diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 2e659087..3d9ccdc6 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -70,7 +70,3 @@ See https://www.privacytools.io/providers/vpn/#criteria for more details. - Provider logos are 200px x 70px ([example](https://www.privacytools.io/assets/img/provider/AirVPN.png)) - Tool logos are 120px x 120px ([example](https://www.privacytools.io/assets/img/tools/ChatSecure.png)) - -## Licensing - -The content and original technology of this website is made available under the Creative Commons Zero v1.0 Universal license text. Some files or folders may include works from other projects with separate licenses, and will be marked as such. **By contributing to this repository, contributors do not necessarily agree to sign a CLA or legally transfer their copyright to the project, but they do at a minimum agree to license their work under the current license of this repository: In this case, the Creative Commons Zero v1.0 Universal.** diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 00000000..6d446891 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,4 @@ +github: JonahAragon +liberapay: privacytools.io +patreon: privacytools +custom: https://www.privacytools.io/donate/ diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..c03da44c --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,88 @@ +# privacytools.io Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to make participation in our project and +our community a harassment-free experience for everyone, regardless of a +distinction of any kind, such as age, body size, disability, ethnicity, sex +characteristics, gender identity and expression, level of experience, +education, socio-economic status, nationality, personal appearance, race, +religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention + or advances +* Trolling, insulting/derogatory, antagonistic comments and personal or + political attacks +* Promoting intolerance +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of +acceptable behavior and are expected to take appropriate and fair +corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem +inappropriate, threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies within all project spaces, and it also applies +when an individual is representing as a part of the project or its +community in public spaces. + +Examples of representing a project or community include using an official +project e-mail address, posting via an official social media account, or +acting as an appointed representative at an online or offline event. +Representation of a project may be further defined and clarified by +project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting blacklight447 via email on +blacklight447@privacytools.io or [any team member on our forum]. +The reports should include information on whether they can be shared to +other team members and how much may be told. + +[any team member on our forum]:https://forum.privacytools.io/g/team + +All complaints will be reviewed and investigated and will result in a +response that is deemed necessary and appropriate to the circumstances. +The project team is obligated to maintain confidentiality with regard to the +reporter of an incident. Further details of specific enforcement policies +may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is forked from and licensed under Creative Commons +BY-4.0, [Contributor Covenant version 1.4] by privacytools.io, which you can +[find on our GitHub repository]. + +[find on our GitHub repository]:https://github.com/privacytoolsIO/privacytools.io/blob/master/CODE_OF_CONDUCT.md +[Contributor Covenant version 1.4]:https://contributor-covenant.org/version/1/4 diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..1d363102 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,35 @@ +# Security Policies and Procedures + +This document outlines security procedures and policies for the `privacytools.io` repository/code and all services hosted by privacytools.io, such as Mastodon, Matrix, Riot, et cetera. + +## Reporting a Bug + +We take all security bugs related to our code and our infrastructure very seriously. Thank you for improving the security of our projects and services. We appreciate your efforts and responsible disclosure, and will make every effort to acknowledge your contributions. + +Report any security bugs by emailing the services administrator at [admin@privacytools.io](mailto:admin@privacytools.io). + +The administrative team will acknowledge your message within 48 hours, and will provide a detailed response within 72 hours detailing the next steps for handling your report. After our initial reply we will make every effort to keep you informed of the progress towards a fix and announcement, and we may ask for additional information or guidance. + +Please report any security bugs in third-party projects to the person or team maintaining that project. + +The following are out of scope and should **not** be attacked/performed: + +* Excessive Automated Scans +* Denial of Service Attacks +* Social Engineering Attacks +* Reports against infrastructure outside our control +* User or admin accounts not owned by the tester + +## Disclosure Policy + +When we receive a security report, that report will be assigned to an administrative team member. That person will coordinate the fix, release, and announcement process, involving the following steps: + +1. Confirm the problem and determine affected services. +2. Audit infrastructure and/or code to find any potential similar problems. +3. Prepare fixes for all releases currently in production, which will be implemented as quickly as possible. + +Additionally, if user data was directly affected or compromised, we will inform affected users to the best of our ability via email and/or a website notification with more information about the incident. + +## Comments on this Policy + +Please open a Pull Request or Issue if you would like to discuss any changes to this policy. diff --git a/_includes/footer.html b/_includes/footer.html index beebe2f6..5c7cfa7b 100644 --- a/_includes/footer.html +++ b/_includes/footer.html @@ -61,8 +61,8 @@
You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and knowledge to protect your privacy against global mass surveillance.
