From a486af49260379a4acbb0a5a5ae8051904f4f80b Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Thu, 22 Aug 2019 23:24:21 +0300
Subject: [PATCH 01/15] DNS: add Nebulo as worth mentioning

Resolves: #1187
---
 _includes/sections/dns.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index e2899992..b2088d3f 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -297,5 +297,6 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
     <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
     <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
     <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
+    <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoT and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
   </ul>
 </div>
-- 
2.47.2


From 2f65d8624e6493ad9d28ebaa5d32da80fbc36b84 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Thu, 22 Aug 2019 23:30:13 +0300
Subject: [PATCH 02/15] source_code: add Nebulo

---
 source_code.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/source_code.md b/source_code.md
index ce17167b..1cd06232 100644
--- a/source_code.md
+++ b/source_code.md
@@ -285,6 +285,8 @@ OpenNic: https://github.com/opennic/ (mostly)
 
 Webpage: https://github.com/opennic/opennic-web
 
+Nebulo: https://git.frostnerd.com/PublicAndroidApps/smokescreen/
+
 ### Worth Mentioning
 
 - NoTrack: https://github.com/quidsup/notrack
-- 
2.47.2


From e45d5a74a0c59e216d9aa232d1a1d992743de2d5 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Thu, 22 Aug 2019 23:32:42 +0300
Subject: [PATCH 03/15] dns: add metadata warning to DoH

---
 _includes/sections/dns.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index b2088d3f..444ad1e2 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -281,7 +281,7 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
 
   <ul>
     <li>DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.</li>
-    <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443.</li>
+    <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="DoH may leak metadata such as user-agent (which may include system information) to the DNS server"><a href="https://github.com/privacytoolsIO/privacytools.io/issues/1187#issuecomment-523313881"><i class="fas fa-exclamation-triangle"></i></a></span></li>
     <li>DNSCrypt - An older yet robust method of encrypting DNS.</li>
   </ul>
 
-- 
2.47.2


From 0171e15fb5a95e0b60ee29616ac73c1f2672015b Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Thu, 22 Aug 2019 23:35:47 +0300
Subject: [PATCH 04/15] dns: fix typo in Nebulo's description

Yes, Nebulo supports DoT and DoT...
---
 _includes/sections/dns.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index 444ad1e2..df18a451 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -297,6 +297,6 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
     <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
     <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
     <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
-    <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoT and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
+    <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
   </ul>
 </div>
-- 
2.47.2


From 1a4f8ccf46a2a76f961a2a95fa4c77e74d431854 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Thu, 22 Aug 2019 23:42:41 +0300
Subject: [PATCH 05/15] dns: update DoH warning text and link

---
 _includes/sections/dns.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index df18a451..0e7158dd 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -281,7 +281,7 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
 
   <ul>
     <li>DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.</li>
-    <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="DoH may leak metadata such as user-agent (which may include system information) to the DNS server"><a href="https://github.com/privacytoolsIO/privacytools.io/issues/1187#issuecomment-523313881"><i class="fas fa-exclamation-triangle"></i></a></span></li>
+    <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="DoH contains metadata such as user-agent (which may include system information) to the DNS server"><a href="https://tools.ietf.org/html/rfc8484#section-8.2"><i class="fas fa-exclamation-triangle"></i></a></span></li>
     <li>DNSCrypt - An older yet robust method of encrypting DNS.</li>
   </ul>
 
-- 
2.47.2


From ae277e176dbf327620d6fcb2f2c2b3ad9b79bc28 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 23 Aug 2019 15:07:14 +0300
Subject: [PATCH 06/15] dns: sort mobile encrypted DNS software together

---
 _includes/sections/dns.html | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index 0e7158dd..e4b5824d 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -289,14 +289,19 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
 
   <ul>
     <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
-    <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
-    <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
       <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
       <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
     <li><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
     <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
     <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
     <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
-    <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
+
+<li>Mobile software with encrypted DNS</li>
+    <ul>
+      <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
+      <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
+      <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
+    </ul>
+
   </ul>
 </div>
-- 
2.47.2


From 30921f5f6431987523b9e7b5c33d7d84c813b170 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 23 Aug 2019 15:08:49 +0300
Subject: [PATCH 07/15] dns: update DoH warning as suggested by @nitrohorse

