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17"
+chrome="https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp"
+opera="https://addons.opera.com/en/extensions/details/privacy-badger/"
%}
{% include cardv2.html
@@ -25,12 +24,11 @@ description="uBlock Origin is an efficient For Experts Only
+
{% include cardv2.html
title="Mozilla Firefox"
@@ -8,39 +8,28 @@ recommendations: WebRTC and How does Tor work?'
website="https://www.torproject.org/"
forum="https://forum.privacytools.io/t/discussion-tor-browser/278"
git="https://trac.torproject.org/projects/tor"
-windows=""
-mac=""
-linux=""
-android=""
-ios=""
-bsd=""
-%}
-
-{% include cardv2.html
-title="Brave Browser - Complete but Experimental"
-image="/assets/img/tools/Brave.png"
-description="The new open source browser Brave automatically blocks ads and trackers, making it faster and safer than your current browser. Brave is based on Chromium. experimental "
-website="https://brave.com/"
-forum="https://forum.privacytools.io/t/discussion-brave-browser/280"
-github="https://github.com/brave"
-windows=""
-mac=""
-linux=""
-android=""
-ios=""
+windows="https://www.torproject.org/download/"
+mac="https://www.torproject.org/download/"
+linux="https://www.torproject.org/download/"
+android="https://www.torproject.org/download/#android"
+fdroid="https://guardianproject.info/fdroid/"
+googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
%}
diff --git a/_includes/sections/browser-tweaks.html b/_includes/sections/browser-tweaks.html
index 277bbd57..9bdd6c4c 100644
--- a/_includes/sections/browser-tweaks.html
+++ b/_includes/sections/browser-tweaks.html
@@ -28,15 +28,6 @@
privacy.trackingprotection.enabled = true
This is Mozilla's new built-in tracking protection. It uses Disconnect.me filter list, which is redundant if you are already using uBlock Origin 3rd party filters, therefore you should set it to false if you are using the add-on functionalities.
-
browser.cache.offline.enable = false
-
Disables offline cache.
-
-
browser.safebrowsing.malware.enabled = false
-
Disable Google Safe Browsing malware checks. Security risk, but privacy improvement.
-
-
browser.safebrowsing.phishing.enabled = false
-
Disable Google Safe Browsing and phishing protection. Security risk, but privacy improvement.
-
browser.send_pings = false
The attribute would be useful for letting websites track visitors' clicks.
@@ -46,15 +37,10 @@
browser.urlbar.speculativeConnect.enabled = false
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. Source
-
dom.battery.enabled = false
-
The battery status of your device could be tracked.
dom.event.clipboardevents.enabled = false
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
-
geo.enabled = false
-
Disables geolocation.
-
media.eme.enabled = false
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. Details
@@ -77,26 +63,7 @@
-
network.cookie.lifetimePolicy = 2
-
- cookies are deleted at the end of the session
-
-
0 = Accept cookies normally
-
1 = Prompt for each cookie
-
2 = Accept for current session only
-
3 = Accept for N days
-
-
-
network.http.referer.trimmingPolicy = 2
-
- Send only the scheme, host, and port in the Referer header
-
-
0 = Send the full URL in the Referer header
-
1 = Send the URL without its query string in the Referer header
-
2 = Send only the scheme, host, and port in the Referer header
-
-
network.http.referer.XOriginPolicy = 2
@@ -118,23 +85,8 @@
-
network.trr.mode = 2
-
- Use Trusted Recursive Resolver (DNS-over-HTTPS) first and if it fails, use the system resolver Source
-
-
0 = disabled by default, may change in the future
-
1 = use the faster resolver
-
2 = use DoH first, fallback to system resolver
-
3 = only use DoH. This may require network.trr.bootstrapAddress or using an IP address in network.trr.uri.
-
5 = explicitly disable DoH
-
-
-
-
network.trr.uri = CHANGEME
-
The address of your DNS-over-HTTPS provider, if you don't have one, check our encrypted DNS recommendations. It can also be changed in Settings, Network Settings, Enable DNS over HTTPS, Use Provider, Custom.
Limit the amount of identifiable information sent when requesting the Mozilla harmful extension blocklist.
-
Optionally, the blocklist can be disabled entirely by setting extensions.blocklist.enabled to false for increased privacy, but decreased security. Source
-
-
-
Firefox user.js Templates
+
Firefox user.js Templates
ghacks-user.js - An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting.
-
pyllyukko/user.js - This is a user.js configuration file to harden Firefox's settings and make it more secure.
diff --git a/_includes/sections/calendar-contacts-sync.html b/_includes/sections/calendar-contacts-sync.html
index 6a4ff713..9d12ec3b 100644
--- a/_includes/sections/calendar-contacts-sync.html
+++ b/_includes/sections/calendar-contacts-sync.html
@@ -4,34 +4,47 @@
If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud, you should pick an alternative here.
-
-
- {% include card.html color="success"
+{%
+ include cardv2.html
title="Nextcloud"
image="/assets/img/provider/Nextcloud.png"
- url="https://nextcloud.com/"
- footer="Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server: Linux."
- description="NextCloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
- %}
+ description="Nextcloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
+ website="https://nextcloud.com/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud-calender-contacts-sync-tools/1535"
+ github="https://github.com/nextcloud"
+ windows="https://nextcloud.com/install/"
+ linux="https://nextcloud.com/install/"
+ mac="https://nextcloud.com/install/"
+ freebsd="https://www.freshports.org/deskutils/nextcloudclient/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ android="https://nextcloud.com/install/"
+ ios="https://nextcloud.com/install/"
+%}
- {% include card.html color="primary"
+{%
+ include cardv2.html
title="Email Providers"
image="/assets/img/misc/email.png"
- url="../email"
- website="Email Providers section"
- footer="OS: depends on email provider."
- description="Many email providers also offer calendar and or contacts sync services. Refer to the Email Providers section to choose an email provider and check if they also offer calendar and or contacts sync."
- %}
+ description='Many email providers also offer calendar and or contacts sync services. Refer to the Email Providers section to choose an email provider and check if they also offer calendar and or contacts sync.'
+ website="/providers/email"
+%}
- {% include card.html color="warning"
+{%
+ include cardv2.html
title="EteSync"
image="/assets/img/provider/etesync.png"
- url="https://www.etesync.com/"
- footer="Client OS: Android, Web. Server OS: Linux."
- description="EteSync is a secure, end-to-end encrypted and journaled personal information (e.g. contacts and calendar) cloud synchronization and backup for Android and any OS that supports CalDAV/CardDAV. It costs $14 per year to use, or you can host the server yourself for free."
- %}
-
-
+ description="EteSync is a secure, end-to-end encrypted and journaled personal information (e.g. contacts and calendar) cloud synchronization and backup for Android and any OS that supports CalDAV/CardDAV. It costs $14 per year to use, or you can host the server yourself for free."
+ website="https://www.etesync.com/"
+ forum="https://forum.privacytools.io/t/discussion-etesync-calender-contacts-sync-tools/1536"
+ github="https://github.com/etesync"
+ web="https://client.etesync.com/"
+ windows="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
+ mac="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
+ linux="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
+ fdroid="https://f-droid.org/packages/com.etesync.syncadapter/"
+ googleplay="https://play.google.com/store/apps/details?id=com.etesync.syncadapter"
+%}
Worth Mentioning
@@ -41,10 +54,6 @@
- Flock - a discontinued calendar and contacts sync service by Open Whisper Systems. Despite being shut down the source code is still available on GitHub.
-
-
-
- cloud backups - consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after encrypting them).
+ cloud backups - consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after encrypting them).
diff --git a/_includes/sections/cloud-storage.html b/_includes/sections/cloud-storage.html
index 90cbd5ff..5a67b9fd 100644
--- a/_includes/sections/cloud-storage.html
+++ b/_includes/sections/cloud-storage.html
@@ -11,26 +11,27 @@ description="Similar functionally to the widely used Dropbox, with the differenc
website="https://nextcloud.com/"
forum="https://forum.privacytools.io/t/discussion-nextcloud/287"
github="https://github.com/nextcloud"
-windows=""
-mac=""
-linux=""
-bsd=""
-ios=""
-android=""
-fire=""
+windows="https://nextcloud.com/install/#install-clients"
+mac="https://nextcloud.com/install/#install-clients"
+linux="https://nextcloud.com/install/#install-clients"
+freebsd="https://www.freshports.org/www/nextcloud/"
+openbsd="http://openports.se/www/nextcloud"
+netbsd="http://pkgsrc.se/www/php-nextcloud"
+ios="https://itunes.apple.com/us/app/nextcloud/id1125420102?mt=8"
+fdroid="https://f-droid.org/packages/com.nextcloud.client/"
+googleplay="https://play.google.com/store/apps/details?id=com.nextcloud.client"
%}
{% include cardv2.html
title="Least Authority S4 - For Experts"
-image="/assets/img/provider/S4.jpg"
+image="/assets/img/provider/S4.png"
description="S4 (Simple Secure Storage Service) is Least Authority's verifiably secure off-site backup system for individuals and businesses. 100% client-side encryption and open source transparency. 250GB for $9.95/month or 5TB for $25.95/month. Servers are hosted with Amazon S3 in the US."
website="https://leastauthority.com/"
forum="https://forum.privacytools.io/t/discussion-least-authority-s4/288"
github="https://github.com/LeastAuthority"
-windows=""
-mac=""
-linux=""
-bsd=""
+windows="https://github.com/gridsync/gridsync#installation-and-running"
+mac="https://github.com/gridsync/gridsync#installation-and-running"
+linux="https://github.com/gridsync/gridsync#installation-and-running"
%}
diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index ded7b326..ee6c1f68 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -1,40 +1,33 @@
Domain Name System (DNS)
-{% include cardv2.html
-title="OpenNIC - Service"
-image="/assets/img/tools/OpenNIC.png"
-description="OpenNIC is an alternate network information center/alternative DNS root which lists itself as an alternative to ICANN and its registries. Like all alternative root DNS systems, OpenNIC-hosted domains are unreachable to the vast majority of the Internet."
-website="https://www.opennic.org/"
-forum="https://forum.privacytools.io/t/discussion-opennic/338"
-github="https://github.com/OpenNIC"
+{%
+ include cardv2.html
+ title="Njalla - Domain Registration"
+ image="/assets/img/provider/Njalla.png"
+ description="Njalla only needs your email or XMPP address in order to register a domain name for you. Created by people from The Pirate Bay and IPredator VPN. Accepted Payments: Bitcoin, Litecoin, Monero, DASH, Bitcoin Cash and PayPal. A privacy-aware domain registration service."
