fix wording

Co-authored-by: Jonah Aragon <jonah@triplebit.net>

_includes/head.html

@@ -61,5 +61,5 @@
 
   <!-- CSS stylesheets -->
   <link href="/assets/css/style.css?v=9" rel="stylesheet">
-  <link id="dark-css" href="/assets/css/dark.css?v=4" rel="stylesheet" media="(prefers-color-scheme: dark)">
+  {% unless page.url == '/sponsors/' %}<link id="dark-css" href="/assets/css/dark.css?v=4" rel="stylesheet" media="(prefers-color-scheme: dark)">{% endunless %}
 </head>

_includes/nav.html

@@ -113,7 +113,7 @@
         </a>
         <a href="/about/" class="nav-anchor">
           About Us
-        </a>
+        </a>{% unless page.url == '/sponsors/' %}
         <span id="nav-switch-theme" class="nav-anchor">
           <span class="nav-theme-icon fas fa-fw" aria-hidden="true" title="Theme"></span>
           <span class="sr-only">Toggle Theme</span>
@@ -138,7 +138,7 @@
             <a href="https://privacytools.ru" rel="nofollow noopener" class="dropdown-item">Русский</a>
             <a href="https://privacytools.dreads-unlock.fr" rel="nofollow noopener" class="dropdown-item">Français</a>
           </span>
-        </details>
+        </details>{% endunless %}
       </div>
     </div>
   </div>

_includes/scripts.html

@@ -3,12 +3,3 @@
 <script src="/assets/js/bootstrap.min.js?v=4"></script>
 <script src="/assets/js/sortable.min.js?v=4"></script>
 <script src="/assets/js/main.js?v=5"></script>
-
-<!--
-  Matomo is the leading open-source analytics platform:
-  - Free open-source software
-  - 100% data ownership
-  - User privacy protection
--->
-
-<noscript><img src="https://stats.privacytools.io/matomo.php?idsite=1&amp;rec=1" class="border-0" alt=""/></noscript>

_includes/sections/android-addons.html

@@ -18,7 +18,7 @@
     </div>
     <div class="col">
     <h3>Tor for Android with <a href="https://guardianproject.info/apps/orbot/">Orbot</a></h3>
-    <p><strong>Orbot</strong> is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world. <strong>Root Mode:</strong> Orbot can be configured to transparently proxy all of your Internet traffic through Tor. You can also choose which specific apps you wish to use through Tor.</p>
+    <p><strong>Orbot</strong> is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world.</p>
     </div>
   </div>
 
@@ -28,6 +28,6 @@
 
 <ul>
   <li>
-    <a href="/providers/dns#clients">Our DNS client recommendations</a>, which have information on enabling encrypted DNS on Android.
+    <a href="/providers/dns#dns-android-clients">Our DNS client recommendations</a>, which have information on enabling encrypted DNS on Android.
   </li>
 </ul>

_includes/sections/browser-addons.html

@@ -7,7 +7,7 @@
 {% include cardv2.html
   title="uBlock Origin: Block Ads and Trackers"
   image="/assets/img/svg/3rd-party/ublock_origin.svg"
-  description="<strong>uBlock Origin</strong> is an efficient <a href=https://github.com/gorhill/uBlock/wiki/Blocking-mode>wide-spectrum blocker</a> that is easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely open source."
+  description="<p><strong>uBlock Origin</strong> is an efficient <a href=https://github.com/gorhill/uBlock/wiki/Blocking-mode>wide-spectrum blocker</a> that is easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely open source. <a href=https://github.com/gorhill/uBlock/wiki/Advanced-user-features>Advanced mode</a> allows for <a href=https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-quick-guide>dynamic filtering</a>. Dynamic filtering allows for extended blocking similar to NoScript and uMatrix (E.g. <a href=https://github.com/gorhill/uBlock/wiki/Blocking-mode:-medium-mode>medium</a> or <a href=https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-mode>hard</a>) blocking.</p>"
   website="https://addons.mozilla.org/firefox/addon/ublock-origin/"
   privacy-policy="https://github.com/gorhill/uBlock/wiki/Privacy-policy"
   forum="https://forum.privacytools.io/t/discussion-ublock-origin/266"
@@ -31,19 +31,6 @@
   opera="https://addons.opera.com/en/extensions/details/https-everywhere"
 %}
 
-{% include cardv2.html
-  title="Decentraleyes: Block Content Delivery Networks"
-  image="/assets/img/svg/3rd-party/decentraleyes.svg"
-  description="<strong>Decentraleyes</strong> emulates Content Delivery Networks locally by intercepting requests, finding the required resource, and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required."
-  website="https://decentraleyes.org/"
-  privacy-policy="https://decentraleyes.org/privacy-policy/"
-  forum="https://forum.privacytools.io/t/discussion-decentraleyes/269"
-  gitlab="https://git.synz.io/Synzvato/decentraleyes"
-  firefox="https://addons.mozilla.org/firefox/addon/decentraleyes"
-  chrome="https://chrome.google.com/webstore/detail/decentraleyes/ldpochfccmkkmhdbclfhpagapcfdljkj"
-  opera="https://addons.opera.com/extensions/details/decentraleyes"
-%}
-
 {% include cardv2.html
   title="ClearURLs"
   image="/assets/img/svg/3rd-party/clearurls.svg"
@@ -57,23 +44,40 @@
   edge="https://microsoftedge.microsoft.com/addons/detail/mdkdmaickkfdekbjdoojfalpbkgaddei"
 %}
 
-<h2>Additional Functionality</h2>
+{% include cardv2.html
+  title="xBrowserSync"
+  image="/assets/img/svg/3rd-party/xbrowsersync.svg"
+  description='<strong>xBrowserSync</strong> synchronizes bookmarks across devices and browsers with end-to-end encryption. Data is encrypted and decrypted on the device, no one but you can read it. No registration is needed, just enter a randomly generated id or QR code on all devices. <a href="https://www.xbrowsersync.org/#status">Different servers</a> are available, and it can also be <a href="https://github.com/xbrowsersync/api-docker">self-hosted</a>.'
+  website="https://www.xbrowsersync.org/"
+  privacy-policy="https://www.xbrowsersync.org/privacypolicy"
+  github="https://github.com/xbrowsersync"
+  firefox="https://addons.mozilla.org/firefox/addon/xbs/"
+  chrome="https://chrome.google.com/webstore/detail/xbrowsersync/lcbjdhceifofjlpecfpeimnnphbcjgnc"
+  googleplay="https://play.google.com/store/apps/details?id=com.xBrowserSync.android"
+%}
+
+<h3>Worth Mentioning</h3>
+
+<ul>
+  <li><a href="https://floccus.org/">floccus</a> - Synchronize bookmarks across browsers via Nextcloud, WebDAV or a local file (and thus any file sync solution). For <a href="https://addons.mozilla.org/firefox/addon/floccus/">Firefox</a>, <a href="https://chrome.google.com/webstore/detail/floccus-bookmarks-sync/fnaicdffflnofjppbagibeoednhnbjhg">Chrome</a>, <a href="https://microsoftedge.microsoft.com/addons/detail/gjkddcofhiifldbllobcamllmanombji">Edge</a>.</li>
+</ul>
+
+<h2 id="afunc" class="anchor"><a href="#afunc"><i class="fas fa-link anchor-icon"></i></a> Additional Functionality</h2>
 
 <div class="alert alert-secondary" role="alert">
   These add-ons don't necessarily add to your privacy when browsing the web, but add additional functionality to your browser you may find useful.
 </div>
 
 {% include cardv2.html
-  title="Terms of Service; Didn’t Read: Be Informed"
-  image="/assets/img/svg/3rd-party/terms_of_service_didnt_read.svg"
-  description='<strong>Terms of Service; Didn’t Read</strong> is an addon that believes "I have read and agree to the Terms of Service" is the biggest lie on the web, and wants to fix it by grading websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analysis and ratings are published transparently by a community of reviewers.'
-  website="https://tosdr.org/"
-  privacy-policy="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/privacy/"
-  forum="https://forum.privacytools.io/t/discussion-terms-of-service-didn-t-read/270"
-  github="https://github.com/tosdr/"
-  firefox="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/"
-  chrome="https://chrome.google.com/webstore/detail/terms-of-service-didn%E2%80%99t-r/hjdoplcnndgiblooccencgcggcoihigg"
-  opera="https://addons.opera.com/extensions/details/terms-of-service-didnt-read"
+title="PrivacySpy"
+  image="/assets/img/svg/3rd-party/privacyspy.svg"
+  description="<strong>PrivacySpy</strong> uses a consistent rubric to grade major services' privacy practices on a ten-point scale. It's a new open source project that is dedicated to making privacy policies more accessible."
+  website="https://privacyspy.org/"
+  privacy-policy="https://privacyspy.org/terms-and-privacy"
+  forum="https://forum.privacytools.io/t/discussion-privacyspy/4508"
+  github="https://github.com/politiwatch"
+  firefox="https://addons.mozilla.org/firefox/addon/privacyspy"
+  chrome="https://chrome.google.com/webstore/detail/ppembnadnhiknioggbglgiciihgmkmnd"
 %}
 
 {% include cardv2.html
@@ -87,9 +91,7 @@
   chrome="https://chrome.google.com/webstore/detail/snowflake/mafpmfcccpbjnhfhjnllmmalhifmlcie"
 %}
 
-<h2>Persistent storage management</h2>
-
-<h3>Desktop</h3>
+<h2 id="psmanage" class="anchor"><a href="#psmanage"><i class="fas fa-link anchor-icon"></i></a> Persistent storage management (Desktop only)</h2>
 
 <div class="alert alert-warning" role="alert">
   These add-ons are the preferred method for controlling persistent storage data that various websites and web-apps may create on your computer.
@@ -117,34 +119,7 @@
   firefox="https://addons.mozilla.org/firefox/addon/multi-account-containers/"
 %}
 
-<h3>Android</h3>
-
-<div class="alert alert-warning" role="alert">
-  Unfortunately the Android version of Firefox <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1398097">doesn't support managing tabs as containers</a>. The recommended extensions below are a substitute, however as APIs do not exist for clearing <a href="https://en.wikipedia.org/wiki/Indexed_Database_API">IndexedDB</a>, <a href="https://en.wikipedia.org/wiki/Progressive_web_application#Service_workers">Service Workers</a> cache, <a href="https://en.wikipedia.org/wiki/Progressive_web_application#AppCache_(obsolete)">appCache</a>, or cache by host. As a result they are not as good as the above Temporary Container suggestions.
-</div>
-
-{% include cardv2.html
-  title="ETag Stoppa"
-  image="/assets/img/svg/3rd-party/etag_stoppa.svg"
-  description="<strong>ETag Stoppa</strong> Prevents Firefox from storing entity tags by removing ETag response headers unconditionally and without exceptions."
-  website="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
-  forum=""
-  github="https://github.com/claustromaniac/etag-stoppa"
-  firefox="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
-%}
-
-{% include cardv2.html
-  title="Cookie AutoDelete: Automatically Delete Cookies"
-  image="/assets/img/png/3rd-party/cookie_autodelete.png"
-  description="<strong>Cookie AutoDelete</strong> automatically removes cookies, lingering sessions, and other information that can be used to spy on you when they are no longer used by open browser tabs."
-  website="https://addons.mozilla.org/firefox/addon/cookie-autodelete/"
-  forum="https://forum.privacytools.io/t/discussion-cookie-autodelete/267"
-  github="https://github.com/Cookie-AutoDelete/Cookie-AutoDelete"
-  firefox="https://addons.mozilla.org/firefox/addon/cookie-autodelete"
-  chrome="https://chrome.google.com/webstore/detail/cookie-autodelete/fhcgjolkccmbidfldomjliifgaodjagh"
-%}
-
-<h2>For Advanced Users</h2>
+<h2 id="advaddons" class="anchor"><a href="#advaddons"><i class="fas fa-link anchor-icon"></i></a> For Advanced Users</h2>
 
