mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-12-23 22:49:42 -05:00
Transition to mkdocs (#829)
Co-authored-by: Jonah Aragon <jonah@triplebit.net>
This commit is contained in:
parent
78b49b2f4e
commit
8ef8e2a263
11
.github/actions/build/action.yml
vendored
11
.github/actions/build/action.yml
vendored
@ -1,11 +0,0 @@
|
|||||||
name: 'Build'
|
|
||||||
description: 'Builds Jekyll Site'
|
|
||||||
runs:
|
|
||||||
using: "composite"
|
|
||||||
steps:
|
|
||||||
- shell: bash
|
|
||||||
run: |
|
|
||||||
sed -i "s/^ date:.*$/ date: $(TZ=UTC date "+%Y-%m-%d")/" _config.yml
|
|
||||||
sed -i "s/^ time:.*$/ time: $(TZ=UTC date "+%H:%M:%S %Z")/" _config.yml
|
|
||||||
- shell: bash
|
|
||||||
run: npm run build
|
|
53
.github/workflows/build.yml
vendored
Normal file
53
.github/workflows/build.yml
vendored
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
name: Build Website
|
||||||
|
on:
|
||||||
|
pull_request:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
|
||||||
|
env:
|
||||||
|
PYTHON_VERSION: 3.x
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
name: Build website
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Set up Python runtime
|
||||||
|
uses: actions/setup-python@v3
|
||||||
|
with:
|
||||||
|
python-version: ${{ env.PYTHON_VERSION }}
|
||||||
|
|
||||||
|
- name: Cache files
|
||||||
|
uses: actions/cache@v2
|
||||||
|
with:
|
||||||
|
key: ${{ github.ref }}
|
||||||
|
path: .cache
|
||||||
|
|
||||||
|
- name: Install Python dependencies
|
||||||
|
run: |
|
||||||
|
pip install 'mkdocs>=1.3.0'
|
||||||
|
|
||||||
|
- name: Install mkdocs-material Insiders build
|
||||||
|
if: github.event.repository.fork == false
|
||||||
|
env:
|
||||||
|
GH_TOKEN: ${{ secrets.GH_TOKEN }}
|
||||||
|
run: |
|
||||||
|
git clone --depth 1 https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
|
||||||
|
pip install -e mkdocs-material-insiders
|
||||||
|
|
||||||
|
- name: Build website
|
||||||
|
run: |
|
||||||
|
mkdocs build --config-file mkdocs.production.yml
|
||||||
|
mv .well-known site/
|
||||||
|
tar cvf site.tar site
|
||||||
|
mkdocs --version
|
||||||
|
|
||||||
|
- name: Package website
|
||||||
|
uses: actions/upload-artifact@v2
|
||||||
|
with:
|
||||||
|
name: generated-site
|
||||||
|
path: site.tar
|
73
.github/workflows/deploy.yml
vendored
Normal file
73
.github/workflows/deploy.yml
vendored
Normal file
@ -0,0 +1,73 @@
|
|||||||
|
name: Deploy Website
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
|
||||||
|
env:
|
||||||
|
PYTHON_VERSION: 3.x
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
name: Build website
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Set up Python runtime
|
||||||
|
uses: actions/setup-python@v3
|
||||||
|
with:
|
||||||
|
python-version: ${{ env.PYTHON_VERSION }}
|
||||||
|
|
||||||
|
- name: Cache files
|
||||||
|
uses: actions/cache@v2
|
||||||
|
with:
|
||||||
|
key: ${{ github.ref }}
|
||||||
|
path: .cache
|
||||||
|
|
||||||
|
- name: Install Python dependencies
|
||||||
|
run: |
|
||||||
|
pip install 'mkdocs>=1.3.0'
|
||||||
|
|
||||||
|
- name: Install mkdocs-material Insiders build
|
||||||
|
if: github.event.repository.fork == false
|
||||||
|
env:
|
||||||
|
GH_TOKEN: ${{ secrets.GH_TOKEN }}
|
||||||
|
run: |
|
||||||
|
git clone --depth 1 https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
|
||||||
|
pip install -e mkdocs-material-insiders
|
||||||
|
|
||||||
|
- name: Build website
|
||||||
|
run: |
|
||||||
|
mkdocs build --config-file mkdocs.production.yml
|
||||||
|
mv .well-known site/
|
||||||
|
tar cvf site.tar site
|
||||||
|
mkdocs --version
|
||||||
|
|
||||||
|
- name: Package website
|
||||||
|
uses: actions/upload-artifact@v2
|
||||||
|
with:
|
||||||
|
name: generated-site
|
||||||
|
path: site.tar
|
||||||
|
|
||||||
|
deploy:
|
||||||
|
name: Rsync Deploy
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
environment: production
|
||||||
|
needs: build
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Download generated Jekyll site
|
||||||
|
uses: actions/download-artifact@v2
|
||||||
|
with:
|
||||||
|
name: generated-site
|
||||||
|
- run: tar xvf site.tar
|
||||||
|
- name: Copy built site to production
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa
|
||||||
|
chmod 700 ~/.ssh/id_rsa
|
||||||
|
ssh-keyscan -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts
|
||||||
|
rsync -azP --delete site/ ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }}:${{ secrets.SSH_PATH }}
|
62
.github/workflows/production.yml
vendored
62
.github/workflows/production.yml
vendored
@ -1,62 +0,0 @@
|
|||||||
name: Production Deploy
|
|
||||||
concurrency:
|
|
||||||
group: Production
|
|
||||||
cancel-in-progress: true
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches: [ main ]
|
|
||||||
|
|
||||||
env:
|
|
||||||
FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
build:
|
|
||||||
name: Jekyll Build
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ruby/setup-ruby@v1
|
|
||||||
with:
|
|
||||||
bundler-cache: true
|
|
||||||
- uses: actions/setup-node@v3
|
|
||||||
with:
|
|
||||||
node-version: '14'
|
|
||||||
- name: Cache Jekyll build
|
|
||||||
uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
.jekyll-cache
|
|
||||||
.sass-cache
|
|
||||||
key: ${{ runner.os }}-jekyll-${{ hashFiles('**/*.??m[ld]') }}
|
|
||||||
- name: Install dependencies
|
|
||||||
run: npm install
|
|
||||||
- name: Build website
|
|
||||||
uses: ./.github/actions/build
|
|
||||||
- run: tar cvf site.tar _site
|
|
||||||
- name: Upload generated Jekyll site
|
|
||||||
uses: actions/upload-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
path: site.tar
|
|
||||||
|
|
||||||
deploy:
|
|
||||||
name: Rsync Deploy
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
environment: production
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Copy built site to production
|
|
||||||
run: |
|
|
||||||
mkdir -p ~/.ssh
|
|
||||||
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa
|
|
||||||
chmod 700 ~/.ssh/id_rsa
|
|
||||||
ssh-keyscan -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts
|
|
||||||
rsync -azP --delete _site/ ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }}:${{ secrets.SSH_PATH }}
|
|
238
.github/workflows/tests.yml
vendored
238
.github/workflows/tests.yml
vendored
@ -1,238 +0,0 @@
|
|||||||
name: Code tests
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
|
|
||||||
env:
|
|
||||||
FONTAWESOME_NPM_AUTH_TOKEN: ${{ secrets.FONTAWESOME_NPM_AUTH_TOKEN }}
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
deps:
|
|
||||||
name: "Dependency Install"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Cache node modules
|
|
||||||
uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: ~/.npm
|
|
||||||
key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
|
|
||||||
restore-keys: |
|
|
||||||
${{ runner.os }}-npm-
|
|
||||||
- uses: actions/setup-node@v3
|
|
||||||
with:
|
|
||||||
node-version: '14'
|
|
||||||
- run: npm install
|
|
||||||
- run: tar cvf node_modules.tar node_modules
|
|
||||||
- name: Upload node_modules for Jekyll build
|
|
||||||
uses: actions/upload-artifact@v2
|
|
||||||
with:
|
|
||||||
name: node_modules
|
|
||||||
path: node_modules.tar
|
|
||||||
|
|
||||||
build:
|
|
||||||
name: "Jekyll Build"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: deps
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- uses: ruby/setup-ruby@v1
|
|
||||||
with:
|
|
||||||
bundler-cache: true
|
|
||||||
- uses: actions/setup-node@v3
|
|
||||||
with:
|
|
||||||
node-version: '14'
|
|
||||||
- name: Cache Jekyll build
|
|
||||||
uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: |
|
|
||||||
.jekyll-cache
|
|
||||||
.sass-cache
|
|
||||||
key: ${{ runner.os }}-jekyll-${{ hashFiles('**/*.??m[ld]') }}
|
|
||||||
restore-keys: |
|
|
||||||
${{ runner.os }}-jekyll-
|
|
||||||
- name: Set Date and Time
|
|
||||||
run: |
|
|
||||||
sed -i "s/^ date:.*$/ date: $(TZ=UTC date "+%Y-%m-%d")/" _config.yml
|
|
||||||
sed -i "s/^ time:.*$/ time: $(TZ=UTC date "+%H:%M:%S %Z")/" _config.yml
|
|
||||||
- name: Download node_modules
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: node_modules
|
|
||||||
- run: tar xvf node_modules.tar
|
|
||||||
- name: Generate Website
|
|
||||||
run: npm run build
|
|
||||||
- run: tar cvf site.tar _site
|
|
||||||
- name: Upload generated Jekyll site
|
|
||||||
uses: actions/upload-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
path: site.tar
|
|
||||||
|
|
||||||
link:
|
|
||||||
name: "Broken Hyperlinks (Internal)"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Copy built site to production
|
|
||||||
run: |
|
|
||||||
mv ${{ github.workspace }}/_site /tmp/
|
|
||||||
mkdir -p /tmp/src
|
|
||||||
mv ${{ github.workspace }}/* /tmp/src/
|
|
||||||
mkdir -p ${{ github.workspace }}/src
|
|
||||||
mv /tmp/src/* ${{ github.workspace }}/src/
|
|
||||||
mv /tmp/_site ${{ github.workspace }}/
|
|
||||||
- name: Internal link checker
|
|
||||||
uses: untitaker/hyperlink@0.1.21
|
|
||||||
with:
|
|
||||||
args: _site/ --sources src/
|
|
||||||
|
|
||||||
extlink:
|
|
||||||
name: "Broken Hyperlinks (External)"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: [build, link]
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Cache HTMLProofer
|
|
||||||
id: cache-htmlproofer
|
|
||||||
uses: actions/cache@v3
|
|
||||||
with:
|
|
||||||
path: tmp/.htmlproofer
|
|
||||||
key: ${{ runner.os }}-htmlproofer-${{ hashFiles('_site/**.html') }}
|
|
||||||
restore-keys: |
|
|
||||||
${{ runner.os }}-htmlproofer-
|
|
||||||
${{ runner.os }}-htmlproofer
|
|
||||||
- name: Check External Links (Informational, Soft-Fail)
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --external_only --internal-domains privacyguides.org,www.privacyguides.org --timeframe 30d --url-ignore '/https:\/\/developers\.cloudflare\.com\//,/https:\/\/github\.com\/privacyguides\/privacyguides\.org\/(edit|tree|blob)\/main/,/https:\/\/support\.(startmail|yubico)\.com\//'
|
|
||||||
continue-on-error: true
|
|
||||||
|
|
||||||
https:
|
|
||||||
name: "Require HTTPS Internal Images"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Check Images
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --check-img-http --internal-domains privacyguides.org,www.privacyguides.org --disable-external --checks-to-ignore LinkCheck,ScriptCheck
|
|
||||||
|
|
||||||
scripts:
|
|
||||||
name: "Script Reference Checks"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: [build, link]
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Check HTML
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --check-html --disable-external --check-sri --report-script-embeds --internal-domains privacyguides.org,www.privacyguides.org --checks-to-ignore LinkCheck,ImageCheck,HtmlCheck
|
|
||||||
|
|
||||||
tags:
|
|
||||||
name: "HTML Tag Test"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Validate HTML
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --check-html --disable-external --allow-hash-href --internal-domains privacyguides.org,www.privacyguides.org --report-invalid-tags --report-eof-tags --report-mismatched-tags --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
|
|
||||||
|
|
||||||
entity:
|
|
||||||
name: "HTML Entity Names Test"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Validate HTML
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --check-html --disable-external --allow-hash-href --internal-domains privacyguides.org,www.privacyguides.org --report-missing-names --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
|
|
||||||
|
|
||||||
misc:
|
|
||||||
name: "Misc HTML Test"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Validate HTML
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --check-html --disable-external --internal-domains privacyguides.org,www.privacyguides.org --report-missing-doctype --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
|
|
||||||
|
|
||||||
opengraph:
|
|
||||||
name: "OpenGraph Test"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: build
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v3
|
|
||||||
- name: Download generated Jekyll site
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: generated-site
|
|
||||||
- run: tar xvf site.tar
|
|
||||||
- name: Check OpenGraph
|
|
||||||
uses: chabad360/htmlproofer@v1.1
|
|
||||||
with:
|
|
||||||
directory: ${{ github.workspace }}/_site
|
|
||||||
arguments: --assume-extension --disable-external --check-opengraph --checks-to-ignore LinkCheck,ImageCheck,ScriptCheck
|
|
15
.gitignore
vendored
15
.gitignore
vendored
@ -1,13 +1,2 @@
|
|||||||
_site/
|
site
|
||||||
.sass-cache/
|
.cache
|
||||||
.jekyll-metadata
|
|
||||||
.DS_Store
|
|
||||||
font/assets/
|
|
||||||
font/_sass/
|
|
||||||
font/.fontcustom-manifest.json
|
|
||||||
assets/webfonts/ptio-font-preview.html
|
|
||||||
vendor
|
|
||||||
node_modules
|
|
||||||
.bundle
|
|
||||||
.jekyll-cache
|
|
||||||
.nova
|
|
||||||
|
2
.npmrc
2
.npmrc
@ -1,2 +0,0 @@
|
|||||||
@fortawesome:registry=https://npm.fontawesome.com/
|
|
||||||
//npm.fontawesome.com/:_authToken=${FONTAWESOME_NPM_AUTH_TOKEN}
|
|
@ -1 +0,0 @@
|
|||||||
3.0.0
|
|
21
404.html
21
404.html
@ -1,21 +0,0 @@
|
|||||||
---
|
|
||||||
layout: default
|
|
||||||
---
|
|
||||||
|
|
||||||
<div class="container text-center">
|
|
||||||
<div class="position-absolute top-50 start-50 translate-middle">
|
|
||||||
<h1 class="display-1">404</h1>
|
|
||||||
<p><strong>We couldn't find that :(</strong></p>
|
|
||||||
<p>Maybe you were looking for one of these pages?</p>
|
|
||||||
<div class="row">
|
|
||||||
<div class="col">
|
|
||||||
<ul class="list-unstyled">
|
|
||||||
<li><i class="fas fa-home"></i> <a href="/">Back to our Homepage</a></li>
|
|
||||||
</ul>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="position-absolute bottom-0 start-50 translate-middle-x">
|
|
||||||
<p class="text-danger text-center"><i class="fas fa-exclamation-circle"></i> If you believe you reached this page in error, please <a href="https://github.com/privacyguides/privacyguides.org/issues/new/choose">contact us</a>!</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
20
Gemfile
20
Gemfile
@ -1,20 +0,0 @@
|
|||||||
source "https://rubygems.org"
|
|
||||||
|
|
||||||
gem "jekyll", "~> 4.2"
|
|
||||||
|
|
||||||
group :jekyll_plugins do
|
|
||||||
gem "jekyll-feed", "~> 0.16"
|
|
||||||
gem "jekyll-brotli", "~> 2.3"
|
|
||||||
gem "jekyll-sitemap", "~> 1.4"
|
|
||||||
end
|
|
||||||
|
|
||||||
# Jekyll 3.9.0 now requires this explicitly installed, apparently
|
|
||||||
gem "kramdown-parser-gfm", "~> 1.1"
|
|
||||||
gem "webrick", "~> 1.7"
|
|
||||||
gem 'eventmachine', '1.3.0.dev.1', git: 'https://github.com/eventmachine/eventmachine', branch: 'master'
|
|
||||||
|
|
||||||
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
|
|
||||||
gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby]
|
|
||||||
|
|
||||||
# Performance-booster for watching directories on Windows
|
|
||||||
gem "wdm", "~> 0.1.0" if Gem.win_platform?
|
|
89
Gemfile.lock
89
Gemfile.lock
@ -1,89 +0,0 @@
|
|||||||
GIT
|
|
||||||
remote: https://github.com/eventmachine/eventmachine
|
|
||||||
revision: df4ab0068e5e9f504096584093a74510d0dac6c8
|
|
||||||
branch: master
|
|
||||||
specs:
|
|
||||||
eventmachine (1.3.0.dev.1)
|
|
||||||
|
|
||||||
GEM
|
|
||||||
remote: https://rubygems.org/
|
|
||||||
specs:
|
|
||||||
addressable (2.8.0)
|
|
||||||
public_suffix (>= 2.0.2, < 5.0)
|
|
||||||
brotli (0.2.3)
|
|
||||||
colorator (1.1.0)
|
|
||||||
concurrent-ruby (1.1.9)
|
|
||||||
em-websocket (0.5.3)
|
|
||||||
eventmachine (>= 0.12.9)
|
|
||||||
http_parser.rb (~> 0)
|
|
||||||
ffi (1.15.5)
|
|
||||||
forwardable-extended (2.6.0)
|
|
||||||
http_parser.rb (0.8.0)
|
|
||||||
i18n (1.10.0)
|
|
||||||
concurrent-ruby (~> 1.0)
|
|
||||||
jekyll (4.2.2)
|
|
||||||
addressable (~> 2.4)
|
|
||||||
colorator (~> 1.0)
|
|
||||||
em-websocket (~> 0.5)
|
|
||||||
i18n (~> 1.0)
|
|
||||||
jekyll-sass-converter (~> 2.0)
|
|
||||||
jekyll-watch (~> 2.0)
|
|
||||||
kramdown (~> 2.3)
|
|
||||||
kramdown-parser-gfm (~> 1.0)
|
|
||||||
liquid (~> 4.0)
|
|
||||||
mercenary (~> 0.4.0)
|
|
||||||
pathutil (~> 0.9)
|
|
||||||
rouge (~> 3.0)
|
|
||||||
safe_yaml (~> 1.0)
|
|
||||||
terminal-table (~> 2.0)
|
|
||||||
jekyll-brotli (2.3.0)
|
|
||||||
brotli (~> 0.2.0)
|
|
||||||
jekyll (>= 3.0, < 5.0)
|
|
||||||
jekyll-feed (0.16.0)
|
|
||||||
jekyll (>= 3.7, < 5.0)
|
|
||||||
jekyll-sass-converter (2.2.0)
|
|
||||||
sassc (> 2.0.1, < 3.0)
|
|
||||||
jekyll-sitemap (1.4.0)
|
|
||||||
jekyll (>= 3.7, < 5.0)
|
|
||||||
jekyll-watch (2.2.1)
|
|
||||||
listen (~> 3.0)
|
|
||||||
kramdown (2.3.1)
|
|
||||||
rexml
|
|
||||||
kramdown-parser-gfm (1.1.0)
|
|
||||||
kramdown (~> 2.0)
|
|
||||||
liquid (4.0.3)
|
|
||||||
listen (3.7.1)
|
|
||||||
rb-fsevent (~> 0.10, >= 0.10.3)
|
|
||||||
rb-inotify (~> 0.9, >= 0.9.10)
|
|
||||||
mercenary (0.4.0)
|
|
||||||
pathutil (0.16.2)
|
|
||||||
forwardable-extended (~> 2.6)
|
|
||||||
public_suffix (4.0.6)
|
|
||||||
rb-fsevent (0.11.1)
|
|
||||||
rb-inotify (0.10.1)
|
|
||||||
ffi (~> 1.0)
|
|
||||||
rexml (3.2.5)
|
|
||||||
rouge (3.28.0)
|
|
||||||
safe_yaml (1.0.5)
|
|
||||||
sassc (2.4.0)
|
|
||||||
ffi (~> 1.9)
|
|
||||||
terminal-table (2.0.0)
|
|
||||||
unicode-display_width (~> 1.1, >= 1.1.1)
|
|
||||||
unicode-display_width (1.8.0)
|
|
||||||
webrick (1.7.0)
|
|
||||||
|
|
||||||
PLATFORMS
|
|
||||||
ruby
|
|
||||||
|
|
||||||
DEPENDENCIES
|
|
||||||
eventmachine (= 1.3.0.dev.1)!