+ website="https://njal.la/"
+ tor="http://njalladnspotetti.onion"
+ forum="https://forum.privacytools.io/t/discussion-njalla/339"
%}
-{% include cardv2.html
-title="Njalla - Domain Registration"
-image="/assets/img/provider/Njalla.png"
-description="Njalla only needs your email or jabber address in order to register a domain name for you. Created by people from The Pirate Bay and IPredator VPN. Accepted Payments: Bitcoin, Litecoin, Monero, DASH, Bitcoin Cash and PayPal. A privacy-aware domain registration service."
-website="https://njal.la/"
-tor="http://njalladnspotetti.onion"
-forum="https://forum.privacytools.io/t/discussion-njalla/339"
+{%
+ include cardv2.html
+ title="DNSCrypt-Proxy - Tool"
+ image="/assets/img/tools/DNSCrypt-Proxy.png"
+ description="DNSCrypt-Proxy is a command-line DNS proxy with support for the encrypted DNS protocols, DNS over HTTPS and DNSCrypt. Can cache results to improve speed, and allows filtering, forwarding, and cloaking."
+ website="https://github.com/jedisct1/dnscrypt-proxy/"
+ forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
+ github="https://github.com/jedisct1/dnscrypt-proxy/"
+ windows="https://github.com/jedisct1/dnscrypt-proxy/releases"
+ linux=""
+ mac="https://github.com/jedisct1/dnscrypt-proxy/releases"
+ freebsd="https://www.freshports.org/dns/dnscrypt-proxy2/"
+ openbsd="http://openports.se/net/dnscrypt-proxy"
+ netbsd="http://pkgsrc.se/net/dnscrypt-proxy2"
+ android=""
+ ios=""
%}
-{% include cardv2.html
-title="DNSCrypt - Tool"
-image="/assets/img/tools/DNSCrypt.png"
-description="A protocol for securing communications between a client and a DNS resolver. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver."
-website="https://dnscrypt.info/"
-forum="https://forum.privacytools.io/t/discussion-dnscrypt/340"
-github="https://github.com/jedisct1/dnscrypt-proxy"
-%}
-
-
Worth Mentioning
-
-
-
NoTrack - A network-wide DNS server which blocks Tracking sites. Currently works in Debian and Ubuntu.
-
Namecoin - A decentralized DNS open source information registration and transfer system based on the Bitcoin cryptocurrency.
-
Pi-hole - A network-wide DNS server for the Raspberry Pi. Blocks advertising and tracking domains for all devices on your network.
DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853.
-
DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443.
-
DNSCrypt - An older yet robust method of encrypting DNS.
-
+
+
DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls. DoT has two modes:
+
+
Oppurtunistic mode: the client attempts to form a DNS-over-TLS connection to the server on port 853 without performing certificate validation. If it fails, it will use unencrypted DNS.
+
Strict mode: the client connects to a specific hostname and performs certificate validation for it. If it fails, no DNS queries are made until it succeeds.
+
+
DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443.
+
DNSCrypt - An older yet robust method of encrypting DNS.
+
-
Worth Mentioning and Additional Information
+
How to verify DNS is encrypted
-
-
Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. Currently Mozilla is conducting studies before enabling DoH by default for all US-based Firefox users.
Check the website of your DNS provider. They may have a page for telling "you are using our DNS." Examples include AdGuard and Cloudflare.
+
If using Firefox's trusted recursive resolver (TRR), navigate to about:networking#dns. If the TRR column says "true" for some fields, you are using DoH.
QNAME Minimization - Run dig +short txt qnamemintest.internet.nl from the command-line (taken from this NLnet Labs presentation). If you are on Windows 10, run Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl from the PowerShell. You should see this display: "HOORAY - QNAME minimisation is enabled on your resolver :)!"
+
+
+
Worth Mentioning and Additional Information
+
+
+
Encrypted DNS clients for desktop:
+
+
Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. Currently Mozilla is conducting studies before enabling DoH by default for all US-based Firefox users.
+
+
DNS over HTTPS can be enabled in Menu -> Preferences (about:preferences) -> Network Settings -> Enable DNS over HTTPS. Set "Use Provider" to "Custom", and enter your DoH provider's address.
+
Advanced users may enable it in about:config by setting network.trr.custom_uri and network.trr.uri as the address you find from the documentation of your DoH provider and network.trr.mode as 2. It may also be desirable to set network.security.esni.enabled to True in order to enable encrypted SNI and make sites supporting ESNI a bit more difficult to track.
We recommend selecting Private DNS provider hostname and entering the DoT address from documentation of your DoT provider to enable strict mode (see Terms above).
+
diff --git a/_includes/sections/email-alternatives.html b/_includes/sections/email-alternatives.html
index 94c48ff8..64eee0fa 100644
--- a/_includes/sections/email-alternatives.html
+++ b/_includes/sections/email-alternatives.html
@@ -8,9 +8,9 @@ meaning that you need-not inherently trust any entities like root certificate au
website="https://bitmessage.org/"
forum="https://forum.privacytools.io/t/discussion-bitmessage/661"
github="https://github.com/Bitmessage/PyBitmessage"
-windows=""
-mac=""
-linux=""
+windows="https://github.com/Bitmessage/PyBitmessage/releases"
+mac="https://github.com/Bitmessage/PyBitmessage/releases"
+linux="https://repology.org/project/pybitmessage/versions"
%}
{% include cardv2.html
@@ -20,9 +20,10 @@ description="Retroshare creates encrypted connections to your friends. Nobody ca
website="https://retroshare.cc/"
forum="https://forum.privacytools.io/t/discussion-retroshare/662"
github="https://github.com/RetroShare/RetroShare"
-windows=""
-mac=""
-linux=""
+windows="https://retroshare.cc/downloads.html#windows"
+mac="https://retroshare.cc/downloads.html#mac"
+linux="https://retroshare.cc/downloads.html#gnulinux"
+freebsd="https://retroshare.cc/downloads.html#freebsd"
%}
diff --git a/_includes/sections/email-clients.html b/_includes/sections/email-clients.html
index e4a0047b..f1f8f814 100644
--- a/_includes/sections/email-clients.html
+++ b/_includes/sections/email-clients.html
@@ -7,10 +7,12 @@ description="Thunderbird is a free, open source, cross-platform email, newsgroup
website="https://www.thunderbird.net/"
forum="https://forum.privacytools.io/t/discussion-thunderbird/659"
source="https://hg.mozilla.org/comm-central/"
-windows=""
-mac=""
-linux=""
-bsd=""
+windows="https://www.thunderbird.net/en-US/"
+mac="https://www.thunderbird.net/en-US/"
+linux="https://www.thunderbird.net/en-US/"
+freebsd="https://www.freshports.org/mail/thunderbird/"
+openbsd="http://openports.se/mail/mozilla-thunderbird"
+netbsd="http://pkgsrc.se/mail/thunderbird"
%}
{% include cardv2.html
@@ -20,10 +22,12 @@ description="Claws Mail is a free and open source, GTK-based email and news clie
website="https://www.claws-mail.org/"
forum="https://forum.privacytools.io/t/discussion-claws-mail/660"
git="https://git.claws-mail.org/"
-windows=""
-mac=""
-linux=""
-bsd=""
+windows="https://www.claws-mail.org/win32/"
+mac="https://www.claws-mail.org/faq/index.php/Installation_and_Configuration#What_do_I_need_to_compile_Claws_Mail.3F"
+linux="https://www.claws-mail.org/downloads.php?section=downloads"
+freebsd="https://www.freshports.org/mail/claws-mail/"
+openbsd="http://openports.se/mail/claws-mail"
+netbsd="http://pkgsrc.se/mail/claws-mail"
%}
diff --git a/_includes/sections/email-providers.html b/_includes/sections/email-providers.html
index 74c17fe8..c12a00a3 100644
--- a/_includes/sections/email-providers.html
+++ b/_includes/sections/email-providers.html
@@ -8,7 +8,7 @@
-
Email Provider
+
Email Provider
Website
Since
Jurisdiction
@@ -23,72 +23,47 @@
-
-
-
-
-
-
-
-
2013
-
Switzerland
-
500 MB
-
Free
-
Accepted
-
Built-in
-
Yes
-
-
-
-
+
2015
-
Netherlands
-
2 GB
-
Free
-
Accepted
-
Built-in
-
Yes
-
-
-
-
-
-
-
+
+ Netherlands
+
-
2011
-
Germany
1 GB
Free
-
No
-
Built-in
-
Yes
-
-
-
-
-
-
-
-
-
-
2013
-
Belgium
-
500 MB
-
Free
Accepted
Built-in
Yes
-
+
+
+
+
+
+
+
2010
+
+
+ Switzerland
+
+
+
2 GB
+
$ 60
+
Accepted
+
No
+
Yes
+
+
+
+
@@ -96,32 +71,101 @@
2014
-
Germany
+
+
+ Germany
+
+
2 GB
-
12 €
+
12 €
Accepted
Built-in
Yes
-
+
+
+
+
+
+
+
2013
+
+
+ Belgium
+
+
+
500 MB
+
Free
+
Accepted
+
Built-in
+
Yes
+
+
+
+
+
+
+
+
+
+
2003
+
+
+ Switzerland
+
+
+
1 GB
+
$ 49.95
+
Accepted
+
Built-in
+
Yes
+
+
+
+
2009
-
Germany
+
+
+ Germany
+
+
2 GB
-
12 €
+
12 €
No
Built-in
No
-
+
+
+
+
+
+
+
+
2013
+
+
+ Switzerland
+
+
+
500 MB
+
Free
+
Accepted
+
Built-in
+
Yes
+
+
+
+
@@ -129,75 +173,75 @@
1999
-
Norway
+
+
+ Norway
+
+
1 GB
-
$ 19.95
+
$ 19.95
Accepted
No
Yes
-
-
-
-
-
-
-
2003
-
Switzerland
-
1 GB
-
$ 49.95
-
Accepted
-
Built-in
-
Yes
-
-
-
-
+
2015
-
Netherlands
+
+
+ Netherlands
+
+
25 GB
-
29 €
+
29 €
+
No
No
-
No
Yes
-
+
2014
-
Netherlands
+
+
+ Netherlands
+
+
10 GB
-
$ 59.95
+
$ 59.95
Accepted
Built-in
Yes
-
-
+
+
-
+
-
2010
-
Switzerland
-
2 GB
-
$ 60
-
Accepted
+
2011
+
+
+ Germany
+
+
+
1 GB
+
Free
No
+
Built-in
Yes
diff --git a/_includes/sections/file-encryption.html b/_includes/sections/file-encryption.html
index ad374d8d..f66d584a 100644
--- a/_includes/sections/file-encryption.html
+++ b/_includes/sections/file-encryption.html
@@ -4,44 +4,58 @@
If you are currently not using encryption software for your hard disk, emails or file archives, you should pick an encryption software here.