 <div class="alert alert-warning" role="alert">
   These addons require quite a lot of interaction from the user, and some of them completely replace the add-ons we've recommended above. Some sites may not work properly without careful configuration.
@@ -153,7 +128,7 @@
 {% include cardv2.html
   title="uMatrix: Stop Cross-Site Requests"
   image="/assets/img/png/3rd-party/umatrix.png"
-  description="<strong>uMatrix</strong> gives you control over the requests that websites make to other websites. Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. uMatrix allows 1st party scripts in its default configuration. If you want the default functionality of NoScript consider <a href=https://github.com/gorhill/uMatrix/wiki/How-to-block-1st-party-scripts-everywhere-by-default>blocking 1st party scripts everywhere by default</a>."
+  description="<strong>uMatrix</strong> gives you control over the requests that websites make to other websites. Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. uMatrix allows 1st party scripts in its default configuration. If you want the default functionality of NoScript consider <a href=https://github.com/gorhill/uMatrix/wiki/How-to-block-1st-party-scripts-everywhere-by-default>blocking 1st party scripts everywhere by default</a>. <strong>This addon has been <a href=https://github.com/uBlockOrigin/uMatrix-issues/issues/291#issuecomment-694988696>discontinued</a>.</strong>"
   website="https://addons.mozilla.org/firefox/addon/umatrix/"
   privacy-policy="https://github.com/gorhill/uMatrix/wiki/Privacy-policy"
   forum="https://forum.privacytools.io/t/discussion-umatrix/271"

_includes/sections/browser-advanced-tweaks.html

@@ -1,4 +1,4 @@
-<h1 id="about_config" class="anchor"><a href="#about_config"><i class="fas fa-link anchor-icon"></i></a> Firefox: Privacy Related "about:config" Tweaks</h1>
+<h1 id="about_config" class="anchor"><a href="#about_config"><i class="fas fa-link anchor-icon"></i></a> Firefox: Advanced Privacy Tweaks using "about:config"</h1>
 
 <div class="alert alert-success" role="alert">This is a collection of privacy-related <strong>about:config</strong> tweaks. We'll show you how to enhance the privacy of your Firefox browser.</div>
 
@@ -6,38 +6,43 @@
 
 <ol>
   <li>Enter "about:config" in the firefox address bar and press enter.</li>
-  <li>Press the button "Accept the Risk and Continue" [FF71+] or "I accept the risk".</li>
-  <li>Follow the instructions below...</li>
+  <li>Press the button "Accept the Risk and Continue"</li>
+  <li>Copy and paste each of the preferences below (for example "<strong>webgl.disabled</strong>") into the search bar, and set each of them to the stated value (such as "true").</li>
 </ol>
 
-<h3>Getting started:</h3>
+<h4>Firefox Desktop:</h4>
 
+<h5 id="fpid" class="anchord"><a href="#fpi"><i class="fas fa-link anchor-icon"></i></a> First Party Isolation</h5>
+<p>These settings should be safe, however first party isolation may break some third party login systems.</p>
 <dl class="long-string-list">
   <dt>privacy.firstparty.isolate = true</dt>
   <dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)</dd>
 
+<h5 id="rfpd" class="anchor"><a href="#rfpd"><i class="fas fa-link anchor-icon"></i></a> Resist Fingerprinting</h5>
+<p>One of the features of resist fingerprinting is to set the reported browser timezone to UTC. If you depend on having your real time zone reported to the websites you visit, this setting may break that.</p>
   <dt>privacy.resistFingerprinting = true</dt>
   <dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference makes Firefox more resistant to browser fingerprinting.</dd>
 
-  <dt>privacy.trackingprotection.fingerprinting.enabled = true</dt>
-  <dd>[FF67+] Blocks Fingerprinting</dd>
-
-  <dt>privacy.trackingprotection.cryptomining.enabled = true</dt>
-  <dd>[FF67+] Blocks CryptoMining</dd>
-
-  <dt>privacy.trackingprotection.enabled = true</dt>
-  <dd>This is Mozilla's new built-in tracking protection. One of it's benefits is blocking tracking (i.e. Google Analytics) on <a href="https://github.com/gorhill/uMatrix/wiki/Privileged-Pages">privileged pages</a> where add-ons that usually do that are disabled.</dd>
-
+<h5 id="blockOut" class="anchor"><a href="#blockOut"><i class="fas fa-link anchor-icon"></i></a> Block outbound</h5>
   <dt>browser.send_pings = false</dt>
   <dd>The attribute would be useful for letting websites track visitors' clicks.</dd>
 
+  <dt>Disable Firefox prefetching pages it thinks you will visit next:</dt>
+  <dd>
+  Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ">here</a> and <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">here</a>.
+  <ul>
+    <li>network.dns.disablePrefetch = true</li>
+    <li>network.dns.disablePrefetchFromHTTPS = true</li>
+    <li>network.predictor.enabled = false</li>
+    <li>network.predictor.enable-prefetch = false</li>
+    <li>network.prefetch-next = false</li>
+  </dd>
+
+<h5 id="locbar" class="anchor"><a href="#locbar"><i class="fas fa-link anchor-icon"></i></a> Location bar</h5>
   <dt>browser.urlbar.speculativeConnect.enabled = false</dt>
   <dd>Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. <a href="https://www.ghacks.net/2017/07/24/disable-preloading-firefox-autocomplete-urls/">Source</a></dd>
 
-
-  <dt>dom.event.clipboardevents.enabled = false</dt>
-  <dd>Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.</dd>
-
+<h5 id="plugins" class="anchor"><a href="#plugins"><i class="fas fa-link anchor-icon"></i></a> Plugins</h5>
   <dt>media.eme.enabled = false</dt>
   <dd>
   <p>Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. <a href="https://support.mozilla.org/kb/enable-drm#w_opt-out-of-cdm-playback-uninstall-cdms-and-stop-all-cdm-downloads">Details</a></p>
@@ -47,21 +52,22 @@
   <dt>media.gmp-widevinecdm.enabled = false</dt>
   <dd>Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. <a href="https://support.mozilla.org/kb/enable-drm#w_disable-the-google-widevine-cdm-without-uninstalling">Details</a></dd>
 
+<h5 id="hwfping" class="anchor"><a href="#hwfping"><i class="fas fa-link anchor-icon"></i></a> Hardware Fingerprinting</h5>
   <dt>media.navigator.enabled = false</dt>
   <dd>Websites can track the microphone and camera status of your device.</dd>
 
+<h5 id="pstorage" class="anchor"><a href="#pstorage"><i class="fas fa-link anchor-icon"></i></a> Persistent Storage</h5>
   <dt>network.cookie.cookieBehavior = 1</dt>
   <dd>
-  Disable cookies
+  Disable cookies. 2 is likely to break some sites. 4 is the default default. 1 is more strict than 4.
   <ul>
-    <li>0 = Accept all cookies by default</li>
     <li>1 = Only accept from the originating site (block third-party cookies)</li>
     <li>2 = Block all cookies by default</li>
+    <li>4 = Block Cross-site and social media trackers</li>
   </ul>
   </dd>
 
-
-
+<h5 id="headref" class="anchor"><a href="#headref"><i class="fas fa-link anchor-icon"></i></a> Headers/Referers</h5>
   <dt>network.http.referer.XOriginPolicy = 2</dt>
   <dd>
   Only send <code>Referer</code> header when the full hostnames match. (Note: if you notice significant breakage, you might try <code>1</code> combined with an <code>XOriginTrimmingPolicy</code> tweak below.) <a href="https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/">Source</a>
@@ -82,9 +88,12 @@
   </ul>
   </dd>
 
+<h5 id="mediad" class="anchor"><a href="#mediad"><i class="fas fa-link anchor-icon"></i></a> Media</h5>
+<p>This may break some websites which use VOIP based features.</p>
   <dt>webgl.disabled = true</dt>
   <dd>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></dd>
 
+<h5 id="sessions" class="anchor"><a href="#sessions"><i class="fas fa-link anchor-icon"></i></a> Sessions and session restoration</h5>
   <dt>browser.sessionstore.privacy_level = 2</dt>
   <dd>
   This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. <a href="http://kb.mozillazine.org/Browser.sessionstore.privacy_level">Details</a>
@@ -95,35 +104,44 @@
   </ul>
   </dd>
 
+<h5 id="misc" class="anchor"><a href="#misc"><i class="fas fa-link anchor-icon"></i></a> Miscellaneous</h5>
   <dt>beacon.enabled = false</dt>
   <dd>Disables sending additional analytics to web servers. <a href="https://developer.mozilla.org/en-US/docs/Web/API/Navigator/sendBeacon">Details</a></dd>
 
-  <dt>browser.safebrowsing.downloads.remote.enabled = false</dt>
-  <dd>Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. <a href="https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work#w_what-information-is-sent-to-mozilla-or-its-partners-when-phishing-and-malware-protection-are-enabled">Details</a></dd>
-
-  <dt>Disable Firefox prefetching pages it thinks you will visit next:</dt>
-  <dd>
-  Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ">here</a> and <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">here</a>.
-  <ul>
-    <li>network.dns.disablePrefetch = true</li>
-    <li>network.dns.disablePrefetchFromHTTPS = true</li>
-    <li>network.predictor.enabled = false</li>
-    <li>network.predictor.enable-prefetch = false</li>
-    <li>network.prefetch-next = false</li>
-  </dd>
-
   <dt>network.IDN_show_punycode = true</dt>
   <dd>Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. <a href="https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/#more-42636">Source</a></dd>
 
-  <dt>Looking for TRR, DoH or ESNI?</dt>
-  <dd>They have moved to <a href="/providers/dns/#dns">our DNS page</a>.</dd>
+<h5 id="sb" class="anchor"><a href="#sb"><i class="fas fa-link anchor-icon"></i></a> Safe Browsing</h5>
+  <dt>browser.safebrowsing.downloads.remote.enabled = false</dt>
+  <dd>Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. <a href="https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work#w_what-information-is-sent-to-mozilla-or-its-partners-when-phishing-and-malware-protection-are-enabled">Details</a></dd>
+
+<h4>Firefox Android (Fenix):</h4>
+
+<h5 id="fpia" class="anchor"><a href="#fpia"><i class="fas fa-link anchor-icon"></i></a> First Party Isolation</h5>
+<p>These settings should be safe, however first party isolation may break some third party login systems.</p>
+  <dt>privacy.firstparty.isolate = true</dt>
+  <dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)</dd>
+
+<h5 id="rfpa" class="anchor"><a href="#rfpa"><i class="fas fa-link anchor-icon"></i></a> Resist Fingerprinting</h5>
+<p>One of the features of resist fingerprinting is to set the reported browser timezone to UTC. If you depend on having your real time zone reported to the websites you visit, this setting may break that.</p>
+  <dt>privacy.resistFingerprinting = true</dt>
+  <dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference makes Firefox more resistant to browser fingerprinting.</dd>
+  <dt>privacy.resistFingerprinting.letterboxing = true</dt>
+  <dd>This sets the resolution of your Firefox window to a standard resolution. Only use this if you are using the above <strong>privacy.resistFingerprinting</strong>
+
+<h5 id="mediaa" class="anchor"><a href="#mediaa"><i class="fas fa-link anchor-icon"></i></a> Media</h5>
+<p>This may break some websites which use VOIP based features.</p>
+  <dt>webgl.disabled = true</dt>
+  <dd>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></dd>
+
+  <dt>Disable WebRTC</dt>
+  <dd>See <a href="#webrtc"><i class="fas fa-link"></i> WebRTC</a> section</dd>
 
 <h3 id="user.js">Firefox user.js Templates</h3>
 <ul>
-   <li><a href="https://github.com/ghacksuserjs/ghacks-user.js">ghacks-user.js</a> - An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting.</li>
+  <li><a href="https://github.com/arkenfox/user.js">arkenfox user.js</a> An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting. <strong>Desktop Firefox Only</strong></li>
 </ul>
 