|
|
||||||
jekyll (~> 4.2)
|
|
||||||
jekyll-brotli (~> 2.3)
|
|
||||||
jekyll-feed (~> 0.16)
|
|
||||||
jekyll-sitemap (~> 1.4)
|
|
||||||
kramdown-parser-gfm (~> 1.1)
|
|
||||||
tzinfo-data
|
|
||||||
webrick (~> 1.7)
|
|
||||||
|
|
||||||
BUNDLED WITH
|
|
||||||
2.2.5
|
|
20
README.md
20
README.md
@ -1,6 +1,6 @@
|
|||||||
<div align="center">
|
<div align="center">
|
||||||
<a href="https://privacyguides.org">
|
<a href="https://privacyguides.org">
|
||||||
<img src="/assets/img/layout/privacy-guides-logo.svg" width="500px" alt="Privacy Guides" />
|
<img src="/docs/assets/img/layout/privacy-guides-logo.svg" width="500px" alt="Privacy Guides" />
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
<p><em>Your central privacy and security resource to protect yourself online.</em></p>
|
<p><em>Your central privacy and security resource to protect yourself online.</em></p>
|
||||||
@ -44,17 +44,7 @@
|
|||||||
|
|
||||||
## Developing
|
## Developing
|
||||||
|
|
||||||
1. Install the version of [Ruby](https://www.ruby-lang.org/en/downloads/) currently specified by [`.ruby-version`](.ruby-version)
|
1. [Install mkdocs](https://www.mkdocs.org/user-guide/installation/): `pip install mkdocs`
|
||||||
* With [rbenv](https://github.com/rbenv/rbenv) (**recommended!**): `rbenv install`
|
2. [Install mkdocs-material](https://squidfunk.github.io/mkdocs-material/getting-started/): `pip install mkdocs-material`
|
||||||
* With [RVM](https://rvm.io): `rvm install "ruby-$(cat .ruby-version)"`
|
3. Serve the site locally: `mkdocs serve`
|
||||||
* [Manually](https://www.ruby-lang.org/en/downloads/)
|
- The site will be available at `http://localhost:8000/`.
|
||||||
1. Install node.js and npm
|
|
||||||
1. Install [Bundler](https://bundler.io/) v2.2.5:
|
|
||||||
* `gem install bundler:2.2.5`
|
|
||||||
1. Install the required dependencies:
|
|
||||||
* `bundle install`
|
|
||||||
* `npm install`
|
|
||||||
1. Build the website (the output can be found in the `_site` directory):
|
|
||||||
* `npm run build`
|
|
||||||
1. Serve the website locally with live reloading:
|
|
||||||
* `npm run serve`
|
|
||||||
|
36
_config.yml
36
_config.yml
@ -1,36 +0,0 @@
|
|||||||
title: Privacy Guides
|
|
||||||
email: jonah@privacyguides.org
|
|
||||||
description: >- # this means to ignore newlines until "baseurl:"
|
|
||||||
Massive organizations are monitoring your online activities.
|
|
||||||
Privacy Guides is your central privacy and security resource to protect yourself online.
|
|
||||||
baseurl: "" # the subpath of your site, e.g. /blog
|
|
||||||
url: "https://www.privacyguides.org" # the base hostname & protocol for your site, e.g. http://example.com
|
|
||||||
sass:
|
|
||||||
sass_dir: _sass
|
|
||||||
permalink: pretty
|
|
||||||
excerpt_separator: <!--more-->
|
|
||||||
collections_dir: collections
|
|
||||||
collections:
|
|
||||||
evergreen:
|
|
||||||
output: true
|
|
||||||
permalink: /:slug/
|
|
||||||
pages:
|
|
||||||
output: true
|
|
||||||
permalink: /:path/
|
|
||||||
posts:
|
|
||||||
permalink: /blog/:year/:month/:day/:title/
|
|
||||||
people:
|
|
||||||
permalink: /blog/authors/:path/
|
|
||||||
|
|
||||||
build:
|
|
||||||
date:
|
|
||||||
time:
|
|
||||||
|
|
||||||
kramdown:
|
|
||||||
auto_ids: true
|
|
||||||
|
|
||||||
# Build settings
|
|
||||||
plugins:
|
|
||||||
- jekyll-brotli
|
|
||||||
- jekyll-sitemap
|
|
||||||
exclude: [privacytools.io/]
|
|
@ -1,249 +0,0 @@
|
|||||||
AF: Afghanistan
|
|
||||||
AX: 'Åland Islands'
|
|
||||||
AL: Albania
|
|
||||||
DZ: Algeria
|
|
||||||
AS: 'American Samoa'
|
|
||||||
AD: Andorra
|
|
||||||
AO: Angola
|
|
||||||
AI: Anguilla
|
|
||||||
AQ: Antarctica
|
|
||||||
AG: 'Antigua & Barbuda'
|
|
||||||
AR: Argentina
|
|
||||||
AM: Armenia
|
|
||||||
AW: Aruba
|
|
||||||
AU: Australia
|
|
||||||
AT: Austria
|
|
||||||
AZ: Azerbaijan
|
|
||||||
BS: Bahamas
|
|
||||||
BH: Bahrain
|
|
||||||
BD: Bangladesh
|
|
||||||
BB: Barbados
|
|
||||||
BY: Belarus
|
|
||||||
BE: Belgium
|
|
||||||
BZ: Belize
|
|
||||||
BJ: Benin
|
|
||||||
BM: Bermuda
|
|
||||||
BT: Bhutan
|
|
||||||
BO: Bolivia
|
|
||||||
BA: 'Bosnia & Herzegovina'
|
|
||||||
BW: Botswana
|
|
||||||
BV: 'Bouvet Island'
|
|
||||||
BR: Brazil
|
|
||||||
IO: 'British Indian Ocean Territory'
|
|
||||||
VG: 'British Virgin Islands'
|
|
||||||
BN: Brunei
|
|
||||||
BG: Bulgaria
|
|
||||||
BF: 'Burkina Faso'
|
|
||||||
BI: Burundi
|
|
||||||
KH: Cambodia
|
|
||||||
CM: Cameroon
|
|
||||||
CA: Canada
|
|
||||||
CV: 'Cape Verde'
|
|
||||||
BQ: 'Caribbean Netherlands'
|
|
||||||
KY: 'Cayman Islands'
|
|
||||||
CF: 'Central African Republic'
|
|
||||||
TD: Chad
|
|
||||||
CL: Chile
|
|
||||||
CN: China
|
|
||||||
CX: 'Christmas Island'
|
|
||||||
CC: 'Cocos (Keeling) Islands'
|
|
||||||
CO: Colombia
|
|
||||||
KM: Comoros
|
|
||||||
CG: 'Congo - Brazzaville'
|
|
||||||
CD: 'Congo - Kinshasa'
|
|
||||||
CK: 'Cook Islands'
|
|
||||||
CR: 'Costa Rica'
|
|
||||||
CI: 'Côte d’Ivoire'
|
|
||||||
HR: Croatia
|
|
||||||
CU: Cuba
|
|
||||||
CW: Curaçao
|
|
||||||
CY: Cyprus
|
|
||||||
CZ: Czechia
|
|
||||||
DK: Denmark
|
|
||||||
DJ: Djibouti
|
|
||||||
DM: Dominica
|
|
||||||
DO: 'Dominican Republic'
|
|
||||||
EC: Ecuador
|
|
||||||
EG: Egypt
|
|
||||||
SV: 'El Salvador'
|
|
||||||
GQ: 'Equatorial Guinea'
|
|
||||||
ER: Eritrea
|
|
||||||
EE: Estonia
|
|
||||||
SZ: Eswatini
|
|
||||||
ET: Ethiopia
|
|
||||||
FK: 'Falkland Islands'
|
|
||||||
FO: 'Faroe Islands'
|
|
||||||
FJ: Fiji
|
|
||||||
FI: Finland
|
|
||||||
FR: France
|
|
||||||
GF: 'French Guiana'
|
|
||||||
PF: 'French Polynesia'
|
|
||||||
TF: 'French Southern Territories'
|
|
||||||
GA: Gabon
|
|
||||||
GM: Gambia
|
|
||||||
GE: Georgia
|
|
||||||
DE: Germany
|
|
||||||
GH: Ghana
|
|
||||||
GI: Gibraltar
|
|
||||||
GR: Greece
|
|
||||||
GL: Greenland
|
|
||||||
GD: Grenada
|
|
||||||
GP: Guadeloupe
|
|
||||||
GU: Guam
|
|
||||||
GT: Guatemala
|
|
||||||
GG: Guernsey
|
|
||||||
GN: Guinea
|
|
||||||
GW: Guinea-Bissau
|
|
||||||
GY: Guyana
|
|
||||||
HT: Haiti
|
|
||||||
HM: 'Heard & McDonald Islands'
|
|
||||||
HN: Honduras
|
|
||||||
HK: 'Hong Kong SAR China'
|
|
||||||
HU: Hungary
|
|
||||||
IS: Iceland
|
|
||||||
IN: India
|
|
||||||
ID: Indonesia
|
|
||||||
IR: Iran
|
|
||||||
IQ: Iraq
|
|
||||||
IE: Ireland
|
|
||||||
IM: 'Isle of Man'
|
|
||||||
IL: Israel
|
|
||||||
IT: Italy
|
|
||||||
JM: Jamaica
|
|
||||||
JP: Japan
|
|
||||||
JE: Jersey
|
|
||||||
JO: Jordan
|
|
||||||
KZ: Kazakhstan
|
|
||||||
KE: Kenya
|
|
||||||
KI: Kiribati
|
|
||||||
KW: Kuwait
|
|
||||||
KG: Kyrgyzstan
|
|
||||||
LA: Laos
|
|
||||||
LV: Latvia
|
|
||||||
LB: Lebanon
|
|
||||||
LS: Lesotho
|
|
||||||
LR: Liberia
|
|
||||||
LY: Libya
|
|
||||||
LI: Liechtenstein
|
|
||||||
LT: Lithuania
|
|
||||||
LU: Luxembourg
|
|
||||||
MO: 'Macao SAR China'
|
|
||||||
MG: Madagascar
|
|
||||||
MW: Malawi
|
|
||||||
MY: Malaysia
|
|
||||||
MV: Maldives
|
|
||||||
ML: Mali
|
|
||||||
MT: Malta
|
|
||||||
MH: 'Marshall Islands'
|
|
||||||
MQ: Martinique
|
|
||||||
MR: Mauritania
|
|
||||||
MU: Mauritius
|
|
||||||
YT: Mayotte
|
|
||||||
MX: Mexico
|
|
||||||
FM: Micronesia
|
|
||||||
MD: Moldova
|
|
||||||
MC: Monaco
|
|
||||||
MN: Mongolia
|
|
||||||
ME: Montenegro
|
|
||||||
MS: Montserrat
|
|
||||||
MA: Morocco
|
|
||||||
MZ: Mozambique
|
|
||||||
MM: 'Myanmar (Burma)'
|
|
||||||
NA: Namibia
|
|
||||||
NR: Nauru
|
|
||||||
NP: Nepal
|
|
||||||
NL: Netherlands
|
|
||||||
NC: 'New Caledonia'
|
|
||||||
NZ: 'New Zealand'
|
|
||||||
NI: Nicaragua
|
|
||||||
NE: Niger
|
|
||||||
NG: Nigeria
|
|
||||||
NU: Niue
|
|
||||||
NF: 'Norfolk Island'
|
|
||||||
KP: 'North Korea'
|
|
||||||
MK: 'North Macedonia'
|
|
||||||
MP: 'Northern Mariana Islands'
|
|
||||||
'NO': Norway
|
|
||||||
OM: Oman
|
|
||||||
PK: Pakistan
|
|
||||||
PW: Palau
|
|
||||||
PS: 'Palestinian Territories'
|
|
||||||
PA: Panama
|
|
||||||
PG: 'Papua New Guinea'
|
|
||||||
PY: Paraguay
|
|
||||||
PE: Peru
|
|
||||||
PH: Philippines
|
|
||||||
PN: 'Pitcairn Islands'
|
|
||||||
PL: Poland
|
|
||||||
PT: Portugal
|
|
||||||
PR: 'Puerto Rico'
|
|
||||||
QA: Qatar
|
|
||||||
RE: Réunion
|
|
||||||
RO: Romania
|
|
||||||
RU: Russia
|
|
||||||
RW: Rwanda
|
|
||||||
WS: Samoa
|
|
||||||
SM: 'San Marino'
|
|
||||||
ST: 'São Tomé & Príncipe'
|
|
||||||
SA: 'Saudi Arabia'
|
|
||||||
SN: Senegal
|
|
||||||
RS: Serbia
|
|
||||||
SC: Seychelles
|
|
||||||
SL: 'Sierra Leone'
|
|
||||||
SG: Singapore
|
|
||||||
SX: 'Sint Maarten'
|
|
||||||
SK: Slovakia
|
|
||||||
SI: Slovenia
|
|
||||||
SB: 'Solomon Islands'
|
|
||||||
SO: Somalia
|
|
||||||
ZA: 'South Africa'
|
|
||||||
GS: 'South Georgia & South Sandwich Islands'
|
|
||||||
KR: 'South Korea'
|
|
||||||
SS: 'South Sudan'
|
|
||||||
ES: Spain
|
|
||||||
LK: 'Sri Lanka'
|
|
||||||
BL: 'St. Barthélemy'
|
|
||||||
SH: 'St. Helena'
|
|
||||||
KN: 'St. Kitts & Nevis'
|
|
||||||
LC: 'St. Lucia'
|
|
||||||
MF: 'St. Martin'
|
|
||||||
PM: 'St. Pierre & Miquelon'
|
|
||||||
VC: 'St. Vincent & Grenadines'
|
|
||||||
SD: Sudan
|
|
||||||
SR: Suriname
|
|
||||||
SJ: 'Svalbard & Jan Mayen'
|
|
||||||
SE: Sweden
|
|
||||||
CH: Switzerland
|
|
||||||
SY: Syria
|
|
||||||
TW: Taiwan
|
|
||||||
TJ: Tajikistan
|
|
||||||
TZ: Tanzania
|
|
||||||
TH: Thailand
|
|
||||||
TL: Timor-Leste
|
|
||||||
TG: Togo
|
|
||||||
TK: Tokelau
|
|
||||||
TO: Tonga
|
|
||||||
TT: 'Trinidad & Tobago'
|
|
||||||
TN: Tunisia
|
|
||||||
TR: Turkey
|
|
||||||
TM: Turkmenistan
|
|
||||||
TC: 'Turks & Caicos Islands'
|
|
||||||
TV: Tuvalu
|
|
||||||
UM: 'U.S. Outlying Islands'
|
|
||||||
VI: 'U.S. Virgin Islands'
|
|
||||||
UG: Uganda
|
|
||||||
UA: Ukraine
|
|
||||||
AE: 'United Arab Emirates'
|
|
||||||
GB: 'United Kingdom'
|
|
||||||
US: 'United States'
|
|
||||||
UY: Uruguay
|
|
||||||
UZ: Uzbekistan
|
|
||||||
VU: Vanuatu
|
|
||||||
VA: 'Vatican City'
|
|
||||||
VE: Venezuela
|
|
||||||
VN: Vietnam
|
|
||||||
WF: 'Wallis & Futuna'
|
|
||||||
EH: 'Western Sahara'
|
|
||||||
YE: Yemen
|
|
||||||
ZM: Zambia
|
|
||||||
ZW: Zimbabwe
|
|
@ -1,23 +0,0 @@
|
|||||||
title: AdGuard
|
|
||||||
homepage: 'https://adguard.com/en/adguard-dns/overview.html'
|
|
||||||
source: 'https://github.com/AdguardTeam/AdGuardDNS/'
|
|
||||||
privacy_policy:
|
|
||||||
link: 'https://adguard.com/en/privacy/dns.html'
|
|
||||||
type:
|
|
||||||
name: Commercial
|
|
||||||
logs:
|
|
||||||
policy: true
|
|
||||||
text: Some
|
|
||||||
link: 'https://adguard.com/en/privacy/dns.html'
|
|
||||||
tooltip: >-
|
|
||||||
We store aggregated performance metrics of our DNS server, namely the number of complete requests to a particular server, the number of blocked requests, the speed of processing requests.
|
|
||||||
We keep and store the database of domains requested in the last 24 hours. We need this information to identify and block new trackers and threats.
|
|
||||||
We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters.
