diff --git a/_includes/breadcrumbs.html b/_includes/breadcrumbs.html new file mode 100644 index 00000000..e4ed6b6f --- /dev/null +++ b/_includes/breadcrumbs.html @@ -0,0 +1,25 @@ +
Unless otherwise noted, the original content on this website is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. The underlying source code used to format and display this content is not licensed for third-party use unless otherwise noted.
-Copyright © 2020 Jonah Aragon, Aragon Ventures LLC, and Contributors | Website Source Code | Open an Issue | Privacy Policy | Website Terms & Notices
+Copyright © 2020 Jonah Aragon, Aragon Ventures LLC, and Contributors | Website Source Code | Open an Issue | Privacy Policy | Website Terms & Notices
diff --git a/_includes/legacy/badge.html b/_includes/legacy/badge.html deleted file mode 100644 index f908ecf8..00000000 --- a/_includes/legacy/badge.html +++ /dev/null @@ -1,20 +0,0 @@ -{% if include.link %} - {{ include.text }} -{% else %}> {{ include.text }}{% endif %} - -{% else %} - {{include.text}} - {% else %} - > {% if include.icon %}{% endif %} {{include.text}} - {% endif %} - -{% endif %} diff --git a/_includes/legacy/breadcrumbs.html b/_includes/legacy/breadcrumbs.html deleted file mode 100644 index b744bb53..00000000 --- a/_includes/legacy/breadcrumbs.html +++ /dev/null @@ -1,23 +0,0 @@ - diff --git a/_includes/legacy/cardv2.html b/_includes/legacy/cardv2.html index 0af2d74a..77a45a5d 100644 --- a/_includes/legacy/cardv2.html +++ b/_includes/legacy/cardv2.html @@ -57,7 +57,7 @@ {% assign tooltip = attr[1] %} {% endif %} {% endfor %} - {% include legacy/badge.html + {% include badge.html link=link color=color text=text @@ -77,7 +77,7 @@ + class="btn btn-secondary mt-1 mr-1"> Website @@ -94,7 +94,7 @@ + class="btn btn-primary mt-1 mr-1"> Forum diff --git a/_includes/legacy/footer.html b/_includes/legacy/footer.html deleted file mode 100644 index 474888f1..00000000 --- a/_includes/legacy/footer.html +++ /dev/null @@ -1,97 +0,0 @@ - diff --git a/_includes/legacy/head.html b/_includes/legacy/head.html deleted file mode 100644 index 30296c17..00000000 --- a/_includes/legacy/head.html +++ /dev/null @@ -1,65 +0,0 @@ - - - - - - - - - - - {% if page.title %} -- Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include legacy/badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %} + Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
ProtonMail.com is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since 2013. ProtonMail is based in Genève, Switzerland. Accounts start with 500 MB storage with their free plan.
Free accounts have some limitations and do not allow the use of the ProtonMail Bridge, which is required to use a recommended email client (e.g. Thunderbird) or to search email by body text. Paid accounts are available starting at €48/y which include features like ProtonMail Bridge, additional storage, custom domain support, and more. The webmail and mobile apps can only search To:
, From:
, Date:
and Subject:
(this is likely to change when v4.0 of ProtonMail is released).
Paid ProtonMail users can use their own domain with the service. Catch-all addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports subaddressing, which is useful for users who don't want to purchase a domain.
-ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.
-ProtonMail supports TOTP two factor authentication only. The use of a U2F security key is not yet supported. ProtonMail is planning to implement U2F upon completion of their Single Sign On (SSO) code.
-ProtonMail has zero access encryption at rest for your emails, address book contacts, and calendars. This means the messages and other data stored in your account are only readable by you.
-ProtonMail has integrated OpenPGP encryption in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to encrypt messages to non-ProtonMail users without the need for them to sign up for a ProtonMail account or use software like OpenPGP.
ProtonMail also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.
-ProtonMail is accessible via Tor at protonirockerxow.onion.
-ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.
Mailbox.org is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since 2014. Mailbox.org is based in Berlin, Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.
-Mailbox.org lets users use their own domain and they support catch-all addresses. Mailbox.org also supports subaddressing, which is useful for users who don't want to purchase a domain.
-Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.
-Mailbox.org supports two factor authentication for their webmail only. You can use either TOTP or a Yubikey via the Yubicloud. Web standards such as U2F and WebAuthn are not yet supported.
