From 5e38994584aa9ec670da831ab9ee607c3397bd6b Mon Sep 17 00:00:00 2001
From: Daniel Nathan Gray <dng@disroot.org>
Date: Fri, 29 Nov 2019 09:01:06 +0000
Subject: [PATCH 1/4] IPv6 badge for Mullvad  (#1537)

IPv6 badge for Mullvad
Add IPv6 to Best Case for Technology
---
 _includes/sections/vpn.html | 2 ++
 pages/providers/vpn.html    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html
index 81a9b996..94860ea9 100644
--- a/_includes/sections/vpn.html
+++ b/_includes/sections/vpn.html
@@ -22,6 +22,8 @@
     <blockquote class="blockquote">
       <p class="mb-0">...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p>
     </blockquote>
+    <h5><span class="badge badge-success">IPv6 Support</span></h5>
+    <p>Mullvad supports the future of networking <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. Their network allows users to <a href="https://mullvad.net/en/blog/2014/9/15/ipv6-support/">access services hosted on IPv6</a> as opposed to other providers who block IPv6 connections.</p>
     <h5><span class="badge badge-success">Accepts Bitcoin</span></h5>
     <p>Mullvad in addition to accepting credit/debit cards and PayPal, accepts <strong>Bitcoin</strong>, <strong>Bitcoin Cash</strong>, and <strong>cash/local currency</strong> as anonymous forms of payment. They also accept Swish and bank wire transfers.</p>
     <h5><span class="badge badge-warning">No Mobile Clients</span></h5>
diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index dca3bab3..55a8274c 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -62,6 +62,7 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
         <li>OpenVPN and WireGuard support.</li>
         <li>Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)</li>
         <li>Easy-to-use mobile clients, especially open-source.</li>
+        <li>Supports <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.</li>
       </ul>
     </div>
 
-- 
2.47.2


From 2d1dffd1c8f83a986f6c6e5c85e86bbdebacfd3f Mon Sep 17 00:00:00 2001
From: Daniel Gray <dng@disroot.org>
Date: Fri, 29 Nov 2019 09:57:19 +0000
Subject: [PATCH 2/4] Addition of reponsible marketing section

---
 pages/providers/vpn.html | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index dca3bab3..59c3301e 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -124,6 +124,32 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
       </ul>
     </div>
 
+    <div class="col-12">
+      <h3><span class="badge badge-info">Marketing</span></h3>
+      <p>With the VPN providers we recommend we like to see responsible marketing.</p>
+    </div>
+    <div class="col-md-6">
+      <p><strong>Minimum to Qualify:</strong></p>
+      <p>Must not have any marketing which is irresponsible:</p>
+        <ul>
+          <li>Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, eg:</li>
+          <ul>
+            <li>Reusing personal information eg. (email accounts, unique pseudonyms etc) that they accessed without anonymity software (Tor, VPN etc)</li>
+            <li><a href="https://www.privacytools.io/browsers/#fingerprint">Browser fingerprinting</a></li>
+          </ul>
+          <li>Claim that a single circuit VPN is "more anonymous" than Tor, which is a circuit of 3 or more hops that regularly changes.</a></li>
+          <li>Use responsible language, eg it is okay to say that a VPN is "disconnected" or "not connected", however claiming that a user is "exposed", "vulnerable" or "compromised" is needless use of alarming language that may be incorrect. For example the visiting user might be on another VPN provider's service or using Tor.</li>
+        </ul>
+    </div>
+    <div class="col-md-6">
+      <p><strong>Best Case:</strong></p>
+      <p>Responsible marketing that is both educational and useful to the consumer could include:</p>
+      <ul>
+        <li>A accurate comparison to when Tor or other <a href="https://www.privacytools.io/software/networks/">Self contained networks</a> should be used.</li>
+        <li>Availability of the VPN provider's website over a .onion <a href="https://en.wikipedia.org/wiki/.onion">Hidden Service</a></li>
+      </ul>
+    </div>
+
     <div class="col-12">
       <h3><span class="badge badge-info">Additional Functionality</span></h3>
       <p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.</p>
-- 
2.47.2


From 7455f2d775e6221c3f6bb6e8c663feb25c99ea50 Mon Sep 17 00:00:00 2001
From: Daniel Gray <dng@disroot.org>
Date: Fri, 29 Nov 2019 11:17:31 +0000
Subject: [PATCH 3/4] Addition of self-hosting analytics

---
 pages/providers/vpn.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index 59c3301e..c78c42c9 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -130,6 +130,10 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
     </div>
     <div class="col-md-6">
       <p><strong>Minimum to Qualify:</strong></p>
+      <ul>
+          <li>Must self host analytics (no Google Analytics etc). Options like <a href="https://matomo.org">Matomo</a> are perfect for this as they allow a provider to know information about how users use their site. The provider's site must also comply with <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DNT (Do Not Track)</a> for those users who want to opt-out.</li>
+      </ul>
+      </li>
       <p>Must not have any marketing which is irresponsible:</p>
         <ul>
           <li>Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, eg:</li>
-- 
2.47.2


From 88c932c043e142ce4c811a0a2df2face1ec3ef4b Mon Sep 17 00:00:00 2001
From: Daniel Gray <dng@disroot.org>
Date: Fri, 29 Nov 2019 11:28:57 +0000
Subject: [PATCH 4/4] Remove Matomo mention, sounds like advert

---
 pages/providers/vpn.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
index c78c42c9..c4afa577 100644
--- a/pages/providers/vpn.html
+++ b/pages/providers/vpn.html
@@ -131,7 +131,7 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
     <div class="col-md-6">
       <p><strong>Minimum to Qualify:</strong></p>
       <ul>
-          <li>Must self host analytics (no Google Analytics etc). Options like <a href="https://matomo.org">Matomo</a> are perfect for this as they allow a provider to know information about how users use their site. The provider's site must also comply with <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DNT (Do Not Track)</a> for those users who want to opt-out.</li>
+          <li>Must self host analytics (no Google Analytics etc). The provider's site must also comply with <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DNT (Do Not Track)</a> for those users who want to opt-out.</li>
       </ul>
       </li>
       <p>Must not have any marketing which is irresponsible:</p>
-- 
2.47.2