|
|
||||||
protocols:
|
|
||||||
- name: Cleartext
|
|
||||||
- name: DoH
|
|
||||||
- name: DoT
|
|
||||||
- name: DNSCrypt
|
|
||||||
ecs:
|
|
||||||
status: false
|
|
||||||
filtering: Based on server choice. Filter list being used can be found here.
|
|
@ -1,21 +0,0 @@
|
|||||||
title: Cloudflare
|
|
||||||
homepage: 'https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/'
|
|
||||||
privacy_policy:
|
|
||||||
link: 'https://www.cloudflare.com/privacypolicy/'
|
|
||||||
type:
|
|
||||||
name: Commercial
|
|
||||||
logs:
|
|
||||||
policy: true
|
|
||||||
text: Some
|
|
||||||
link: 'https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/'
|
|
||||||
tooltip: >-
|
|
||||||
"Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver.
|
|
||||||
The 1.1.1.1 resolver service does not log personal data,
|
|
||||||
and the bulk of the limited non-personally identifiable query data is only stored for 25 hours."
|
|
||||||
protocols:
|
|
||||||
- name: Cleartext
|
|
||||||
- name: DoH
|
|
||||||
- name: DoT
|
|
||||||
ecs:
|
|
||||||
status: false
|
|
||||||
filtering: Based on server choice.
|
|
@ -1,19 +0,0 @@
|
|||||||
title: ControlD
|
|
||||||
homepage: 'https://controld.com/'
|
|
||||||
privacy_policy:
|
|
||||||
link: 'https://controld.com/privacy'
|
|
||||||
type:
|
|
||||||
name: Commercial
|
|
||||||
logs:
|
|
||||||
policy: true
|
|
||||||
text: Optional
|
|
||||||
tooltip: >-
|
|
||||||
Neither free nor premium service have logging enabled by default. Premium users can enable logging/analytics at will.
|
|
||||||
color: info
|
|
||||||
protocols:
|
|
||||||
- name: Cleartext
|
|
||||||
- name: DoH
|
|
||||||
- name: DoT
|
|
||||||
ecs:
|
|
||||||
status: false
|
|
||||||
filtering: Based on server choice
|
|
@ -1,17 +0,0 @@
|
|||||||
title: MullvadDNS
|
|
||||||
homepage: 'https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/'
|
|
||||||
source: 'https://github.com/mullvad/dns-adblock'
|
|
||||||
privacy_policy:
|
|
||||||
link: 'https://mullvad.net/en/help/privacy-policy/'
|
|
||||||
tooltip: >-
|
|
||||||
"Our public DNS service offers DNS over HTTPS (DoH) and DNS over TLS (DoT), with QNAME minimization and basic ad blocking. It has been audited by the security experts at Assured. You can use this privacy-enhancing service even if you don't use Mullvad."
|
|
||||||
type:
|
|
||||||
name: Commercial
|
|
||||||
logs:
|
|
||||||
policy: false
|
|
||||||
protocols:
|
|
||||||
- name: DoH
|
|
||||||
- name: DoT
|
|
||||||
ecs:
|
|
||||||
status: false
|
|
||||||
filtering: Based on server choice. Filter list being used can be found here.
|
|
@ -1,22 +0,0 @@
|
|||||||
title: NextDNS
|
|
||||||
homepage: 'https://www.nextdns.io/'
|
|
||||||
privacy_policy:
|
|
||||||
link: 'https://www.nextdns.io/privacy'
|
|
||||||
type:
|
|
||||||
name: Commercial
|
|
||||||
logs:
|
|
||||||
policy: true
|
|
||||||
text: Optional
|
|
||||||
tooltip: >-
|
|
||||||
NextDNS can provide insights and logging features on an opt-in basis.
|
|
||||||
Users can choose retention times and log storage locations for any logs they choose to keep.
|
|
||||||
color: info
|
|
||||||
protocols:
|
|
||||||
- name: Cleartext
|
|
||||||
- name: DoH
|
|
||||||
- name: DoT
|
|
||||||
- name: DNSCrypt
|
|
||||||
ecs:
|
|
||||||
status: true
|
|
||||||
text: Optional
|
|
||||||
filtering: Based on server choice
|
|
@ -1,17 +0,0 @@
|
|||||||
title: Quad9
|
|
||||||
homepage: 'https://quad9.net/'
|
|
||||||
privacy_policy:
|
|
||||||
link: 'https://quad9.net/service/privacy'
|
|
||||||
type:
|
|
||||||
name: Non-Profit
|
|
||||||
logs:
|
|
||||||
policy: false
|
|
||||||
protocols:
|
|
||||||
- name: Cleartext
|
|
||||||
- name: DoH
|
|
||||||
- name: DoT
|
|
||||||
- name: DNSCrypt
|
|
||||||
ecs:
|
|
||||||
status: true
|
|
||||||
text: Optional
|
|
||||||
filtering: Based on server choice, Malware blocking by default
|
|
@ -1,31 +0,0 @@
|
|||||||
type: dropdown
|
|
||||||
title: Providers
|
|
||||||
items:
|
|
||||||
- type: link
|
|
||||||
title: Cloud Storage
|
|
||||||
icon: fad fa-cloud
|
|
||||||
file: _evergreen/cloud.md
|
|
||||||
- type: link
|
|
||||||
title: DNS Servers
|
|
||||||
icon: fad fa-map-signs
|
|
||||||
file: _evergreen/dns.md
|
|
||||||
- type: link
|
|
||||||
title: Email Providers
|
|
||||||
icon: fad fa-envelope
|
|
||||||
file: legacy_pages/providers/email.html
|
|
||||||
- type: link
|
|
||||||
title: Search Engines
|
|
||||||
icon: fad fa-search-location
|
|
||||||
file: _evergreen/search-engines.md
|
|
||||||
- type: link
|
|
||||||
title: Social Networks
|
|
||||||
icon: fad fa-thumbs-up
|
|
||||||
file: legacy_pages/providers/social-networks.html
|
|
||||||
- type: link
|
|
||||||
title: Social News Aggregators
|
|
||||||
icon: fad fa-newspaper
|
|
||||||
file: legacy_pages/providers/social-news-aggregator.html
|
|
||||||
- type: link
|
|
||||||
title: VPN Services
|
|
||||||
icon: fad fa-network-wired
|
|
||||||
file: legacy_pages/providers/vpn.html
|
|
@ -1,52 +0,0 @@
|
|||||||
type: dropdown
|
|
||||||
title: Software
|
|
||||||
items:
|
|
||||||
- type: link
|
|
||||||
title: Browsers
|
|
||||||
icon: fad fa-browser
|
|
||||||
file: _evergreen/browsers.md
|
|
||||||
- type: divider
|
|
||||||
- type: link
|
|
||||||
title: Calendar/Contacts Sync Tools
|
|
||||||
icon: fad fa-calendar-day
|
|
||||||
file: legacy_pages/software/cal-card.html
|
|
||||||
- type: link
|
|
||||||
title: Digital Notebooks
|
|
||||||
icon: fad fa-edit
|
|
||||||
file: legacy_pages/software/notebooks.html
|
|
||||||
- type: link
|
|
||||||
title: Email Clients
|
|
||||||
icon: fad fa-envelope-open-text
|
|
||||||
file: legacy_pages/software/email.html
|
|
||||||
- type: link
|
|
||||||
title: File Encryption Tools
|
|
||||||
icon: fad fa-file-certificate
|
|
||||||
file: legacy_pages/software/file-encryption.html
|
|
||||||
- type: link
|
|
||||||
title: File Sharing and Sync
|
|
||||||
icon: fad fa-file-user
|
|
||||||
file: legacy_pages/software/file-sharing.html
|
|
||||||
- type: link
|
|
||||||
title: Metadata Removal Tools
|
|
||||||
icon: fad fa-file-times
|
|
||||||
file: legacy_pages/software/metadata-removal-tools.html
|
|
||||||
- type: link
|
|
||||||
title: Password Managers
|
|
||||||
icon: fad fa-user-lock
|
|
||||||
file: legacy_pages/software/passwords.html
|
|
||||||
- type: link
|
|
||||||
title: Productivity Tools
|
|
||||||
icon: fad fa-briefcase
|
|
||||||
file: legacy_pages/software/productivity.html
|
|
||||||
- type: link
|
|
||||||
title: Real-Time Communication
|
|
||||||
icon: fad fa-comments-alt
|
|
||||||
file: _evergreen/real-time-communication.md
|
|
||||||
- type: link
|
|
||||||
title: Self-Contained Networks
|
|
||||||
icon: fad fa-chart-network
|
|
||||||
file: legacy_pages/software/networks.html
|
|
||||||
- type: link
|
|
||||||
title: Video Streaming
|
|
||||||
icon: fad fa-video
|
|
||||||
file: _evergreen/video-streaming.md
|
|
@ -1,19 +0,0 @@
|
|||||||
type: dropdown
|
|
||||||
title: Operating Systems
|
|
||||||
items:
|
|
||||||
- type: link
|
|
||||||
title: Android
|
|
||||||
icon: fab fa-android
|
|
||||||
file: _evergreen/android.md
|
|
||||||
- type: link
|
|
||||||
title: Linux Desktop
|
|
||||||
icon: fab fa-linux
|
|
||||||
file: _evergreen/linux-desktop.md
|
|
||||||
- type: link
|
|
||||||
title: Qubes OS
|
|
||||||
icon: pg-qubes
|
|
||||||
file: _evergreen/qubes.md
|
|
||||||
- type: link
|
|
||||||
title: Router
|
|
||||||
icon: fa-duotone fa-circle-nodes
|
|
||||||
file: _evergreen/router.md
|
|
@ -1,7 +0,0 @@
|
|||||||
type: dropdown
|
|
||||||
title: Privacy
|
|
||||||
items:
|
|
||||||
- type: link
|
|
||||||
title: Threat Modeling
|
|
||||||
icon: fad fa-bullseye-arrow
|
|
||||||
file: _evergreen/threat-modeling.md
|
|
@ -1,3 +0,0 @@
|
|||||||
type: link
|
|
||||||
title: Blog
|
|
||||||
file: blog.html
|
|
@ -1,24 +0,0 @@
|
|||||||
title: Orbot
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/orbot.svg
|
|
||||||
description: |
|
|
||||||
**Orbot** is a free proxy app that routes your connections through the Tor Network.
|
|
||||||
|
|
||||||
Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN killswitch (⚙️ Settings → Network & internet → VPN → ⚙️ → Block connections without VPN).
|
|
||||||
|
|
||||||
For resistance against traffic analysis attacks, consider enabling *Isolate Destination Address* ( ⁝ →Settings → Connectivity). This will use a completely different Tor Circuit (different middle relay and exit nodes) for every domain you connect to.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Orbot is often outdated on the Guardian Project's [F-Droid repository](https://guardianproject.info/fdroid) and [Google Play](https://play.google.com/store/apps/details?id=org.torproject.android) so consider downloading directly from the [GitHub repository](https://github.com/guardianproject/orbot) instead.
|
|
||||||
|
|
||||||
All versions are signed using the same signature so they should be compatible with each other.
|
|
||||||
website: 'https://orbot.app/'
|
|
||||||
downloads:
|
|
||||||
- icon: pg-f-droid
|
|
||||||
url: 'https://guardianproject.info/fdroid'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=org.torproject.android'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/guardianproject/orbot'
|
|
||||||
- icon: fab fa-gitlab
|
|
||||||
url: 'https://gitlab.com/guardianproject/orbot'
|
|
@ -1,25 +0,0 @@
|
|||||||
title: Shelter
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/shelter.svg
|
|
||||||
description: |
|
|
||||||
**Shelter** is an app that helps you leverage the Android work profile to isolate other apps.
|
|
||||||
|
|
||||||
Shelter supports blocking contact search cross profiles and sharing files across profiles via the default file manager ([DocumentsUI](https://source.android.com/devices/architecture/modular-system/documentsui)).
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
As CalyxOS includes a device controller, we recommend using their built in work profile instead.
|
|
||||||
|
|
||||||
Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular/) and [Island](https://github.com/oasisfeng/island) as it supports [contact search blocking](https://secure-system.gitlab.io/Insular/faq.html).
|
|
||||||
|
|
||||||
When using Shelter, you are placing complete trust in its developer as Shelter would be acting as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) for the work profile and has extensive access to the data stored within it.
|
|
||||||
|
|
||||||
website: 'https://gitea.angry.im/PeterCxy/Shelter'
|
|
||||||
downloads:
|
|
||||||
- icon: pg-f-droid
|
|
||||||
url: 'https://f-droid.org/en/packages/net.typeblog.shelter'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=net.typeblog.shelter'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/PeterCxy/Shelter'
|
|
||||||
- icon: fab fa-git
|
|
||||||
url: 'https://gitea.angry.im/PeterCxy/Shelter'
|
|
@ -1,26 +0,0 @@
|
|||||||
title: Auditor
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/auditor.svg
|
|
||||||
logo_dark: /assets/img/android/auditor-dark.svg
|
|
||||||
description: |
|
|
||||||
**Auditor** is an app which leverages hardware security features to provide device integrity monitoring for [supported devices](https://attestation.app/about#device-support). It currently works with GrapheneOS and the stock operating system. It performs attestation and intrusion detection by:
|
|
||||||
|
|
||||||
* Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
|
|
||||||
* The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
|
|
||||||
* The *auditor* records the current state and configuration of the *auditee*.
|
|
||||||
* Should tampering with the operating system of the *auditee* after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
|
|
||||||
* The user will be alerted to the change.
|
|
||||||
|
|
||||||
No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
|
|
||||||
|
|
||||||
If your [threat model](/threat-modeling/) requires privacy you could consider using Orbot or a VPN to hide your IP address from the attestation service.
|
|
||||||
|
|
||||||
To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
|
|
||||||
|
|
||||||
website: 'https://attestation.app'
|
|
||||||
privacy_policy: 'https://attestation.app/privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=app.attestation.auditor'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/GrapheneOS/Auditor'
|
|
@ -1,23 +0,0 @@
|
|||||||
title: Secure Camera
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/secure_camera.svg
|
|
||||||
logo_dark: /assets/img/android/secure_camera-dark.svg
|
|
||||||
description: |
|
|
||||||
**Secure Camera** is an camera app focused on privacy and security which can capture images, videos, and QR codes. CameraX vendor extensions (Portrait, HDR, Night Sight, Face Retouch, and Auto) are also supported on available devices.
|
|
||||||
|
|
||||||
Main privacy features include
|
|
||||||
- Auto removal of [Exif](https://en.wikipedia.org/wiki/Exif) metadata (enabled by default)
|
|
||||||
- Use of the new [Media](https://developer.android.com/training/data-storage/shared/media) API, therefore [storage permissions](https://developer.android.com/training/data-storage) are not required
|
|
||||||
- Microphone permission not required unless you want to record sound
|
|
||||||
|
|
||||||
### Notes
|
|
||||||
Metadata is not currently deleted from video files but that is planned.
|
|
||||||
|
|
||||||
The image orientation metadata is not deleted. If you enable location (in Secure Camera) that **won't** be deleted either. If you want to delete that later you will need to use an external app such as [Scrambled Exif](https://gitlab.com/juanitobananas/scrambled-exif/).
|
|
||||||
|
|
||||||
website: 'https://github.com/GrapheneOS/Camera'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=app.grapheneos.camera.play'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/GrapheneOS/Camera/releases'
|
|
@ -1,15 +0,0 @@
|
|||||||
title: Secure PDF Viewer
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/secure_pdf_viewer.svg
|
|
||||||
logo_dark: /assets/img/android/secure_pdf_viewer-dark.svg
|
|
||||||
description: |
|
|
||||||
**Secure PDF Viewer** is a PDF viewer based on [pdf.js](https://en.wikipedia.org/wiki/PDF.js) that doesn't require any permissions. The PDF is fed into a [sandboxed](https://en.wikipedia.org/wiki/Sandbox_(software_development)) [webview](https://developer.android.com/guide/webapps/webview). This means that it doesn't require permission directly to access content or files.
|
|
||||||
|
|
||||||
[Content-Security-Policy](https://en.wikipedia.org/wiki/Content_Security_Policy) is used to enforce that the JavaScript and styling properties within the WebView are entirely static content.
|
|
||||||
|
|
||||||
website: 'https://github.com/GrapheneOS/PdfViewer'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=app.grapheneos.pdfviewer.play'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/GrapheneOS/PdfViewer/releases'
|
|
@ -1,16 +0,0 @@
|
|||||||
title: PrivacyBlur
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/privacyblur.svg
|
|
||||||
description: |
|
|
||||||
**PrivacyBlur** is a free app which can blur sensitive portions of pictures before sharing them online.
|
|
||||||
|
|
||||||
### Notes
|
|
||||||
You should **never** use blur to redact [text in images](https://bishopfox.com/blog/unredacter-tool-never-pixelation). If you want to redact text in an image, draw a box over the text. For this we suggest [Pocket Paint](https://github.com/Catrobat/Paintroid) or [Imagepipe](https://codeberg.org/Starfish/Imagepipe).
|
|
||||||
website: 'https://privacyblur.app/'
|
|
||||||
downloads:
|
|
||||||
- icon: pg-f-droid
|
|
||||||
url: 'https://f-droid.org/en/packages/de.mathema.privacyblur/'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=de.mathema.privacyblur'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/MATHEMA-GmbH/privacyblur'
|
|
@ -1,12 +0,0 @@
|
|||||||
title: Droid-ify
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/droid-ify.png
|
|
||||||
description: |
|
|
||||||
**Droid-ify** is a modern F-Droid client made with MaterialUI, forked from [Foxy Droid](https://github.com/kitsunyan/foxy-droid).
|
|
||||||
|
|
||||||
Unlike the official F-Droid client, Droid-ify supports seamless updates on Android 12 and above without the need for a privileged extension. If your Android distribution is on Android 12 or above and does not include the [F-Droid privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged/), it is highly recommended that you use Droid-ify instead of the official client.