-
-
- {% include card.html color="success"
+{%
+ include cardv2.html
title="VeraCrypt - Disk Encryption"
image="/assets/img/tools/VeraCrypt.png"
- url="https://veracrypt.fr/"
- footer="OS: Windows, macOS, Linux."
- description="VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition
- or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues
- raised by the initial TrueCrypt code audit have been addressed."
- %}
+ description="VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed."
+ website="https://veracrypt.fr/"
+ forum="https://forum.privacytools.io/t/discussion-veracrypt-file-encryption/1532"
+ git="https://www.veracrypt.fr/code/"
+ windows="https://www.veracrypt.fr/en/Downloads.html"
+ linux="https://www.veracrypt.fr/en/Downloads.html"
+ mac="https://www.veracrypt.fr/en/Downloads.html"
+%}
- {% include card.html color="primary"
+{%
+ include cardv2.html
title="GNU Privacy Guard - Email Encryption"
image="/assets/img/tools/GnuPG.png"
- url="https://gpgtools.org/"
- footer="OS: Windows, macOS, Linux, Android, BSD."
- description="GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification
- of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German
- government. GPGTools for macOS."
- %}
+ description="GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government."
+ website="https://gnupg.org/"
+ forum="https://forum.privacytools.io/t/discussion-gnupg-file-encryption/1533"
+ git="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git"
+ windows="https://gpg4win.org/download.html"
+ linux="https://gnupg.org/download/index.html#binary"
+ freebsd="https://www.freshports.org/security/gnupg/"
+ openbsd="http://openports.se/security/gnupg"
+ netbsd="http://pkgsrc.se/security/gnupg"
+ mac="https://gpgtools.org/"
+ fdroid="https://f-droid.org/app/org.sufficientlysecure.keychain"
+ googleplay="https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain"
+%}
- {% include card.html color="warning"
+{%
+ include cardv2.html
title="PeaZip - File Archive Encryption"
image="/assets/img/tools/PeaZip.png"
- url="http://www.peazip.org/"
- footer="OS: Windows, Linux, BSD."
- description="PeaZip is a free and open-source file manager and file archiver made by Giorgio Tani. It supports its native PEA archive format (featuring compression, multi volume
- split and flexible authenticated encryption and integrity check schemes) and other mainstream formats, with special focus on handling open formats. It supports 181 file extensions (as of version 5.5.1).
-
macOS alternative:Keka is a free file archiver."
- %}
-
-
+ description="PeaZip is a free and open-source file manager and file archiver made by Giorgio Tani. It supports its native PEA archive format (featuring compression, multi volume split and flexible authenticated encryption and integrity check schemes) and other mainstream formats, with special focus on handling open formats. It supports 180+ archive formats."
+ website="http://www.peazip.org"
+ forum="https://forum.privacytools.io/t/discussion-peazip-file-encryption/1534"
+ source="https://osdn.net/projects/peazip"
+ windows="https://www.peazip.org/peazip-64bit.html"
+ linux="https://www.peazip.org/peazip-linux.html"
+ freebsd="https://www.freshports.org/archivers/peazip/"
+ openbsd="https://www.peazip.org/peazip-bsd.html"
+ netbsd="https://www.peazip.org/peazip-bsd.html"
+%}
Worth Mentioning
Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
DiskCryptor - A full disk and partition encryption system for Windows including the ability to encrypt the partition and disk on which the OS is installed.
-
Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
+
Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
+
Hat.sh - A cross-platform, serverless JavaScript web application that provides secure file encryption using the AES-256-GCM algorithm in your browser. It can also be downloaded and run offline.
+
Keka - A macOS-only, open-source file archiver with the ability to encrypt files.
diff --git a/_includes/sections/file-sharing.html b/_includes/sections/file-sharing.html
index 3e56763e..a4b5dff9 100644
--- a/_includes/sections/file-sharing.html
+++ b/_includes/sections/file-sharing.html
@@ -7,8 +7,8 @@ website="https://send.firefox.com/"
description="Send uses end-to-end encryption to keep your data secure from the moment you share to the moment your file is opened. It also offers security controls that you can set. You can choose when your file link expires, the number of downloads, and whether to add an optional password for an extra layer of security."
forum="https://forum.privacytools.io/t/discussion-firefox-send/755"
github="https://github.com/mozilla/send"
-web=""
-android=""
+web="https://send.firefox.com/"
+googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefoxsend"
%}
{% include cardv2.html
@@ -19,21 +19,26 @@ tor="http://elx57ue5uyfplgva.onion/"
description="OnionShare is an open source tool that lets you securely and anonymously share a file of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files."
forum="https://forum.privacytools.io/t/discussion-onionshare/754"
github="https://github.com/micahflee/onionshare"
-windows=""
-mac=""
-linux=""
+windows="https://onionshare.org/#downloads"
+mac="https://onionshare.org/#downloads"
+linux="https://onionshare.org/#downloads"
+freebsd="https://www.freshports.org/www/onionshare/"
+openbsd="http://openports.se/net/onionshare"
%}
{% include cardv2.html
title="Magic Wormhole"
image="/assets/img/tools/Magic-Wormhole.png"
-website="https://github.com/warner/magic-wormhole"
+website="https://magic-wormhole.readthedocs.io"
description="Get things from one computer to another, safely. This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another."
forum="https://forum.privacytools.io/t/discussion-magic-wormhole/756"
github="https://github.com/warner/magic-wormhole"
-windows=""
-mac=""
-linux=""
+windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+freebsd="https://www.freshports.org/net/py-magic-wormhole/"
+openbsd="https://pypi.org/project/magic-wormhole/"
+netbsd="https://pypi.org/project/magic-wormhole/"
%}
- If you are currently using an Instant Messenger like LINE, Telegram, Viber, WhatsApp, or plain SMS messages you should pick an alternative here.
+ If you are currently using an Instant Messenger like Telegram, LINE, Viber, WhatsApp, or plain SMS you should pick an alternative here.
@@ -10,30 +10,35 @@ title="Signal"
image="/assets/img/tools/Signal.png"
description="Signal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling.
All communications are end-to-end encrypted. Signal is free and open source."
+labels="success:VoIP"
website="https://signal.org/"
forum="https://forum.privacytools.io/t/discussion-signal/664"
github="https://github.com/signalapp"
-android=""
-ios=""
-mac=""
-windows=""
-linux=""
+playstore="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms"
+windows="https://signal.org/download/"
+mac="https://signal.org/download/"
+linux="https://signal.org/download/"
+playstore="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms"
+android="https://signal.org/android/apk/#apk-danger"
+ios="https://apps.apple.com/us/app/signal-private-messenger/id874139669"
%}
{% include cardv2.html
title="Wire"
image="/assets/img/tools/wire.png"
-description='A free software End-to-End Encrypted chatting application that supports instant messaging, voice, and video calls. Full source code is available. Warning'
+description="A free software End-to-End Encrypted chatting application that supports instant messaging, voice, and video calls. Full source code is available."
+labels="warning:Warning:Wire stores some plaintext metadata about its users on their servers. This data includes profile names, profile pictures, usernames, and users' lists of connections and conversations.|success:VoIP"
website="https://wire.com/"
forum="https://forum.privacytools.io/t/discussion-wire/750"
github="https://github.com/wireapp/"
-android=""
-ios=""
-mac=""
-windows=""
-linux=""
-web=""
+windows="https://wire.com/en/download"
+mac="https://wire.com/en/download"
+linux="https://wire.com/en/download"
+googleplay="https://play.google.com/store/apps/details?id=com.wire"
+android="https://wire.com/en/download"
+ios="https://itunes.apple.com/app/wire/id930944768?mt=8"
+web="https://app.wire.com"
%}
Complete Comparison
@@ -53,55 +58,27 @@ web=""
Conversations (Android) - An open source Jabber/XMPP client for Android 4.4+ smartphones. OMEMO
Gajim (FreeBSD, Linux, Windows) - An open source fully featured XMPP client. OMEMO
-
Monal (iOS, MacOS) - An XMPP client in active development. OMEMO
+
Monal (iOS, MacOS) - An XMPP client in active development. OMEMOVoIP
Kontalk - A community-driven instant messaging network. Supports end-to-end encryption. Both client-to-server and server-to-server channels are fully encrypted.
Keybase - Warning End-to-end encrypted messaging with social verification.
Status - Experimental A free and open-source, peer-to-peer, encrypted instant messanger with support for DAPPs.
-
Ricochet - DangerExperimental Ricochet uses the Tor network to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with your contacts without revealing your location or IP address.
+
Tox - Experimental A free and open-source, peer-to-peer, encrypted instant messaging and video calling software. VoIP
+
Jami (formerly Ring/SFLphone) - Gives you full control over your communications and an unmatched level of privacy. Jami has text messaging, video and audio calls, file transfer, video conferencing. VoIP
-
-Currently there are no known vulnerabilities with Ricochet. The software is safe to use as long as you update the included Tor binary to the latest version.
-
-
-
Run the Tor Browser installer or extract package for your platform. Windows (.exe), MacOSX (.dmg) and Linux (.tar.bz2).
-
Copy the Tor binary or create a symbolic link to it:
-
-
-
Windows: Copy the Tor binary included with the Tor Browser and overwrite the old one included with Ricochet.
-
-
Tor Browser binary: %HOMEPATH%\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
-
Ricochet's included binary: %HOMEPATH%\Desktop\Ricochet\tor.exe
-
-
-
MacOSX: Assuming you copied the Tor Browser.app and Ricochet.app from their respective .dmg install media to /Applications:
- Create a symbolic link to the Tor binary in Terminal. Ricochet will continue to use the up to date version of the Tor binary when you update the Tor Browser Bundle.
+{% include cardv2.html
+title="Tails"
+image="/assets/img/tools/Tails.png"
+description='Tails is a live operating system, that starts on almost any computer from a DVD, USB stick, or SD card. It aims at preserving privacy and anonymity, and helps to: Use the Internet anonymously and circumvent censorship; Internet connections go through the Tor network; leave no trace on the computer; use state-of-the-art cryptographic tools to encrypt files, emails and instant messaging.'
+badges="info:GNU/Linux"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://tails.boum.org/"
+git="https://git-tails.immerda.ch/tails/"
+%}
- {% include card.html color="success"
- title="Tails"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/Tails.png"
- url="https://tails.boum.org/"
- description="Tails is a live operating system, that starts on almost any computer from a DVD, USB stick, or SD card. It aims at preserving privacy and anonymity, and helps to: Use the Internet anonymously and circumvent censorship; Internet connections go through the Tor network; leave no trace on the computer; use state-of-the-art cryptographic tools to encrypt files, emails and instant messaging."