-
 <h3>Related Information</h3>
 
 <ul>

_includes/sections/browser-easy-tweaks.html

@@ -0,0 +1,64 @@
+<h1 id="easy_tweaks" class="anchor"><a href="#easy_tweaks"><i class="fas fa-link anchor-icon"></i></a> Firefox: Easy Privacy Enhancing Tweaks</h1>
+
+<div class="alert alert-success" role="alert">With <a href="https://blog.mozilla.org/blog/2020/08/04/latest-firefox-rolls-out-enhanced-tracking-protection-2-0-blocking-redirect-trackers-by-default/">Enhanced Tracking Protection (ETP)</a> that Firefox offers, you can <a href="https://blog.mozilla.org/blog/2019/09/03/todays-firefox-blocks-third-party-tracking-cookies-and-cryptomining-by-default/">control cookies</a> and data saved on your device.</div>
+
+<h2>Enhanced Tracking Protection</h2>
+<p>ETP can be made more strict by clicking on the main menu (or Edit) and then <strong>Preferences</strong>. From the side menu select <strong>&#128274; Privacy &amp; Security</strong>.</p>
+
+<p>We recommend that <strong>All third-party cookies</strong> be blocked. The only pages likely to break under this configuration are <a href="https://en.wikipedia.org/wiki/Social_login">social logins</a> (i.e. authentication with services using your Google, Facebook account etc). Social logins are terrible for privacy and they link all services you use to a single identity, that is mostly used for advertising purposes, such as targeted advertising.
+
+<p>When you use a social login you also run the risk of being locked out of services you use, if you lose access to the account. We recommend creating <strong>individual accounts</strong> with <strong>separate passwords</strong>. Passwords can be managed with a <a href="software/passwords/">Password Manager</a>.</p>
+
+For more information about <a href="https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track">Enhanced Tracking Protection</a>, see Mozilla's for <a href="https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop">Desktop</a> and <a href="https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-android">Android</a>.
+
+The only suggestion we would make is to switch from <strong>standard</strong> to <strong>custom</strong> with the configuration listed below.
+
+<h5>Custom</h5>
+<ul class="checkmark">
+  <li><img src="/assets/img/svg/etp/3rdpartycookies-disabled.svg"
+       class="mx-3" width="15" height="15"
+       title="3rd Party Cookies disabled"
+       alt="3rd Party Cookies disabled">
+    Cookies: <strong>All third-party cookies (may cause websites to break)</strong>
+  </li>
+  <li><img src="/assets/img/svg/etp/tracker-image-disabled.svg"
+       class="mx-3" width="15" height="15"
+       title="Tracking content disabled"
+       alt="Tracking content disabled">
+    Tracking content: <strong> In all windows</strong>
+  </li>
+  <li><img src="/assets/img/svg/etp/cryptominers-disabled.svg"
+       class="mx-3" width="15" height="15"
+       title="Cryptominers disabled"
+       alt="Cryptominers disabled">
+    Cryptominers
+  </li>
+  <li><img src="/assets/img/svg/etp/fingerprinters-disabled.svg"
+       class="mx-3" width="15" height="15"
+       title="Fingerprinters disabled"
+       alt="Fingerprinters disabled">
+    Fingerprinters
+  </li>
+</ul>
+
+<p>The <strong>strict</strong> setting will only block known cross-site and/or social media trackers. This may still let through third party cookies that can be used for tracking.</p>
+
+<h2>Firefox sessions and saved data</h2>
+<p>We also suggest clearing history, and persistent data upon close of your browser. If you wish to remain logged in for some websites we suggest <a href="https://support.mozilla.org/kb/block-websites-storing-cookies-site-data-firefox">setting some exceptions</a>. For desktop users we suggest using the <a href="/browsers/#psaddons">Persistent storage management</a> addons.</p>
+
+<h5>History</h5>
+Firefox will <strong>Use custom settings for history</strong>
+<ul class="checkmark">
+  <li>Remember browsing and download history</li>
+  <li>Clear history when Firefox closes</li><br>
+  Next select <strong>Settings&#8230;</strong> the <strong>Settings for Clearing History</strong> will load. Make sure there is a checkmark next to each item:
+  <ul class="checkmark">
+    <li>Browsing &amp; Download History</li>
+    <li>Active Logins</li>
+    <li>Form &amp; Search History</li>
+    <li>Cookies</li>
+    <li>Cache</li>
+    <li>Data</li>
+    <li>Offline Website Data</li>
+  </ul>
+</ul>

_includes/sections/browser-recommendation.html

@@ -47,7 +47,7 @@
   website="https://www.mozilla.org/en-US/firefox/mobile/"
   privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
   forum="https://forum.privacytools.io/t/discussion-firefox/279"
-  source="https://github.com/mozilla-mobile"
+  github="https://github.com/mozilla-mobile"
   fdroid="https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/"
   googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefox"
   android="https://www.mozilla.org/firefox/all/#product-android-release"
@@ -104,7 +104,7 @@
   website="https://www.mozilla.org/en-US/firefox/mobile/"
   privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
   forum="https://forum.privacytools.io/t/discussion-firefox/279"
-  source="https://github.com/mozilla-mobile/firefox-ios"
+  github="https://github.com/mozilla-mobile/firefox-ios"
   ios="https://apps.apple.com/us/app/firefox-private-safe-browser/id989804926"
 %}
 

_includes/sections/dns.html

@@ -87,6 +87,10 @@ We also log how many times this or that tracker has been blocked. We need this i
             <span class="flag-icon flag-icon-jp"></span>
             Japan
           </span>
+          <span class="no-text-wrap">
+            <span class="flag-icon flag-icon-sg"></span>
+            Singapore
+          </span>
         </td>
         <td>
           <div
@@ -116,12 +120,9 @@ We also log how many times this or that tracker has been blocked. We need this i
           </span>
           <span class="no-text-wrap">
             malicious domains
-            {% include badge.html
-            link="https://github.com/ookangzheng/blahdns#default-blocked-wildcard-domain"
-            color="warning"
-            icon="fas fa-exclamation-triangle"
-            tooltip="And some wildcard and IDN domains."
-            %}
+          </span>
+          <span class="no-text-wrap">
+            Based on server choice only for DoH
           </span>
         </td>
         <td>
@@ -135,9 +136,6 @@ We also log how many times this or that tracker has been blocked. We need this i
           <span class="no-text-wrap">
             <a href="https://www.choopa.com/">Choopa, LLC</a>,
           </span>
-          <span class="no-text-wrap">
-            <a href="https://www.datacenterlight.ch/">Data Center Light</a>,
-          </span>
           <span class="no-text-wrap">
             <a href="https://www.hetzner.com/">Hetzner Online GmbH</a>
           </span>
@@ -147,12 +145,6 @@ We also log how many times this or that tracker has been blocked. We need this i
       <tr>
         <td data-value="Cloudflare">
           <a href="https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/">Cloudflare</a>
-          {% include badge.html
-          link="https://codeberg.org/crimeflare/cloudflare-tor/"
-          color="warning"
-          icon="fas fa-exclamation-triangle"
-          tooltip="Cloudflare is one of the world's largest networks, and a problem considering anonymity and decentralization."
-          %}
         </td>
         <td>Anycast (based in
           <span class="no-text-wrap">
@@ -168,7 +160,7 @@ We also log how many times this or that tracker has been blocked. We need this i
           </a>
         </td>
         <td>Commercial</td>
-        <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"We will collect limited DNS query data that is sent to the resolvers. This data does not contain user IP addresses or any other personally identifiable information, and the bulk of the data is only stored for 24 hours."' href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/">Some</a></td>
+        <td><a data-toggle="tooltip" data-placement="bottom" data-original-title="Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is only stored for 25 hours." href="https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/">Some</a></td>
         <td>DoH, DoT</td>
         <td>Yes</td>
         <td>Yes</td>
@@ -420,11 +412,6 @@ We also log how many times this or that tracker has been blocked. We need this i
       <tr>
         <td data-value="Quad9">
           <a href="https://quad9.net/">Quad9</a>
-          {% include badge.html
-          color="warning"
-          icon="fas fa-exclamation-triangle"
-          tooltip="Founders include the Global Cyber Alliance, composed of the City of London Police and Manhattan District Attorney's Office."
-          %}
         </td>
         <td>Anycast (based in
           <span class="no-text-wrap">
@@ -543,3 +530,123 @@ We also log how many times this or that tracker has been blocked. We need this i
     </tbody>
   </table>
 </div>
+
+<h1 id="dns-desktop-clients" class="anchor">
+  <a href="#dns-desktop-clients">
+    <i class="fas fa-link anchor-icon"></i>
+  </a> Encrypted DNS Client Recommendations for Desktop
+</h1>
+
+{%
+	include cardv2.html
+	title="Unbound"
+	image="/assets/img/svg/3rd-party/unbound.svg"
+	description='A validating, recursive, caching DNS resolver, supporting DNS-over-TLS, and has been <a href="https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/">independently audited</a>.'
+	website="https://nlnetlabs.nl/projects/unbound/about/"
+	forum="https://forum.privacytools.io/t/discussion-unbound/3563"
+	github="https://github.com/NLnetLabs/unbound"
+%}
+
+{%
+	include cardv2.html
+	title="dnscrypt-proxy"
+	image="/assets/img/svg/3rd-party/dnscrypt-proxy.svg"
+	description='A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and <a href="https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt">Anonymized DNSCrypt</a>, a <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">relay-based protocol that the hides client IP address.</a>'
+	website="https://github.com/DNSCrypt/dnscrypt-proxy/wiki"
+	forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
+	github="https://github.com/DNSCrypt/dnscrypt-proxy"
+%}
+
+{%
+	include cardv2.html
+	title="Stubby"
+	image="/assets/img/png/3rd-party/stubby.png"
+	description='An application that acts as a local DNS-over-TLS stub resolver. Stubby can be used in <a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Clients#DNSPrivacyClients-Unbound/Stubbycombination">combination with Unbound</a> by managing the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections) with Unbound providing a local cache.'
+	website="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby"
+	forum="https://forum.privacytools.io/t/discussion-stubby/3582"
+	github="https://github.com/getdnsapi/stubby"
+%}
+
+{%
+	include cardv2.html
+	title="Firefox's built-in DNS-over-HTTPS resolver"
+	image="/assets/img/svg/3rd-party/firefox_browser.svg"
+	description='Firefox comes with built-in DNS-over-HTTPS support for <a href="https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/">NextDNS and Cloudflare</a> but users can manually any other DoH resolver.'
+	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.cloudflare.com/1.1.1.1/privacy/firefox::text==Warning::tooltip==Cloudflare logs a limited amount of data about the DNS requests that are sent to their custom resolver for Firefox."
+	website="https://support.mozilla.org/en-US/kb/firefox-dns-over-https"
+	privacy-policy="https://wiki.mozilla.org/Security/DOH-resolver-policy"
+	forum="https://forum.privacytools.io/t/discussion-firefox-s-built-in-dns-over-https-resolver/3564"
+%}
+
+<h1 id="dns-android-clients" class="anchor">
+	<a href="#dns-android-clients">
+		<i class="fas fa-link anchor-icon"></i>
+	</a> Encrypted DNS Client Recommendations for Android
+</h1>
+
+{%
+	include cardv2.html
+	title="Android 9's built-in DNS-over-TLS resolver"
+	image="/assets/img/svg/3rd-party/android.svg"
+	description="Android 9 (Pie) comes with built-in DNS-over-TLS support without the need for a 3rd-party application."
+	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.google.com/speed/public-dns/docs/using#android_9_pie_or_later::text==Warning::tooltip==Android 9's DoT settings have no effect when used concurrently with VPN-based apps which override the DNS."
+	website="https://support.google.com/android/answer/9089903#private_dns"
+	forum="https://forum.privacytools.io/t/discussion-android-9s-built-in-dns-over-tls-resolver/3562"
+%}
+
+{%
+	include cardv2.html
+	title="Nebulo"
+	image="/assets/img/png/3rd-party/nebulo.png"
+	description='An open-source Android client supporting DNS-over-HTTPS and DNS-over-TLS, caching DNS responses, and locally logging DNS queries.'
+	website="https://git.frostnerd.com/PublicAndroidApps/smokescreen/-/blob/master/README.md"
+	privacy-policy="https://smokescreen.app/privacypolicy"
+	forum="https://forum.privacytools.io/t/discussion-nebulo/3565"
+	fdroid="https://git.frostnerd.com/PublicAndroidApps/smokescreen#f-droid"
+	googleplay="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen"
+	source="https://git.frostnerd.com/PublicAndroidApps/smokescreen"
+%}
+
+<h1 id="dns-ios-clients" class="anchor">
+	<a href="#dns-ios-clients">
+		<i class="fas fa-link anchor-icon"></i>
+	</a> Encrypted DNS Client Recommendations for iOS
+</h1>
+
+{%
+	include cardv2.html
+	title="DNSCloak"
+	image="/assets/img/png/3rd-party/dnscloak.png"
+	description='An open-source iOS client supporting DNS-over-HTTPS, DNSCrypt, and <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki">dnscrypt-proxy</a> options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can <a href="https://blog.privacytools.io/adding-custom-dns-over-https-resolvers-to-dnscloak/">add custom resolvers by DNS stamp</a>.'
+	website="https://github.com/s-s/dnscloak/blob/master/README.md"
+	privacy-policy="https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view"
+	forum="https://forum.privacytools.io/t/discussion-dnscloak/3566"
+	ios="https://apps.apple.com/app/id1452162351"
+	github="https://github.com/s-s/dnscloak"
+%}
+
+<h2 id="dns-definitions" class="anchor">
+	<a href="#dns-definitions">
+		<i class="fas fa-link anchor-icon"></i>
+	</a> Definitions
+</h2>
+
+<h4>DNS-over-TLS (DoT)</h4>
+<p>
+  A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
+</p>
+
+<h4>DNS-over-HTTPS (DoH)</h4>
+<p>
+  Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
+</p>
+
+<h4>DNSCrypt</h4>
+<p>
+  With an <a href="https://dnscrypt.info/protocol/">open specification</a>, DNSCrypt is an older, yet robust method for encrypting DNS.
+</p>
+
+<h4>Anonymized DNSCrypt</h4>
+<p>
+  A <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">lightweight protocol</a> that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by <a href="#dns-desktop-clients">dnscrypt-proxy</a> and a limited number of <a href="https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/relays.md">relays</a>.
+</p>