-Mailbox.org allows for encryption of incoming mail using their encrypted mailbox. New messages that you receive will then be immediately encrypted with your public key.
However, Open-Exchange, the software platform used by Mailbox.org, does not support the encryption of your address book and calendar. A standalone option may be more appropriate for that information.
-Mailbox.org has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow remote recipients to decrypt an email on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
Mailbox.org also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.
-You can access your Mailbox.org account via IMAP/SMTP using their .onion service. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.
-All accounts come with limited cloud storage that can be encrypted. Mailbox.org also offers the alias @secure.mailbox.org, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports Exchange ActiveSync in addition to standard access protocols like IMAP and POP3.
Posteo.de is an email provider that focuses on anonymous, secure, and private email. Their servers are powered by 100% sustainable energy. They have been in operation since 2009. Posteo is based in Germany and has a free 14-day trial. Posteo comes with 2 GB for the monthly cost and an extra gigabyte can be purchased for €0.25 per month.
-Posteo does not allow the use of custom domains, however users may still make use of subaddressing.
-Posteo does not accept Bitcoin or other cryptocurrencies as a form of payment, however they do accept cash-by-mail. They also accept credit/debit cards, bank transfers, and PayPal, and remove PII (personally identifiable information) that they receive in connection with these payment methods.
-Posteo supports two factor authentication for their webmail only. You can use either TOTP a Yubikey with TOTP. Web standards such as U2F and WebAuthn are not yet supported.
-Posteo has zero access encryption for email storage. This means the messages stored in your account are only readable by you.
Posteo also supports the encryption of your address book contacts and calendars at rest. However, Posteo still uses standard CalDAV and CardDAV for calendars and contacts. These protocols do not support E2EE (End-To-End Encryption). A standalone option may be more appropiate.
-Posteo has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also support the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Posteo to find the OpenPGP keys of Posteo users easily, for cross-provider E2EE.
-Posteo does not operate a .onion service.
-Posteo allows users to set up their own mailing lists. Each account can create one list for free.
Disroot offers email amongst other services. The service is maintained by volunteers and its community. They have been in operation since 2015. Disroot is based in Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.
-Disroot lets users use their own domain. They have aliases, however you must manually apply for them.
-Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.
-Disroot supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
-Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.
Disroot also uses the standard CalDAV and CardDAV protocols for calendars and contacts, which do not support E2EE. A standalone option may be more appropriate.
-Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a Web Key Directory (WKD) for users on their platform.
-Disroot does not operate a .onion service.
-They offer other services such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app available in F-Droid.
Tutanota.com is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since 2011 and is based in Hanover, Germany. Accounts start with 1GB storage with their free plan.
Tutanota doesn't allow the use of third-party email clients. There are plans to allow Tutanota pull email from external email accounts using the IMAP protocol. Email import is currently not possible.
Emails can be exported individually or by bulk selection. Tutanota does not allow for subfolders as you might expect with other email providers.
Tutanota is working on a desktop client and they have an app available in F-Droid. They also have their app in conventional stores such as App Store on iOS and Google Play for Android.
-Paid Tutanota accounts can use up to 5 aliases and custom domains. Tutanota doesn't allow for subaddressing (plus addresses), but you can use a catch-all with a custom domain.
-Tutanota accepts only credit cards and PayPal.
-Tutanota supports two factor authentication. Users can either use TOTP or U2F. U2F support is not yet available on Android.
-Tutanota has zero access encryption at rest for your emails, address book contacts, and calendars. This means the messages and other data stored in your account are only readable by you.
-Tutanota does not use OpenPGP. Tutanota users can only receive encrypted emails when external users send them through a temporary Tutanota mailbox.
Tutanota does have plans to support AutoCrypt. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.
-Tutanota does not operate a .onion service but may consider it in the future.
-Tutanota offers the business version of Tutanota to non-profit organizations for free or with a heavy discount.
Tutanota also has a business feature called Secure Connect. This ensures customer contact to the business uses E2EE. The feature costs €240/y.
@@ -207,30 +207,30 @@ alt="StartMail">StartMail.com is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since 2014 and is based in Boulevard 11, Zeist Netherlands. Accounts start with 10GB. They offer a 30-day trial.
-Personal accounts can use Custom or Generated aliases. Business accounts can use Domain aliases.
-StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other payment options such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.