- %}
+{% include cardv2.html
+title="KNOPPIX"
+image="/assets/img/tools/KNOPPIX.png"
+description='Knoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB), one of the first of its kind for any operating system. When starting a program, it is loaded from the removable medium and decompressed into a RAM drive. The decompression is transparent and on-the-fly.'
+badges="info:GNU/Linux"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://www.knopper.net/knoppix/index-en.html"
+source="https://www.knopper.net/knoppix-info/index-en.html#license"
+%}
- {% include card.html color="primary"
- title="KNOPPIX"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/KNOPPIX.png"
- url="https://www.knopper.net/knoppix/"
- website="knopper.net"
- description="Knoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB), one of the first of its kind for any operating system. When starting a program, it is loaded from the removable medium and decompressed into a RAM drive. The decompression is transparent and on-the-fly."
- %}
-
- {% include card.html color="warning"
- title="Puppy Linux"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/Puppy-Linux.png"
- url="http://puppylinux.org/"
- description="Puppy Linux operating system is a lightweight Linux distribution that focuses on ease of use and minimal memory footprint. The entire system can be run from RAM with current versions generally taking up about 210 MB, allowing the boot medium to be removed after the operating system has started."
- %}
-
-
+{% include cardv2.html
+title="Puppy Linux"
+image="/assets/img/tools/Puppy-Linux.png"
+description='Puppy Linux operating system is a lightweight Linux distribution that focuses on ease of use and minimal memory footprint. The entire system can be run from RAM with current versions generally taking up about 210 MB, allowing the boot medium to be removed after the operating system has started.'
+badges="info:GNU/Linux"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="http://puppylinux.org/"
+source="http://distro.ibiblio.org/puppylinux/"
+%}
Worth Mentioning
-
Tiny Core Linuxcontrib - A minimal Linux operating system focusing on providing a base system using BusyBox and FLTK. The distribution is notable for its size (15 MB) and minimalism, with additional functionality
+
Tiny Core LinuxGNU/Linuxcontrib - A minimal Linux operating system focusing on providing a base system using BusyBox and FLTK. The distribution is notable for its size (15 MB) and minimalism, with additional functionality
provided by extensions.
diff --git a/_includes/sections/mobile-operating-systems.html b/_includes/sections/mobile-operating-systems.html
index 3884ba7f..ebe47849 100644
--- a/_includes/sections/mobile-operating-systems.html
+++ b/_includes/sections/mobile-operating-systems.html
@@ -4,38 +4,40 @@
Even though the source code of the following OS is provided, installing Google Apps may compromise your setup.
-
+{% include cardv2.html
+title="GrapheneOS"
+image="/assets/img/tools/GrapheneOS.png"
+description='GrapheneOS (formerly known as CopperheadOS) is a free and open-source security and privacy focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security.'
+badges="info:AOSP"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://grapheneos.org/"
+github="https://github.com/GrapheneOS/"
+%}
- {% include card.html color="success"
- title="LineageOS"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/LineageOS.png"
- url="https://www.lineageos.org/"
- description="LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of the Android Open Source Project. It is the continuation of the CyanogenMod project."
- %}
+{% include cardv2.html
+title="LineageOS"
+image="/assets/img/tools/LineageOS.png"
+description='LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of the Android Open Source Project. It is the continuation of the CyanogenMod project.'
+badges="info:AOSP"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://www.lineageos.org/"
+github="https://github.com/LineageOS"
+%}
- {% include card.html color="primary"
- title="Ubuntu Touch"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/Ubuntu-Touch.png"
- url="https://ubuntu-touch.io/"
- description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported."
- %}
-
- {% include card.html color="warning"
- title="GrapheneOS"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/GrapheneOS.png"
- url="https://grapheneos.org/"
- description="GrapheneOS is a free and open-source security and privacy focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security."
- %}
-
-
+{% include cardv2.html
+title="Ubuntu Touch"
+image="/assets/img/tools/Ubuntu-Touch.png"
+description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported."
+badges="info:GNU/Linux"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://ubuntu-touch.io/"
+github="https://github.com/ubports"
+%}
Worth Mentioning
-
Replicant - An open-source operating system based on Android, aiming to replace all proprietary components with free software.
-
OmniROMcontrib - A free software operating system for smartphones and tablet computers, based on the Android mobile platform.
-
MicroGcontrib - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement.
+
ReplicantAOSP - An open-source operating system based on Android, aiming to replace all proprietary components with free software.
+
OmniROMAOSPcontrib - A free software operating system for smartphones and tablet computers, based on the Android mobile platform.
+
MicroGAdd-on Packagecontrib - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at Lineage for microG.
diff --git a/_includes/sections/notebooks.html b/_includes/sections/notebooks.html
index 1e0021a1..e6cd694a 100644
--- a/_includes/sections/notebooks.html
+++ b/_includes/sections/notebooks.html
@@ -10,13 +10,15 @@ image="/assets/img/tools/Joplin.png"
description="Joplin is a free, open source, fully featured note taking and to-do application, which can handle a large number of markdown notes organized into notebooks and tags. It offers E2EE encryption and can sync through Nextcloud, Dropbox and more. It also offers easy import from Evernote and plain text notes."
website="https://joplinapp.org/"
github="https://github.com/laurent22/joplin"
-windows=""
-mac=""
-linux=""
-ios=""
-android=""
-firefox=""
-chrome=""
+windows="https://joplinapp.org/#desktop-applications"
+mac="https://joplinapp.org/#desktop-applications"
+linux="https://joplinapp.org/#desktop-applications"
+freebsd="https://www.npmjs.com/package/joplin"
+googleplay="https://joplinapp.org/images/BadgeAndroid.png"
+android="https://joplinapp.org/#mobile-applications"
+ios="https://itunes.apple.com/us/app/joplin/id1315599797"
+firefox="https://addons.mozilla.org/en-US/firefox/addon/joplin-web-clipper/"
+chrome="https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek"
%}
{% include cardv2.html
@@ -25,12 +27,13 @@ image="/assets/img/tools/StandardNotes.png"
description="Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. Features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors."
website="https://standardnotes.org/"
github="https://github.com/standardnotes"
-windows=""
-mac=""
-linux=""
-ios=""
-android=""
-web=""
+windows="https://standardnotes.org/#get-started"
+mac="https://standardnotes.org/#get-started"
+linux="https://standardnotes.org/#get-started"
+ios="https://itunes.apple.com/us/app/standard-notes/id1285392450"
+fdroid="https://f-droid.org/packages/com.standardnotes/"
+googleplay="https://play.google.com/store/apps/details?id=com.standardnotes"
+web="https://app.standardnotes.org/"
%}
{% include cardv2.html
@@ -39,10 +42,13 @@ image="/assets/img/tools/Turtl.png"
description="Turtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you're writing, Turtl keeps it all safe from everyone but you and those you share with."
website="https://turtlapp.com/"
github="https://github.com/turtl"
-windows=""
-mac=""
-linux=""
-android=""
+windows="https://turtlapp.com/download/"
+mac="https://turtlapp.com/download/"
+linux="https://turtlapp.com/download/"
+googleplay="https://play.google.com/store/apps/details?id=com.lyonbros.turtl"
+android="https://turtlapp.com/download/"
+firefox="https://addons.mozilla.org/en-US/firefox/addon/turtl-bookmarking/"
+chrome="https://chrome.google.com/webstore/detail/turtl/dgcojenhfdjhieoglmiaheihjadlpcml"
%}
- If you are currently using a operating system like Microsoft Windows or Apple macOS, you should pick an alternative here.
+ If you are currently using a operating system like Windows 10, you should pick an alternative here.
-
+{% include cardv2.html
+title="Qubes OS"
+image="/assets/img/tools/Qubes-OS.png"
+description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
+badges="info:Xen"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://www.qubes-os.org/"
+github="https://github.com/QubesOS"
+tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
+%}
- {% include card.html color="success"
- title="Qubes OS"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/Qubes-OS.png"
- url="https://www.qubes-os.org/"
- tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
- description="Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers."
- %}
+{% include cardv2.html
+title="Fedora Workstation"
+image="/assets/img/tools/Fedora.png"
+description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.'
+badges="info:GNU/Linux"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://getfedora.org/"
+git="https://src.fedoraproject.org/"
+%}
- {% include card.html color="primary"
- title="Debian"
- image="/assets/img/tools/Debian.png"
- url="https://www.debian.org/"
- tor="http://sejnfjrq6szgca7v.onion"
- description="Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project."
- %}
-
- {% include card.html color="warning"
- title="Trisquel"
- image="/assets/img/tools/Trisquel.png"
- url="https://trisquel.info/"
- description="Trisquel is a Linux-based operating system derived from Ubuntu. The project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed."
- %}
-
-
+{% include cardv2.html
+title="Debian"
+image="/assets/img/tools/Debian.png"
+description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
+badges="info:GNU/Linux"
+website="https://www.debian.org/"
+tor="http://sejnfjrq6szgca7v.onion"
+gitlab="https://salsa.debian.org/qa/debsources"
+%}
When running a enough recent kernel, you can check the CPU vulnerabilities it detects by tail -n +1 /sys/devices/system/cpu/vulnerabilities/*. By using tail -n +1 instead of cat, the file names are also visible.
+
+
+ In case you have an Intel CPU, you may notice "SMT vulnerable" display after running the tail command. To mitigate this, disable hyper-threading from the UEFI/BIOS. You can also take the following mitigation steps below if your system/distribution uses GRUB and supports /etc/default/grub.d/:
+
+
+
+
sudo mkdir /etc/default/grub.d/ to create a directory for additional grub configuration
+
echo GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT mds=full,nosmt" | sudo tee /etc/default/grub.d/mds.conf to create a new grub config file source with the echoed content
+
sudo grub-mkconfig -o /boot/grub/grub.cfg to generate a new grub config file including this new kernel boot flag
+
sudo reboot to reboot
+
after the reboot, check tail -n +1 /sys/devices/system/cpu/vulnerabilities/* again to see that MDS now says "SMT disabled."
OpenBSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
-
Arch Linux - A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. Parabola is a
+
OpenBSDBSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
+
Arch LinuxGNU/Linuxcontrib - A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. Parabola is a
completely open source version of Arch Linux.
-
Whonixcontrib - A Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation"
+
TrisquelGNU/Linux - Derived from Ubuntu, this project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.