_includes/sections/email-providers.html

@@ -117,42 +117,6 @@
     <p>Posteo allows users to <a href="https://posteo.de/en/help/does-posteo-offer-mailing-lists">set up their own mailing lists</a>. Each account can create one list for free.</p>
     </div>
   </div>
-  <div class="row mb-2">
-    <div class="col-lg-3 col-sm-12 pt-lg-5">
-      <img
-        src="/assets/img/svg/3rd-party/soverin.svg"
-        height="70"
-        width="200"
-        class="img-fluid d-block mr-auto ml-auto align-middle"
-        alt="Soverin">
-    </div>
-    <div class="col">
-    <h2 id="soverin" class="anchor"><a href="#soverin"><i class="fas fa-link anchor-icon"></i></a> Soverin {% include badge.html color="info" text="€29/y" %}</h2>
-    <p><strong><a href="https://soverin.net">Soverin.net</a></strong> is an email provider which focuses on being private, ad-free, and powered by sustainable energy. They have been in operation since <strong>2015</strong>. Soverin is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam and does not have a free trial. Accounts start at 25 GB.</p>
-
-    <h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
-    <p>Soverin lets users use their own domain. Soverin users can also use <a href="https://support.soverin.net/hc/en-us/articles/115004811093-How-can-I-setup-a-catch-all-on-my-domain-">catch-all</a> and <a href="https://support.soverin.net/hc/en-us/articles/115004811073-How-can-I-add-an-alias-to-my-domain-">aliases</a> for domains they own. Soverin also allows for <a href="https://support.soverin.net/hc/en-us/articles/115004811033-Do-support-the-plus-syntax-subaddressing-">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
-
-    <h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
-    <p>Soverin accepts Bitcoin as payment. They also accept credit/debit cards, PayPal, and the Netherlands-specific payment gateway iDEAL.</p>
-
-    <h5>{% include badge.html color="success" text="Account Security" %}</h5>
-    <p>Soverin supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://support.soverin.net/hc/en-us/articles/360008819553-Setting-up-2-Factor-Authentication-2FA-Webmail-only">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
-
-    <h5>{% include badge.html color="warning" text="Data Security" %}</h5>
-    <p>Soverin has <a href="https://support.soverin.net/hc/en-us/articles/115004810713-Technical-details-about-Soverin">encryption at rest</a> however it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
-    <p>Soverin also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
-
-    <h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
-    <p>Soverin has integrated encryption in their webmail, which simplifies sending messages to users. However, Soverin has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.<p>
-
-    <h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
-    <p>Soverin does not operate a .onion service.</p>
-
-    <h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
-    <p>Soverin also providers users with space for a personal webpage.</p>
-    </div>
-  </div>
   <div class="row mb-2">
     <div class="col-lg-3 col-sm-12 pt-lg-5">
       <img

_includes/sections/file-sharing.html

@@ -1,18 +1,5 @@
 <h1 id="filesharing" class="anchor"><a href="#filesharing"><i class="fas fa-link anchor-icon"></i></a> File Sharing</h1>
 
-{% include cardv2.html
-  title="Firefox Send"
-  image="/assets/img/svg/3rd-party/firefox_send.svg"
-  labels="color==warning::link==https://send.firefox.com/legal::text==Warning::tooltip==IP addresses are retained in logs for 90 days."
-  description="Firefox Send uses end-to-end encryption to keep your data secure from the moment you share to the moment your file is opened. It also offers security controls that you can set. You can choose when your file link expires, the number of downloads, and whether you would like to add a password for an extra layer of security."
-  website="https://send.firefox.com/"
-  privacy-policy="https://send.firefox.com/legal"
-  forum="https://forum.privacytools.io/t/discussion-firefox-send/755"
-  github="https://github.com/mozilla/send"
-  web="https://send.firefox.com/"
-  googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefoxsend"
-%}
-
 {% include cardv2.html
   title="OnionShare"
   image="/assets/img/svg/3rd-party/onionshare.svg"

_includes/sections/header.html

@@ -1,7 +1,3 @@
-<div class="alert alert-success" role="alert">
-  <strong>New!</strong> Financial <a href="https://opencollective.com/privacytools" class="alert-link">contributions</a> to {{ site.name }} are now tax deductible in the US! <a href="https://blog.privacytools.io/privacytools-io-joins-the-open-collective-foundation" class="alert-link">Learn more...</a>
-</div>
-
 <div class="jumbotron p-5">
   <h1 class="display-4">
     <a href="{{ site.production_url }}" title="{{ site.name }}">

_includes/sections/hosting-provider.html

@@ -6,7 +6,7 @@
   image-dark="/assets/img/svg/3rd-party/bahnhof-dark.svg"
   description="Bahnhof is one of Sweden’s largest network operators, founded in 1994. They specialize in innovative data center construction: Extreme security coupled with low-cost green energy has made them world famous."
   website="https://www.bahnhof.net/"
-  privacy-policy="https://www.bahnhof.net/page/privacy-policy"
+  privacy-policy="https://bahnhof.se/filestorage/userfiles/file/PrivacyPolicy_Bahnhof.pdf"
   forum="https://forum.privacytools.io/t/discussion-bahnhof-net/341"
 %}
 

_includes/sections/instant-messenger.html

@@ -78,7 +78,7 @@
   website="https://element.io"
   privacy-policy="https://element.io/privacy"
   forum="https://forum.privacytools.io/t/discussion-element-io/665"
-  github="https://github.com/vector-im/riot-web/"
+  github="https://github.com/vector-im/element-web"
   windows="https://element.io/get-started"
   mac="https://element.io/get-started"
   linux="https://element.io/get-started"

_includes/sections/key-disclosure-law.html

@@ -12,7 +12,6 @@
   <ol class="card-ol">
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Antigua_and_Barbuda">Antigua and Barbuda</a> <div class="float-right"><span class="flag-icon flag-icon-ag"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Australia">Australia</a> <div class="float-right"><span class="flag-icon flag-icon-au"></span></div></li>
-    <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Canada">Canada</a> <div class="float-right"><span class="flag-icon flag-icon-ca"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#France">France</a> <div class="float-right"><span class="flag-icon flag-icon-fr"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#India">India</a> <div class="float-right"><span class="flag-icon flag-icon-in"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Ireland">Ireland</a> <div class="float-right"><span class="flag-icon flag-icon-ie"></span></div></li>
@@ -42,6 +41,7 @@
   title="Key disclosure laws don't apply"
   body='
   <ol class="card-ol">
+    <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Canada">Canada</a> <div class="float-right"><span class="flag-icon flag-icon-ca"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Czech_Republic">Czech Republic</a> <div class="float-right"><span class="flag-icon flag-icon-cz"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Germany">Germany</a> <div class="float-right"><span class="flag-icon flag-icon-de"></span></div></li>
     <li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Iceland">Iceland</a> <div class="float-right"><span class="flag-icon flag-icon-is"></span></div></li>

_includes/sections/operating-systems.html

@@ -45,7 +45,7 @@
   image="/assets/img/svg/3rd-party/archlinux.svg"
   description='A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement.'
   badges="info:Linux"
-  labels="color==success::link==https://tests.reproducible-builds.org/archlinux/archlinux.html::text==Reproducable builds"
+  labels="color==success::link==https://tests.reproducible-builds.org/archlinux/archlinux.html::text==Reproducible builds"
   website="https://www.archlinux.org/"
   privacy-policy="https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy"
   gitlab="https://gitlab.archlinux.org"
@@ -56,7 +56,7 @@
   image="/assets/img/svg/3rd-party/debian.svg"
   description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
   badges="info:Linux"
-  labels="color==success::link==https://reproducible.debian.net::text==Reproducable builds"
+  labels="color==success::link==https://reproducible.debian.net::text==Reproducible builds"
   website="https://www.debian.org/"
   privacy-policy="https://www.debian.org/legal/privacy"
   tor="http://sejnfjrq6szgca7v.onion"
@@ -68,7 +68,7 @@
   image="/assets/img/svg/3rd-party/nixos.svg"
   description='NixOS is a Linux distribution with a unique approach to package and configuration management. Built on top of the Nix package manager, it is completely declarative, makes upgrading systems reliable, and has many <a href="https://nixos.org/features.html">other advantages</a>.'
   badges="info:Linux"
-  labels="color==success::link==https://r13y.com::text==Reproducable builds"
+  labels="color==success::link==https://r13y.com::text==Reproducible builds"
   website="https://nixos.org"
   privacy-policy="https://nixos.wiki/wiki/NixOS_Wiki:Privacy_policy"
   github="https://github.com/NixOS"

_includes/sections/router-firmware.html

@@ -20,3 +20,13 @@
   privacy-policy="https://www.pfsense.org/privacy.html"
   github="https://github.com/pfsense/"
 %}
+
+{% include cardv2.html
+  title="LibreCMC"
+  image="/assets/img/svg/3rd-party/librecmc.svg"
+  image-dark="/assets/img/svg/3rd-party/librecmc-dark.svg"
+  description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
+  badges="info:GNU/Linux"
+  website="https://librecmc.org"
+  git="https://gogs.librecmc.org/libreCMC/libreCMC"
+%}

_includes/sections/social-news-aggregator.html

@@ -20,7 +20,7 @@ linux="https://getaether.net/download/"
 {% include cardv2.html
 title="Tildes"
 image="/assets/img/svg/3rd-party/tildes.svg"
-description='Tildes is a web-based self-hostable online bulletin board. It is licensed under <a href="https://gitlab.com/tildes/tildes/blob/master/LICENSE">GPL 3.0</a>.'
+description='Tildes is a web-based self-hostable online bulletin board. It is licensed under <a href="https://gitlab.com/tildes/tildes/blob/master/LICENSE">AGPLv3</a>.'
 website="https://tildes.net"
 privacy-policy="https://docs.tildes.net/policies/privacy-policy"
 forum="https://forum.privacytools.io/t/discussion-tildes/1257"