---
 _includes/sections/dns.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index e4b5824d..e68c3630 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -281,7 +281,7 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
 
   <ul>
     <li>DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.</li>
-    <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="DoH contains metadata such as user-agent (which may include system information) to the DNS server"><a href="https://tools.ietf.org/html/rfc8484#section-8.2"><i class="fas fa-exclamation-triangle"></i></a></span></li>
+    <li>DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server."><a href="https://tools.ietf.org/html/rfc8484#section-8.2"><i class="fas fa-exclamation-triangle"></i></a></span></li>
     <li>DNSCrypt - An older yet robust method of encrypting DNS.</li>
   </ul>
 
-- 
2.47.2


From 0d813640065ed627952b219d46cdb50190f58c96 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 23 Aug 2019 15:18:35 +0300
Subject: [PATCH 08/15] dns: sort additional information & worth mentioning
 into sublists

---
 _includes/sections/dns.html | 42 +++++++++++++++++++++++++------------
 1 file changed, 29 insertions(+), 13 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index e68c3630..e237bd9d 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -288,20 +288,36 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
   <h3>Worth Mentioning and Additional Information</h3>
 
   <ul>
-    <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
-      <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
-      <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
-    <li><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
-    <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
-    <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
-    <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
+    <li>Desktop software with support for encrypted DNS:</li>
+      <ul>
+        <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
+      </ul>
 
-<li>Mobile software with encrypted DNS</li>
-    <ul>
-      <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
-      <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
-      <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
-    </ul>
+  <ul>
+    <li>Network wide DNS servers:</li>
+      <ul>
+        <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
+        <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
+      </ul>
+
+    <li>Local DNS servers:</li>
+      <ul>
+        <li><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
+        <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
+      </ul>
+
+    <li>Mobile software with support for encrypted DNS:</li>
+      <ul>
+        <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
+        <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
+        <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
+      </ul>
+
+    <li>Further reading:</li>
+      <ul>
+        <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
+        <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
+      </ul>
 
   </ul>
 </div>
-- 
2.47.2


From 4d6c9956ba78c99ae5dd116fe36c3ba12b93c4fc Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 23 Aug 2019 15:22:41 +0300
Subject: [PATCH 09/15] dns: remove extra ul

---
 _includes/sections/dns.html | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index e237bd9d..8e876eed 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -293,12 +293,11 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
         <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
       </ul>
 
-  <ul>
-    <li>Network wide DNS servers:</li>
-      <ul>
-        <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
-        <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
-      </ul>
+  <li>Network wide DNS servers:</li>
+    <ul>
+      <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
+      <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
+    </ul>
 
     <li>Local DNS servers:</li>
       <ul>
-- 
2.47.2


From 2f88e349e7e39038245d33f344071deb84a4412f Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 23 Aug 2019 15:25:17 +0300
Subject: [PATCH 10/15] dns: sort the sublists

---
 _includes/sections/dns.html | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index 8e876eed..470d7a51 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -293,11 +293,12 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
         <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
       </ul>
 
-  <li>Network wide DNS servers:</li>
-    <ul>
-      <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
-      <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
-    </ul>
+    <li>Mobile software with support for encrypted DNS:</li>
+      <ul>
+        <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
+        <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
+        <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
+      </ul>
 
     <li>Local DNS servers:</li>
       <ul>
@@ -305,12 +306,11 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
         <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
       </ul>
 
-    <li>Mobile software with support for encrypted DNS:</li>
-      <ul>
-        <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
-        <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
-        <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
-      </ul>
+  <li>Network wide DNS servers:</li>
+    <ul>
+      <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
+      <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
+    </ul>
 
     <li>Further reading:</li>
       <ul>
-- 
2.47.2


From 1dbda5dab8109c67137b93287f73678e890bc1f7 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 23 Aug 2019 15:30:12 +0300
Subject: [PATCH 11/15] dns: add formatting

---
 _includes/sections/dns.html | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index 470d7a51..94538e43 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -288,31 +288,31 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
   <h3>Worth Mentioning and Additional Information</h3>
 
   <ul>
-    <li>Desktop software with support for encrypted DNS:</li>
+    <li><strong>Desktop software with support for encrypted DNS:</strong></li>
       <ul>
-        <li>Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
+        <li><em>Firefox</em> comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
       </ul>
 