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://android.izzysoft.de/repo/apk/com.looker.droidify'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/Iamlooker/Droid-ify'
|
|
@ -1,20 +0,0 @@
|
|||||||
title: GrapheneOS
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/grapheneos.svg
|
|
||||||
logo_dark: /assets/img/android/grapheneos-dark.svg
|
|
||||||
description: |
|
|
||||||
**GrapheneOS** is the best choice when it comes to privacy and security.
|
|
||||||
|
|
||||||
GrapheneOS provides additional [security hardening](https://en.wikipedia.org/wiki/Hardening_(computing)) and privacy improvements. It has a [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), network and sensor permissions, and various other [security features](https://grapheneos.org/features). GrapheneOS also comes with full firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
|
|
||||||
|
|
||||||
Notably, GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play). Google Play Services can be run fully sandboxed like a regular user app and contained in a work profile or user [profile](/android/#android-security-privacy) of your choice. This means that you can run apps dependant on Play Services, such as those that require push notifications using Google's [Firebase Cloud Messaging](https://firebase.google.com/docs/cloud-messaging/) service. GrapheneOS allows you to take advantage of most [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) whilst having full user control over their permissions and access.
|
|
||||||
|
|
||||||
Currently, only [Pixel phones](https://grapheneos.org/faq#device-support) meet its hardware security requirement and are supported.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
GrapheneOS's "extended support" devices do not have full security patches (firmware updates) due to the original equipment manufacturer (OEM) discontinuing support. These devices cannot be considered completely secure.
|
|
||||||
website: 'https://grapheneos.org/'
|
|
||||||
privacy_policy: 'https://grapheneos.org/faq#privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/GrapheneOS'
|
|
@ -1,22 +0,0 @@
|
|||||||
title: CalyxOS
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/calyxos.svg
|
|
||||||
description: |
|
|
||||||
**CalyxOS** is a decent alternative to GrapheneOS.
|
|
||||||
|
|
||||||
It has some privacy features on top of AOSP, including [Datura firewall](https://calyxos.org/docs/tech/datura-details), [Signal](https://signal.org) integration in the dialer app, and a built in panic button. CalyxOS also comes with firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
|
|
||||||
|
|
||||||
To accomodate users who need Google Play Services, CalyxOS optionally includes [MicroG](https://microg.org/). With MicroG, CalyxOS also bundles in the [Mozilla](https://location.services.mozilla.com/) and [DejaVu](https://github.com/n76/DejaVu) location services.
|
|
||||||
|
|
||||||
Currently, CalyxOS only supports [Pixel phones](https://calyxos.org/docs/guide/device-support/).
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
CalyxOS's "extended support" does not have full security patches due to the original equipment manufacturer (OEM) discontinuing support; therefore, they cannot be considered completely secure.
|
|
||||||
|
|
||||||
website: 'https://calyxos.org'
|
|
||||||
privacy_policy: 'https://calyxinstitute.org/legal/privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/CalyxOS'
|
|
||||||
- icon: fab fa-gitlab
|
|
||||||
url: 'https://gitlab.com/calyxos'
|
|
@ -1,25 +0,0 @@
|
|||||||
title: DivestOS
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/divestos.svg
|
|
||||||
description: |
|
|
||||||
**DivestOS** is a [soft-fork](https://en.wikipedia.org/wiki/Fork_(software_development)#Forking_of_free_and_open-source_software) of [LineageOS](https://lineageos.org/).
|
|
||||||
|
|
||||||
DivestOS inherits many [supported devices](https://divestos.org/index.php?page=devices&base=LineageOS) from LineageOS. It has signed builds, making it possible to have [verified boot](https://source.android.com/security/verifiedboot) on some non-Pixel devices.
|
|
||||||
|
|
||||||
DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, a custom [hosts](https://divested.dev/index.php?page=dnsbl) file, and [F-Droid](https://www.f-droid.org) as the app store. It includes [UnifiedNlp](https://github.com/microg/UnifiedNlp) for network location and some hardening with [Mulch Webview](https://gitlab.com/divested-mobile/mulch). Users can also select the [Bromite SystemWebView](https://www.bromite.org/system_web_view) in ⚙️ Settings → Developer options → Webview implementation. DivestOS also includes kernel patches from GrapheneOS and enables security features in [defconfig](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L698).
|
|
||||||
|
|
||||||
DivestOS 16.0, 17.1, and 18.1 implements GrapheneOS's [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) permission toggle and [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc).
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
DivestOS firmware update [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) varies across the devices it supports. For Pixel phones, we still recommend using GrapheneOS or CalyxOS. For other supported devices, DivestOS is a good alternative.
|
|
||||||
|
|
||||||
Not all of the supported devices have [verified boot](https://source.android.com/security/verifiedboot), and some perform it better than others.
|
|
||||||
|
|
||||||
website: 'https://divestos.org'
|
|
||||||
website_tor: 'http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion'
|
|
||||||
privacy_policy: 'https://divestos.org/index.php?page=privacy_policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/divested-mobile'
|
|
||||||
- icon: fab fa-gitlab
|
|
||||||
url: 'https://gitlab.com/divested-mobile'
|
|
@ -1,16 +0,0 @@
|
|||||||
title: Fedora Silverblue (and Kinoite)
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/fedora-silverblue.svg
|
|
||||||
description: |
|
|
||||||
**Fedora Silverblue** and **Fedora Kinoite** are immutable variants of Fedora with a strong focus on container workflows. Silverblue comes with the [GNOME](https://www.gnome.org/) desktop environment while Kinoite comes with [KDE](https://kde.org/). Silverblue and Kinoite follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
|
|
||||||
|
|
||||||
Silverblue (and Kionite) differ from Fedora Workstation as they replace the [DNF](https://fedoraproject.org/wiki/DNF) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/rawhide/system-administrators-guide/package-management/rpm-ostree/). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
|
|
||||||
|
|
||||||
After the update is complete the user will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that a user can easily rollback if something breaks in the new deployment. There is also the option to pin more deployments as needed.
|
|
||||||
|
|
||||||
[Flatpak](https://www.flatpak.org) is the primary package installation method on these distrbutions, as `rpm-ostree` is only meant to overlay packages that cannot stay inside of a container on top of the base image.
|
|
||||||
|
|
||||||
As an alternative to Flatpaks, there is the option of [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/) to create [Podman](https://podman.io) containers with a shared home directory with the host operating system and mimic a traditional Fedora environment, which is a [useful feature](https://containertoolbx.org) for the discerning developer.
|
|
||||||
|
|
||||||
website: 'https://silverblue.fedoraproject.org'
|
|
||||||
privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#Sharing_Your_Personal_Data'
|
|
@ -1,17 +0,0 @@
|
|||||||
title: NixOS
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/nixos.svg
|
|
||||||
description: |
|
|
||||||
<strong>NixOS</strong> is an independent distribution based on the <a href="https://nixos.org">Nix package manager</a> with a focus on reproducibility and reliability.
|
|
||||||
|
|
||||||
NixOS's package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
|
|
||||||
|
|
||||||
NixOS also provides atomic updates; first it downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation; you can tell NixOS to activate it after reboot or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
|
|
||||||
|
|
||||||
Nix the package manager uses a purely functional language - which is also called Nix - to define packages.
|
|
||||||
|
|
||||||
[Nixpkgs](https://github.com/nixos/nixpkgs) (the main source of packages) are contained in a single Github repository. You can also define your own packages in the same language and then easily include them in your config.
|
|
||||||
|
|
||||||
Nix is a source-based package manager; if there's no pre-built available in the binary cache, Nix will just build the package from source using its definition. It builds each package in a sandboxed *pure* environment, which is as independent of the host system as possible, thus making binaries reproducible.
|
|
||||||
|
|
||||||
website: 'https://nixos.org'
|
|
@ -1,16 +0,0 @@
|
|||||||
title: Whonix
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/whonix.svg
|
|
||||||
description: |
|
|
||||||
**Whonix** is based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and anonymity on the internet.
|
|
||||||
|
|
||||||
Whonix is meant to run as two virtual machines: a "Workstation" and a Tor "Gateway". All communications from the Workstation has to go through the Tor gateway, and will be routed through the Tor Network.
|
|
||||||
|
|
||||||
Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
|
|
||||||
|
|
||||||
Future versions of Whonix will likely include [full system Apparmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
|
|
||||||
|
|
||||||
Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers).
|
|
||||||
|
|
||||||
website: 'https://www.whonix.org/'
|
|
||||||
website_tor: 'http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/'
|
|
@ -1,11 +0,0 @@
|
|||||||
title: Tails
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/tails.svg
|
|
||||||
description: |
|
|
||||||
**Tails** is a live operating system based on Debian that routes all communications through Tor.
|
|
||||||
|
|
||||||
It can boot on almost any computer from a DVD, USB stick, or sdcard. It aims to preserve privacy and anonymity while circumventing censorship and leaving no trace of itself on the computer it is used on.
|
|
||||||
|
|
||||||
By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.boum.org/doc/first_steps/persistence/index.en.html) can be configured to store some data.
|
|
||||||
|
|
||||||
website: 'https://tails.boum.org'
|
|
@ -1,13 +0,0 @@
|
|||||||
title: Fedora Workstation
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/fedora-workstation.svg
|
|
||||||
labels: 'color==info::icon==fas fa-fw fa-trophy::text==Beginner friendly::tooltip==We highly recommend that new Linux users use Fedora Workstation.'
|
|
||||||
description: |
|
|
||||||
**Fedora Workstation** is our recommended distribution for users new to Linux.
|
|
||||||
|
|
||||||
It has a semi-[rolling release](https://en.wikipedia.org/wiki/Rolling_release) cycle. While some packages like [GNOME](https://www.gnome.org) are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
|
|
||||||
|
|
||||||
Fedora generally adopts newer technologies before other distributions e.g., [Wayland](https://wayland.freedesktop.org/), [PipeWire](https://pipewire.org), and soon, [FS-Verity](https://fedoraproject.org/wiki/Changes/FsVerityRPM). These new technologies often come with improvements in security, privacy, and usability in general.
|
|
||||||
|
|
||||||
website: 'https://getfedora.org'
|
|
||||||
privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#Sharing_Your_Personal_Data'
|
|
@ -1,11 +0,0 @@
|
|||||||
title: openSUSE Tumbleweed
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/opensuse-tumbleweed.svg
|
|
||||||
description: |
|
|
||||||
**openSUSE Tumbleweed** is a stable [rolling release](https://en.wikipedia.org/wiki/Rolling_release) distribution.
|
|
||||||
|
|
||||||
Tumbleweed follows a rolling release model where each update is released as a snapshot of the distribution. When the user upgrades their system, a new snapshot is downloaded. Each snapshot is run through a series of automated tests by the [openSUSE Build Service](https://build.opensuse.org) to ensure its quality.
|
|
||||||
|
|
||||||
openSUSE Tumbleweed has a [transactional update](https://kubic.opensuse.org/blog/2018-04-04-transactionalupdates/) system that uses [Btrfs](https://en.wikipedia.org/wiki/Btrfs) and [Snapper](https://en.opensuse.org/openSUSE:Snapper_Tutorial) to ensure that snapshots can be rolled back should there be a problem.
|
|
||||||
|
|
||||||
website: 'https://get.opensuse.org/tumbleweed/'
|
|
@ -1,14 +0,0 @@
|
|||||||
title: Arch Linux
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/linux-desktop/archlinux.svg
|
|
||||||
description: |
|
|
||||||
**Arch Linux** is a lightweight, do-it-yourself (DIY) distribution meaning that you only get what you install. For more information see their [FAQ](https://wiki.archlinux.org/title/Frequently_asked_questions).
|
|
||||||
|
|
||||||
Arch Linux has a rolling release cycle. There is no fixed release schedule and packages are updated very frequently.
|
|
||||||
|
|
||||||
Being a DIY distribution, the user is [expected to setup and maintain](/linux-desktop/#arch-based-distributions) their system. Arch has an [official installer](https://wiki.archlinux.org/title/Archinstall) to make the installation process a little easier.
|
|
||||||
|
|
||||||
A large portion of [Arch Linux's packages](https://reproducible.archlinux.org) are [reproducible](https://reproducible-builds.org).
|
|
||||||
|
|
||||||
website: 'https://archlinux.org'
|
|
||||||
privacy_policy: 'https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy'
|
|
@ -1,11 +0,0 @@
|
|||||||
title: Qubes OS
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/qubes/qubes_os.svg
|
|
||||||
description: |
|
|
||||||
**Qubes** is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
|
|
||||||
website: 'https://www.qubes-os.org/'
|
|
||||||
website_tor: 'http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/'
|
|
||||||
privacy_policy: 'https://www.qubes-os.org/privacy/'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/QubesOS'
|
|
@ -1,14 +0,0 @@
|
|||||||
title: OpenWrt
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/router/openwrt.svg
|
|
||||||
logo_dark: /assets/img/router/openwrt-dark.svg
|
|
||||||
description: |
|
|
||||||
**OpenWrt** is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc, and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers.
|
|
||||||
|
|
||||||
## Notes
|
|
||||||
Consult the [Table of Hardware](https://openwrt.org/toh/start) to check if your device is supported.
|
|
||||||
|
|
||||||
website: 'https://openwrt.org'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-git
|
|
||||||
url: 'https://git.openwrt.org/'
|
|
@ -1,11 +0,0 @@
|
|||||||
title: pfSense
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/router/pfsense.svg
|
|
||||||
logo_dark: /assets/img/router/pfsense-dark.svg
|
|
||||||
description: |
|
|
||||||
pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and VPN endpoint.
|
|
||||||
website: 'https://www.pfsense.org'
|
|
||||||
privacy_policy: 'https://www.pfsense.org/privacy.html'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/pfsense'
|
|
@ -1,33 +0,0 @@
|
|||||||
title: Nextcloud
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/cloud/nextcloud.svg
|
|
||||||
description: |
|
|
||||||
**Nextcloud** is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control. It also comes with experimental end-to-end encryption (E2EE).
|
|
||||||
|
|
||||||
We recommend checking if your Nextcloud provider supports E2EE, otherwise you have to trust the provider to not look at your files.
|
|
||||||
|
|
||||||
When self hosting Nextcloud, you should also remember to enable E2EE to protect against your hosting provider from snooping on your data.
|
|
||||||
|
|
||||||
website: 'https://nextcloud.com/'
|
|
||||||
privacy_policy: 'https://nextcloud.com/privacy/'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://nextcloud.com/install/#install-clients'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://nextcloud.com/install/#install-clients'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://nextcloud.com/install/#install-clients'
|
|
||||||
- icon: fab fa-freebsd
|
|
||||||
url: 'https://www.freshports.org/www/nextcloud/'
|
|
||||||
- icon: pg-openbsd
|
|
||||||
url: 'http://openports.se/www/nextcloud'
|
|
||||||
- icon: pg-netbsd
|
|
||||||
url: 'http://pkgsrc.se/www/php-nextcloud'
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://f-droid.org/packages/com.nextcloud.client/'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=com.nextcloud.client'
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: 'https://apps.apple.com/app/id1125420102'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/nextcloud'
|
|
@ -1,17 +0,0 @@
|
|||||||
title: Proton Drive
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/cloud/protondrive.svg
|
|
||||||
description: |
|
|
||||||
**Proton Drive** is an end-to-end encrypted (E2EE) general file storage service by the popular encrypted email provider [ProtonMail](https://protonmail.com).
|
|
||||||
|
|
||||||
Proton Drive is currently in beta and only is only available through a web client.
|
|
||||||
|
|
||||||
When using a web client, you are placing trust in the server to send you proper JavaScript code to derive the decryption key and authentication token locally in your browser. A compromised server can send you malicious JavaScript code to steal your master password and decrypt your data. If this does not fit your [threat model](/threat-modeling/), consider using an alternative.
|
|
||||||
|
|
||||||
website: 'https://protonmail.com'
|
|
||||||
privacy_policy: 'https://protonmail.com/privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fas fa-globe-americas
|
|
||||||
url: 'https://protonmail.com'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/ProtonMail/WebClients'
|
|
@ -1,20 +0,0 @@
|
|||||||
title: Tahoe-LAFS (Advanced)
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/cloud/tahoe-lafs.svg
|
|
||||||
logo_dark: /assets/img/cloud/tahoe-lafs-dark.svg
|
|
||||||
description: |
|
|
||||||
**Tahoe-LAFS** is a free and open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security. The servers used as storage pools do not have access to your data.
|
|
||||||
|
|
||||||
Due to the complexity of the system and the amount of nodes needed to set it up, Tahoe-LAFS is only recommended for seasoned system administrators.
|
|
||||||
website: 'https://www.tahoe-lafs.org/'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://github.com/tahoe-lafs/tahoe-lafs#via-pip'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://github.com/tahoe-lafs/tahoe-lafs#via-pip'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://github.com/tahoe-lafs/tahoe-lafs#using-os-packages'
|
|
||||||
- icon: pg-netbsd
|
|
||||||
url: 'http://pkgsrc.se/filesystems/tahoe-lafs'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://www.tahoe-lafs.org/trac/tahoe-lafs/browser'
|
|
@ -1,18 +0,0 @@
|
|||||||
title: DuckDuckGo
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/search-engines/duckduckgo.svg
|
|
||||||
description: |
|
|
||||||
**DuckDuckGo** is a popular search engine and is the default for the Tor Browser.
|
|
||||||
|
|
||||||
DuckDuckGo has a [lite](https://duckduckgo.com/lite) and [html](https://duckduckgo.com/html) only version, both of which [do not require JavaScript](https://help.duckduckgo.com/features/non-javascript) and can be used with their [Tor onion address](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion) (append [/lite](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/lite) or [/html](https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/html) for the respective version).
|
|
||||||
|
|
||||||
DuckDuckGo uses a commercial Bing API and various [other sources](https://help.duckduckgo.com/results/sources) to provide its search data.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
The company is based in the <span class="flag-icon flag-icon-us"></span> USA.
|
|
||||||
|
|
||||||
Their [Privacy Policy](https://duckduckgo.com/privacy) states they do log your search query, but not your IP or any other identifying information.
|
|
||||||
|
|
||||||
website: 'https://duckduckgo.com'
|
|
||||||
website_tor: 'https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion'
|
|
||||||
privacy_policy: 'https://duckduckgo.com/privacy'
|
|
@ -1,19 +0,0 @@
|
|||||||
title: Startpage
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/search-engines/startpage.svg
|
|
||||||
description: |
|
|
||||||
**Startpage** is a search engine that provides Google search results. It is a very convenient way to get Google search results without experiencing dark patterns such as difficult captchas or being refused access because you used a [VPN](/providers/vpn) or [Tor](https://www.torproject.org/download/).