+
WhonixGNU/Linux - A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation"
and a Tor "Gateway". All communication are forced through the Tor network to accomplish this.
- If you are currently using a password manager software like 1Password, LastPass, Roboform or iCloud Keychain, you should pick an alternative here.
+ If you are currently using a password manager software like 1Password, LastPass, Roboform, or iCloud Keychain, you should pick an alternative here.
-
-
- {% include card.html color="success"
+{%
+ include cardv2.html
title="Bitwarden - Cloud/Self-host"
image="/assets/img/tools/bitwarden.png"
- url="https://bitwarden.com/"
- footer="OS: Windows, macOS, Linux, iOS, Android, Web."
- description="Bitwarden is a free and open source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
- %}
+ description="Bitwarden is a free and open source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
+ website="https://bitwarden.com/"
+ forum="https://forum.privacytools.io/t/discussion-bitwarden/1343"
+ github="https://github.com/bitwarden"
+ web="https://vault.bitwarden.com/#/"
+ windows="https://bitwarden.com/#download"
+ linux="https://bitwarden.com/#download"
+ freebsd="https://www.npmjs.com/package/@bitwarden/cli"
+ openbsd="https://www.npmjs.com/package/@bitwarden/cli"
+ netbsd="https://www.npmjs.com/package/@bitwarden/cli"
+ mac="https://bitwarden.com/#download"
+ firefox="https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/"
+ chrome="https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb"
+ safari="https://safari-extensions.apple.com/details/?id=com.bitwarden.safari-LTZ2PFU5D6"
+ opera="https://addons.opera.com/extensions/details/bitwarden-free-password-manager/"
+ edge="https://www.microsoft.com/store/apps/9P6KXL0SVNNL"
+ fdroid="https://mobileapp.bitwarden.com/fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=com.x8bit.bitwarden"
+ ios="https://itunes.apple.com/app/bitwarden-free-password-manager/id1137397744?mt=8"
+%}
- {% include card.html color="primary"
- title="KeePass / KeePassXC - Local"
- image="/assets/img/tools/KeePass.png"
- url="https://keepass.info/download.html"
- website="keepass.info"
- footer="OS: Windows, macOS, Linux, iOS, Android, BSD."
- description='KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. All passwords in one database, which is locked with one
- master key or a key file. The databases are encrypted using the best and most secure encryption algorithms currently known: AES and Twofish. See also: KeePassXC with official native cross-platform support for Windows/macOS/Linux.'
- %}
- {% include card.html color="warning"
+{%
+ include cardv2.html
+ title="KeePassXC - Local"
+ image="/assets/img/tools/keepassxc.png"
+ description="KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager."
+ website="https://keepassxc.org/"
+ forum="https://forum.privacytools.io/t/discussion-keepassxc/1344/2"
+ github="https://github.com/keepassxreboot/keepassxc"
+ windows="https://keepassxc.org/download/#windows"
+ linux="https://keepassxc.org/download/#linux"
+ mac="https://keepassxc.org/download/#mac"
+ freebsd="https://www.freshports.org/security/keepassxc/"
+ openbsd="http://openports.se/security/keepassxc"
+ netbsd="http://pkgsrc.se/security/keepassxc"
+ fdroid="https://f-droid.org/packages/com.kunzisoft.keepass.libre/"
+ googleplay="https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.free"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser"
+ chrome="https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk"
+%}
+
+{%
+ include cardv2.html
title="LessPass - Browser"
image="/assets/img/tools/LessPass.png"
- url="https://lesspass.com/"
- footer="OS: Windows, macOS, Linux, Android."
- description="LessPass is a free and open source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security."
- %}
-
-
+ description="LessPass is a free and open source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security."
+ website="https://lesspass.com/"
+ forum="https://forum.privacytools.io/t/discussion-keepassxc/1344/2"
+ github="https://github.com/lesspass/lesspass"
+ windows="https://pypi.org/project/lesspass/"
+ mac="https://pypi.org/project/lesspass/"
+ linux="https://pypi.org/project/lesspass/"
+ freebsd="https://pypi.org/project/lesspass/"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/lesspass/"
+ chrome="https://chrome.google.com/webstore/detail/lesspass/lcmbpoclaodbgkbjafnkbbinogcbnjih"
+ fdroid="https://f-droid.org/packages/com.lesspass.android"
+ googleplay="https://play.google.com/store/apps/details?id=com.lesspass.android"
+%}
Worth Mentioning
- Master Password - Master Password is based on an ingenious password generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site and your master password. No syncing, backups or internet access needed.
+ Master Password - Master Password is based on an ingenious password generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site, and your master password. No syncing, backups, or internet access needed.
- Psono - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails... All secrets are protected by a master password. Uses NACL Crypto, a combination of Curve25519, Salsa20 and Poly1305.
+ Psono - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails. All secrets are protected by a master password. Uses NACL Crypto, a combination of Curve25519, Salsa20 and Poly1305.
- Password Safe - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember
- a single "Master Password" of your choice in order to unlock and access your entire username/password list.
+ Password Safe - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire username/password list.
diff --git a/_includes/sections/paste-services.html b/_includes/sections/paste-services.html
index 788d8210..3cb3b676 100644
--- a/_includes/sections/paste-services.html
+++ b/_includes/sections/paste-services.html
@@ -4,7 +4,7 @@
title="PrivateBin"
image="/assets/img/tools/PrivateBin.png"
description="PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256bit AES. It is the improved version of ZeroBin."
-website="https://bin.privacytools.io/"
+website="https://privatebin.info/"
forum="https://forum.privacytools.io/t/discussion-privatebin/296"
github="https://github.com/PrivateBin/PrivateBin"
%}
diff --git a/_includes/sections/privacy-resources.html b/_includes/sections/privacy-resources.html
index e4340e80..fc4009a6 100644
--- a/_includes/sections/privacy-resources.html
+++ b/_includes/sections/privacy-resources.html
@@ -14,14 +14,15 @@
Information
+
Freedom of the Press Foundation - Supporting and defending journalism dedicated to transparency and accountability since 2012.
+
Erfahrungen.com - German review aggregator website of privacy-related services.
+
Open Wireless Movement - a coalition of Internet freedom advocates, companies, organizations, and technologists working to develop new wireless technologies and to inspire a movement of Internet openness.
+
privacy.net - What does the US government know about you?
+{%
+ include cardv2.html
+ title="CryptPad"
+ image="/assets/img/provider/CryptPad.png"
+ description="CryptPad is a private-by-design alternative to popular office tools and cloud services. All content is end-to-end encrypted. It is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by donations and grants. No registration is required, and it can be used anonymously via Tor Browser."
+ website="https://cryptpad.fr/"
+ forum="https://forum.privacytools.io/t/discussion-cryptpad-productivity-tools/1537"
+ github="https://github.com/xwiki-labs/cryptpad"
+ web="https://cryptpad.fr/"
+%}
- {% include card.html color="success"
- title="CryptPad"
- image="/assets/img/provider/CryptPad.png"
-
- description="CryptPad is a private-by-design alternative to popular office tools and cloud services. All content is end-to-end encrypted. It is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by donations and grants. No registration is required, and it can be used anonymously via Tor browser."
-
- url="https://cryptpad.fr/"
- footer='OS: Linux, macOS, Windows, Web.'
- %}
-
- {% include card.html color="primary"
+{%
+ include cardv2.html
title="Etherpad"
image="/assets/img/tools/Etherpad.png"
- url="https://etherpad.org/"
- footer="OS: Windows, macOS, Linux."
- description="Etherpad is a highly customizable Open Source online editor providing collaborative editing in really real-time. Etherpad allows you to edit documents collaboratively in real-time, much like a live multi-player editor that runs in your browser. Write articles, press releases, to-do lists, etc. Sites That Run Etherpad"
- %}
+ description="Etherpad is a highly customizable open source online editor providing collaborative editing in real-time. Here are a list of sites that run Etherpad."
+ website="https://etherpad.org/"
+ forum="https://forum.privacytools.io/t/discussion-etherpad-productivity-tools/1538"
+ github="https://github.com/ether/etherpad-lite"
+ web="https://github.com/ether/etherpad-lite/wiki/Sites-that-run-Etherpad"
+ windows="https://github.com/ether/etherpad-lite#windows"
+ linux="https://github.com/ether/etherpad-lite#installation"
+ mac="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ freebsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ openbsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ netbsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+%}
- {% include card.html color="warning"
+{%
+ include cardv2.html
title="Write.as"
image="/assets/img/tools/WriteAs.png"
- url="https://write.as/"
+ description="Write.as is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
+ website="https://write.as/"
+ forum="https://forum.privacytools.io/t/discussion-write-as-productivity-tools/1539"
tor="http://writeas7pm7rcdqg.onion"
- footer="OS: Windows, macOS, Linux, Android, iOS, Chrome OS, Web."
- description="Write.as is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
- %}
+ git="https://code.as/writeas"
+ web="https://write.as/pad"
+ windows="https://github.com/writeas/writeas-cli"
+ mac="https://github.com/writeas/writeas-cli"
+ linux="https://write.as/apps"
+ chrome="https://write.as/apps"
+ googleplay="https://play.google.com/store/apps/details?id=com.abunchtell.writeas"
+ ios="https://itunes.apple.com/app/apple-store/id1000755153"
+%}
+
+{%
+ include cardv2.html
+ title="MAT2"
+ image="/assets/img/tools/MAT2.png"
+ description="MAT2 is free software, which allows the removal of metadata of image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Nautilus, the default file manager of GNOME."
+ website="https://0xacab.org/jvoisin/mat2"
+ forum="https://forum.privacytools.io/t/discussion-mat/1559"
+ gitlab="https://0xacab.org/jvoisin/mat2"
+ windows="https://pypi.org/project/mat2/"
+ mac="https://pypi.org/project/mat2/"
+ linux="https://pypi.org/project/mat2/"
+ freebsd="https://pypi.org/project/mat2/"
+ openbsd="https://pypi.org/project/mat2/"
+ netbsd="https://pypi.org/project/mat2/"
+%}
Worth Mentioning
@@ -36,8 +75,9 @@
Cryptee - Free privacy-friendly service for storing Documents, files and Photos
EtherCalc - EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions.
-
disroot.org - Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.
-
dudle - An online scheduling application, which is free and OpenSource. Schedule meetings or make small online polls. No email collection or the need of registration.
VSCodium - Fork of Visual Studio Code editor without Microsoft's tracking
+
Disroot - Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.
+
dudle - An online scheduling application, free and open source. Schedule meetings or make small online polls. No email collection or the need of registration.
+
Framadate - A free and open source online service for planning an appointment or making a decision quickly and easily. No registration is required.