-    <li>Mobile software with support for encrypted DNS:</li>
+    <li><strong>Mobile software with support for encrypted DNS:</strong></li>
       <ul>
-        <li>Android 9 comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
-        <li><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
-        <li><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
+        <li><em>Android 9</em> comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
+        <li><em><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a></em> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
+        <li><em><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a></em> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
       </ul>
 
-    <li>Local DNS servers:</li>
+    <li><strong>Local DNS servers:</strong></li>
       <ul>
-        <li><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
-        <li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
+        <li><em><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a></em> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
+        <li><em><a href="https://namecoin.info/">Namecoin</a></em> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
       </ul>
 
-  <li>Network wide DNS servers:</li>
+  <li><strong>Network wide DNS servers:</strong></li>
     <ul>
-      <li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
-      <li><a href="https://gitlab.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
+      <li><em><a href="https://pi-hole.net/">Pi-hole</a></em> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
+      <li><em><a href="https://gitlab.com/quidsup/notrack">NoTrack</a></em> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
     </ul>
 
-    <li>Further reading:</li>
+    <li><strong>Further reading:</strong></li>
       <ul>
         <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
         <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
-- 
2.47.2


From 3ade379051d4bfa2a3d5a18aeef045a81f15e26e Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sat, 24 Aug 2019 13:02:24 +0300
Subject: [PATCH 12/15] dns: update wording as requested by @nitrohorse

---
 _includes/sections/dns.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index 94538e43..e1245543 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -288,12 +288,12 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
   <h3>Worth Mentioning and Additional Information</h3>
 
   <ul>
-    <li><strong>Desktop software with support for encrypted DNS:</strong></li>
+    <li><strong>Encrypted DNS clients for desktop:</strong></li>
       <ul>
         <li><em>Firefox</em> comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
       </ul>
 
-    <li><strong>Mobile software with support for encrypted DNS:</strong></li>
+    <li><strong>Encrypted DNS clients for mobile:</strong></li>
       <ul>
         <li><em>Android 9</em> comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
         <li><em><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a></em> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
-- 
2.47.2


From 52fef5ccf5c5c2c4d74fcfddbe37067c988ae167 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sat, 24 Aug 2019 13:04:22 +0300
Subject: [PATCH 13/15] dns: copy-paste @nitrohorse 's example

---
 _includes/sections/dns.html | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index e1245543..dd8db342 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -288,35 +288,35 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
   <h3>Worth Mentioning and Additional Information</h3>
 