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Startpage's majority shareholder is System1 who is an adtech company. We don't think that is an issue as they have their own Privacy Policy.
|
|
||||||
|
|
||||||
The Privacy Guides team reached out to Startpage [back in 2020](https://web.archive.org/web/20210118031008/https://blog.privacytools.io/relisting-startpage/) for clarification and was satisfied by the answers we received.
|
|
||||||
|
|
||||||
Startpage is based in the <span class="flag-icon flag-icon-nl"></span> Netherlands.
|
|
||||||
|
|
||||||
According to their [Privacy Policy](https://www.startpage.com/en/privacy-policy/), they only log details such as: operating system, type of browser and language. They do not log your IP address, search queries or other identifying information.
|
|
||||||
|
|
||||||
Startpage proxies Google Search so Google does have access to your search queries.
|
|
||||||
|
|
||||||
website: 'https://www.startpage.com'
|
|
||||||
privacy_policy: 'https://www.startpage.com/en/privacy-policy'
|
|
@ -1,13 +0,0 @@
|
|||||||
title: Mojeek
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/search-engines/mojeek.svg
|
|
||||||
description: |
|
|
||||||
**Mojeek** is another privacy friendly search engine. They use their own crawler to provide search data.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
The company is based in the <span class="flag-icon flag-icon-gb"></span> UK.
|
|
||||||
|
|
||||||
According to their [Privacy Policy](https://www.mojeek.com/about/privacy/), they log the originating country, time, page requested, and referral data of each query. IP addresses are not logged.
|
|
||||||
|
|
||||||
website: 'https://www.mojeek.com'
|
|
||||||
privacy_policy: 'https://www.mojeek.com/about/privacy'
|
|
@ -1,15 +0,0 @@
|
|||||||
title: Searx
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/search-engines/searx.svg
|
|
||||||
description: |
|
|
||||||
**Searx** is an [open-source](https://github.com/asciimoo/searx), self-hostable, metasearch engine, aggregating the results of other search engines while not storing information about its users. There is a [list of public instances](https://searx.space/).
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Searx is a proxy between the user and the search engines it aggregates from. Your search queries will still be sent to the search engines that Searx gets its results from.
|
|
||||||
|
|
||||||
When self-hosting, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting Searx, as other people looking up illegal content on your instance could draw unwanted attention from authorities.
|
|
||||||
|
|
||||||
When you are using a Searx instance, be sure to go read the Privacy Policy of that specific instance. Searx instances can be modified by their owners and therefore may not reflect their associated privacy policy. Some instances have Tor .onion addresses which may grant some privacy as long as your search queries don't contain PII (Personally Identifiable Information).
|
|
||||||
|
|
||||||
website: 'https://searx.me'
|
|
||||||
website_tor: 'http://searxspbitokayvkhzhsnljde7rqmn7rvoga6e4waeub3h7ug3nghoad.onion'
|
|
@ -1,14 +0,0 @@
|
|||||||
"@context": https://schema.org
|
|
||||||
"@type": Organization
|
|
||||||
"name": Privacy Guides
|
|
||||||
"description": "Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online."
|
|
||||||
"url": 'https://www.privacyguides.org'
|
|
||||||
"logo": 'https://www.privacyguides.org/assets/img/layout/apple-touch-icon.png'
|
|
||||||
"sameAs":
|
|
||||||
- 'https://www.wikidata.org/wiki/Q74788946'
|
|
||||||
- 'https://twitter.com/privacy_guides'
|
|
||||||
- 'https://github.com/privacyguides'
|
|
||||||
- 'https://github.com/privacytools'
|
|
||||||
- 'https://twitter.com/privacytoolsIO'
|
|
||||||
"alternateName":
|
|
||||||
- 'PrivacyTools'
|
|
@ -1,63 +0,0 @@
|
|||||||
title: Firefox Desktop
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/browsers/firefox.svg
|
|
||||||
description: |
|
|
||||||
**Firefox** provides strong privacy settings such as [Enhanced Tracking Protection](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop), which can help block various [types of tracking](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop#w_what-enhanced-tracking-protection-blocks).
|
|
||||||
|
|
||||||
These options can be found in the *Privacy & Security* settings page ( ≡ → Settings → Privacy & Security).
|
|
||||||
|
|
||||||
##### **Enhanced Tracking Protection (ETP)**
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Select: <strong>Strict</strong></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
##### **Sanitize on Close**
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Select: <strong>Delete cookies and site data when Firefox is closed</strong></li>
|
|
||||||
</ul>
|
|
||||||
You can still stay logged into websites by allowing exceptions.
|
|
||||||
|
|
||||||
##### **Disable Search Suggestions**
|
|
||||||
*These features may not be available depending on your region.*
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Toggle off: <strong>Suggestions from the web</strong></li>
|
|
||||||
<li>Toggle off: <strong>Suggestions from sponsors</strong></li>
|
|
||||||
<li>Toggle off: <strong>Improve the Firefox Suggest experience</strong></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
##### **Disable Telemetry**
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Uncheck: <strong>Allow Firefox to send technical and interaction data to Mozilla</strong></li>
|
|
||||||
<li>Uncheck: <strong>Allow Firefox to install and run studies</strong></li>
|
|
||||||
<li>Uncheck: <strong>Allow Firefox to send backlogged crash reports on your behalf</strong></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug.cgi?id=1677497#c0) in downloads from Mozilla's website and uses telemetry in Firefox to send the token. The token is **not** included in releases from the [Mozilla FTP](https://ftp.mozilla.org/pub/firefox/releases/).
|
|
||||||
|
|
||||||
##### **HTTPS-Only Mode**
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Select: <strong>Enable HTTPS-Only Mode in all windows</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
#### Sync
|
|
||||||
The [Firefox sync](https://hacks.mozilla.org/2018/11/firefox-sync-privacy/) service is end-to-end encrypted.
|
|
||||||
|
|
||||||
#### Extensions
|
|
||||||
We generally do not recommend installing any extensions as they increase your [attack surface](https://en.wikipedia.org/wiki/Attack_surface); however, if you want content blocking, [uBlock Origin](/browsers/#additional-resources) might be useful to you. The extension is also a 🏆️[Recommended Extension](https://support.mozilla.org/kb/add-on-badges#w_recommended-extensions) by Mozilla.
|
|
||||||
|
|
||||||
#### Arkenfox (advanced)
|
|
||||||
The [Arkenfox project](https://github.com/arkenfox/user.js) provides a set of carefully considered options for Firefox. These options are quite strict but a few are subjective and may cause some websites to not work properly. You can easily change these settings to suit your needs. We **strongly recommend** reading through their [wiki](https://github.com/arkenfox/user.js/wiki). Arkenfox also enables [container](https://support.mozilla.org/en-US/kb/containers#w_for-advanced-users) support.
|
|
||||||
|
|
||||||
website: 'https://firefox.com'
|
|
||||||
privacy_policy: 'https://www.mozilla.org/privacy/firefox'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://www.mozilla.org/firefox/windows'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://www.mozilla.org/firefox/mac'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://www.mozilla.org/firefox/linux'
|
|
||||||
- icon: fab fa-freebsd
|
|
||||||
url: 'https://www.freshports.org/www/firefox'
|
|
||||||
- icon: fab fa-git
|
|
||||||
url: 'https://hg.mozilla.org/mozilla-central'
|
|
@ -1,27 +0,0 @@
|
|||||||
title: Bromite
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/browsers/bromite.svg
|
|
||||||
description: |
|
|
||||||
**Bromite** is a [Chromium](https://en.wikipedia.org/wiki/Chromium_(web_browser))-based browser with privacy and security enhancements, built-in ad blocking, and some fingerprinting randomization.
|
|
||||||
|
|
||||||
These options can be found in *Privacy and Security* ( ⁝ → ⚙️ Settings → Privacy and Security).
|
|
||||||
|
|
||||||
##### **HTTPS-Only Mode**
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Select: <strong>Always use secure connections</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
##### **Always-on Incognito Mode**
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Select: <strong>Open links in incognito tabs always</strong>.</li>
|
|
||||||
<li>Select: <strong>Close all open tabs on exit</strong>.</li>
|
|
||||||
<li>Select: <strong>Open external links in incognito</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
website: 'https://www.bromite.org'
|
|
||||||
privacy_policy: 'https://www.bromite.org/privacy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://www.bromite.org/fdroid'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/bromite/bromite'
|
|
@ -1,54 +0,0 @@
|
|||||||
title: Safari
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/browsers/safari.svg
|
|
||||||
description: |
|
|
||||||
**Safari** is the default browser in iOS. It includes [privacy features](https://support.apple.com/guide/iphone/browse-the-web-privately-iphb01fc3c85/15.0/ios/15.0) such as Intelligent Tracking Protection, Privacy Report, isolated Private Browsing tabs, iCloud Private Relay, and automatic HTTPS upgrades.
|
|
||||||
|
|
||||||
These options can be found in *Privacy and Security* (⚙️ Settings → Safari → Privacy and Security).
|
|
||||||
|
|
||||||
##### **Cross-Site Tracking Prevention**
|
|
||||||
Toggling this setting enables WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp).
|
|
||||||
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Toggle On: <strong>Prevent Cross-Site Tracking</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
##### **Privacy Report**
|
|
||||||
Privacy Report provides a snapshot of cross-site trackers currently prevented from profiling you on the website you're visiting. It can also display a weekly report to show which trackers have been blocked over time.
|
|
||||||
|
|
||||||
Privacy Report is accessible through the **Aa** icon in the URL bar.
|
|
||||||
|
|
||||||
##### **Privacy Preserving Ad Measurement**
|
|
||||||
This is WebKit's own [implementation](https://webkit.org/blog/8943/privacy-preserving-ad-click-attribution-for-the-web/) of privacy preserving ad click attribution. If you do not wish to participate, you can disable this feature.
|
|
||||||
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Toggle Off: <strong>Privacy Preserving Ad Measurement</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
##### **Apple Pay**
|
|
||||||
If you do not use Apple Pay, you can toggle off the ability for websites to check for it.
|
|
||||||
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Toggle Off: <strong>Check for Apple Pay</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
##### **Always-on Private Browsing**
|
|
||||||
Open Safari and press the tabs icon in the bottom right corner. Open Tab Groups, located in the bottom middle.
|
|
||||||
|
|
||||||
<ul style="list-style-type:none;padding-left:0;">
|
|
||||||
<li>Select: <strong>Private</strong>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
#### iCloud Sync
|
|
||||||
While synchronization of Safari History, Tab Groups, and iCloud Tabs is end-to-end encrypted, bookmarks are [not](https://support.apple.com/en-us/HT202303); they are only encrypted in transit and stored in an encrypted format on Apple's servers. Apple may be able to decrypt and access them.
|
|
||||||
|
|
||||||
If you use iCloud, we also recommend checking to ensure Safari's default download location is set to locally on your device. This option can be found in *General* (⚙️ Settings → Safari → General → Downloads).
|
|
||||||
|
|
||||||
#### Extensions
|
|
||||||
We generally do not recommend installing [any extensions](https://www.sentinelone.com/blog/inside-safari-extensions-malware-golden-key-user-data/) as they increase your browser's [attack surface](https://en.wikipedia.org/wiki/Attack_surface); however, if you want content blocking, [AdGuard for Safari](/browsers/#additional-resources) might be useful to you.
|
|
||||||
|
|
||||||
website: https://www.apple.com/safari/
|
|
||||||
privacy_policy: https://www.apple.com/legal/privacy/data/en/safari/
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: https://apps.apple.com/us/app/safari/id1146562112
|
|
@ -1,18 +0,0 @@
|
|||||||
title: uBlock Origin
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/browsers/ublock_origin.svg
|
|
||||||
description: |
|
|
||||||
**uBlock Origin** is a popular content blocker that could help you block ads, trackers, and fingerprinting scripts.
|
|
||||||
|
|
||||||
We suggest enabling all of the [filter lists](https://github.com/gorhill/uBlock/wiki/Dashboard:-Filter-lists) under the "Ads," "Privacy," and "Malware domains". The "Annoyances" and "Multipurpose" lists can also be enabled, but they may break some social media functions. The *AdGuard URL Tracking Protection* filter list makes extensions like CleanURLs and NeatURLs redundant.
|
|
||||||
|
|
||||||
We also suggest adding the [Actually Legitimate URL Shortener Tool](https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt) list and any of the regional lists that might apply to your browsing habits. To add this list, first access settings by clicking on the uBO icon, then the settings icon (⚙️). Go to the bottom of the Filter lists pane and place a checkmark next to Import under the Custom section. Paste the URL of the filter list above into the text area that appears below and click "Apply changes".
|
|
||||||
|
|
||||||
Additional filter lists do slow things down and may increase your [attack surface](https://en.wikipedia.org/wiki/Attack_surface), so only apply what you need.
|
|
||||||
|
|
||||||
uBlock Origin also has different [blocking modes](https://github.com/gorhill/uBlock/wiki/Blocking-mode). The easy mode [might not](https://www.ranum.com/security/computer_security/editorials/dumb/) necessarily keep you safe from every tracker out there, whereas the more advanced modes let you control exactly what needs to run.
|
|
||||||
website: 'https://addons.mozilla.org/firefox/addon/ublock-origin/'
|
|
||||||
privacy_policy: 'https://github.com/gorhill/uBlock/wiki/Privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: https://github.com/gorhill/uBlock
|
|
@ -1,18 +0,0 @@
|
|||||||
title: AdGuard for Safari
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/browsers/adguard.svg
|
|
||||||
description: |
|
|
||||||
**AdGuard for Safari** is a free and open-source content-blocking extension for Safari that uses the native [Content Blocker API](https://developer.apple.com/documentation/safariservices/creating_a_content_blocker). We suggest enabling the filters labled *#recommended* under the "Ad Blocking" and "Privacy" [content blockers](https://kb.adguard.com/en/safari/overview#content-blockers). The *#recommended* filters can also be enabled for the "Social Widgets" and "Annoyances" content blockers, but they may break some social media functions.
|
|
||||||
|
|
||||||
Additional filter lists do slow things down and may increase your [attack surface](https://en.wikipedia.org/wiki/Attack_surface), so only apply what you need.
|
|
||||||
|
|
||||||
There is also [AdGuard for iOS](https://adguard.com/en/adguard-ios/overview.html) which is able to perform system-wide content blocking by means of DNS filtering.
|
|
||||||
website: 'https://adguard.com/en/adguard-safari/overview.html'
|
|
||||||
privacy_policy: 'https://adguard.com/en/privacy/safari.html'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-safari
|
|
||||||
url: 'https://apps.apple.com/app/adguard-for-safari/id1440147259'
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: 'https://apps.apple.com/app/apple-store/id1047223162'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/AdguardTeam/AdGuardForSafari'
|
|
@ -1,9 +0,0 @@
|
|||||||
title: Terms of Service; Didn't Read
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/browsers/terms_of_service_didnt_read.svg
|
|
||||||
description: |
|
|
||||||
**Terms of Service; Didn't Read** grades websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analyses and ratings are published transparently by a community of reviewers.
|
|
||||||
|
|
||||||
We do not recommend installing ToS;DR as a browser extension. The same information is provided on their website.
|
|
||||||
website: 'https://tosdr.org/'
|
|
||||||
privacy_policy: 'https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/privacy/'
|
|
@ -1,26 +0,0 @@
|
|||||||
title: Tor Browser
|
|
||||||
type: Recommendation
|
|
||||||
info: Provides Anonymity
|
|
||||||
logo: /assets/img/browsers/tor.svg
|
|
||||||
description: |
|
|
||||||
**Tor Browser** is the choice if you need anonymity. This browser provides you with access to the Tor Bridges and [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)), along with extensions that can be automatically configured to fit its three security levels - *Standard*, *Safer* and *Safest*. We recommend that you do not change any of Tor Browser's default configurations outside of the standard security levels.
|
|
||||||
|
|
||||||
#### Extensions
|
|
||||||
You should **never** install any additional extensions on Tor Browser, including the ones we suggest for Firefox. Browser extensions make you stand out from other Tor users and your browser easier to [fingerprint](https://support.torproject.org/glossary/browser-fingerprinting).
|
|
||||||
|
|
||||||
website: 'https://www.torproject.org/'
|
|
||||||
website_tor: 'http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/'
|
|
||||||
privacy_policy: 'https://support.torproject.org/tbb/tbb-3/'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://www.torproject.org/download/'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://www.torproject.org/download/'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://www.torproject.org/download/'
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://guardianproject.info/fdroid/'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=org.torproject.torbrowser'
|
|
||||||
- icon: fab fa-git
|
|
||||||
url: 'https://trac.torproject.org/projects/tor'
|
|
@ -1,15 +0,0 @@
|
|||||||
title: RethinkDNS
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/android/rethinkdns.svg
|
|
||||||
logo_dark: /assets/img/android/rethinkdns-dark.svg
|
|
||||||
description: |
|
|
||||||
**RethinkDNS** is an open-source Android client supporting [DNS-over-HTTPS](/dns/#dns-over-https-doh), [DNS-over-TLS](/dns/#dns-over-tls-dot), [DNSCrypt](/dns/#dnscrypt) and DNS Proxy along with caching DNS responses, locally logging DNS queries and can be used as a firewall too.
|
|
||||||
website: 'https://rethinkdns.com'
|
|
||||||
privacy_policy: 'https://rethinkdns.com/privacy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=com.celzero.bravedns'
|
|
||||||
- icon: pg-f-droid
|
|
||||||
url: 'https://f-droid.org/packages/com.celzero.bravedns'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/celzero/rethink-app'
|
|
@ -1,12 +0,0 @@
|
|||||||
title: DNSCloak
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/ios/dnscloak.png
|
|
||||||
privacy_policy: 'https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view'
|
|
||||||
description: |
|
|
||||||
An open-source iOS client supporting [DNS-over-HTTPS](/dns/#dns-over-https-doh), [DNSCrypt](/dns/#dnscrypt), and [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy/wiki) options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can [add custom resolvers by DNS stamp](https://medium.com/privacyguides/adding-custom-dns-over-https-resolvers-to-dnscloak-20ff5845f4b5).
|
|
||||||
website: 'https://github.com/s-s/dnscloak/blob/master/README.md'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: 'https://apps.apple.com/app/id1452162351'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/s-s/dnscloak'
|
|
@ -1,12 +0,0 @@
|
|||||||
title: dnscrypt-proxy
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/dns/dnscrypt-proxy.svg
|
|
||||||
description: |
|
|
||||||
A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
|
||||||
|
|
||||||
## Note
|
|
||||||
The anonymized DNS feature does [**not**](/dns#why-shouldnt-i-use-encrypted-dns) anonymize other network traffic.
|
|
||||||
website: 'https://github.com/DNSCrypt/dnscrypt-proxy/wiki'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/DNSCrypt/dnscrypt-proxy'
|
|
@ -1,36 +0,0 @@
|
|||||||
title: Signal
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/messengers/signal.svg
|
|
||||||
labels: 'color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==All communications pass through a single host. |
|
|
||||||
color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.'