-StartMail supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
-StartMail has zero access encryption at rest, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.
StartMail supports importing contacts however, they are only accessible in the webmail and not through protocols such as CalDAV. Contacts are also not stored using zero knowledge encryption, so a standalone option may be more appropriate.
-StartMail has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys.
-StartMail does not operate a .onion service.
-StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.
Mullvad.net is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. Mullvad is based in Sweden and does not have a free trial.
-Mullvad has servers in 35 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
-Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:
...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
In 2020 a second audit was announced and the final audit report was made available on Cure53's website.
-Mullvad provides the source code for their desktop and mobile clients in their GitHub organization.
-Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.
-In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
-Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.
-Remote port forwarding is allowed on Mullvad, see Port forwarding with Mullvad VPN.
-Mullvad has published App Store and Google Play clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
-The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at xcln5hkbriyklr6n.onion.
ProtonVPN.com is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. They offer a further 14% discount for buying a 2 year subscription.
-ProtonVPN has servers in 44 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
-As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at protonvpn.com. -
ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization.
-ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.
-In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
-ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.
-The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.
IVPN.net is another premium VPN provider, and they have been in operation since 2009. IVPN is based in Gibraltar and offers a 3 day free trial.
-IVPN has servers in 32 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
-IVPN has undergone a no-logging audit from Cure53 which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a comprehensive pentest report Cure53 in January 2020. IVPN has also said they plan to have annual reports in the future.
-As of Feburary 2020 IVPN applications are now open source. Source code can be obtained from their GitHub organization.
-In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin and cash/local currency (on annual plans) as anonymous forms of payment.
-In addition to standard OpenVPN connections, IVPN supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
-Remote port forwarding is possible with a Pro plan. Port forwarding can be activated via the client area. Port forwarding is only available on IVPN when using OpenVPN and is disabled on US servers.
-In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
-The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "AntiTracker" functionality, which blocks advertising networks and trackers from the network level.
Techlore
- https://techlore.tech -Awesome Resources Ltd
- https://www.awesomeresources.co.uk -Look To The Right
- https://looktotheright.com -scams.info
- https://www.scams.info -{{ include.bio | default: "Hmm, this user hasn't written a bio quite yet :(" }}
{% endif %} - -{{ page.description }} diff --git a/legacy_pages/about/about.html b/legacy_pages/about/about.html deleted file mode 100644 index ba8350ed..00000000 --- a/legacy_pages/about/about.html +++ /dev/null @@ -1,171 +0,0 @@ ---- -layout: page -permalink: /about/ -title: "About Privacy Guides" -description: "About the Privacy Guides organization, and contributors to the Privacy Guides website, communities, and services." -hidedesc: true ---- -
You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities.
-At PrivacyTools, we provide services, tools, and knowledge to protect your privacy against global mass surveillance, and moderate a thriving community of privacy-minded individuals like yourself to discuss and learn about new advances in protecting your online data. This website serves as the centerpiece of our organization, where we research and recommend various software solutions for our community.
-Transparency is our strongest value, and it's what sets us apart from the rest of the "privacy recommendations" community. Editorial changes to this website and the products we recommend are always discussed on our extensive issue tracker, drafted in a public pull request open for further discussion, and logged in a comprehensive commit log dating back to our original founding date in 2015. The core team members listed below are responsible for most of the edits and final decisions to changes on this website and across our services, but this website is truly the work of hundreds contributors and fact checkers working to make sure our recommendations are solid and trustworthy.
-Additionally, we are a not-for-profit organization. We do not utilize paid recommendations or affiliate programs to make the recommendations on this website. Unfortunately this practice is very common elsewhere online, which makes it difficult to trust other review sites. We are unique in this area, in that all of our research is conducted independently, and we will never accept payments to modify, add, or remove any of our reviews or recommendations. Our finances are provided entirely by our community donors and sponsors, and are handled by the Open Collective Foundation 501(c)(3). Because we are operating as a charity in the United States, we are legally obligated to only use our funding to further our mission of spreading privacy education and promoting online services like Mastodon, Matrix, and WriteFreely. This website is a public resource, not a profit generator. To that regard, all our financial transactions (incoming and outgoing) are logged and made available to the public via our page at opencollective.com/privacytools.
-We take the operation of our various services very seriously, and require all participants to adhere to our Code of Conduct. For any questions or to report abuse, please see our CoC’s Enforcement section.