   <ul>
-    <li><strong>Encrypted DNS clients for desktop:</strong></li>
+    <li><strong>Encrypted DNS clients for desktop:</strong>
       <ul>
         <li><em>Firefox</em> comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. <span class="badge badge-warning" data-toggle="tooltip" data-placement="bottom" data-original-title='"Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser."'><a href="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"><i class="fas fa-exclamation-triangle"></i></a></span> Currently Mozilla is <a href="https://blog.mozilla.org/futurereleases/2019/07/31/dns-over-https-doh-update-detecting-managed-networks-and-user-choice/">conducting studies</a> before enabling DoH by default for all US-based Firefox users.</li>
       </ul>
-
-    <li><strong>Encrypted DNS clients for mobile:</strong></li>
+    </li>
+    <li><strong>Encrypted DNS clients for mobile:</strong>
       <ul>
         <li><em>Android 9</em> comes with a DoT client by <a href="https://support.google.com/android/answer/9089903">default</a>. <span class="badge badge-warning" data-toggle="tooltip" data-original-title="...but with some caveats"><a href="https://www.quad9.net/private-dns-quad9-android9/"><i class="fas fa-exclamation-triangle"></i></a></span></li>
         <li><em><a href="https://apps.apple.com/app/id1452162351">DNSCloak</a></em> - An <a href="https://github.com/s-s/dnscloak">open-source</a> DNSCrypt and DoH client for iOS by <td><a data-toggle="tooltip" data-placement="bottom" data-original-title='"A charitable non-profit host organization for international Free Software projects."' href="https://techcultivation.org/">the Center for the Cultivation of Technology gemeinnuetzige GmbH</a>.</li>
         <li><em><a href="https://git.frostnerd.com/PublicAndroidApps/smokescreen/blob/master/README.md">Nebulo</a></em> - An open-source application for Android supporting DoH and DoT. It also supports caching DNS responses and locally logging DNS queries.</li>
       </ul>
-
-    <li><strong>Local DNS servers:</strong></li>
+    </li>
+    <li><strong>Local DNS servers:</strong>
       <ul>
         <li><em><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a></em> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
         <li><em><a href="https://namecoin.info/">Namecoin</a></em> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
       </ul>
-
-  <li><strong>Network wide DNS servers:</strong></li>
-    <ul>
-      <li><em><a href="https://pi-hole.net/">Pi-hole</a></em> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
-      <li><em><a href="https://gitlab.com/quidsup/notrack">NoTrack</a></em> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
-    </ul>
-
-    <li><strong>Further reading:</strong></li>
+    </li>
+    <li><strong>Network wide DNS servers:</strong>
+      <ul>
+        <li><em><a href="https://pi-hole.net/">Pi-hole</a></em> - A network-wide DNS server mainly for the Raspberry Pi. Blocks ads, tracking, and malicious domains for all devices on your network.</li>
+        <li><em><a href="https://gitlab.com/quidsup/notrack">NoTrack</a></em> - A network-wide DNS server like Pi-hole for blocking ads, tracking, and malicious domains.</li>
+      </ul>
+    </li>
+    <li><strong>Further reading:</strong>
       <ul>
         <li><a href="https://www.isc.org/blogs/qname-minimization-and-privacy/">QNAME Minimization and Your Privacy</a> by the Internet Systems Consortium (ISC)</li>
         <li><a href="https://www.isc.org/dnssec/">DNSSEC and BIND 9</a> by the ISC</li>
       </ul>
-
+    </li>
   </ul>
-</div>
+</div>
\ No newline at end of file
-- 
2.47.2


From 0b08cbde78b2f2b9e7e496ef4b8ab9582342ec56 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sat, 24 Aug 2019 13:08:10 +0300
Subject: [PATCH 14/15] source_code: sort DNS apps

---
 source_code.md | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/source_code.md b/source_code.md
index 1cd06232..749ef7fb 100644
--- a/source_code.md
+++ b/source_code.md
@@ -285,14 +285,10 @@ OpenNic: https://github.com/opennic/ (mostly)
 
 Webpage: https://github.com/opennic/opennic-web
 
-Nebulo: https://git.frostnerd.com/PublicAndroidApps/smokescreen/
-
 ### Worth Mentioning
 
 - NoTrack: https://github.com/quidsup/notrack
 
-- Namecoin: https://github.com/namecoin
-
 - Pi-hole: https://github.com/pi-hole
 
 ## Encrypted ICANN DNS Providers
@@ -307,10 +303,18 @@ PowerDNS: https://github.com/PowerDNS/pdns
 
 ### Worth Mentioning and Additional Information
 
+#### Mobile
+
 - DNSCloak: https://github.com/s-s/dnscloak
 
+- Nebulo: https://git.frostnerd.com/PublicAndroidApps/smokescreen/
+
+#### Local DNS servers
+
 - Stubby: https://github.com/getdnsapi/stubby
 
+- Namecoin: https://github.com/namecoin
+
 ## Digital Notebook
  Joplin: https://github.com/laurent22/joplin
 
-- 
2.47.2


From 6a91bff7024cdf5e86d62a258bd59b7cb516bbe6 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sat, 24 Aug 2019 13:08:54 +0300
Subject: [PATCH 15/15] dns: swap Namecoin and Stubby due to alphabetical order

---
 _includes/sections/dns.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
index dd8db342..f0b93e33 100644
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@@ -302,8 +302,8 @@ github="https://github.com/jedisct1/dnscrypt-proxy"
     </li>
     <li><strong>Local DNS servers:</strong>
       <ul>
-        <li><em><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a></em> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
         <li><em><a href="https://namecoin.info/">Namecoin</a></em> - A decentralized DNS open-source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
+        <li><em><a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby">Stubby</a></em> - An open-source application for Linux, macOS, and Windows that acts as a local DNS Privacy stub resolver using DoT.</li>
       </ul>
     </li>
     <li><strong>Network wide DNS servers:</strong>
-- 
2.47.2