|
|
||||||
description: |
|
|
||||||
**Signal** is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling.
|
|
||||||
|
|
||||||
All communications are E2EE. Contact lists are encrypted using your login PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts who add you.
|
|
||||||
|
|
||||||
Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender/) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Signal requires your phone number as a personal identifier.
|
|
||||||
|
|
||||||
[Sealed Sender](https://signal.org/blog/sealed-sender/) is only enabled for users on your contact list but can be enabled for all recipients with the increased risk of receiving spam.
|
|
||||||
|
|
||||||
#### Technical information
|
|
||||||
The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf) in 2016. The specification for the Signal protocol can be found in their [documentation](https://signal.org/docs/).
|
|
||||||
website: 'https://signal.org'
|
|
||||||
privacy_policy: 'https://signal.org/legal'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://signal.org/download'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://signal.org/download'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://signal.org/download'
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://signal.org/android/apk/#apk-danger'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms'
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: 'https://apps.apple.com/app/id874139669'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/signalapp'
|
|
@ -1,40 +0,0 @@
|
|||||||
title: Element
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/messengers/element.svg
|
|
||||||
labels: 'color==info::icon==fas fa-fw fa-wifi::text==Federated::tooltip==Your communications pass through one of a network of hosts that intercommunicate. |
|
|
||||||
color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==One-on-one voice and video calls are peer-to-peer (option can be disabled). |
|
|
||||||
color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.'
|
|
||||||
description: |
|
|
||||||
**Element** is the reference client for the [Matrix](https://matrix.org/docs/guides/introduction) protocol, an [open standard](https://matrix.org/docs/spec) for secure decentralized real-time communication.
|
|
||||||
|
|
||||||
Messages and files shared in private rooms (those which require an invite) are by default E2EE as are 1 to 1 voice and video calls.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Profile pictures, reactions, and nicknames are not encrypted.
|
|
||||||
|
|
||||||
Group voice and video calls are [not](https://github.com/vector-im/element-web/issues/12878) E2EE, and use Jitsi, but this is expected to change with [Native Group VoIP Signalling](https://github.com/matrix-org/matrix-doc/pull/3401). Group calls have [no authentication](https://github.com/vector-im/element-web/issues/13074) currently, meaning that non room participants can also join the calls. We recommend that you do not use this feature for private meetings.
|
|
||||||
|
|
||||||
When using [element-web](https://github.com/vector-im/element-web), you must trust the server hosting the Element client. If your [threat model](/threat-modeling) requires stronger protection, then use a desktop or mobile client instead.
|
|
||||||
|
|
||||||
#### Technical information
|
|
||||||
The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last) in 2016. The specification for the Matrix protocol can be found in their [documentation](https://spec.matrix.org/latest/). The [Olm](https://matrix.org/docs/projects/other/olm) cryptographic ratchet used by Matrix is an implementation of Signal's [Double Ratchet algorithm](https://signal.org/docs/specifications/doubleratchet/).
|
|
||||||
|
|
||||||
website: 'https://element.io'
|
|
||||||
privacy_policy: 'https://element.io/privacy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://element.io/get-started'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://element.io/get-started'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://element.io/get-started'
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://f-droid.org/packages/im.vector.app/'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=im.vector.app'
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: 'https://apps.apple.com/app/vector/id1083446067'
|
|
||||||
- icon: fas fa-globe-americas
|
|
||||||
url: 'https://app.element.io'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/vector-im/element-web'
|
|
@ -1,26 +0,0 @@
|
|||||||
title: Briar
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/messengers/briar.svg
|
|
||||||
labels: 'color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==Senders and recipients connect directly with no middlemen (can be disabled). |
|
|
||||||
color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together (can be disabled).'
|
|
||||||
description: |
|
|
||||||
**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works/) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar's local mesh mode can be useful when internet availability is a problem.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
To [add a contact](https://briarproject.org/manual/) on Briar, you must both add each other first. You can either exchange `briar://` links or scan a contact's QR code if they are nearby.
|
|
||||||
|
|
||||||
#### Technical information
|
|
||||||
The client software was independently [audited](https://briarproject.org/news/2017-beta-released-security-audit/) and the anonymous routing protocol uses the Tor network which has also been audited.
|
|
||||||
|
|
||||||
Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec).
|
|
||||||
|
|
||||||
Briar supports perfect forward secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
|
|
||||||
website: 'https://briarproject.org'
|
|
||||||
privacy_policy: 'https://briarproject.org/privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://f-droid.org/packages/org.briarproject.briar.android'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=org.briarproject.briar.android'
|
|
||||||
- icon: fab fa-git
|
|
||||||
url: 'https://code.briarproject.org/briar/briar'
|
|
@ -1,34 +0,0 @@
|
|||||||
title: Session
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/messengers/session.svg
|
|
||||||
labels: 'color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together.'
|
|
||||||
description: |
|
|
||||||
**Session** is an encrypted instant messenger that uses three random [service nodes](https://getsession.org/blog/onion-requests-session-new-message-routing-solution) to route messages anonymously on the [Oxen Network](https://oxen.io).
|
|
||||||
|
|
||||||
Session allows for E2EE in one-to-one or closed rooms that allow up to 100 members.
|
|
||||||
|
|
||||||
Open rooms have no restriction on the number of members, but anyone can join.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Session does [not](https://getsession.org/blog/session-protocol-technical-information) support forward secrecy. The key pair for each conversation is not rotated.
|
|
||||||
|
|
||||||
#### Technical information
|
|
||||||
Session was independently [audited](https://getsession.org/session-code-audit/) in 2020. The protocol is described in a [whitepaper](https://arxiv.org/abs/2002.04609).
|
|
||||||
|
|
||||||
website: 'https://getsession.org/'
|
|
||||||
privacy_policy: 'https://getsession.org/privacy-policy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://getsession.org/windows'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://getsession.org/mac'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://www.getsession.org/linux'
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://fdroid.getsession.org/'
|
|
||||||
- icon: fab fa-google-play
|
|
||||||
url: 'https://play.google.com/store/apps/details?id=network.loki.messenger'
|
|
||||||
- icon: fab fa-app-store-ios
|
|
||||||
url: 'https://apps.apple.com/app/id1470168868'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/oxen-io/session-desktop'
|
|
@ -1,22 +0,0 @@
|
|||||||
title: FreeTube
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/video-streaming/freetube.svg
|
|
||||||
description: |
|
|
||||||
**FreeTube** is a free and open source desktop application for [YouTube](https://youtube.com). When using FreeTube, your subscription list and playlists are saved locally on your device.
|
|
||||||
|
|
||||||
FreeTube also features [SponsorBlock](https://sponsor.ajay.app) to help you skip sponsored advertisements. All YouTube advertisements are also blocked by default.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
When using Freetube, your IP address is still known to YouTube, [Invidious](https://instances.invidious.io) and the SponsorBlock instances that you use. Consider using a [VPN](/providers/vpn) or [Tor](https://www.torproject.org) if your [threat model](/threat-modeling) requires hiding your IP address.
|
|
||||||
|
|
||||||
website: 'https://freetubeapp.io'
|
|
||||||
privacy_policy: 'https://freetubeapp.io/privacy.php'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://freetubeapp.io/#download'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://freetubeapp.io/#download'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://freetubeapp.io/#download'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/FreeTubeApp/FreeTube/'
|
|
@ -1,28 +0,0 @@
|
|||||||
title: LBRY
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/video-streaming/lbry.svg
|
|
||||||
description: |
|
|
||||||
**The LBRY network** is a decentralized video sharing network. It uses a [BitTorrent](https://wikipedia.org/wiki/BitTorrent)-like network to store the video content, and a [blockchain](https://wikipedia.org/wiki/Blockchain) to store the indexes for those videos. The main benefit of this design is censorship resistance.
|
|
||||||
|
|
||||||
**The LBRY desktop client** helps you stream videos from the LBRY network and stores your subscription list in your own LBRY wallet.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
We recommend **against** synchronizing your wallet with LBRY Inc., as synchronizing encrypted wallets is not supported yet. If you synchronize your wallet with LBRY Inc., you have to trust them to not look at your subscription list, [LBC](https://lbry.com/faq/earn-credits) funds, or take control of your channel.
|
|
||||||
|
|
||||||
Only the **LBRY desktop client** is recommended. The [Odysee](https://odysee.com) website and the LBRY clients in F-Droid, Play Store, and the AppStore have mandatory synchronization and telemetry.
|
|
||||||
|
|
||||||
While watching and hosting videos, your IP address is visible to the LBRY network. Consider using a [VPN](/providers/vpn) or [Tor](https://www.torproject.org) if your [threat model](/threat-modeling) requires hiding your IP address.
|
|
||||||
|
|
||||||
You can also disable *Save hosting data to help the LBRY network* option (⚙️ Settings → Advanced Settings) to avoid exposing your IP address and watched videos when using LBRY for a prolonged period of time.
|
|
||||||
|
|
||||||
website: 'https://lbry.com/'
|
|
||||||
privacy_policy: 'https://lbry.com/privacypolicy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-windows
|
|
||||||
url: 'https://lbry.com/get'
|
|
||||||
- icon: fab fa-apple
|
|
||||||
url: 'https://lbry.com/osx'
|
|
||||||
- icon: fab fa-linux
|
|
||||||
url: 'https://lbry.com/linux'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/lbryio'
|
|
@ -1,16 +0,0 @@
|
|||||||
title: NewPipe
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/video-streaming/newpipe.svg
|
|
||||||
description: |
|
|
||||||
**NewPipe** is a free and open source Android application for [YouTube](https://youtube.com), [SoundCloud](https://soundcloud.com), [media.ccc.de](https://media.ccc.de), [FramaTube](https://framatube.org), and [Bandcamp](https://bandcamp.com).
|
|
||||||
Your subscription list and playlists are saved locally on your Android device.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
NewPipe is available on the main [F-Droid](https://www.f-droid.org)'s repository. We recommend that you use the NewPipe's own [F-Droid repository](https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo) instead to get faster updates.
|
|
||||||
website: 'https://newpipe.net'
|
|
||||||
privacy_policy: 'https://newpipe.net/legal/privacy'
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/TeamNewPipe/NewPipe'
|
|
@ -1,14 +0,0 @@
|
|||||||
title: NewPipe x SponsorBlock
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/video-streaming/newpipe.svg
|
|
||||||
description: |
|
|
||||||
**NewPipe x SponsorBlock** is a fork of [NewPipe](https://newpipe.net) with [SponsorBlock](https://sponsor.ajay.app) integrated to help you skip sponsored advertisements.
|
|
||||||
It also has some experimental settings such as the ability to use the built-in player for local playback, an option to force fullscreen on landscape mode, and an option to disable error reporting prompts.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
This fork is not endorsed by or affiliated with the upstream project. The NewPipe team has [rejected](https://github.com/TeamNewPipe/NewPipe/pull/3205) integration with SponsorBlock and thus this fork is created to provide this functionality.
|
|
||||||
downloads:
|
|
||||||
- icon: fab fa-android
|
|
||||||
url: 'https://apt.izzysoft.de/fdroid/index/apk/org.polymorphicshade.newpipe'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/polymorphicshade/NewPipe'
|
|
@ -1,23 +0,0 @@
|
|||||||
title: Invidious
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/video-streaming/invidious.svg
|
|
||||||
logo_dark: /assets/img/video-streaming/invidious-dark.svg
|
|
||||||
description: |
|
|
||||||
**Invidious** is a free and open source front end for YouTube that is also self-hostable. There are list of [public instances](https://instances.invidious.io). Some instances have [Tor](https://www.torproject.org) onion services support.
|
|
||||||
|
|
||||||
#### Use case
|
|
||||||
Invidious is useful if you want to disable JavaScript in your browser, such as [Tor Browser](https://www.torproject.org/) on the Safest security setting. It does not provide privacy by itself and we don’t recommend logging into any accounts.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
Invidious does not proxy the video stream through its server by default. Videos watched through Invidious will still make direct connections to Google's servers (googlevideo.com); however, some instances support video proxying. This can be enabled by adding `&local=true` to the URL.
|
|
||||||
|
|
||||||
When self-hosting, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting Invidious, as other peoples' usage will be linked to your hosting.
|
|
||||||
|
|
||||||
When you are using an Invidious instance, be sure to go read the Privacy Policy of that specific instance. Invidious instances can be modified by their owners and therefore may not reflect their associated privacy policy. Some instances have Tor .onion addresses which may grant some privacy as long as your search queries don't contain PII (Personally Identifiable Information).
|
|
||||||
|
|
||||||
website: 'https://invidious.io'
|
|
||||||
downloads:
|
|
||||||
- icon: fas fa-globe-americas
|
|
||||||
url: 'https://instances.invidious.io'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/iv-org/invidious'
|
|
@ -1,22 +0,0 @@
|
|||||||
title: Piped
|
|
||||||
type: Recommendation
|
|
||||||
logo: /assets/img/video-streaming/piped.svg
|
|
||||||
description: |
|
|
||||||
**Piped** is a free and open source front end for YouTube that is also self-hostable. Alternative instances can be selected from "Preferences".
|
|
||||||
|
|
||||||
#### Use case
|
|
||||||
Piped is useful if you want to use [SponsorBlock](https://sponsor.ajay.app) without installing an extension or to access age-restricted content without an account. It does not provide privacy by itself and we don’t recommend logging into any accounts.
|
|
||||||
|
|
||||||
#### Notes
|
|
||||||
When self-hosting, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting Piped, as other peoples' usage will be linked to your hosting.
|
|
||||||
|
|
||||||
When you are using a Piped instance, be sure to go read the Privacy Policy of that specific instance. Piped instances can be modified by their owners and therefore may not reflect their associated privacy policy.
|
|
||||||
|
|
||||||
Piped requires javascript in order to function.
|
|
||||||
|
|
||||||
website: 'https://piped.kavin.rocks/'
|
|
||||||
downloads:
|
|
||||||
- icon: fas fa-globe-americas
|
|
||||||
url: 'https://piped.kavin.rocks'
|
|
||||||
- icon: fab fa-github
|
|
||||||
url: 'https://github.com/TeamPiped/Piped'
|
|
@ -1,21 +0,0 @@
|
|||||||
{% if include.link %}
|
|
||||||
<a
|
|
||||||
href="{{ include.link }}" class="text-decoration-none badge rounded-pill bg-{{ include.color | default: "info" }}"
|
|
||||||
{% if include.tooltip %}
|
|
||||||
data-bs-toggle="tooltip"
|
|
||||||
title="{{ include.tooltip }}"><i class="{{ include.icon | default: "fad fa-question-circle"}}"></i> {{ include.text }}
|
|
||||||
{% else %}><i class="{{ include.icon | default: "fas fa-external-link-alt"}}"></i> {{ include.text }}
|
|
||||||
{% endif %}
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<span
|
|
||||||
class="badge rounded-pill bg-{{ include.color | default: "info" }}"
|
|
||||||
{% if include.tooltip %}
|
|
||||||
data-bs-toggle="tooltip"
|
|
||||||
title="{{ include.tooltip }}"
|
|
||||||
> <i class="{{ include.icon | default: "fad fa-question-circle"}}"></i> {{include.text}}
|
|
||||||
{% else %}
|
|
||||||
> {% if include.icon %}<i class="{{ include.icon }}"></i>{% endif %} {{include.text}}
|
|
||||||
{% endif %}
|
|
||||||
</span>
|
|
||||||
{% endif %}
|
|
@ -1,11 +0,0 @@
|
|||||||
<div class="col-6 my-3">
|
|
||||||
<a href="{{ post.url | prepend: site.baseurl }}" class="text-decoration-none">
|
|
||||||
<div class="card bg-secondary {% if post.cover %}text-100" style="background-image: {{ post.color | default: "linear-gradient(to bottom, rgba(40, 50, 63, 0.3), rgba(40, 50, 63, 0.9))" }}, url(/assets/img/blog/{{ post.cover }}); background-size: cover; background-position: center;"{% else %}text-dm-100"{% endif %}>
|
|
||||||
<div class="card-body d-flex flex-column align-self-end" style="min-height: 300px;">
|
|
||||||
<h2 class="card-title mt-auto">{{ post.title }}</h2>
|
|
||||||
<p class="card-text">{{ post.excerpt }} <strong>Continue Reading...</strong></p>
|
|
||||||
<p class="card-text"><small class="">{% for author in page.author %}{{ author }}{% unless forloop.last %}, {% endunless %}{% endfor %} - {{ post.date | date: "%b %-d, %Y" }}</small></p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</a>
|
|
||||||
</div>
|
|
@ -1,5 +0,0 @@
|
|||||||
<div class="card my-5">
|
|
||||||
<div class="card-body">
|
|
||||||
{{ include.content | default: markdown_text | markdownify }}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
@ -1 +0,0 @@
|
|||||||
<span class="text-nowrap"><span class="flag-icon flag-icon-{{ include.cc | escape | downcase }}" title='{{ site.data.country[include.cc] | escape }}' aria-hidden="true"></span> {{ site.data.country[include.cc] | escape }}</span>
|
|
@ -1,5 +0,0 @@
|
|||||||
<p><em><strong>Privacy Guides</strong> is a socially motivated website that provides information for protecting your data security and privacy.</em></p>
|
|
||||||
|
|
||||||
<p><i class="fab fa-creative-commons fa-fw"></i><i class="fab fa-creative-commons-zero fa-fw"></i> Unless otherwise noted, the original content on this website is made available under a <a href="https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE">CC0 1.0 Universal Public Domain Dedication</a>.