+{% include cardv2.html
+title="OpenWrt"
+image="/assets/img/tools/OpenWrt.png"
+description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
+badges="info:Linux"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://openwrt.org/"
+git="https://git.openwrt.org/"
+%}
- {% include card.html color="success"
- title="OpenWrt"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/OpenWrt.png"
- url="https://openwrt.org/"
- description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
- %}
+{% include cardv2.html
+title="pfSense"
+image="/assets/img/tools/pfSense.png"
+description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
+badges="info:BSD"
+labels="warning:contrib:This software may depend on or recommend non-free software."
+website="https://www.pfsense.org/"
+github="https://github.com/pfsense/"
+%}
- {% include card.html color="primary"
- title="pfSense"
- labels="warning:contrib:This software may depend on or recommend non-free software."
- image="/assets/img/tools/pfSense.png"
- url="https://www.pfsense.org/"
- description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
- %}
-
- {% include card.html color="warning"
- title="LibreCMC"
- image="/assets/img/tools/LibreCMC.png"
- url="https://librecmc.org"
- description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF).."
- %}
-
-
+{% include cardv2.html
+title="LibreCMC"
+image="/assets/img/tools/LibreCMC.png"
+description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
+badges="info:GNU/Linux"
+website="https://librecmc.org"
+git="https://gogs.librecmc.org/libreCMC/libreCMC"
+%}
Worth Mentioning
-
OpenBSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
-
DD-WRTcontrib - A is Linux-based firmware for wireless routers and wireless access points. It is compatible with several models of routers and access points.
+
OpenBSDBSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
+
DD-WRTLinuxcontrib - A is Linux-based firmware for wireless routers and wireless access points. It is compatible with several models of routers and access points.
diff --git a/_includes/sections/search-engines.html b/_includes/sections/search-engines.html
index 37e49982..d28f3f02 100644
--- a/_includes/sections/search-engines.html
+++ b/_includes/sections/search-engines.html
@@ -6,7 +6,7 @@
{% include cardv2.html
title="searx - Decentral"
-image="/assets/img/provider/searx.jpg"
+image="/assets/img/provider/searx.png"
description='An open source metasearch engine, aggregating the results of other search engines while not storing information about its users. No logs, no ads and no tracking. List of Instances or try search.privacytools.io'
website="https://searx.me/"
tor="http://ulrn6sryqaifefld.onion"
@@ -24,7 +24,7 @@ forum="https://forum.privacytools.io/t/discussion-startpage/284"
{% include cardv2.html
title="DuckDuckGo - USA"
-image="/assets/img/provider/DuckDuckGo.jpg"
+image="/assets/img/provider/DuckDuckGo.png"
description='The search engine that doesn\'t track you. Some of DuckDuckGo\'s code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA.'
website="https://duckduckgo.com/"
tor="http://3g2upl4pq6kufc4m.onion"
@@ -34,7 +34,7 @@ github="https://github.com/duckduckgo"
{% include cardv2.html
title="Qwant - France"
-image="/assets/img/provider/qwant.jpg"
+image="/assets/img/provider/Qwant.png"
description='Qwants philosophy is based on two principles: no user tracking and no filter bubble. Qwant was launched in France in February 2013. Privacy Policy.'
website="https://www.qwant.com/"
forum="https://forum.privacytools.io/t/discussion-qwant/286"
diff --git a/_includes/sections/social-networks.html b/_includes/sections/social-networks.html
index 8acac077..30718d58 100644
--- a/_includes/sections/social-networks.html
+++ b/_includes/sections/social-networks.html
@@ -11,9 +11,16 @@ description='Mastodon is a social network based on open web protocols and free,
website="https://joinmastodon.org/"
forum="https://forum.privacytools.io/t/discussion-mastodon/289"
github="https://github.com/tootsuite/mastodon"
-android=""
-ios=""
-web=""
+windows="https://joinmastodon.org/apps"
+mac="https://joinmastodon.org/apps"
+linux="https://joinmastodon.org/apps"
+freebsd="https://joinmastodon.org/apps"
+openbsd="https://joinmastodon.org/apps"
+netbsd="https://joinmastodon.org/apps"
+android="https://joinmastodon.org/apps"
+sailfish="https://joinmastodon.org/apps"
+ios="https://joinmastodon.org/apps"
+web="https://joinmastodon.org/#getting-started"
%}
{% include cardv2.html
@@ -23,8 +30,8 @@ description="diaspora* is based on three key philosophies: Decentralization, fre
website="https://diasporafoundation.org/"
forum="https://forum.privacytools.io/t/discussion-diaspora/290"
github="https://github.com/diaspora/diaspora"
-android=""
-web=""
+android="https://wiki.diasporafoundation.org/Tools_to_use_with_Diaspora#Android"
+web="https://diasporafoundation.org/"
%}
{% include cardv2.html
@@ -34,20 +41,21 @@ description="Friendica has an emphasis on extensive privacy settings and easy se
website="https://friendi.ca/"
forum="https://forum.privacytools.io/t/discussion-friendica/291"
github="https://github.com/friendica/friendica"
-windows=""
-linux=""
-android=""
-web=""
+windows="https://friendi.ca/resources/mobile-clients/"
+linux="https://friendi.ca/resources/mobile-clients/"
+android="https://friendi.ca/resources/mobile-clients/"
+sailfish="https://friendi.ca/resources/mobile-clients/"
+web="https://friendi.ca/"
%}
{% include cardv2.html
title="PixelFed - Instagram Alternative"
image="/assets/img/provider/pixelfed.png"
description='A free and ethical photo sharing platform, powered by ActivityPub federation. Pixelfed is an open-source, federated platform. You can run your own instance or join one.'
-website="https://pixelfed.social/"
+website="https://pixelfed.org/"
forum="https://forum.privacytools.io/t/discussion-pixelfed/293"
github="https://github.com/pixelfed"
-web=""
+web="https://pixelfed.org/"
%}
{% include cardv2.html
@@ -56,12 +64,8 @@ image="/assets/img/provider/gnu-social.png"
description="A social communication software for both public and private communications. It is widely supported and has a large userbase. It is already used by the Free Software Foundation."
website="https://gnu.io/social/"
forum="https://forum.privacytools.io/t/discussion-gnu-social/292"
-github="https://github.com/foocorp/gnu-social"
-android=""
-ios=""
-linux=""
-windows=""
-web=""
+gitlab="https://git.gnu.io/gnu/gnu-social/"
+web="https://gnu.io/social/"
%}
Worth Mentioning
diff --git a/_includes/sections/social-news-aggregator.html b/_includes/sections/social-news-aggregator.html
index 753727a9..20969791 100644
--- a/_includes/sections/social-news-aggregator.html
+++ b/_includes/sections/social-news-aggregator.html
@@ -8,15 +8,12 @@
title="Aether"
image="/assets/img/tools/aether.png"
description='Free/libre and open source decentralized social news aggregator with a built in voting system.'
-website="https://github.com/nehbit/aether"
+website="https://getaether.net/"
forum="https://forum.privacytools.io/t/discussion-aether/1256"
github="https://github.com/nehbit/aether"
-windows=""
-mac=""
-linux=""
-android=""
-ios=""
-bsd=""
+windows="https://getaether.net/download/"
+mac="https://getaether.net/download/"
+linux="https://getaether.net/download/"
%}
{% include cardv2.html
@@ -25,13 +22,8 @@ image="/assets/img/tools/tildes.png"
description='Tildes is a web-based self-hostable online bulletin board. It is licensed under GPL 3.0.'
website="https://tildes.net"
forum="https://forum.privacytools.io/t/discussion-tildes/1257"
-git="https://gitlab.com/tildes/"
-windows=""
-mac=""
-linux=""
-android=""
-ios=""
-bsd=""
+gitlab="https://gitlab.com/tildes/tildes"
+web="https://tildes.net"
%}
{% include cardv2.html
@@ -40,12 +32,8 @@ image="/assets/img/tools/raddle.png"
description="Raddle is a public Postmill instance focused on privacy and anti-censorship."
website="https://raddle.me"
forum="https://forum.privacytools.io/t/discussion-raddle/1258"
-git="https://gitlab.com/postmill/"
-windows=""
-mac=""
-linux=""
-android=""
-ios=""
+gitlab="https://gitlab.com/postmill/"
+web="https://raddle.me"
%}
- If your project or organization currently uses a team chat like Discord or Slack you should pick an alternative here.
+ If your project or organization currently uses a platform like Discord or Slack you should pick an alternative here.
-{% include cardv2.html
-title="Rocket.chat"
-image="/assets/img/tools/rocket.chat.png"
-description="Rocket.chat is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE. Experimental "
-website="https://rocket.chat/"
-forum="https://forum.privacytools.io/t/discussion-rocket-chat/1223"
-github="https://github.com/rocketchat/"
-android=""
-ios=""
-mac=""
-windows=""
-linux=""
+{%
+ include cardv2.html
+ title="Rocket.chat"
+ image="/assets/img/tools/rocket.chat.png"
+ description="Rocket.chat is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE."
+ labels="warning:Experimental:Regarding E2EE their documentation states 'This feature is currently in alpha. It's also not yet supported on mobile'. There is no forward secrecy so compromised decryption password would leak all messages. The federation was also added afterwards potentially causing room for mistakes."
+ website="https://rocket.chat/"
+ forum="https://forum.privacytools.io/t/discussion-rocket-chat/1223"
+ github="https://github.com/rocketchat/"
+ windows="https://rocket.chat/install"
+ mac="https://itunes.apple.com/us/app/rocket-chat/id1086818840"
+ linux="https://rocket.chat/install"
+ fdroid="https://f-droid.org/packages/chat.rocket.android"
+ googleplay="https://play.google.com/store/apps/details?id=chat.rocket.android"
+ ios="https://itunes.apple.com/app/rocket-chat/id1148741252"
%}
-{% include cardv2.html
-title="Keybase"
-image="/assets/img/tools/keybase.png"
-description='Keybase provides a hosted team chat with end-to-end encryption. It has also been indepedently audited (PDF). experimental (GitHub issue)'
-website="https://keybase.io/"
-forum="https://forum.privacytools.io/t/discussion-keybase/1224"
-github="https://github.com/Keybase"
-android=""
-ios=""
-mac=""
-windows=""
-linux=""
-web=""
+{%
+ include cardv2.html
+ title="Keybase"
+ image="/assets/img/tools/keybase.png"
+ description='Keybase provides a hosted team chat with end-to-end encryption. It has also been indepedently audited (PDF).'
+ labels="warning:Warning:The server side of Keybase runs on proprietary code and is centralized."