-Of course, we couldn't do any of this without our very generous financial contributors, website contributors, and the countless community members that help share new ideas and spread the word! Thank you.
- Get involved! - Donate -Emeriti are honorary Privacy Guides team members who have formerly contributed to the project in a central way but are no longer currently active.
-It's very important to us to stay up-to-date on the latest changes in the privacy space. If you have a software recommendation for us, or want to request a change on this website, please don't hesitate to reach out in one of the following ways.
-Start a discussion in our Discourse forum
- -Suggest something new on our subreddit
-For complete transparency, software and providers will only be considered for this website after discussions take place on our GitHub issue tracker. We of course don't make any changes in secret.
-Join our Matrix room at #general:privacytools.io
to chat with us and other members about this site and privacy in general! If you need a Matrix account, you can sign up with our own homeserver (https://chat.privacytools.io
) using Riot.
You can also email the team at support@privacytools.io and find us on Twitter and Mastodon.
- - - -main.js | -CC0-1.0-only | -
applytheme.js - | CC0-1.0-only | -
redirects.js | -CC0-1.0-only | -
bootstrap.min.js | -Expat | -
jquery-3.3.1.min.js | -Expat | -
popper.min.js | -Expat | -
sortable.min.js | -Expat | -
If you are able, please consider contributing to our development and outreach programs. Contributions via OpenCollective to Privacy Guides are tax deductible for US taxpayers. These funds are transparently and primarily used to cover server costs.
- Contribute - More Info -Our website is free of advertisements and not affiliated with any listed providers.
Your donation will cover our costs for servers, domains, coffee, beer, and pizza.
You may also contribute via the cryptocurrencies below, however we will not be able to provide a receipt for your contribution.
Your contribution will be considered an anonymous, unrestricted contribution and paid to our Fiscal Host at OpenCollective when we convert to currency.
We prefer Bitcoin donations to be above $5 due to the state of the network's transaction fees. You are welcome to donate any smaller or larger amount on any other cryptocurrency, such as Bitcoin Cash, Ethereum, or Stellar.
- -The Privacy Guides team does not necessarily endorse all of the cryptocurrencies listed on this page. Please conduct your own research before purchasing any cryptocurrencies.
-- -
-Operating outside the five/nine/fourteen-eyes countries is not necessarily a guarantee of privacy, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on global mass surveillance and avoiding the US and UK to learn more about why we feel this is important.
We regard these features as important in order to provide a safe and optimal service to users. Users should consider the provider which has the features they require.
We prefer our recommended providers to collect as little data as possible.
Email servers deal with a lot of very sensitive data. We expect that providers will adopt best industry practices in order to protect their users.
You wouldn't trust your finances to someone with a fake identity, so why trust them with your email? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.
With the email providers we recommend we like to see responsible marketing.
While not strictly requirements, there are some factors we looked into when determining which providers to recommend.
Operating outside the five/nine/fourteen-eyes countries is not a guarantee of privacy necessarily, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on global mass surveillance and avoiding the US and UK to learn more about why we feel this is important.
We require all our recommended VPN providers to provide OpenVPN configuration files to be used in any client. If a VPN provides their own custom client, we require a killswitch to block network data leaks when disconnected.
We prefer our recommended providers to collect as little data as possible. Not collecting personal information on registration, and accepting anonymous forms of payment are required.
A VPN is pointless if it can't even provide adequate security. We require all our recommended providers to abide by current security standards for their OpenVPN connections. Ideally, they would use more future-proof encryption schemes by default. We also require an independent third-party to audit the provider's security, ideally in a very comprehensive manner and on a repeated (yearly) basis.
You wouldn't trust your finances to someone with a fake identity, so why trust them with your internet data? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.
With the VPN providers we recommend we like to see responsible marketing.
While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.
We currently have the following free-to-use services online now.
- -More services are on the way. If there's something that would be super beneficial for us to run, don't hesitate to reach out and ask. And of course, if you like our services, please consider donating to support our server costs, any donation helps!
- - - -We are providing these services because we believe in decentralized and federated networks, and free and open source software. The tools we host are a great and convenient entry-point to these services like Matrix, Mastodon, and WriteFreely. We hope that we are able to spur the adoption of these alternative networks, and we strongly believe all of our services are far better than traditional providers, such as Twitter, Facebook, and Google.