|
|
||||||
|
|
||||||
<p><small>This content was made available by the <a href="https://github.com/orgs/privacyguides/people">Privacy Guides team</a> and <a href="https://github.com/privacyguides/privacyguides.org/graphs/contributors?from=2019-05-11&type=c&to={{ site.build.date }}">contributors</a>. <a href="https://github.com/privacyguides/privacyguides">Get involved</a>! | <a href="https://github.com/privacyguides/privacyguides.org/issues">Open an Issue</a> | <a href="/privacy-policy/">Privacy Policy</a> | <a href="/terms-and-notices/">Website Terms & Notices</a></small></p>
|
|
@ -1,49 +0,0 @@
|
|||||||
<head>
|
|
||||||
<meta charset="utf-8">
|
|
||||||
<meta name="referrer" content="no-referrer">
|
|
||||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
||||||
<meta name="keywords" content="privacy, anonymity, privacy guides, surveillance, encryption">
|
|
||||||
<meta name="description" content="{% if page.description %}{{ page.description | markdownify | strip_html | escape }}{% else %}{{ site.description | escape }}{% endif %}">
|
|
||||||
<link rel="canonical" href="{{ page.url | prepend: site.url | replace:'index.html','' }}">
|
|
||||||
|
|
||||||
<!-- title & Open Graph -->
|
|
||||||
{% if page.title %}
|
|
||||||
<title>{{ page.title }} | {{ site.title }}</title>
|
|
||||||
<meta property="og:title" content="{{ page.title | escape }} | {{ site.title | escape }}" />
|
|
||||||
{% else %}
|
|
||||||
<title>{{ site.title }}{%if page.url == "/" %} — Your Central Privacy and Security Resource{% endif %}</title>
|
|
||||||
<meta property="og:title" content="{{ site.title | escape }}" />
|
|
||||||
{% endif %}
|
|
||||||
<meta property="og:type" content="website" />
|
|
||||||
<meta property="og:url" content="{{ page.url | prepend: site.url }}" />
|
|
||||||
<meta property="og:description" content="{% if page.description %}{{ page.description | markdownify | strip_html | escape }}{% else %}{{ site.description | escape }}{% endif %}"/>
|
|
||||||
<meta property="og:locale" content="en_US" />
|
|
||||||
<meta property="og:site_name" content="{{ site.title | escape }}" />
|
|
||||||
|
|
||||||
<script type="application/ld+json">
|
|
||||||
{{ site.data.schema.organization | jsonify }}
|
|
||||||
</script>
|
|
||||||
|
|
||||||
<!-- blog feeds -->
|
|
||||||
<link rel="alternate" title="Blog (JSON feed)" type="application/json" href="/feed.json" />
|
|
||||||
<link rel="alternate" title="Blog (Atom feed)" type="application/rss+xml" href="/feed.xml" />
|
|
||||||
|
|
||||||
<!-- favicons and theme -->
|
|
||||||
<link rel="apple-touch-icon" sizes="180x180" href="/assets/img/layout/apple-touch-icon.png">
|
|
||||||
<link rel="icon" type="image/png" sizes="32x32" href="/assets/img/layout/favicon-32x32.png">
|
|
||||||
<link rel="icon" type="image/png" sizes="16x16" href="/assets/img/layout/favicon-16x16.png">
|
|
||||||
<link rel="manifest" href="/assets/files/meta/site.webmanifest">
|
|
||||||
<link rel="mask-icon" href="/assets/img/layout/safari-pinned-tab.svg" color="#ffd06f">
|
|
||||||
<link rel="shortcut icon" href="/assets/img/layout/favicon.ico">
|
|
||||||
<meta name="apple-mobile-web-app-title" content="Privacy Guides">
|
|
||||||
<meta name="application-name" content="Privacy Guides">
|
|
||||||
<meta name="msapplication-TileColor" content="#ffd06f">
|
|
||||||
<meta name="msapplication-config" content="/assets/files/meta/browserconfig.xml">
|
|
||||||
<meta name="theme-color" content="#ffd06f">
|
|
||||||
|
|
||||||
<!-- CSS stylesheets -->
|
|
||||||
<link href="/assets/css/app.css?v=20210506" rel="stylesheet">
|
|
||||||
<link href="/assets/fonts/vendor/fontawesome/css/all.min.css?v=6.0.0-beta1" rel="stylesheet">
|
|
||||||
<link id="dark-css" href="/assets/css/dark.css?v=20210506" rel="stylesheet" media="(prefers-color-scheme: dark)">
|
|
||||||
</head>
|
|
@ -1 +0,0 @@
|
|||||||
<hr class="m-5" />
|
|
@ -1,76 +0,0 @@
|
|||||||
<div class="col-xl-4 col-lg-6 col-md-12 mb-4">
|
|
||||||
<div class="card card-{{include.color}}">
|
|
||||||
{% if include.color == "warning" %}
|
|
||||||
<div class="card-header text-dark bg-{{include.color}}">
|
|
||||||
{% else %}
|
|
||||||
<div class="card-header text-white bg-{{include.color}}">
|
|
||||||
{% endif %}
|
|
||||||
<h3 class="h5">{{include.title}}</h3>
|
|
||||||
</div>
|
|
||||||
<div class="card-body">
|
|
||||||
{% if include.labels %}
|
|
||||||
{% assign labels = include.labels | replace:", ", "," | split:"," %}
|
|
||||||
<div class="mb-1">
|
|
||||||
{% for label in labels %}
|
|
||||||
{% assign label_data = label | split:";" %}
|
|
||||||
{% assign color = label_data[0] %}
|
|
||||||
{% assign text = label_data[1] %}
|
|
||||||
{% assign tooltip = label_data[2] | default: "" %}
|
|
||||||
{% assign help_icon = '<i class="far fa-question-circle"></i>' %}
|
|
||||||
<span class="badge rounded-pill bg-{{color}}" {% if tooltip %} data-bs-toggle="tooltip" title="{{ tooltip }}">{{text}} {{ help_icon
|
|
||||||
}}
|
|
||||||
{% else %}
|
|
||||||
>{{text}}
|
|
||||||
{% endif %}
|
|
||||||
</span>
|
|
||||||
{% endfor %}
|
|
||||||
</div>
|
|
||||||
{% endif %}
|
|
||||||
<p>
|
|
||||||
{% if include.image %}
|
|
||||||
<img src="{{include.image}}" width="120" height="120" alt="{{include.title}}" class="panel-item">
|
|
||||||
{% elsif include.icon %}
|
|
||||||
<i class="{{ include.icon }} panel-icon{% if include.iconcolor %} text-{{include.iconcolor}}{% endif %}"></i>
|
|
||||||
{% elsif include.font %}
|
|
||||||
<span class="{{ include.font }} panel-item panel-font" alt="{{ include.title }}"></span>
|
|
||||||
{% endif %}
|
|
||||||
{{include.description}}
|
|
||||||
</p>
|
|
||||||
<div>
|
|
||||||
<p>
|
|
||||||
{% if include.url %}
|
|
||||||
<a class="btn btn-{{include.color}} mb-1" href="{{include.url}}">
|
|
||||||
{% if include.website %}
|
|
||||||
{{include.website}}
|
|
||||||
{% else %}
|
|
||||||
{{ include.url | remove: "https://" | remove: "http://" | remove: "www." | remove: "/" | remove: "github.com" }}
|
|
||||||
{% endif %}
|
|
||||||
</a>
|
|
||||||
{% elsif include.page %}
|
|
||||||
<a class="btn btn-{{include.color}} mb-1" href="{{include.page}}">
|
|
||||||
{% if include.moretext %}
|
|
||||||
{{include.moretext}}
|
|
||||||
{% else %}
|
|
||||||
Learn More
|
|
||||||
{% endif %}
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
{% if include.tor %}
|
|
||||||
<a class="mb-1" data-bs-toggle="tooltip" data-bs-placement="bottom" title="{{include.tor}} Requires specific software to access: torproject.org" href="{{include.tor}}"><img alt="Tor" src="/assets/img/layout/tor.png" width="35" height="35"></a>
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.git %}
|
|
||||||
<a class="mb-1" data-bs-toggle="tooltip" data-bs-placement="bottom" title="{{include.git}} supports source code compiling and open review | is free software" href="{{include.git}}"><img alt="Git" src="assets/img/layout/git.png" width="35"></a>
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.extra_button %}
|
|
||||||
{{include.extra_button}}
|
|
||||||
{% endif %}
|
|
||||||
</p>
|
|
||||||
{% if include.footer %}
|
|
||||||
<p>{{include.footer}}</p>
|
|
||||||
{% endif %}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
@ -1,324 +0,0 @@
|
|||||||
<div class="card">
|
|
||||||
<div class="card-header bg-transparent">
|
|
||||||
<h3 class="h5">
|
|
||||||
{% if include.badges %}
|
|
||||||
<span class="me-2">{{ include.title }}</span>
|
|
||||||
{% assign badges = include.badges | split:"|" %}
|
|
||||||
{% for badge in badges %}
|
|
||||||
{% assign badge_data = badge | split:":" %}
|
|
||||||
{% assign color = badge_data[0] %}
|
|
||||||
{% assign text = badge_data[1] %}
|
|
||||||
{% assign tooltip = badge_data[2] | default: false %}
|
|
||||||
{% assign help_icon = '<i class="far fa-question-circle"></i>' %}
|
|
||||||
<span
|
|
||||||
class="badge rounded-pill bg-{{color}}"
|
|
||||||
{% if tooltip %}
|
|
||||||
data-bs-toggle="tooltip"
|
|
||||||
title="{{ tooltip }}"
|
|
||||||
> {{text}} {{ help_icon }}
|
|
||||||
{% else %}
|
|
||||||
> {{text}}
|
|
||||||
{% endif %}
|
|
||||||
</span>
|
|
||||||
{% endfor %}
|
|
||||||
{% else %}
|
|
||||||
{{ include.title }}
|
|
||||||
{% endif %}
|
|
||||||
</h3>
|
|
||||||
</div>
|
|
||||||
<div class="card-body">
|
|
||||||
<p class="card-text">
|
|
||||||
<picture>
|
|
||||||
{% if include.image-dark %}
|
|
||||||
<source
|
|
||||||
srcset="{{include.image-dark}}"
|
|
||||||
media="(prefers-color-scheme: dark)"
|
|
||||||
>{% endif %}
|
|
||||||
<img
|
|
||||||
src="{{include.image}}"
|
|
||||||
height="120"
|
|
||||||
width="120"
|
|
||||||
class="panel-pic"
|
|
||||||
alt="{{include.title}} logo"
|
|
||||||
>
|
|
||||||
</picture>
|
|
||||||
{{ include.description }}
|
|
||||||
{% if include.labels %}
|
|
||||||
{% assign labels = include.labels | split:"|" %}
|
|
||||||
{% for label in labels %}
|
|
||||||
{% assign label_data = label | split:"::" %}
|
|
||||||
{% for label_attr in label_data %}
|
|
||||||
{% assign attr = label_attr | split:"==" %}
|
|
||||||
{% if attr[0] == "color" %}
|
|
||||||
{% assign color = attr[1] %}
|
|
||||||
{% elsif attr[0] == "link" %}
|
|
||||||
{% assign link = attr[1] %}
|
|
||||||
{% elsif attr[0] == "text" %}
|
|
||||||
{% assign text = attr[1] %}
|
|
||||||
{% elsif attr[0] == "icon" %}
|
|
||||||
{% assign icon = attr[1] %}
|
|
||||||
{% elsif attr[0] == "tooltip" %}
|
|
||||||
{% assign tooltip = attr[1] %}
|
|
||||||
{% endif %}
|
|
||||||
{% endfor %}
|
|
||||||
{% include badge.html
|
|
||||||
link=link
|
|
||||||
color=color
|
|
||||||
text=text
|
|
||||||
icon=icon
|
|
||||||
tooltip=tooltip
|
|
||||||
%}
|
|
||||||
{% assign color = nil %}
|
|
||||||
{% assign link = nil %}
|
|
||||||
{% assign text = nil %}
|
|
||||||
{% assign icon = nil %}
|
|
||||||
{% assign tooltip = nil %}
|
|
||||||
{% endfor %}
|
|
||||||
{% endif %}
|
|
||||||
</p>
|
|
||||||
<div class="d-flex justify-content-between flex-column flex-md-row align-items-start align-items-md-center">
|
|
||||||
<div class="flow-root flex-shrink-0 me-1">
|
|
||||||
<a
|
|
||||||
href="{{include.website}}"
|
|
||||||
rel="noopener"
|
|
||||||
class="btn btn-secondary mt-1 me-1">
|
|
||||||
<i class="fas fa-external-link-alt fa-fw"></i>
|
|
||||||
Website
|
|
||||||
</a>
|
|
||||||
{% if include.privacy-policy %}
|
|
||||||
<a
|
|
||||||
href="{{include.privacy-policy}}"
|
|
||||||
rel="noopener"
|
|
||||||
class="btn btn-primary mt-1 me-1">
|
|
||||||
<i class="fas fa-book fa-fw"></i>
|
|
||||||
Privacy Policy
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
{% if include.tor %}
|
|
||||||
<a
|
|
||||||
href="{{include.tor}}"
|
|
||||||
rel="noopener"
|
|
||||||
class="btn btn-info mt-1 me-1"
|
|
||||||
data-bs-toggle="tooltip"
|
|
||||||
data-bs-placement="bottom"
|
|
||||||
title="Requires specific software to access: torproject.org">
|
|
||||||
<span class="pg-tor text-light"></span>
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
{% if include.i2p %}
|
|
||||||
<a
|
|
||||||
href="{{include.i2p}}"
|
|
||||||
rel="noopener"
|
|
||||||
class="btn btn-primary mt-1 me-1"
|
|
||||||
data-bs-toggle="tooltip"
|
|
||||||
data-bs-placement="bottom"
|
|
||||||
title="Requires specific software to access: geti2p.net">
|
|
||||||
<span class="pg-i2p text-dark"></span>
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="mt-2">
|
|
||||||
{% if include.windows %}
|
|
||||||
{% if include.windows != "" %}
|
|
||||||
<a href="{{ include.windows }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-windows fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-windows fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.mac %}
|
|
||||||
{% if include.mac != "" %}
|
|
||||||
<a href="{{ include.mac }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-macos fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-macos fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.linux %}
|
|
||||||
{% if include.linux != "" %}
|
|
||||||
<a href="{{ include.linux }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-linux fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-linux fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.freebsd %}
|
|
||||||
{% if include.freebsd != "" %}
|
|
||||||
<a href="{{ include.freebsd }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-freebsd fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-freebsd fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.openbsd %}
|
|
||||||
{% if include.openbsd != "" %}
|
|
||||||
<a href="{{ include.openbsd }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-openbsd fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-openbsd fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.netbsd %}
|
|
||||||
{% if include.netbsd != "" %}
|
|
||||||
<a href="{{ include.netbsd }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-netbsd fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-netbsd fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.firefox %}
|
|
||||||
{% if include.firefox != "" %}
|
|
||||||
<a href="{{ include.firefox }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-firefox fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-firefox fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.chrome %}
|
|
||||||
{% if include.chrome != "" %}
|
|
||||||
<a href="{{ include.chrome }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-chrome fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-chrome fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.safari %}
|
|
||||||
{% if include.safari != "" %}
|
|
||||||
<a href="{{ include.safari }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-safari fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-safari fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.opera %}
|
|
||||||
{% if include.opera != "" %}
|
|
||||||
<a href="{{ include.opera }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-opera fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-opera fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.edge %}
|
|
||||||
{% if include.edge != "" %}
|
|
||||||
<a href="{{ include.edge }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-edge fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-edge fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.fdroid %}
|
|
||||||
{% if include.fdroid != "" %}
|
|
||||||
<a href="{{ include.fdroid }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-f-droid fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-f-droid fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.googleplay %}
|
|
||||||
{% if include.googleplay != "" %}
|
|
||||||
<a href="{{ include.googleplay }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-google-play fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-google-play fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.android %}
|
|
||||||
{% if include.android != "" %}
|
|
||||||
<a href="{{ include.android }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-android fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fab fa-android fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.ios %}
|
|
||||||
{% if include.ios != "" %}
|
|
||||||
<a href="{{ include.ios }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-ios fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-ios fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.sailfish %}
|
|
||||||
{% if include.sailfish != "" %}
|
|
||||||
<a href="{{ include.sailfish }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="pg-sailfish-os fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="pg-sailfish-os fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.web %}
|
|
||||||
{% if include.web != "" %}
|
|
||||||
<a href="{{ include.web }}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fas fa-globe-americas fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
</a>
|
|
||||||
{% else %}
|
|
||||||
<i class="fas fa-globe-americas fa-2x fa-fw d-inline pe-1"></i>
|
|
||||||
{% endif %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{{include.icon1}}
|
|
||||||
{{include.icon2}}
|
|
||||||
{{include.icon3}}
|
|
||||||
|
|
||||||
{% if include.github %}
|
|
||||||
<a href="{{include.github}}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-github fa-2x fa-fw d-inline"></i>
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.gitlab %}
|
|
||||||
<a href="{{include.gitlab}}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-gitlab fa-2x fa-fw d-inline"></i>
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.git %}
|
|
||||||
<a href="{{include.git}}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fab fa-git-square fa-2x fa-fw d-inline"></i>
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if include.source %}
|
|
||||||
<a href="{{include.source}}" rel="noopener" class="text-decoration-none text-decoration-none">
|
|
||||||
<i class="fas fa-code-branch fa-2x fa-fw d-inline"></i>
|
|
||||||
</a>
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<br>
|
|
@ -1,14 +0,0 @@
|
|||||||
<div class="col-xl-4 col-lg-6 col-md-12 mb-4">
|
|
||||||
<div class="card card-{{include.color}}">
|
|
||||||
{% if include.color == "warning" %}
|
|
||||||
<div class="card-header text-dark bg-{{include.color}}">
|
|
||||||
{% else %}
|
|
||||||
<div class="card-header text-white bg-{{include.color}}">
|
|
||||||
{% endif %}
|
|
||||||
<h3 class="h5">{{include.title}}</h3>
|
|
||||||
</div>
|
|
||||||
<div class="card-body">
|
|
||||||
{{include.body}}
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
@ -1,59 +0,0 @@
|
|||||||
<h2 id="calendar_contacts" class="anchor"><a href="#calendar_contacts"><i class="fas fa-link anchor-icon"></i></a> Calendar and Contacts Sync</h2>
|
|
||||||
|
|
||||||
<div class="alert alert-warning" role="alert">
|
|
||||||
<strong>If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud, you should pick an alternative here.</strong>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="Nextcloud"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/nextcloud.svg"
|
|
||||||
description="<strong>Nextcloud</strong> is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
|
|
||||||
website="https://nextcloud.com/"
|
|
||||||
privacy-policy="https://nextcloud.com/privacy/"
|
|
||||||
github="https://github.com/nextcloud"
|
|
||||||
windows="https://nextcloud.com/install/"
|
|
||||||
linux="https://nextcloud.com/install/"
|
|
||||||
mac="https://nextcloud.com/install/"
|
|
||||||
freebsd="https://www.freshports.org/deskutils/nextcloudclient/"
|
|
||||||
openbsd="http://openports.se/www/nextcloud"
|
|
||||||
netbsd="http://pkgsrc.se/www/php-nextcloud"
|
|
||||||
android="https://nextcloud.com/install/"
|
|
||||||
ios="https://nextcloud.com/install/"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="EteSync"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/etesync.svg"
|
|
||||||
description="<strong>EteSync</strong> is a secure, end-to-end encrypted, and privacy-respecting cloud backup and synchronization software for your personal information (e.g. contacts and calendars). There are native clients for Android, iOS, and the web, and an adapter layer for most desktop clients. It costs $24 per year to use, or you can host the server yourself for free."
|
|
||||||
website="https://www.etesync.com/"
|
|
||||||
privacy-policy="https://www.etesync.com/tos/#privacy"
|
|
||||||
github="https://github.com/etesync"
|
|
||||||
web="https://client.etesync.com/"
|
|
||||||
windows="https://github.com/etesync/etesync-dav/releases/latest"
|
|
||||||
mac="https://github.com/etesync/etesync-dav/releases/latest"
|
|
||||||
linux="https://github.com/etesync/etesync-dav/releases/latest"
|
|
||||||
freebsd="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
|
|
||||||
openbsd="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
|
|
||||||
netbsd="https://github.com/etesync/etesync-dav/blob/master/README.md#installation"
|
|
||||||
fdroid="https://f-droid.org/packages/com.etesync.syncadapter/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.etesync.syncadapter"
|
|
||||||
ios="https://apps.apple.com/app/id1489574285"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="Email Providers"
|
|
||||||
image="/assets/img/legacy_svg/layout/email.svg"
|
|
||||||
description='Many email providers also offer calendar and or contacts sync services. Refer to our <a href="/providers/email">Email Provider recommendations</a> to choose an email provider and see if they also offer calendar and/or contacts sync.'
|
|
||||||
website="/providers/email"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li>
|
|
||||||
<a href="https://github.com/39aldo39/DecSync">DecSync</a> - DecSync can be used to synchronize RSS, contacts, and calendars without a server by using file synchronization software such as <a href="https://syncthing.net/">Syncthing</a>.