_includes/sections/teamchat.html

@@ -17,7 +17,7 @@
   website="https://element.io"
   privacy-policy="https://element.io/privacy"
   forum="https://forum.privacytools.io/t/discussion-element-io/665"
-  github="https://github.com/vector-im/riot-web/"
+  github="https://github.com/vector-im/element-web"
   windows="https://element.io/get-started"
   mac="https://element.io/get-started"
   linux="https://element.io/get-started"

_includes/sections/tor-operating-systems.html

@@ -19,5 +19,6 @@
   description='A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor network to accomplish this. <a href="https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers">Whonix is best used in conjunction with Qubes.</a>'
   badges="info:Linux"
   website="https://www.whonix.org/"
+  tor="http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/"
   github="https://github.com/Whonix"
 %}

_includes/sections/voice-video-messenger.html

@@ -17,7 +17,24 @@
   mac="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
   fdroid="https://f-droid.org/packages/org.linphone"
   googleplay="https://play.google.com/store/apps/details?id=org.linphone"
-  ios="https://itunes.apple.com/us/app/linphone/id360065638?mt=8"
+  ios="https://apps.apple.com/us/app/linphone/id360065638"
+%}
+
+{% include cardv2.html
+  title="Jitsi Meet"
+  image="/assets/img/svg/3rd-party/jitsi.svg"
+  website="https://jitsi.org/jitsi-meet/"
+  privacy-policy="https://jitsi.org/security/"
+  description='Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application with optional E2EE. It can be used from the browser, in <a href="https://github.com/jitsi/jitsi-meet-electron/releases">desktop applications</a> or on smartphones. Additional features include screen sharing for presentations and an always-on-top floating call window when minimized. See the <a href="https://github.com/jitsi/jitsi-meet/wiki/Jitsi-Meet-Instances">list of public Jitsi Meet instances</a>.'
+  labels="color==warning::text==Requires WebRTC::tooltip==Our Firefox tweaks recommend disabling WebRTC as it can be used to leak your IP address even behind a VPN, which is why Tor Browser disables it.|color==warning::link==https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/e2ee.md::text==Experimental E2EE::tooltip==E2EE in Jitsi Meet is dependent on Insertable Streams, which is currently supported in Chrome but not Firefox. The mobile apps also do not support E2EE for the moment. Prefer to use the desktop apps instead."
+  forum="https://forum.privacytools.io/t/discussion-jitsi-meet/1577"
+  github="https://github.com/jitsi/jitsi-meet"
+  windows="https://github.com/jitsi/jitsi-meet-electron/releases"
+  linux="https://github.com/jitsi/jitsi-meet-electron/releases"
+  mac="https://github.com/jitsi/jitsi-meet-electron/releases"
+  fdroid="https://f-droid.org/en/packages/org.jitsi.meet/"
+  googleplay="https://play.google.com/store/apps/details?id=org.jitsi.meet"
+  ios="https://apps.apple.com/us/app/jitsi-meet/id1165103905"
 %}
 
 {% include cardv2.html
@@ -34,29 +51,6 @@
   ios="https://apps.apple.com/us/app/mumble/id443472808?ls=1"
 %}
 
-<h3>Worth Mentioning</h3>
-
-<ul>
-  <li>
-    <a href="https://jitsi.org/jitsi-meet/">Jitsi Meet</a> - Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application.
-
-    {% include badge.html
-    color="warning"
-    icon="fas fa-exclamation-triangle"
-    text="Requires WebRTC"
-    tooltip="Our Firefox tweaks recommend disabling WebRTC as it can be used to leak your IP address even behind a VPN, which is why Tor Browser disables it."
-    %}
-
-    {% include badge.html
-    color="warning"
-    icon="fas fa-exclamation-triangle"
-    link="https://jitsi.org/security"
-    text="Multiparty meetings are not E2EE"
-    %}
-
-    See also <a href="https://github.com/jitsi/jitsi-meet/wiki/Jitsi-Meet-Instances">list of public Jitsi Meet instances</a>.
-  </li>
-</ul>
 <h3>Related Information</h3>
 
 <ul>

_includes/sections/vpn.html

@@ -30,6 +30,7 @@
     <blockquote class="blockquote">
       <p class="mb-0">...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p>
     </blockquote>
+    <p>In 2020 a second audit <a href="https://mullvad.net/blog/2020/6/25/results-available-audit-mullvad-app/">was announced</a> and the <a href="https://cure53.de/pentest-report_mullvad_2020_v2.pdf">final audit report</a> was made available on Cure53's website.</p>
     <h5>{% include badge.html color="success" text="Open Source Clients" %}</h5>
     <p>Mullvad provides the source code for their desktop and mobile clients in their <a href="https://github.com/mullvad/mullvadvpn-app">GitHub organization</a>.</p>
     <h5>{% include badge.html color="success" text="Accepts Bitcoin" %}</h5>
@@ -41,7 +42,7 @@
     <h5>{% include badge.html color="success" text="Remote Port Forwarding" %}</h5>
     <p>Remote <a href="https://en.wikipedia.org/wiki/Port_forwarding">port forwarding</a> is allowed on Mullvad, see <a href="https://mullvad.net/help/port-forwarding-and-mullvad/">Port forwarding with Mullvad VPN</a>.</p>
     <h5>{% include badge.html color="success" text="Mobile Clients" %}</h5>
-    <p>Mullvad has published <a href ="https://apps.apple.com/app/mullvad-vpn/id1488466513">App Store</a> and <a href="https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn">Google Play</a> clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in <a href="https://f-droid.org/packages/net.mullvad.mullvadvpn">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducable builds</a>.</p></p>
+    <p>Mullvad has published <a href ="https://apps.apple.com/app/mullvad-vpn/id1488466513">App Store</a> and <a href="https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn">Google Play</a> clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in <a href="https://f-droid.org/packages/net.mullvad.mullvadvpn">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducible builds</a>.</p></p>
     <h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
     <p>The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at <a href="http://xcln5hkbriyklr6n.onion/">xcln5hkbriyklr6n.onion</a>.</p>
     </div>
@@ -68,7 +69,7 @@
     <h5>{% include badge.html color="success" text="Accepts Bitcoin" %}</h5>
     <p>ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.</p>
     <h5>{% include badge.html color="success" text="Mobile Clients" %}</h5>
-    <p>In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for <a href="https://apps.apple.com/us/app/protonvpn-fast-secure-vpn/id1437005085">App Store</a> and <a href="https://play.google.com/store/apps/details?id=ch.protonvpn.android&hl=en_US">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <a href="https://f-droid.org/en/packages/ch.protonvpn.android">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducable builds</a>.</p>
+    <p>In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for <a href="https://apps.apple.com/us/app/protonvpn-fast-secure-vpn/id1437005085">App Store</a> and <a href="https://play.google.com/store/apps/details?id=ch.protonvpn.android&hl=en_US">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <a href="https://f-droid.org/en/packages/ch.protonvpn.android">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducible builds</a>.</p>
     <h5>{% include badge.html color="warning" text="No Port Forwarding" %}</h5>
     <p>ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.</p>
     <h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
@@ -100,7 +101,7 @@
     <h5>{% include badge.html color="success" text="Remote Port Forwarding" %}</h5>
     <p>Remote <a href="https://en.wikipedia.org/wiki/Port_forwarding">port forwarding</a> is possible with a Pro plan. Port forwarding <a href="https://www.ivpn.net/knowledgebase/81/How-do-I-activate-port-forwarding.html">can be activated</a> via the client area. Port forwarding is only available on IVPN when <a href="https://www.ivpn.net/knowledgebase/116/Port-forwarding-is-not-working-why.html">using OpenVPN and is disabled on US servers</a>.</p>
     <h5>{% include badge.html color="success" text="Mobile Clients" %}</h5>
-    <p>In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for <a href="https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683">App Store</a> and <a href="https://play.google.com/store/apps/details?id=net.ivpn.client">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <a href="https://f-droid.org/en/packages/net.ivpn.client">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducable builds</a>.</p>
+    <p>In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for <a href="https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683">App Store</a> and <a href="https://play.google.com/store/apps/details?id=net.ivpn.client">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <a href="https://f-droid.org/en/packages/net.ivpn.client">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducible builds</a>.</p>
     <h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
     <p>The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "<a href="https://www.ivpn.net/antitracker">AntiTracker</a>" functionality, which blocks advertising networks and trackers from the network level.</p>
     </div>

_includes/sponsors/gold.html

@@ -1,10 +1,25 @@
-<div class="d-flex flex-wrap justify-content-center">
+<div class="d-flex flex-wrap justify-content-around">
   <a class="m-3" href="https://safing.io" target="_blank" rel="noreferrer">
     <img
       src="/assets/img/svg/3rd-party/sponsors/safing.svg"
-      data-theme-src="/assets/img/svg/3rd-party/sponsors/safing-dark.svg"
-      width="210rem"
+      {% unless page.url == '/sponsors/' %}data-theme-src="/assets/img/svg/3rd-party/sponsors/safing-dark.svg"{% endunless %}
+      height="70rem"
       title="Safing Privacy Network - Launching on Kickstarter January 2nd, 2020"
       alt="Safing Privacy Network - Safing.io Logo" />
   </a>
+  <a class="m-3" href="https://www.oeck.com" target="_blank" rel="noreferrer">
+    <img
+      src="/assets/img/png/3rd-party/sponsors/oeck.png"
+      {% unless page.url == '/sponsors/' %}data-theme-src="/assets/img/png/3rd-party/sponsors/oeck-dark.png"{% endunless %}
+      height="70rem"
+      title="Oeck - A new type of VPN - Unique, fast and private."
+      alt="Insurgo Logo" />
+  </a>
+  <a class="m-3" href="https://insurgo.ca" target="_blank" rel="noreferrer">
+    <img
+      src="/assets/img/png/3rd-party/sponsors/insurgo.png"
+      height="70rem"
+      title="Insurgo Technologies Libres / Open Technologies — Empower yourself!"
+      alt="Insurgo Logo" />
+  </a>
 </div>

_includes/sponsors/list.html

@@ -1,6 +1,7 @@
 <ul class="d-flex flex-wrap list-group-flush">
   <li class="list-group-item flex-fill">Daw-Ran Liou</li>
   <li class="list-group-item flex-fill">Michael DeMichillie</li>
+  <li class="list-group-item flex-fill">Nathan Myers</li>
   <li class="list-group-item flex-fill">PablO</li>
   <li class="list-group-item flex-fill">Syfaer</li>
   <li class="list-group-item flex-fill">the0</li>