-However, as with any hosted, online service, remember that using our services involves risks that may or may not be acceptable to you. Using online services requires trust in the service provider. We don't know of any surefire way to evaluate a provider for privacy, or provide a service that we can guarantee is operating in a privacy-respecting way. Of course we strive to provide the best services possible for our community, but at the end of the day this involves you trusting us and the system administrators that host our services.
-As always, never trust a service provider with sensitive information, even if they are trustworthy.
-We also recommend you don't centralize all your online activity around a single provider's services (such as ours). This is because it is not a good idea to give a single party control over everything you do online.
-We highly recommend hosting your own services whenever possible. Not only is it a fantastic learning experience, but it allows you to have services entirely in your control. There are a number of great resources available, including...
- -You can also join us on Matrix at #general:privacytools.io
and ask around! We are always happy to help you start hosting your own services.
The services we provide here are for the benefit of our community, and we collect as little data as possible. But it is a convenience more than a recommendation. You should always avoid trusting others with your information, and always encrypt.
diff --git a/legacy_pages/sponsors.html b/legacy_pages/sponsors.html deleted file mode 100644 index bca12853..00000000 --- a/legacy_pages/sponsors.html +++ /dev/null @@ -1,76 +0,0 @@ ---- -layout: default -active_page: sponsors -permalink: /sponsors/ ---- - -A massive thank you to the following organization-level sponsors of Privacy Guides, who pledge $250+:
-The Privacy Guides website and services are a community project. There is no advertising, affiliate links, or other forms of monetization.
Your donations here directly support hosting this website and compensating contributors to this project.
These individuals and organizations pledge $100 - $249 to the organization.
-These individuals and organizations pledge $10 - $99 to the organization.
-{% include legacy/sponsors/list.html %} - -This sponsorship program is designed to allow companies, organizations, and individuals partner with the Privacy Guides team to support our vision of a more privacy-respecting internet and the greater online community.
-With this exposure and sponsorship, your customers will recognize your intrinsic understanding and commitment to user privacy. Moreover, you'll directly contribute to our mission of spreading privacy-respecting tools and knowledge worldwide!
-At Privacy Guides, we believe in...
-We reserve the right or deny all sponsors from receiving the benefits detailed below if we believe that your organization or product is not aligned with our key values. Therefore, if you are interested in sponsoring our project, please first email sponsors@privacytools.io so we may discuss further.
-As a sponsor of Privacy Guides, your company will be widely recognized in a variety of ways, some of which we've detailed below.
-This website receives well over 250,000 pageviews on a monthly basis and is highly ranked for privacy-related keywords. In addition to the benefits below your contribution will be featured on our OpenCollective page and we will thank you via social media for your contribution.
-Please note that this page is updated manually, and while we're generally on top of things, please don't hesitate to reach out to sponsors@privacytools.io if you think we've missed something :)
-We pride ourselves on our integrity and commitment to spreading unbiased and fact-based information regarding privacy and privacy-respecting tools. All tools we recommend throughout our website are subject to strict criteria as judged by our team and the community across our various platforms. Your sponsorship will not grant your organization any special consideration when choosing our recommendations throughout the website, a process which we make clear via our transparent ledger on OpenCollective and our public discussions on GitHub. Your sponsorship benefits are limited to those outlined above.
-Your contribution to Privacy Guides will be handled by the Open Collective Foundation 501(c)(3). For US companies and taxpayers, this means your contribution is likely tax deductible, but you should consult with your accountant regarding your specific circumstances. As a non-profit, your sponsorship contribution will not be used for private profit and will only be used to cover expenses incurred by the project. All of our transactions (donations and expenses) are published transparently on OpenCollective. For the benefit of our readership, anonymous contributions will not be eligible for the sponsorship opportunities outlined above.
-If you are interested and have further questions, you are welcome to reach out to us directly at sponsors@privacytools.io.