+ website="https://keybase.io/"
+ forum="https://forum.privacytools.io/t/discussion-keybase/1224"
+ tor="http://keybase5wmilwokqirssclfnsqrjdsi7jdir5wy7y7iu3tanwmtp6oid.onion/"
+ github="https://github.com/Keybase"
+ windows="https://keybase.io/docs/the_app/install_windows"
+ mac="https://keybase.io/docs/the_app/install_macos"
+ linux="https://keybase.io/docs/the_app/install_linux"
+ freebsd="https://www.freshports.org/security/keybase/"
+ googleplay="https://play.google.com/store/apps/details?id=io.keybase.ossifrage&hl=en_US"
+ ios="https://keybase.io/_/download/keybase-for-ios"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/keybase-for-firefox/"
+ chrome="https://chrome.google.com/webstore/detail/keybase-for-reddit/ognfafcpbkogffpmmdglhbjboeojlefj"
+ web="https://keybase.io/"
%}
Worth Mentioning
-
Wire Pro - Paid team communication with E2EE. Untested
+
Wire Pro - Paid team communication with E2EE. Untested
- If you are currently using a Video & Voice Messenger like Skype, Viber or Google Hangouts, you should pick an alternative here.
+ If you are currently using a Video/Voice Calling app like Skype, Viber or Google Hangouts, you should pick an alternative here. Please note that many of the above instant messengers also support VoIP. The software listed below are primarily Voice/Video focused.
-{% include cardv2.html
-title="Mobile: Signal"
-image="/assets/img/tools/Signal.png"
-website="https://signal.org"
-description="Signal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling.
-All communications are end-to-end encrypted. Signal is free and open source."
-forum="https://forum.privacytools.io/t/discussion-signal/664"
-github="https://github.com/signalapp"
-android=""
-ios=""
-mac=""
-windows=""
-linux=""
-footer="OS: Android, iOS, macOS, Windows, Linux"
-%}
-
-{% include cardv2.html
-title="Wire"
-image="/assets/img/tools/wire.png"
-website="https://wire.com/download/"
-description="Wire is an app developed by Wire Swiss GmbH.
-The Wire app allows users to exchange end-to-end encrypted instant messages, as well as make voice and video calls. Wire is free and open source. Caution "
-forum="https://forum.privacytools.io/t/discussion-wire/750"
-github="https://github.com/wireapp"
-android=""
-ios=""
-mac=""
-windows=""
-linux=""
-web=""
-%}
-
{% include cardv2.html
title="Linphone"
image="/assets/img/tools/Linphone.png"
@@ -43,28 +11,40 @@ website="https://www.linphone.org/"
description="Linphone is an open source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication."
forum="https://forum.privacytools.io/t/discussion-linphone/751"
github="https://github.com/BelledonneCommunications"
-ios=""
-android=""
-windows=""
-linux=""
-mac=""
-web=""
+windows="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+linux="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+mac="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+fdroid="https://f-droid.org/packages/org.linphone"
+googleplay="https://play.google.com/store/apps/details?id=org.linphone"
+ios="https://itunes.apple.com/us/app/linphone/id360065638?mt=8"
%}
-
-
+{% include cardv2.html
+title="Mumble"
+image="/assets/img/tools/Mumble.png"
+website="https://mumble.info/"
+description="Mumble is an open source, low-latency, high quality voice chat software primarily intended for use while gaming. Note that while Mumble doesn't log messages or record by default, it's missing end-to-end encryption, so self-hosting is recommended."
+forum="https://forum.privacytools.io/t/discussion-mumble/1289"
+github="https://github.com/mumble-voip/"
+windows="https://www.mumble.info/downloads"
+linux="https://www.mumble.info/downloads"
+mac="https://www.mumble.info/downloads"
+android="https://www.mumble.info/downloads/#third-party-clients"
+ios="https://apps.apple.com/us/app/mumble/id443472808?ls=1"
+%}
Worth Mentioning
-
Jitsi - Jitsi is a free and open source multiplatform voice (VoIP), videoconferencing and instant messaging application.
-
Tox - Experimental A free and open-source, peer-to-peer, encrypted instant messaging and video calling software.
-
Jami (formerly Ring/SFLphone) - Gives you a full control over your communications and an unmatched level of privacy.
+
Jitsi Meet - Jitsi Meet is a free and open source multiplatform voice (VoIP), videoconferencing and instant messaging application. Requires WebRTC
- All providers listed here are outside the US, use encryption, accept Bitcoin, support OpenVPN and have a no logging policy.
+ Our recommended provider is outside the US, uses encryption, accepts Bitcoin, supports OpenVPN, and has a no logging policy. Read our full list of criteria for more information.
-{% assign eur_to_usd = 1.14 %}
-
-
-
-
-
VPN Provider
-
Website
-
Since
-
Yearly Price
-
Free Trial
-
# Servers
-
WireGuard
-
Jurisdiction
-
-
-
-
-
-
-
-
-
-
2010
-
54 €
-
Yes
-
162
-
No
-
Italy
-
+
-
-
-
-
-
-
-
-
2012
-
45 €
-
Yes
-
22
-
Yes
-
Sweden
-
+
+
+
+
+
+
Mullvad EUR €60/Year
+
Mullvad is a fast and inexpensive VPN with a serious focus on transparency and security, they have been in operation since 2009. It is the only VPN provider that currently meets our criteria for recommendation. Mullvad is based in Sweden and does not have a free trial. Visit mullvad.net to create an account.
+
409+ Servers
+
Mullvad has 409 servers in 38 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.
+
WireGuard Support
+
In addition to standard OpenVPN connections, Mullvad supports Wireguard. Wireguard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
+
Independently Audited
+
Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:
+
+
...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
+
+
Accepts Bitcoin
+
Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.
+
No Mobile Clients
+
While iOS and Android clients are reportedly in the works, mobile users will need to use a traditional OpenVPN client and configuration files, which are a bit more difficult to configure.
+
Extra Functionality
+
The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at xcln5hkbriyklr6n.onion.
- Note: Using a VPN provider will not make you anonymous. But it will give you a better privacy. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.
+ Note: Using a VPN provider will not make you anonymous, but it will give you better privacy in certain situations. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.
ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. Unfortunately due to its lack of an independent security audit it does not meet the complete criteria for recommendation, see our notes below.
+
Not Audited
+
ProtonVPN has not undergone a security audit by an independent third party, and therefore cannot be strongly recommended at this time. We have still chosen to list it on this page with the assumption that an audit will be published soon:
+
+
We are currently undergoing a complete security audit of our VPN applications by a reputable Swiss security company. The results of the audit will be summarized in a public report for cases like this.
+
+
+
We will reevaluate this listing at the end of 2019 or when the aforementioned report has been published, whichever is sooner.
+
442+ Servers
+
ProtonVPN has 442 servers in 33 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.
+
Accepts Bitcoin
+
ProtonVPN does technically accept Bitcoin payments, however you either need to have an existing account, or contact their support team in advance to register with Bitcoin.
+
Mobile Clients
+
In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for iOS or Android allowing for easy connections to their servers.
+
Extra Functionality
+
The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.
+
+
+
+
+
+
+
IVPN USD $100/Year
+
IVPN is another strong premium VPN provider, and they have been in operation since 2009. IVPN is based in Gibraltar and offers a 3 day free trial. Unfortunately due to its lack of an independent security audit it does not meet the complete criteria for recommendation, see our notes below.
+
No Security Audit
+
IVPN has undergone a no-logging audit from Cure53 which concluded in agreement with IVPN's no-logging claim. However, IVPN has not undergone a more comprehensive security audit by an independent third party, and therefore cannot be strongly recommended at this time. We have still chosen to list it on this page with the assumption that an audit will be published soon: The IVPN team reportedly plans to begin the process in September.
+
We will reevaluate this listing at the end of 2019 or when the aforementioned report has been published, whichever is sooner.
+
70+ Servers
+
IVPN has 70 servers in 29 countries at the time of writing this page. Typically the more servers a provider offers, the better. IVPN has a decent (but not exceptional) server count that will most likely provide adequate coverage to most users.
+
Accepts Bitcoin
+
In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin and cash/local currency (on annual plans) as anonymous forms of payment.
+
Mobile Clients
+
In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for iOS or Android allowing for easy connections to their servers.
+
Extra Functionality
+
The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "AntiTracker" functionality, which blocks advertising networks and trackers from the network level.
+
+
+
diff --git a/_includes/sections/windows10.html b/_includes/sections/windows10.html
index c8a1977a..195fdd7c 100644
--- a/_includes/sections/windows10.html
+++ b/_includes/sections/windows10.html
@@ -4,7 +4,7 @@
Microsoft introduced a lot of new features in Windows 10 such as Cortana. However, most of them are violating your privacy.
+
+
diff --git a/assets/webfonts/ptio-font.eot b/assets/webfonts/ptio-font.eot
new file mode 100644
index 00000000..da3e19b0
Binary files /dev/null and b/assets/webfonts/ptio-font.eot differ
diff --git a/assets/webfonts/ptio-font.svg b/assets/webfonts/ptio-font.svg
new file mode 100644
index 00000000..85940b6e
--- /dev/null
+++ b/assets/webfonts/ptio-font.svg
@@ -0,0 +1,147 @@
+
+
+
+
diff --git a/assets/webfonts/ptio-font.ttf b/assets/webfonts/ptio-font.ttf
new file mode 100644
index 00000000..92f93e55
Binary files /dev/null and b/assets/webfonts/ptio-font.ttf differ
diff --git a/assets/webfonts/ptio-font.woff b/assets/webfonts/ptio-font.woff
new file mode 100644
index 00000000..8cb1c763
Binary files /dev/null and b/assets/webfonts/ptio-font.woff differ
diff --git a/assets/webfonts/ptio-font.woff2 b/assets/webfonts/ptio-font.woff2
new file mode 100644
index 00000000..bd2cdebd
Binary files /dev/null and b/assets/webfonts/ptio-font.woff2 differ
diff --git a/contact.md b/contact.md
index c4d02145..50a49f09 100644
--- a/contact.md
+++ b/contact.md
@@ -17,7 +17,7 @@ It's very important to us to stay up-to-date on the latest changes in the privac
For complete transparency, software and providers will only be considered for this website after discussions take place on either of the above platforms.
- New: We're now on Matrix! Join us at `#general:privacytools.io` to chat with us and other members about this site and privacy in general. If you need a Matrix account, you can sign up with our own homeserver (`https://chat.privacytools.io`) using [riot.privacytools.io](https://riot.privacytools.io/) or any Matrix client! If you prefer XMPP, you're welcome to [use the Matrix.org XMPP bridge to join the discussion](https://conversations.im/j/%23general%23privacytools.io@bridge.xmpp.matrix.org).