_includes/sponsors/silver.html

@@ -25,3 +25,12 @@
     </div>
   </div>
 </div>
+<div class="col-6 col-sm-4 col-md-3 my-3">
+  <div class="d-flex justify-content-start">
+    <div><a href="https://www.scams.info"><img src="/assets/img/png/3rd-party/sponsors/scamsinfo.png" class="mx-3" width="64" height="64" title="An Overview of the Safest Online Gambling Sites in the UK" alt="scams.info"></a></div>
+    <div class="d-flex flex-column align-self-center">
+    <p class="my-0"><strong>scams.info</strong></p>
+    <a href="https://www.scams.info" class="my-0">https://www.scams.info</a>
+    </div>
+  </div>
+</div>

assets/css/style.scss

@@ -28,6 +28,11 @@ a,
   }
 }
 
+ul.checkmark {
+  list-style-type: '\2714';
+  display:block;
+}
+
 .card-ol {
   padding-left: 1.25rem;
 }

assets/img/svg/3rd-party/privacyspy.svg

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g id="fingerprint" transform="matrix(.091982 0 0 .091982 -1.4319 -1.7656)" fill="#202020"><path d="m187.89 20.011c-56.055 5.836-104.18 33.869-132.62 77.255-17.71 27.016-43.556 94.786-43.556 114.21 0 14.178 18.302 21.359 27.9 10.947 2.823-3.062 3.275-4.263 6.731-17.882 20.808-81.975 52.937-124.67 108.33-143.95 97.472-33.927 194.13 36.69 200.45 146.44 3.312 57.515-39.038 105.48-73.195 82.908-19.564-12.93-21.571-21.661-13.762-59.861 10.015-48.992 1.365-72.203-33.407-89.639-47.664-23.901-88.926-0.797-109.32 61.212-14.419 43.84-4.916 105.76 22.765 148.33 10.174 15.648 27.047 33.654 34.037 36.323 10.441 3.988 21.658-3.562 21.658-14.576 0-6.02-1.74-8.837-11.929-19.319-43.259-44.502-53.583-121.56-22.621-168.84 14.224-21.719 31.863-25.494 55.214-11.815 15.766 9.235 18.182 18.966 12.12 48.799-9.382 46.167-6.382 65.457 13.214 84.96 40.176 39.985 96.72 25.264 124.69-32.463 20.191-41.667 16.649-101.12-9.077-152.34-33.003-65.715-107.57-107.99-177.63-100.69m1.178 53.496c-85.832 8.259-142.86 118.61-118.26 228.84 5.186 23.238 10.812 30.464 22.124 28.415 12.984-2.351 15.885-9.902 11.13-28.965-27.116-108.69 35.548-213.83 115.52-193.8 62.457 15.637 88.885 67.878 68.602 135.6-5.391 18.003 6.86 31.308 21.806 23.683 13.72-6.999 21.801-62.411 14.196-97.337-11.42-52.441-57.47-90.99-115.24-96.468-9.392-0.891-10.23-0.889-19.874 0.038m3.119 121.4c-7.475 2.413-13.126 9.52-13.833 17.397-2.223 24.748 32.384 31.258 39.321 7.397 4.397-15.125-10.513-29.628-25.488-24.794" fill-rule="evenodd"/></g></svg>

assets/img/svg/3rd-party/xbrowsersync.svg

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g id="XMLID_1_" transform="matrix(.22578 0 0 .22578 3.8879 -1.6667e-7)"><g id="XMLID_44_" fill="#0a323d"><polygon id="XMLID_37_" points="0 41.667 0 58.333 43.334 83.333 43.334 66.667"/><polygon id="XMLID_38_" points="14.445 83.333 14.445 100 57.778 125 57.778 108.33"/><polygon id="XMLID_39_" points="0 108.33 0 125 43.334 150 43.334 133.33"/><polygon id="XMLID_40_" points="43.334 33.333 43.334 50 86.667 75 86.667 58.333"/><polygon id="XMLID_41_" points="57.778 8.333 57.778 25.038 101.11 50 101.11 33.333"/><polygon id="XMLID_42_" points="57.778 74.995 57.778 91.661 101.11 116.66 101.11 99.995"/><polygon id="XMLID_43_" points="28.889 58.333 28.889 75 72.223 100 72.223 83.333"/></g><g id="XMLID_36_" fill="#267d91"><polygon id="XMLID_26_" points="0 41.667 14.445 33.333 57.778 58.333 43.334 66.667"/><polygon id="XMLID_28_" points="14.39 49.971 28.835 41.638 72.168 66.638 57.724 74.971"/><polygon id="XMLID_29_" points="28.889 58.333 43.334 50 86.667 75 72.223 83.333"/><polygon id="XMLID_30_" points="43.333 33.371 57.778 25.038 101.11 50 86.667 58.371"/><polygon id="XMLID_31_" points="57.778 8.333 72.223 0 115.56 25 101.11 33.333"/><polygon id="XMLID_32_" points="43.279 66.638 57.724 58.305 101.06 83.305 86.613 91.638"/><polygon id="XMLID_33_" points="57.778 75 72.223 66.667 115.56 91.667 101.11 100"/><polygon id="XMLID_34_" points="14.445 83.333 28.889 75 72.223 100 57.778 108.33"/><polygon id="XMLID_35_" points="0 108.33 14.445 100 57.778 125 43.334 133.33"/></g><g id="XMLID_17_" fill="#71d2e2"><polygon id="XMLID_18_" points="57.778 58.333 57.778 75 43.334 83.333 43.334 66.667"/><polygon id="XMLID_19_" points="72.223 66.667 72.223 83.333 57.778 91.667 57.778 75"/><polygon id="XMLID_20_" points="86.667 75 86.667 91.667 72.223 100 72.223 83.333"/><polygon id="XMLID_21_" points="101.11 50 101.11 66.667 86.667 75 86.667 58.333"/><polygon id="XMLID_22_" points="115.56 25 115.56 41.667 101.11 50 101.11 33.333"/><polygon id="XMLID_23_" points="101.12 83.328 101.12 99.995 86.677 108.33 86.677 91.661"/><polygon id="XMLID_24_" points="115.56 91.667 115.56 108.33 101.11 116.67 101.11 100"/><polygon id="XMLID_25_" points="72.223 100 72.223 116.67 57.778 125 57.778 108.33"/><polygon id="XMLID_64_" points="57.778 125 57.778 141.67 43.334 150 43.334 133.33"/></g></g></svg>

assets/img/svg/etp/3rdpartycookies-disabled.svg

@@ -0,0 +1,7 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+   - License, v. 2.0. If a copy of the MPL was not distributed with this
+   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="context-fill" fill-opacity="context-fill-opacity">
+  <path d="M15.379,8a.142.142,0,0,0,.02,0,7.978,7.978,0,0,1-1.858-.356.981.981,0,0,1-.054.847,1,1,0,1,1-1.735-.994.981.981,0,0,1,.481-.407c-.069-.036-.13-.083-.2-.121L6.613,12.387a.977.977,0,0,1-.4.476.85.85,0,0,1-.117.04L4.031,14.969c.509.219,1,.24,1.161-.147-.424,1.025,2.823,1.668,2.822.558,0,1.11,3.246.461,2.821-.564.425,1.025,3.175-.816,2.39-1.6.785.784,2.621-1.97,1.6-2.394C15.846,11.246,16.489,8,15.379,8Zm-5.073,5a1,1,0,1,1,1-1A1,1,0,0,1,10.306,13Z"/>
+  <path d="M14.707,1.293a1,1,0,0,0-1.414,0L9.679,4.907A7.942,7.942,0,0,1,8,.61C8,.619,8,.626,8,.635,8-.474,4.753.174,5.179,1.2,4.753.174,2,2.016,2.788,2.8,2,2.016.167,4.77,1.193,5.193.167,4.77-.476,8.016.634,8.015c-1.11,0-.461,3.247.564,2.821-.639.265-.163,1.428.475,2.077l-.38.38a1,1,0,1,0,1.414,1.414l12-12A1,1,0,0,0,14.707,1.293Zm-9,1.7a1,1,0,1,1-1,1A1,1,0,0,1,5.706,3ZM2.524,7.508a1,1,0,1,1,.37,1.364A1,1,0,0,1,2.524,7.508Zm4.769-.215Z"/>
+</svg>

assets/img/svg/etp/cryptominers-disabled.svg

@@ -0,0 +1,7 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+   - License, v. 2.0. If a copy of the MPL was not distributed with this
+   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="context-fill" fill-opacity="context-fill-opacity">
+  <path d="M14.71 1.29a1 1 0 0 0-1.42 0l-.7.71H9v-.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5V2H5a2 2 0 0 0-1.6.8L2.2 4.4A1 1 0 0 0 3 6h4v1.59l-5.71 5.7a1 1 0 0 0 0 1.42 1 1 0 0 0 1.42 0l12-12a1 1 0 0 0 0-1.42z"/>
+  <path d="M7 14.5a.5.5 0 0 0 .5.5h1a.5.5 0 0 0 .5-.5V10l-2 2z"/>
+</svg>

assets/img/svg/etp/fingerprinters-disabled.svg

@@ -0,0 +1,8 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+   - License, v. 2.0. If a copy of the MPL was not distributed with this
+   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="context-fill" fill-opacity="context-fill-opacity">
+  <path d="M14.71 1.29a1 1 0 0 0-1.42 0l-.56.57A7 7 0 0 0 1 7a1 1 0 0 0 2 0 5 5 0 0 1 5-5 5 5 0 0 1 3.31 1.28l-.7.7A4 4 0 0 0 8 3a4 4 0 0 0-4 4 2 2 0 0 1-2 2 1 1 0 0 0 0 2 3.86 3.86 0 0 0 2.33-.75l-3 3a.91.91 0 0 0-.08.13.82.82 0 0 0-.11.17 1.17 1.17 0 0 0-.06.2A.86.86 0 0 0 1 14a.61.61 0 0 0 0 .23.62.62 0 0 0 0 .13v.08a.76.76 0 0 0 .12.19s0 .06.06.09a1 1 0 0 0 1.42 0l12-12a1 1 0 0 0 .11-1.43zM6 7a2 2 0 0 1 2-2 1.94 1.94 0 0 1 1.18.41l-.72.72A.91.91 0 0 0 8 6a1 1 0 0 0-1 1 4.76 4.76 0 0 1-.06.65L5.12 9.47A4.1 4.1 0 0 0 6 7z"/>
+  <path d="M9.68 9.32a8.06 8.06 0 0 1-1.42 2.48 11 11 0 0 0-1.15 1.75 1 1 0 0 0 .44 1.34A.93.93 0 0 0 8 15a1 1 0 0 0 .89-.55 9.74 9.74 0 0 1 1-1.44A8.84 8.84 0 0 0 12 7z"/>
+  <path d="M12.91 6.09A5.5 5.5 0 0 1 13 7a8.24 8.24 0 0 1-1.14 4.28A5.75 5.75 0 0 0 11 14a1 1 0 0 0 2 0 3.91 3.91 0 0 1 .63-1.79A10.18 10.18 0 0 0 15 7a6.81 6.81 0 0 0-.48-2.52z"/>
+</svg>

assets/img/svg/etp/tracker-image-disabled.svg

@@ -0,0 +1,11 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+   - License, v. 2.0. If a copy of the MPL was not distributed with this
+   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16">
+  <path fill="context-fill" fill-opacity="context-fill-opacity" d="M2 15a1 1 0 0 1-.71-.29 1 1 0 0 1 0-1.42l12-12a1 1 0 1 1 1.42 1.42l-12 12A1 1 0 0 1 2 15z"/>
+  <path fill="context-fill" fill-opacity="context-fill-opacity" d="M14 5v7a1 1 0 0 1-1 1H6l-2 2h9a3 3 0 0 0 3-3V4a3 3 0 0 0-.14-.86z"/>
+  <path fill="context-fill" fill-opacity="context-fill-opacity" d="M3 13a1 1 0 0 1-1-1V4a1 1 0 0 1 1-1h10l1.55-1.55A2.93 2.93 0 0 0 13 1H3a3 3 0 0 0-3 3v8a3 3 0 0 0 1.45 2.55z"/>
+  <path fill="context-fill" fill-opacity="context-fill-opacity" d="M11.64 7.36L7 12h6V9.18a.47.47 0 0 0-.12-.32z"/>
+  <path fill="context-fill" fill-opacity="context-fill-opacity" d="M7.29 8.71l-1.52-.6a.5.5 0 0 0-.5.07L3.19 9.85a.49.49 0 0 0-.19.39V12h1z"/>
+  <circle fill="context-fill" fill-opacity="context-fill-opacity" cx="5" cy="6" r="1"/>
+</svg>

assets/js/main.js

@@ -94,24 +94,3 @@ if (
 ) {
   fixThemeImages();
 }
-
-
-// Matomo
-var _paq = window._paq || [];
-/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
-_paq.push(["trackPageView"]);
-_paq.push(["enableLinkTracking"]);
-(function() {
-  var u = "https://stats.privacytools.io/";
-  _paq.push(["setTrackerUrl", u + "matomo.php"]);
-  _paq.push(["setSiteId", "1"]);
-  _paq.push(['setSecureCookie', true]);
-  var d = document,
-    g = d.createElement("script"),
-    s = d.getElementsByTagName("script")[0];
-  g.type = "text/javascript";
-  g.async = true;
-  g.defer = true;
-  g.src = u + "matomo.js";
-  s.parentNode.insertBefore(g, s);
-})();

index.html

@@ -7,13 +7,12 @@ layout: default
 {% include sections/resources.html %}
 
 <h1 id="sponsors" class="anchor"><a href="#sponsors"><i class="fas fa-link anchor-icon"></i></a> Sponsors</h1>
-
-<div class="alert alert-success" role="alert">
-  <strong>New!</strong> Showcase your brand as a sponsor of PrivacyTools and support our mission of creating a world free of mass surveillance! <a href="/sponsors/" class="alert-link">Learn more...</a>
-</div>
-<div class="mt-4">
+<div class="mx-4">
   {% include sponsors/gold.html %}
 </div>
+<div class="alert alert-info mt-5" role="alert">
+  Showcase your brand as a sponsor of PrivacyTools and support our mission of creating a world free of mass surveillance! <a href="/sponsors/" class="alert-link">Learn more...</a>
+</div>
 