diff --git a/_includes/sections/operating-systems.html b/_includes/sections/operating-systems.html index c6eae044..37333029 100644 --- a/_includes/sections/operating-systems.html +++ b/_includes/sections/operating-systems.html @@ -75,7 +75,6 @@ gitlab="https://salsa.debian.org/qa/debsources"Mullvad is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. It is the only VPN provider that currently meets our criteria for recommendation. Mullvad is based in Sweden and does not have a free trial. Visit mullvad.net to create an account.
-Mullvad has 409 servers in 39 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.
+Mullvad has 409 servers in 38 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.
In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
We will reevaluate this listing at the end of 2019 or when the aforementioned report has been published, whichever is sooner. -
ProtonVPN has 526 servers in 42 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.
+ProtonVPN has 442 servers in 33 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.
ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.
IVPN has undergone a no-logging audit from Cure53 which concluded in agreement with IVPN's no-logging claim. However, IVPN has not undergone a more comprehensive security audit by an independent third party, and therefore cannot be strongly recommended at this time. We have still chosen to list it on this page with the assumption that an audit will be published soon: The IVPN team reportedly plans to begin the process in September.
We will reevaluate this listing at the end of 2019 or when the aforementioned report has been published, whichever is sooner. -
IVPN has 77 servers in 31 countries at the time of writing this page. Typically the more servers a provider offers, the better. IVPN has a decent (but not exceptional) server count that will most likely provide adequate coverage to most users.
+IVPN has 70 servers in 29 countries at the time of writing this page. Typically the more servers a provider offers, the better. IVPN has a decent (but not exceptional) server count that will most likely provide adequate coverage to most users.
In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin and cash/local currency (on annual plans) as anonymous forms of payment.
If you are able, please consider contributing to our development and outreach programs. Contributions via OpenCollective to privacytools.io are tax deductible for US taxpayers. These funds are transparently and primarily used to cover server costs.
- Contribute - More Info -Our website is free of advertisements and not affiliated with any listed providers.
Your donation will cover our costs for servers, domains, coffee, beer, and pizza.
You may also contribute via the cryptocurrencies below, however we will not be able to provide a receipt for your contribution.
Your contribution will be considered an anonymous, unrestricted contribution and paid to our Fiscal Host at OpenCollective when we convert to currency.
The privacytools.io website and services are a community project. There is no advertising, affiliate links, or other forms of monetization.
Your donations here directly support hosting this website and compensating contributors to this project.
This sponsorship program is designed to allow companies, organizations, and individuals partner with the privacytools.io team to support our vision of a more privacy-respecting internet and the greater online community.
-With this exposure and sponsorship, your customers will recognize your intrinsic understanding and commitment to user privacy. Moreover, you'll directly contribute to our mission of spreading privacy-respecting tools and knowledge worldwide!
-As a sponsor of privacytools.io, your company will be widely recognized in a variety of ways, some of which we've detailed below.
-This website receives well over 250,000 pageviews on a monthly basis and is highly ranked for privacy-related keywords. In addition to the benefits below your contribution will be featured on our OpenCollective page and we will thank you via social media for your contribution.
-We pride ourselves on our integrity and commitment to spreading unbiased and fact-based information regarding privacy and privacy-respecting tools. All tools we recommend throughout our website are subject to strict criteria as judged by our team and the community across our various platforms. Your sponsorship will not grant your organization any special consideration when choosing our recommendations throughout the website, a process which we make clear via our transparent ledger on OpenCollective and our public discussions on GitHub. Your sponsorship benefits are limited to those outlined above.
-Your contribution to privacytools.io will be handled by the Open Collective Foundation 501(c)(3). For US companies and taxpayers, this means your contribution is tax deductible. As a non-profit, your sponsorship contribution will not be used for private profit and will only be used to cover expenses incurred by the project. All of our transactions (donations and expenses) are published transparently on OpenCollective. For the benefit of our readership, anonymous contributions will not be eligible for the sponsorship opportunities outlined above.
-If you are interested and have further questions, you are welcome to reach out to us directly at sponsors@privacytools.io.
-