- diff --git a/legacy_pages/notices.md b/notices.md similarity index 56% rename from legacy_pages/notices.md rename to notices.md index 7ea90ca3..5a739a26 100644 --- a/legacy_pages/notices.md +++ b/notices.md @@ -1,6 +1,6 @@ --- layout: page -permalink: /notices/ +permalink: /terms-and-notices/ title: "Notices and Disclaimers" description: "Privacy Guides is provided with good intentions on an "as-is" basis, without warranty, and disclaiming liability for damages." --- @@ -10,7 +10,7 @@ description: "Privacy Guides is provided with good intentions on an "as-is& Privacy Guides is not a law firm. As such, the Privacy Guides website and contributors are not providing legal advice. The material and recommendations in our website and guides do not constitute legal advice nor does contributing to the website or communicating with Privacy Guides or other contributors about our website create an attorney-client relationship. -Running this website, like any human endeavor, involves uncertainty and trade-offs. We hope this website helps, but it may include mistakes, and can’t address every situation. If you have any questions about your situation, we encourage you to do your own research, seek out other experts, and discuss with your and the Privacy Guides community. If you have any legal questions, you should consult with your own legal counsel before moving forward. +Running this website, like any human endeavor, involves uncertainty and trade-offs. We hope this website helps, but it may include mistakes, and can’t address every situation. If you have any questions about your situation, we encourage you to do your own research, seek out other experts, and engage in discussions with the Privacy Guides community. If you have any legal questions, you should consult with your own legal counsel before moving forward. Privacy Guides is an open source project contributed to under licenses that include terms that, for the protection of the website and its contributors, make clear that the Privacy Guides project and website is offered "as-is", without warranty, and disclaiming liability for damages resulting from using the website or any recommendations contained within. Privacy Guides does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on the website or otherwise relating to such materials on the website or on any third-party sites linked on this site. @@ -19,26 +19,24 @@ Privacy Guides additionally does not warrant that this website will be constantl Section 2 # Licenses -Content copyright on this website is waived under the terms of [CC0 1.0 Universal](https://github.com/privacytools/privacytools.io/blob/master/LICENSE.txt). +All content on this website is Copyright © Jonah Aragon, Aragon Ventures LLC, and [Contributors](https://github.com/privacyguides/privacyguides/graphs/contributors); and is licensed under the terms of the [Creative Commons Attribution-NonCommercial 4.0 International License](http://creativecommons.org/licenses/by-nc/4.0/). -In certain jurisdictions, namely those in which the copyright waiver in the CC0-1.0 is judged for any reason to be legally invalid or ineffective under applicable law, content may be copyright © Privacy Guides contributors, released under the [CC 1.0 Universal](https://github.com/privacytools/privacytools.io/blob/master/LICENSE.txt) license. +**Content** on this website is based on [github.com/privacyguides/privacyguides](https://github.com/privacyguides/privacyguides) and is made available for sharing and distribution under the Creative Commons Attribution-NonCommercial 4.0 International License. -**Content** on this website is based on [github.com/privacytools/privacytools.io](https://github.com/privacytools/privacytools.io) and is made freely available under the CC-1.0. - -Code, including source files and code samples if any in the content, is released under CC-1.0, with the following exceptions: +Original code, including source files and code samples if any in the content, is the sole property of Aragon Ventures LLC, all rights reserved. This does not include third-party code embedded in this repository, or code where a superseding license is otherwise noted. The following are notable examples, but this list may not be all-inclusive: - Bootstrap code is under the MIT license. See: [github.com/twbs/bootstrap/blob/master/LICENSE](https://github.com/twbs/bootstrap/blob/master/LICENSE) - [jQuery](https://github.com/privacytools/privacytools.io/blob/master/assets/js/jquery-3.3.1.min.js) is under the MIT license. See: [jquery.org/license](https://jquery.org/license/) - [Popper.js](https://github.com/privacytools/privacytools.io/blob/master/assets/js/popper.min.js) is under the MIT license. See: [github.com/FezVrasta/popper.js/raw/master/LICENSE.md](https://github.com/FezVrasta/popper.js/raw/master/LICENSE.md) - [Sortable](https://github.com/privacytools/privacytools.io/blob/master/assets/js/sortable.min.js) is under the MIT license. See: [github.com/HubSpot/sortable/raw/master/LICENSE](https://github.com/HubSpot/sortable/raw/master/LICENSE) - The Font Awesome icons are under CC-BY-4.0, Font Awesome fonts are under SIL OFL 1.1, and Font Awesome code is under the MIT License. See: [fontawesome.com/license/free](https://fontawesome.com/license/free) -- The Privacy Guides fonts, icons, and code in `fonts` are under ISC license. See: [github.com/privacytools/privacytools.io/blob/master/font/LICENSE](https://github.com/privacytools/privacytools.io/blob/master/font/LICENSE). +- The