 {% include sections/quotes.html %}
 {% include sections/privacy-resources.html %}

nginx/010-headers.conf

@@ -1,10 +1,11 @@
 add_header X-Frame-Options DENY always;
 add_header X-XSS-Protection "1; mode=block" always;
 add_header X-Content-Type-Options nosniff always;
-add_header Content-Security-Policy "default-src 'none'; script-src 'self' https://stats.privacytools.io; style-src 'self'; img-src 'self' data: https://*.privacytools.io; object-src 'none'; frame-src https://stats.privacytools.io; font-src 'self'; base-uri 'none'; form-action 'self' https://search.privacytools.io; frame-ancestors 'none'; manifest-src 'self';" always;
+add_header Content-Security-Policy "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data: https://*.privacytools.io; object-src 'none'; frame-src 'none'; font-src 'self'; base-uri 'none'; form-action 'self' https://search.privacytools.io; frame-ancestors 'none'; manifest-src 'self';" always;
 add_header 'Access-Control-Allow-Origin' '*';
 add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload";
 add_header Alt-Svc 'h2="privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion:443"; ma=86400; persist=1';
+add_header Onion-Location http://www.privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion$request_uri always;
 add_header Expect-CT 'max-age=86400, enforce';
 add_header Referrer-Policy "strict-origin";
 add_header Feature-Policy "geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;";

pages/about/about.html

@@ -70,6 +70,26 @@ email="https://dngray.netlify.com/email"
 keys="https://keybase.io/dngray"
 mastodon="https://social.privacytools.io/@dngray"
 %}
+  
+{% include team.html
+avatar="freddy.png"
+name="Freddy Marsden" 
+nick="Freddy"
+bio="I'm an amateur writer covering privacy, security and open-source development."
+role="Blogging & Education"
+website="https://write.privacytools.io/freddy/"
+email="mailto:freddy@privacytools.io"
+mastodon="https://social.privacytools.io/@freddy"
+blog="freddy"
+%}
+  
+{% include team.html
+name="Lynn Stephenson"
+bio="I'm a software developer doing some pentesting on the side, specializing in security, cryptography, networking, web development, and accessibility."
+role="Researcher"
+email="mailto:lynn@privacytools.io"
+mastodon="https://ioc.exchange/@lynn_stephenson"
+%}
 
 {% include team.html
 avatar="trai_dep.png"

pages/browsers.html

@@ -13,4 +13,6 @@ description: "These are our current web browser recommendations and some tweaks
 
 {% include sections/browser-addons.html %}
 
-{% include sections/browser-tweaks.html %}
+{% include sections/browser-easy-tweaks.html %}
+
+{% include sections/browser-advanced-tweaks.html %}

pages/old.html

@@ -27,7 +27,9 @@ permalink: /classic/
 
 {% include sections/browser-addons.html %}
 
-{% include sections/browser-tweaks.html %}
+{% include sections/browser-easy-tweaks.html %}
+
+{% include sections/browser-advanced-tweaks.html %}
 
 {% include sections/email-providers.html %}
 

pages/privacy.md

@@ -26,27 +26,18 @@ This data will be collected regardless of browser, device, or app used to access
 When you visit a {{ site.name }} website or service, regardless of whether you have an account or not, the website may use cookies, server logs, and other methods to collect the following data:
 
 * What pages you visit,
-* What actions you take on our website,
-* What browser, operating system, and device you use,
-* Search terms you use,
 * Your anonymized IP address: We anonymize the last 3 bytes of your IP, e.g. 192.xxx.xxx.xxx.
 
 We use this data to:
 
 * Optimize websites and services, so that they are quick and easy to use,
 * Diagnose and debug technical errors,
-* Defend websites and services from abuse and technical attacks,
-* Compile statistics on the popularity of a website, page, post, topic, etc., and
-* Compile statistics on the kinds of software and computers visitors use.
+* Defend websites and services from abuse and technical attacks.
 
 This data is processed under our [Legitimate Interest](https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/legitimate-interests/when-can-we-rely-on-legitimate-interests/) to provide our services to you in a an efficient and secure manner and to ensure the legal compliance and proper administration of our business.
 
 Raw data such as pages visited, anonymized visitor IPs, and visitor actions will be retained for 60 days. In special circumstances—such as extended investigations regarding a technical attack—we may preserve logged data for longer periods for analysis. We store aggregate statistics about use of the websites and services we host indefinitely, but those statistics do not include data identifiable to you personally.
 
-You can opt out of some website tracking we do with Matomo using the form below. Our Matomo instance is blocked by most ad-blockers, so users blocking the domain `stats.privacytools.io` will not need to separately opt-out with the form below. Our Matomo instance also respects the Do Not Track (DNT) setting in your browser, so users with DNT enabled will not need to complete this form. Limited data may still be collected via server-side logs after opting out here, but this data cannot be used to identify you.
-
-<iframe style="border: 1; height: 120px; width: 100%;" src="https://stats.privacytools.io/index.php?module=CoreAdminHome&action=optOut&language=en&backgroundColor=ffffff&fontColor=212529&fontSize=1rem&fontFamily=-apple-system%2CBlinkMacSystemFont%2C%22Segoe%20UI%22%2CRoboto%2C%22Helvetica%20Neue%22%2CArial%2Csans-serif%2C%22Apple%20Color%20Emoji%22%2C%22Segoe%20UI%20Emoji%22%2C%22Segoe%20UI%20Symbol%22%2C%22Noto%20Color%20Emoji%22"></iframe>
-
 ### We collect account data.
 
 On some websites and services we provide, many features may require an account. For example, on forum.privacytools.io an account is required to post and reply to topics.

pages/providers/dns.html

@@ -8,122 +8,3 @@ breadcrumb: "DNS"
 
 {% include sections/dns.html %}
 
-<h1 id="dns-desktop-clients" class="anchor">
-  <a href="#dns-desktop-clients">
-    <i class="fas fa-link anchor-icon"></i>
-  </a> Encrypted DNS Client Recommendations for Desktop
-</h1>
-
-{%
-	include cardv2.html
-	title="Unbound"
-	image="/assets/img/svg/3rd-party/unbound.svg"
-	description='A validating, recursive, caching DNS resolver, supporting DNS-over-TLS, and has been <a href="https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/">independently audited</a>.'
-	website="https://nlnetlabs.nl/projects/unbound/about/"
-	forum="https://forum.privacytools.io/t/discussion-unbound/3563"
-	github="https://github.com/NLnetLabs/unbound"
-%}
-
-{%
-	include cardv2.html
-	title="dnscrypt-proxy"
-	image="/assets/img/svg/3rd-party/dnscrypt-proxy.svg"
-	description='A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and <a href="https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt">Anonymized DNSCrypt</a>, a <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">relay-based protocol that the hides client IP address.</a>'
-	website="https://github.com/DNSCrypt/dnscrypt-proxy/wiki"
-	forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
-	github="https://github.com/DNSCrypt/dnscrypt-proxy"
-%}
-
-{%
-	include cardv2.html
-	title="Stubby"
-	image="/assets/img/png/3rd-party/stubby.png"
-	description='An application that acts as a local DNS-over-TLS stub resolver. Stubby can be used in <a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Clients#DNSPrivacyClients-Unbound/Stubbycombination">combination with Unbound</a> by managing the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections) with Unbound providing a local cache.'
-	website="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby"
-	forum="https://forum.privacytools.io/t/discussion-stubby/3582"
-	github="https://github.com/getdnsapi/stubby"
-%}
-
-{%
-	include cardv2.html
-	title="Firefox's built-in DNS-over-HTTPS resolver"
-	image="/assets/img/svg/3rd-party/firefox_browser.svg"
-	description='Firefox comes with built-in DNS-over-HTTPS support for <a href="https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/">NextDNS and Cloudflare</a> but users can manually any other DoH resolver.'
-	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.cloudflare.com/1.1.1.1/privacy/firefox::text==Warning::tooltip==Cloudflare logs a limited amount of data about the DNS requests that are sent to their custom resolver for Firefox."
-	website="https://support.mozilla.org/en-US/kb/firefox-dns-over-https"
-	privacy-policy="https://wiki.mozilla.org/Security/DOH-resolver-policy"
-	forum="https://forum.privacytools.io/t/discussion-firefox-s-built-in-dns-over-https-resolver/3564"
-%}
-
-<h1 id="dns-android-clients" class="anchor">
-	<a href="#dns-android-clients">
-		<i class="fas fa-link anchor-icon"></i>
-	</a> Encrypted DNS Client Recommendations for Android
-</h1>
-
-{%
-	include cardv2.html
-	title="Android 9's built-in DNS-over-TLS resolver"
-	image="/assets/img/svg/3rd-party/android.svg"
-	description="Android 9 (Pie) comes with built-in DNS-over-TLS support without the need for a 3rd-party application."
-	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.google.com/speed/public-dns/docs/using#android_9_pie_or_later::text==Warning::tooltip==Android 9's DoT settings have no effect when used concurrently with VPN-based apps which override the DNS."
-	website="https://support.google.com/android/answer/9089903#private_dns"
-	forum="https://forum.privacytools.io/t/discussion-android-9s-built-in-dns-over-tls-resolver/3562"
-%}
-
-{%
-	include cardv2.html
-	title="Nebulo"
-	image="/assets/img/png/3rd-party/nebulo.png"
-	description='An open-source Android client supporting DNS-over-HTTPS and DNS-over-TLS, caching DNS responses, and locally logging DNS queries.'
-	website="https://git.frostnerd.com/PublicAndroidApps/smokescreen/-/blob/master/README.md"
-	privacy-policy="https://smokescreen.app/privacypolicy"
-	forum="https://forum.privacytools.io/t/discussion-nebulo/3565"
-	fdroid="https://git.frostnerd.com/PublicAndroidApps/smokescreen#f-droid"
-	googleplay="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen"
-	source="https://git.frostnerd.com/PublicAndroidApps/smokescreen"
-%}
-
-<h1 id="dns-ios-clients" class="anchor">
-	<a href="#dns-ios-clients">
-		<i class="fas fa-link anchor-icon"></i>
-	</a> Encrypted DNS Client Recommendations for iOS
-</h1>
-
-{%
-	include cardv2.html
-	title="DNSCloak"
-	image="/assets/img/png/3rd-party/dnscloak.png"
-	description='An open-source iOS client supporting DNS-over-HTTPS, DNSCrypt, and <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki">dnscrypt-proxy</a> options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can <a href="https://blog.privacytools.io/adding-custom-dns-over-https-resolvers-to-dnscloak/">add custom resolvers by DNS stamp</a>.'
-	website="https://github.com/s-s/dnscloak/blob/master/README.md"
-	privacy-policy="https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view"
-	forum="https://forum.privacytools.io/t/discussion-dnscloak/3566"
-	ios="https://apps.apple.com/app/id1452162351"
-	github="https://github.com/s-s/dnscloak"
-%}
-
-<h2 id="dns-definitions" class="anchor">
-	<a href="#dns-definitions">
-		<i class="fas fa-link anchor-icon"></i>
-	</a> Definitions
-</h2>
-
-<h4>DNS-over-TLS (DoT)</h4>
-<p>
-  A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
-</p>
-
-<h4>DNS-over-HTTPS (DoH)</h4>
-<p>
-  Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
-</p>
-
-<h4>DNSCrypt</h4>
-<p>
-  With an <a href="https://dnscrypt.info/protocol/">open specification</a>, DNSCrypt is an older, yet robust method for encrypting DNS.
-</p>
-
-<h4>Anonymized DNSCrypt</h4>
-<p>
-  A <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">lightweight protocol</a> that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by <a href="#dns-desktop-clients">dnscrypt-proxy</a> and a limited number of <a href="https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/relays.md">relays</a>.
-</p>