+We're on Matrix! Join us at `#general:privacytools.io` to chat with us and other members about this site and privacy in general. If you need a Matrix account, you can sign up with our own homeserver (`https://chat.privacytools.io`) using [riot.privacytools.io](https://riot.privacytools.io/) or any Matrix client!
## Abuse
diff --git a/font/Gemfile b/font/Gemfile
new file mode 100644
index 00000000..6e854e65
--- /dev/null
+++ b/font/Gemfile
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gem "fontcustom", "~> 2.0"
diff --git a/font/Gemfile.lock b/font/Gemfile.lock
new file mode 100644
index 00000000..0ace0a2a
--- /dev/null
+++ b/font/Gemfile.lock
@@ -0,0 +1,27 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ ffi (1.11.1)
+ fontcustom (2.0.0)
+ json (~> 1.4)
+ listen (>= 1.0, < 4.0)
+ thor (~> 0.14)
+ json (1.8.6)
+ listen (3.1.5)
+ rb-fsevent (~> 0.9, >= 0.9.4)
+ rb-inotify (~> 0.9, >= 0.9.7)
+ ruby_dep (~> 1.2)
+ rb-fsevent (0.10.3)
+ rb-inotify (0.10.0)
+ ffi (~> 1.0)
+ ruby_dep (1.5.0)
+ thor (0.20.3)
+
+PLATFORMS
+ ruby
+
+DEPENDENCIES
+ fontcustom (~> 2.0)
+
+BUNDLED WITH
+ 2.0.1
diff --git a/font/LICENSE b/font/LICENSE
new file mode 100644
index 00000000..b5d0c56e
--- /dev/null
+++ b/font/LICENSE
@@ -0,0 +1,13 @@
+Copyright (c) 2019, Dawid Potocki
+
+Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
diff --git a/font/Makefile b/font/Makefile
new file mode 100644
index 00000000..c1ceb61a
--- /dev/null
+++ b/font/Makefile
@@ -0,0 +1,11 @@
+build:
+ bundle exec fontcustom compile -F
+ mv ptio-font.woff assets/webfonts
+ mv _sass/ptio-font.css ../_sass/ptio-font.scss
+ mv assets/webfonts/* ../assets/webfonts/
+ sed -i -e 's/..\/assets\//..\//g' ../_sass/ptio-font.scss
+
+default:
+ build
+
+.PHONY: build
diff --git a/font/README.md b/font/README.md
new file mode 100644
index 00000000..769b1312
--- /dev/null
+++ b/font/README.md
@@ -0,0 +1,39 @@
+# ptio-font
+
+This font contains icons we need, which Font Awesome does not have.
+
+| Name | CSS class | Issue |
+|--- |--- |--- |
+| F-Droid | `ptio-f-droid` | https://github.com/FortAwesome/Font-Awesome/issues/15492 |
+| iOS | `ptio-ios` | https://github.com/FortAwesome/Font-Awesome/issues/4935 |
+| macOS | `ptio-macos` | https://github.com/FortAwesome/Font-Awesome/issues/4936 |
+| OpenBSD | `ptio-openbsd` | https://github.com/FortAwesome/Font-Awesome/issues/5345 |
+| NetBSD | `ptio-netbsd` | https://github.com/FortAwesome/Font-Awesome/issues/15496 |
+| Sailfish OS | `ptio-sailfish-os` | https://github.com/FortAwesome/Font-Awesome/issues/15498 |
+
+We also have custom Linux icon (`ptio-linux`), because I (@dawidpotocki) made it before and looks cleaner.
+And since we are bundling additional font anyway, why not.
+
+## Building
+
+To build the font, you will need some of the following tools installed.
+
+| Name | Notes |
+|--- |--- |
+| `make` | Use distro's package manager |
+| `ruby` | Use distro's package manager |
+| `bundler` | Run `gem install bundler` |
+| | |
+| | |
+| `woff-tools` | Use distro's package manager |
+| or | |
+| `yarn` or `npm` | Use distro's package manager |
+| `sfnt2woff` | Run `yarn global add sfnt2woff` or `npm install -g sfnt2woff` |
+
+Then just run the following commands to build the font:
+
+```
+$ cd font/
+$ bundle # it will install FontCustom
+$ make build # it will build a font and css
+```
diff --git a/font/fontcustom.yml b/font/fontcustom.yml
new file mode 100644
index 00000000..22594e09
--- /dev/null
+++ b/font/fontcustom.yml
@@ -0,0 +1,15 @@
+font_name: ptio-font
+css_selector: .ptio-{{glyph}}
+preprocessor_path: ""
+autowidth: false
+no_hash: true
+force: false
+debug: false
+quiet: false
+
+input:
+ vectors: svg
+
+output:
+ fonts: assets/webfonts
+ css: _sass
diff --git a/font/svg/f-droid.svg b/font/svg/f-droid.svg
new file mode 100644
index 00000000..de1391b2
--- /dev/null
+++ b/font/svg/f-droid.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/font/svg/ios.svg b/font/svg/ios.svg
new file mode 100644
index 00000000..1be11979
--- /dev/null
+++ b/font/svg/ios.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/font/svg/linux.svg b/font/svg/linux.svg
new file mode 100644
index 00000000..9649ed4f
--- /dev/null
+++ b/font/svg/linux.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/font/svg/macos.svg b/font/svg/macos.svg
new file mode 100644
index 00000000..97b0f62c
--- /dev/null
+++ b/font/svg/macos.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/font/svg/netbsd.svg b/font/svg/netbsd.svg
new file mode 100644
index 00000000..f98c870c
--- /dev/null
+++ b/font/svg/netbsd.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/font/svg/openbsd.svg b/font/svg/openbsd.svg
new file mode 100644
index 00000000..ba4f968b
--- /dev/null
+++ b/font/svg/openbsd.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/font/svg/sailfish-os.svg b/font/svg/sailfish-os.svg
new file mode 100644
index 00000000..1f77e6eb
--- /dev/null
+++ b/font/svg/sailfish-os.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/pages/old.html b/pages/old.html
index ee7cc30b..554a8017 100644
--- a/pages/old.html
+++ b/pages/old.html
@@ -41,6 +41,8 @@ permalink: /classic/
{% include sections/voice-video-messenger.html %}
+{% include sections/teamchat.html %}
+
{% include sections/file-sharing.html %}
{% include sections/cloud-storage.html %}
diff --git a/pages/providers.html b/pages/providers.html
index a27be1d6..e78f9a4a 100644
--- a/pages/providers.html
+++ b/pages/providers.html
@@ -11,13 +11,15 @@ description: "There's a ton of people providing services online. Discover which
@@ -25,4 +27,4 @@ description: "There's a ton of people providing services online. Discover which
{% include sections/key-disclosure-law.html %}
-{% include sections/warrant-canary.html %}
\ No newline at end of file
+{% include sections/warrant-canary.html %}
diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index 8c76475d..5db0b47e 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -20,6 +20,118 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
{% include sections/vpn.html %}
+
+
Our VPN Provider Criteria
+
+
Please note we are not affiliated with any of the providers we recommend. This allows us to provide completely objective recommendations. We have developed a clear set of requirements for any VPN provider wishing to be recommended, including strong encryption, independent security audits, modern technology, and more. We suggest you familiarize yourself with this list before choosing a VPN provider, and conduct your own research to ensure the VPN provider you choose is as trustworthy as possible.
+
+
+
+
+
Jurisdiction
+
Operating outside the five/nine/fourteen-eyes countries is not a guarantee of privacy necessarily, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on global mass surveillance and avoiding the US and UK to learn more about why we feel this is important.
+
+
+
Minimum to Qualify:
+
+
Operating outside the USA or other Five Eyes countries.
+
+
+
+
Best Case:
+
+
Operating outside the USA or other Fourteen Eyes countries.
+
Operating inside a country with strong consumer protection laws.
+
+
+
+
+
Technology
+
We require all our recommended VPN providers to provide OpenVPN configuration files to be used in any client. If a VPN provides their own custom client, we require a kill-switch to block network data leaks when disconnected.
+
+
+
Minimum to Qualify:
+
+
OpenVPN support.
+
Kill switch built in to clients.
+
+
+
+
Best Case:
+
+
OpenVPN and Wireguard support.
+
Kill-switch with highly configurable options (enable/disable on certain networks, on boot, etc.)
+
Easy-to-use mobile clients, especially open-source.
+
+
+
+
+
Anonymity
+
We prefer our recommended providers to collect as little data as possible. Not collecting personal information on registration, and accepting anonymous forms of payment are required.
+
+
+
Minimum to Qualify:
+
+
Bitcoin or cash payment option.
+
No personal information required to register: Only username, password, and email at most.
+
+
+
+
Best Case:
+
+
Accepts Bitcoin, cash, and other forms of cryptocurrency and/or anonymous payment options (gift cards, etc.)
+
No personal information accepted (autogenerated username, no email required, etc.)
+
+
+
+
+
Security
+
A VPN is pointless if it can't even provide adequate security. We require all our recommended providers to abide by current security standards for their OpenVPN connections. Ideally, they would use more future-proof encryption schemes by default. We also require an independent third-party to audit the provider's security. Ideally in a very comprehensive manner and on a repeated (yearly) basis.
+
+
+
Minimum to Qualify:
+
+
Strong Encryption Schemes: OpenVPN with SHA-256 authentication; RSA-2048 or better handshake; AES-256-GCM or AES-256-CBC data encryption.
+
Perfect Forward Secrecy (PFS).
+
Published security audits from a reputable third-party firm.
+
+
+
+
Best Case:
+
+
Strongest Encryption: RSA-4096.
+
Perfect Forward Secrecy (PFS).
+
Comprehensive published security audits from a reputable third-party firm.
+
Bug-bounty programs and/or a coordinated vulnerability-disclosure process
+
+
+
+
+
Trust
+
You wouldn't trust your finances to someone with a fake identity, so why trust them with your internet data? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.
+
+
+
Minimum to Qualify:
+
+
Public-facing leadership or ownership.
+
+
+
+
Best Case:
+
+
Public-facing leadership.
+
Frequent transparency reports.
+
+
+
+
+
Additional Functionality
+
While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.
+
+
+
+
+
Further Information and Dangers
@@ -61,3 +173,34 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
diff --git a/pages/software.html b/pages/software.html
index 4386be18..1c1d74ef 100644
--- a/pages/software.html
+++ b/pages/software.html
@@ -9,18 +9,17 @@ description: "Discover a variety of open source software built to protect your p
+
+ 
+
@@ -73,19 +72,44 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
- 
- 
- 
+ 
+ 
+ 
+