PrivacyTools fonts, icons, and code are under ISC license. See: [github.com/privacytools/privacytools.io/blob/master/font/LICENSE](https://github.com/privacytools/privacytools.io/blob/master/font/LICENSE). Portions of this notice itself were adopted from [opensource.guide](https://github.com/github/opensource.guide/blob/master/notices.md) on GitHub, released under [CC-BY-4.0](https://github.com/github/opensource.guide/blob/master/LICENSE). -This means that you can use the code and content in this repository **except** for the Privacy Guides [branding](https://github.com/privacytools/brand) in your own projects. Privacy Guides's brand trademarks include the "PrivacyTools" wordmark and shield logo. More information on the use of Privacy Guides's branding can be found on our [branding guidelines page](https://github.com/privacytools/brand). +This means that you can use the human-readable content in this repository for your own project, as long as you follow the requirements outlined in the Creative Commons Attribution-NonCommercial 4.0 International License. You **may not** use any original code in this repository for your own project, nor use the Privacy Guides [branding](https://github.com/privacytools/brand) in your own project, without express approval from Aragon Ventures LLC. Privacy Guides's brand trademarks include the "Privacy Guides" wordmark and shield logo. -We believe that the logos and other images in `assets` from third-party providers are either in the public domain or **fair use**. In a nutshell, legal [fair use doctrine](https://en.wikipedia.org/wiki/Fair_use) allows the use of copyrighted image in order to identify the subject matter for purposes of public comment. However, these logos and other images may still be subject to trademark laws in one or more jurisdictions. Before using this content, please ensure that it is used to identify the entity or organization that owns the trademark and that you have the right to use it under the laws which apply in the circumstances of your intended use. *You are solely responsible for ensuring that you do not infringe someone else's trademark or copyright.* +We believe that the logos and other images in `assets` obtained from third-party providers are either in the public domain or **fair use**. In a nutshell, legal [fair use doctrine](https://en.wikipedia.org/wiki/Fair_use) allows the use of copyrighted image in order to identify the subject matter for purposes of public comment. However, these logos and other images may still be subject to trademark laws in one or more jurisdictions. Before using this content, please ensure that it is used to identify the entity or organization that owns the trademark and that you have the right to use it under the laws which apply in the circumstances of your intended use. *When copying content from this website, you are solely responsible for ensuring that you do not infringe someone else's trademark or copyright.* When you contribute to this repository you are doing so under the above licenses. @@ -47,12 +45,10 @@ When you contribute to this repository you are doing so under the above licenses You may not use this website in any way that causes or may cause damage to the website or impairment of the availability or accessibility of Privacy Guides, or in any way which is unlawful, illegal, fraudulent, or harmful, or in connection with any unlawful, illegal, fraudulent, or harmful purpose or activity. -You must not conduct any systematic or automated data collection activities on or in relation to this website without Privacy Guides's express written consent, including: +You must not conduct any systematic or automated data collection activities on or in relation to this website without express written consent from Aragon Ventures LLC, including: * Excessive Automated Scans * Denial of Service Attacks * Scraping - Data Mining - ‘Framing’ (IFrames) - -We take the security of our website, infrastructure, and services very seriously. Our [SECURITY.md](https://github.com/privacytools/.github/blob/master/SECURITY.md) document outlines responsible disclosure guidelines and other security-related information. diff --git a/privacy-policy.md b/privacy-policy.md index 53df8356..fd650f8a 100644 --- a/privacy-policy.md +++ b/privacy-policy.md @@ -7,7 +7,7 @@ description: "This Privacy Statement explains what information Privacy Guides an ## Who is Privacy Guides? -Privacy Guides community project currently under the stewardship of Aragon Ventures LLC, a Minnesota corporation, which develops this website and a number of privacy-friendly services alongside a number of active contributors. The current list of public team members [can be found on GitHub](https://github.com/orgs/privacyguides/people). Aragon Ventures LLC operates internet services and handles the financials of this project. +Privacy Guides is a community project currently under the stewardship of Aragon Ventures LLC, a Minnesota corporation, which develops this website and a number of privacy-friendly services alongside a number of active contributors. The current list of public team members [can be found on GitHub](https://github.com/orgs/privacyguides/people). Aragon Ventures LLC operates internet services and handles the financials of this project. In the future, Privacy Guides will be an independently operated non-profit organization.