pages/providers/email.html

@@ -177,7 +177,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
       <p><a href="https://en.wikipedia.org/wiki/End-to-end_encryption">End-to-end encryption (E2EE)</a> is a way of encrypting email contents so that nobody but the recipient(s) can read the email message.</p>
       <h3>How can I encrypt my email?</h3>
       <p>The standard way to do email E2EE and have it work between different email providers is with <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP">OpenPGP</a>. There are different implementations of the OpenPGP standard, the most common being <a href="https://en.wikipedia.org/wiki/GNU_Privacy_Guard">GnuPG</a> and <a href=https://openpgpjs.org>OpenPGP.js</a>.</p>
-      <p>There is another standard that was popular with business called <a href="https://en.wikipedia.org/wiki/S/MIME">S/MIME</a>, however it requires a certificate issued from a <a href="https://en.wikipedia.org/wiki/Certificate_authority">Certificate Authority</a> (not all of them issue S/MIME certificates). It has support in <a href="https://support.google.com/a/topic/9061730?hl=en&ref_topic=9061731">G Suite Enterprise/Education</a> and <a href="https://support.office.com/en-us/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480">Office 365 Business or Exchange Server 2016, 2019</a>.</p>
+      <p>There is another standard that was popular with business called <a href="https://en.wikipedia.org/wiki/S/MIME">S/MIME</a>, however it requires a certificate issued from a <a href="https://en.wikipedia.org/wiki/Certificate_authority">Certificate Authority</a> (not all of them issue S/MIME certificates). It has support in <a href="https://support.google.com/a/topic/9061730?hl=en&ref_topic=9061731">Google Workplace</a> and <a href="https://support.office.com/en-us/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480">Outlook for Web or Exchange Server 2016, 2019</a>.</p>
       <h3>What software can I use to get E2EE?</h3>
       <p>Email providers which allow you to use standard access protocols like <a href="https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</a> and <a href="https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol">SMTP</a> can be used with any of the <a href="/software/email/">email clients we recommend</a>. This can be less secure as you are now relying on email providers to ensure that their encryption implementation works and has not been compromised in anyway.</p>
     </div>
@@ -205,7 +205,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
       <h3>Where is the email metadata?</h3>
       <p>Email metadata is stored in the <a href="https://en.wikipedia.org/wiki/Email#Message_header">message header</a> of the email message.</p>
       <h3>Why can't email metadata be E2EE?</h3>
-      <p>Email metadata is is cruicial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally and is also optional, therefore, only the message content is protected.</p>
+      <p>Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally and is also optional, therefore, only the message content is protected.</p>
       <h3>How is my metadata protected?</h3>
       <p>When emails travel between email providers an encrypted connection is negotiated using <a href="https://en.wikipedia.org/wiki/Opportunistic_TLS">Opportunistic TLS</a>. This protects the metadata from outside observers, but as it is not E2EE, server administrators can snoop on the metadata of an email.</p>
     </div>

pages/providers/vpn.html

@@ -222,6 +222,7 @@ breadcrumb: "VPN"
 
         <ul>
           <li><a href="https://thatoneprivacysite.net/vpn-comparison-chart/">Spreadsheet with unbiased, independently verifiable data on over 100 VPN services.</a></li>
+          <li><a href="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews/">The Trouble with VPN and Privacy Review Sites</a></li>
           <li><a href="https://vikingvpn.com/blogs/off-topic/beware-of-vpn-marketing-and-affiliate-programs">Beware of False Reviews - VPN Marketing and Affiliate Programs</a></li>
           <li><a href="https://torrentfreak.com/proxy-sh-vpn-provider-monitored-traffic-to-catch-hacker-130930/">Proxy.sh VPN Provider Sniffed Server Traffic to Catch Hacker</a></li>
           <li><a href="https://proxy.sh/panel/knowledgebase.php?action=displayarticle&id=5">Ethical policy - All of the reasons why Proxy.sh might enable logging</a></li>
@@ -270,7 +271,7 @@ breadcrumb: "VPN"
     <div class="row">
       <div class="col-lg-6 col-12">
       <h3>Related Videos</h3>
-        <a href="https://invidio.us/watch?v=WVDQEoe6ZWY" target="_blank">
+        <a href="https://invidiou.site/watch?v=WVDQEoe6ZWY" target="_blank">
           <img
             src="/assets/img/png/layout/this-video-is-sponsored-by-vpn.png"
             class="img-fluid float-left mr-3"

pages/services/chat.html

@@ -11,7 +11,7 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
   <h1 class="display-4">Matrix</h1>
   <p class="lead"><code>chat.privacytools.io</code> is our official Matrix homeserver.</p>
   <hr class="my-4">
-  <p>You can register a user account on this homeserver using any Matrix client, no email required. However, you do not need to be a member of this homeserver to join our rooms, and choosing a smaller instance or <a href="https://element.io/matrix-services">buying</a> or <a href="https://matrix.org/docs/guides/installing-synapse">hosting</a> your own will help promote decentralization and performance in the Matrix fediverse!</p>
+  <p>You can register a user account on this homeserver using any Matrix client, no email required. However, you do not need to be a member of this homeserver to join our rooms, and choosing a smaller instance or <a href="https://element.io/matrix-services">buying</a> or <a href="https://matrix.org/docs/guides/installing-synapse">hosting</a> your own will help promote decentralization and performance on Matrix!</p>
   <p class="lead">
     <a class="btn btn-primary btn-lg" href="https://element.privacytools.io/" role="button">Open in Element</a>
     <a class="btn btn-secondary btn-lg" href="https://www.hello-matrix.net/public_servers.php" role="button">Find Another Homeserver</a>
@@ -20,6 +20,7 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
 
 <h2 class="pt-4" id="homeserverinfo">Connection Information</h2>
 <p><strong>To register on or connect to our homeserver, simply use <code>https://chat.privacytools.io</code> as the homeserver in your Matrix client.</strong></p>
+<p><mark>You must read and accept our community <a href="https://wiki.privacytools.io/view/PrivacyTools:Code_of_Conduct">code of conduct</a> before joining our rooms or using our services.</mark></p>
 
 {%
   include cardv2.html
@@ -30,7 +31,7 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
   website="https://element.io"
   privacy-policy="https://element.io/privacy"
   forum="https://forum.privacytools.io/t/discussion-element-io/665"
-  github="https://github.com/vector-im/riot-web/"
+  github="https://github.com/vector-im/element-web"
   windows="https://element.io/get-started"
   mac="https://element.io/get-started"
   linux="https://element.io/get-started"
@@ -50,7 +51,7 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
 <p><strong>No.</strong> Messages sent to the #general chat are encrypted from with client-to-server encryption, i.e. HTTPS. This means that your messages can't be viewed by an attacker on your network, or your ISP, etc. <strong>However</strong>, because this is a public chat room anybody can view your messages if they are a member, and newcomers will be able to see all message history. Do not say anything in rooms that don't use End-to-End (E2E) encryption that you wouldn't want tied to you personally.</p>
 
 <h4>Isn't Matrix behind Cloudflare?</h4>
-<p>Matrix.org is, chat.privacytools.io isn't. If you use our homeserver and our Element install, you should be good.</p>
+<p>The default matrix.org homeserver is behind Cloudflare. The PrivacyTools homeserver is not.
 
 <h4>Isn't Matrix slow?</h4>
 <p>It can be, for some! Due to the trememdous amount of people registering on the matrix.org homeserver, it is often overloaded and occasionally slow to respond. Therefore, users on that homeserver occasionally report a less than ideal chat experience. If that's you, you can fix this problem by switching to another homeserver. Good alternatives include...
@@ -58,7 +59,7 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
     <li>ours of course, at <mark><strong>chat.privacytools.io</strong></mark>, you're here right?</li>
     <li>feneas.org, tchncs.de, weho.st, pine64.org, kde.org, halogen.city...</li>
     <li>purchasing an instance from <a href="https://element.io/matrix-services">Element Matrix Services</a></li>
-    <li>running your own by installing <a href="https://github.com/matrix-org/synapse">synapse</a> — certainly the best option for the technically inclined!</li>
+    <li>running your own by installing <a href="https://github.com/matrix-org/synapse">Synapse</a> — certainly the best option for the technically inclined!</li>
   </ul>
 <p>Note that at time of writing, switching homeservers requires re-registering with another account at that server, as nomadic identities haven't been implemented yet.</p>
 
@@ -68,14 +69,17 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
 <h4>Why do XMPP users keep joining and leaving all the time?</h4>
 <p><a href="https://github.com/matrix-org/matrix-bifrost/issues/63">It's an issue with the XMPP bridge</a>.</p>
 
+<h4>I'm not using the PrivacyTools homeserver, can I find PrivacyTools rooms in Element?</h4>
+<p>Yes! Open the room explorer (compass icon on Element desktop), click the server selection drop down next to the search bar, click "Add a new server", type <code>privacytools.io</code>, and click Add. You should then be able to view and search through rooms that the PrivacyTools server is aware of. Note that not every room hosted on PrivacyTools is affiliated with or moderated by the PrivacyTools team.</p>
+
 <h2 class="pt-4">Rooms</h2>
 <p>To join a room, just type <code>/join [room address]</code> in any room. You can run this command from any server, not just ours!</p>
 <p>The PrivacyTools administration operates the following channels:</p>
 <ul>
-  <li><code>#dev:privacytools.io</code>: Discussions relating to <a href="https://github.com/privacytoolsIO/privacytools.io/">building</a> www.privacytools.io.</li>
+  <li><code>#dev:privacytools.io</code>: Discussions relating to <a href="https://github.com/privacytools/privacytools.io/">building</a> www.privacytools.io.</li>
   <li><code>#forum:privacytools.io</code>: All PrivacyTools Forum updates (Automated).</li>
   <li><strong><code>#general:privacytools.io</code>: Main discussion room.</strong></li>
-  <li><code>#github:privacytools.io</code>: GitHub updates for @privacytoolsIO (Automated).</li>
+  <li><code>#github:privacytools.io</code>: GitHub updates for @privacytools (Automated).</li>
   <li><code>#guides:privacytools.io</code>: Privacy Guides development work.</li>
   <li><strong><code>#privacy:privacytools.io</code>: On-topic privacy, security, opsec discussion and support.</strong></li>
   <li><code>#wiki:privacytools.io</code>: <a href="https://wiki.privacytools.io/view/Main_Page">Wiki</a>-building discussion room.</li>
@@ -90,7 +94,6 @@ description: "chat.privacytools.io is our official Matrix homeserver. You can re
   <li><code>#plume:disroot.org</code>: Discussion for Plume: Federated blogging.</li>
   <li><code>#element-android:matrix.org</code>: Element Android discussion and support.</li>
   <li><code>#element-ios:matrix.org</code>: Element iOS discussion and support.</li>
-  <li><code>#riotx:matrix.org</code>: RiotX (soon to be: Element Android) discussion and support.</li>
   <li><code>#element-web:matrix.org</code>: Element Web/Desktop discussion and support.</li>
 </ul>
 <p>If you are a room operator and want your room listed here, feel free to contact us. Especially if you operate a large room and/or are a member of our homeserver!</p>