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
@ -1,72 +0,0 @@
|
|||||||
<h2 id="desktopclients" class="anchor"><a href="#desktopclients"><i class="fas fa-link anchor-icon"></i></a> Desktop Email Clients</h2>
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Thunderbird"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/thunderbird.svg"
|
|
||||||
description="Thunderbird is a free, open source, cross-platform email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client developed by the Thunderbird community, and previously by the Mozilla Foundation."
|
|
||||||
website="https://www.thunderbird.net/"
|
|
||||||
privacy-policy="https://www.mozilla.org/privacy/thunderbird/"
|
|
||||||
source="https://hg.mozilla.org/comm-central/"
|
|
||||||
windows="https://www.thunderbird.net"
|
|
||||||
mac="https://www.thunderbird.net"
|
|
||||||
linux="https://www.thunderbird.net/"
|
|
||||||
freebsd="https://www.freshports.org/mail/thunderbird/"
|
|
||||||
openbsd="http://openports.se/mail/mozilla-thunderbird"
|
|
||||||
netbsd="http://pkgsrc.se/mail/thunderbird"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Mailvelope"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/mailvelope.svg"
|
|
||||||
description="Mailvelope is a browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard."
|
|
||||||
website="https://www.mailvelope.com/en"
|
|
||||||
privacy-policy="https://www.mailvelope.com/en/privacy-policy"
|
|
||||||
github="https://github.com/mailvelope/mailvelope"
|
|
||||||
firefox="https://addons.mozilla.org/firefox/addon/mailvelope/"
|
|
||||||
chrome="https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke?hl"
|
|
||||||
edge="https://microsoftedge.microsoft.com/addons/detail/mailvelope/dgcbddhdhjppfdfjpciagmmibadmoapc"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://neomutt.org/">NeoMutt</a> - NeoMutt is an open-source command line mail reader (or MUA) for Linux and BSD. It’s a fork of <a href="https://en.wikipedia.org/wiki/Mutt_(email_client)">Mutt</a> with added features.
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h2 id="mobileclients" class="anchor"><a href="#mobileclients"><i class="fas fa-link anchor-icon"></i></a> Mobile Email Clients</h2>
|
|
||||||
|
|
||||||
<h3 id="adroidclients" class="anchor"><a href="#adroidclients"><i class="fas fa-link anchor-icon"></i></a> Android Email Clients</h3>
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="FairEmail"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/fairemail.svg"
|
|
||||||
description="FairEmail is a minimal, open source email app, using open standards (IMAP, SMTP, OpenPGP) with a low data and battery usage."
|
|
||||||
website="https://email.faircode.eu/"
|
|
||||||
privacy-policy="https://github.com/M66B/FairEmail/blob/master/PRIVACY.md"
|
|
||||||
github="https://github.com/M66B/FairEmail"
|
|
||||||
fdroid="https://f-droid.org/en/packages/eu.faircode.email/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=eu.faircode.email"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="K-9 Mail"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/k9mail.svg"
|
|
||||||
description="K-9 Mail is an independent mail application that supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP."
|
|
||||||
website="https://k9mail.app/"
|
|
||||||
privacy-policy="https://k9mail.app/privacy"
|
|
||||||
github="https://github.com/k9mail"
|
|
||||||
fdroid="https://f-droid.org/packages/com.fsck.k9/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.fsck.k9"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3 id="iosclients" class="anchor"><a href="#iosclients"><i class="fas fa-link anchor-icon"></i></a> iOS Email Clients</h3>
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Canary Mail"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/canarymail.svg"
|
|
||||||
labels="color==warning::link==https://canarymail.io/faq.html::text==Closed source::tooltip==The source programming code for Canary Mail is not available. Canary Mail is a proprietary application."
|
|
||||||
description="Canary Mail is a paid email client designed to make end-to-end encryption seamless with security features such as a biometric app lock."
|
|
||||||
website="https://canarymail.io/"
|
|
||||||
privacy-policy="https://canarymail.io/privacy.html"
|
|
||||||
ios="https://apps.apple.com/app/id1236045954"
|
|
||||||
%}
|
|
@ -1,241 +0,0 @@
|
|||||||
<h2 id="email" class="anchor"><a href="#email"><i class="fas fa-link anchor-icon"></i></a> Recommended Email Services</h2>
|
|
||||||
|
|
||||||
<div class="alert alert-success" role="alert">
|
|
||||||
<strong>Our recommended providers operate outside of the US, adopt modern email technology, and meet <a href="/providers/email/#criteria">our other criteria</a> for listing</strong>.
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="container-fluid">
|
|
||||||
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img
|
|
||||||
src="/assets/img/legacy_svg/3rd-party/protonmail.svg"
|
|
||||||
height="70"
|
|
||||||
width="200"
|
|
||||||
class="img-fluid d-block me-auto ms-auto align-middle"
|
|
||||||
alt="ProtonMail">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h2 id="protonmail" class="anchor"><a href="#protonmail"><i class="fas fa-link anchor-icon"></i></a> ProtonMail {% include badge.html color="info" text="Free" %}</h2>
|
|
||||||
<p><strong><a href="https://protonmail.com">ProtonMail.com</a></strong> is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since <strong>2013</strong>. ProtonMail is based in Genève, <span class="flag-icon flag-icon-ch"></span> Switzerland. Accounts start with 500 MB storage with their free plan.</p>
|
|
||||||
|
|
||||||
<p>Free accounts have some limitations, such as not being able to search body text and not having access to <a href="https://protonmail.com/bridge">ProtonMail Bridge</a>, which is required to use a <a href="/software/email">recommended desktop email client</a> (e.g. Thunderbird). Paid accounts are available starting at <strong>€48/y</strong> which include features like ProtonMail Bridge, additional storage, and custom domain support.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
|
|
||||||
<p>Paid ProtonMail users can use their own domain with the service. <a href="https://protonmail.com/support/knowledge-base/catch-all/">Catch-all</a> addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports <a href="https://protonmail.com/support/knowledge-base/creating-aliases/">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
|
|
||||||
<p>ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
|
|
||||||
<p>ProtonMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> <a href="https://protonmail.com/support/knowledge-base/two-factor-authentication/">two factor authentication</a> only. The use of a <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key is not yet supported. ProtonMail is planning to implement U2F upon completion of their <a href="https://reddit.com/comments/cheoy6/comment/feh2lw0/">Single Sign On (SSO)</a> code.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
|
|
||||||
<p>ProtonMail has <a href="https://protonmail.com/blog/zero-access-encryption">zero access encryption at rest</a> for your emails, <a href="https://protonmail.com/blog/encrypted-contacts-manager">address book contacts</a>, and <a href="https://protonmail.com/blog/protoncalendar-security-model">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
|
|
||||||
<p>ProtonMail has <a href="https://protonmail.com/support/knowledge-base/how-to-use-pgp">integrated OpenPGP encryption</a> in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to <a href="https://protonmail.com/support/knowledge-base/encrypt-for-outside-users">encrypt messages to non-ProtonMail users</a> without the need for them to sign up for a ProtonMail account or use software like OpenPGP.</p>
|
|
||||||
<p>ProtonMail also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text=".onion Service" %}</h5>
|
|
||||||
<p>ProtonMail's login and services are accessible over Tor, <a href="https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/">protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion</a></p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
|
|
||||||
<p>ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img
|
|
||||||
src="/assets/img/legacy_svg/3rd-party/mailboxorg.svg"
|
|
||||||
height="70"
|
|
||||||
width="200"
|
|
||||||
class="img-fluid d-block me-auto ms-auto align-middle"
|
|
||||||
alt="Mailbox">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h2 id="mailbox" class="anchor"><a href="#mailbox"><i class="fas fa-link anchor-icon"></i></a> Mailbox.org {% include badge.html color="info" text="€12/y" %}</h2>
|
|
||||||
<p><strong><a href="https://mailbox.org">Mailbox.org</a></strong> is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since <strong>2014</strong>. Mailbox.org is based in Berlin, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
|
|
||||||
<p>Mailbox.org lets users use their own domain and they support <a href="https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain">catch-all</a> addresses. Mailbox.org also supports <a href="https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
|
|
||||||
<p>Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
|
|
||||||
<p>Mailbox.org supports <a href="https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA">two factor authentication</a> for their webmail only. You can use either <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or a <a href="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> via the <a href="https://www.yubico.com/products/services-software/yubicloud">Yubicloud</a>. Web standards such as <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <a href="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
|
|
||||||
<p>Mailbox.org allows for encryption of incoming mail using their <a href="https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox">encrypted mailbox</a>. New messages that you receive will then be immediately encrypted with your public key.</p>
|
|
||||||
<p>However, <a href="https://en.wikipedia.org/wiki/Open-Xchange">Open-Exchange</a>, the software platform used by Mailbox.org, <a href="https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book">does not support</a> the encryption of your address book and calendar. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate for that information.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
|
|
||||||
<p>Mailbox.org has <a href="https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow <a href="https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP">remote recipients to decrypt an email</a> on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.</p>
|
|
||||||
<p>Mailbox.org also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text=".onion Service" %}</h5>
|
|
||||||
<p>You can access your Mailbox.org account via IMAP/SMTP using <a href="https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org">their .onion service</a>. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
|
|
||||||
<p>All accounts come with limited cloud storage that <a href="https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive">can be encrypted</a>. Mailbox.org also offers the alias <a href="https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely">@secure.mailbox.org</a>, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports <a href="https://en.wikipedia.org/wiki/Exchange_ActiveSync">Exchange ActiveSync</a> in addition to standard access protocols like IMAP and POP3.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img
|
|
||||||
src="/assets/img/legacy_svg/3rd-party/disroot.svg"
|
|
||||||
data-theme-src="/assets/img/legacy_svg/3rd-party/disroot-dark.svg"
|
|
||||||
height="70"
|
|
||||||
width="200"
|
|
||||||
class="img-fluid d-block me-auto ms-auto align-middle"
|
|
||||||
alt="Disroot">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h2 id="disroot" class="anchor"><a href="#disroot"><i class="fas fa-link anchor-icon"></i></a> Disroot {% include badge.html color="info" text="Free" %}</h2>
|
|
||||||
<p><strong><a href="https://disroot.org/en/services/email">Disroot</a></strong> offers email amongst <a href="https://disroot.org/en/#services">other services</a>. The service is maintained by volunteers and its community. They have been in operation since <strong>2015</strong>. Disroot is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
|
|
||||||
<p>Disroot lets users use their own domain. They have aliases, however you must <a href="https://disroot.org/en/forms/alias-request-form">manually apply</a> for them.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
|
|
||||||
<p>Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
|
|
||||||
<p>Disroot supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication for webmail only. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
|
|
||||||
<p>Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
|
|
||||||
<p>Disroot also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
|
|
||||||
<p>Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
|
|
||||||
<p>Disroot does not operate a .onion service.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
|
|
||||||
<p>They offer <a href="https://disroot.org/en/#services">other services</a> such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app <a href="https://f-droid.org/packages/org.disroot.disrootapp/">available in F-Droid</a>.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img
|
|
||||||
src="/assets/img/legacy_svg/3rd-party/tutanota.svg"
|
|
||||||
data-theme-src="/assets/img/legacy_svg/3rd-party/tutanota-dark.svg"
|
|
||||||
height="70"
|
|
||||||
width="200"
|
|
||||||
class="img-fluid d-block me-auto ms-auto align-middle"
|
|
||||||
alt="Tutanota">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h2 id="tutanota" class="anchor"><a href="#tutanota"><i class="fas fa-link anchor-icon"></i></a> Tutanota {% include badge.html color="info" text="Free" %}</h2>
|
|
||||||
<p><strong><a href="https://tutanota.com">Tutanota.com</a></strong> is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since <strong>2011</strong> and is based in Hanover, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 1GB storage with their free plan.</p>
|
|
||||||
<p>Tutanota <a href="https://tutanota.com/faq/#imap">doesn't allow</a> the use of third-party <a href="/software/email/">email clients</a>. Tutanota has no plans pull email from <a href="https://github.com/tutao/tutanota/issues/544#issuecomment-670473647">external email accounts</a> using the <a href="https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</a> protocol. <a href="https://github.com/tutao/tutanota/issues/630">Email import</a> is currently not possible.</p>
|
|
||||||
<p>Emails can be exported <a href="https://tutanota.com/howto#generalMail">individually or by bulk selection</a>. Tutanota does not allow for <a href="https://github.com/tutao/tutanota/issues/927">subfolders</a> as you might expect with other email providers.</p>
|
|
||||||
<p>Tutanota is working on a <a href="https://tutanota.com/blog/posts/desktop-clients/">desktop client</a> and they have an app <a href="https://f-droid.org/packages/de.tutao.tutanota">available in F-Droid</a>. They also have their app in conventional stores such as <a href="https://apps.apple.com/us/app/tutanota/id922429609">App Store</a> on iOS and <a href="https://play.google.com/store/apps/details?id=de.tutao.tutanota">Google Play</a> for Android.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
|
|
||||||
<p>Paid Tutanota accounts can use up to 5 <a href="https://tutanota.com/faq#alias">aliases</a> and <a href="https://tutanota.com/faq#custom-domain">custom domains</a>. Tutanota doesn't allow for <a href="https://tutanota.com/faq#plus">subaddressing (plus addresses)</a>, but you can use a <a href="https://tutanota.com/howto#settings-global">catch-all</a> with a custom domain.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
|
|
||||||
<p>Tutanota only directly accepts credit cards and PayPal, however Bitcoin and Monero can be used to purchase gift cards via their <a href="https://tutanota.com/faq/#cryptocurrency">partnership</a> with Proxystore.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
|
|
||||||
<p>Tutanota supports <a href="https://tutanota.com/faq#2fa">two factor authentication</a>. Users can either use <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a>. U2F support is <a href="https://github.com/tutao/tutanota/issues/443">not yet available on Android</a>.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
|
|
||||||
<p>Tutanota has <a href="https://tutanota.com/faq#what-encrypted">zero access encryption at rest</a> for your emails, <a href="https://tutanota.com/faq#encrypted-address-book">address book contacts</a>, and <a href="https://tutanota.com/faq#calendar">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Email Encryption" %}</h5>
|
|
||||||
<p>Tutanota <a href="https://www.tutanota.com/faq/#pgp">does not use OpenPGP</a>. Tutanota users can only receive encrypted emails when external users send them through a <a href="https://www.tutanota.com/howto/#encrypted-email-external">temporary Tutanota mailbox</a>.</p>
|
|
||||||
<p>Tutanota <a href="https://github.com/tutao/tutanota/issues/198">does have plans</a> to support <a href="https://autocrypt.org">AutoCrypt</a>. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
|
|
||||||
<p>Tutanota does not operate a .onion service but <a href="https://github.com/tutao/tutanota/issues/528">may consider</a> it in the future.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
|
|
||||||
<p>Tutanota offers the business version of <a href="https://tutanota.com/blog/posts/secure-email-for-non-profit">Tutanota to non-profit organizations</a> for free or with a heavy discount.</p>
|
|
||||||
|
|
||||||
<p>Tutanota also has a business feature called <a href="https://tutanota.com/secure-connect/">Secure Connect</a>. This ensures customer contact to the business uses E2EE. The feature costs €240/y.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img
|
|
||||||
src="/assets/img/legacy_svg/3rd-party/startmail.svg"
|
|
||||||
data-theme-src="/assets/img/legacy_svg/3rd-party/startmail-dark.svg"
|
|
||||||
height="70"
|
|
||||||
width="200"
|
|
||||||
class="img-fluid d-block me-auto ms-auto align-middle"
|
|
||||||
alt="StartMail">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h2 id="startmail" class="anchor"><a href="#startmail"><i class="fas fa-link anchor-icon"></i></a> StartMail {% include badge.html color="info" text="Personal USD $59.95/y" %}</h2>
|
|
||||||
<p><strong><a href="https://startmail.com">StartMail.com</a></strong> is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since <strong>2014</strong> and is based in Boulevard 11, Zeist <span class="flag-icon flag-icon-nl"></span> Netherlands. Accounts start with 10GB. They offer a 30-day trial.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
|
|
||||||
<p>Personal accounts can use <a href="https://support.startmail.com/hc/en-us/articles/360007297457-Aliases">Custom or Quick</a> aliases. <a href="https://support.startmail.com/hc/en-us/articles/4403911432209-Setup-a-custom-domain">Custom domains</a> are also available.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
|
|
||||||
<p>StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other <a href="https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods">payment options</a> such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
|
|
||||||
<p>StartMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://support.startmail.com/hc/en-us/articles/360006682158-Two-factor-authentication-2FA">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
|
|
||||||
<p>StartMail has <a href="https://www.startmail.com/en/whitepaper/#_Toc458527835">zero access encryption at rest</a>, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.</p>
|
|
||||||
|
|
||||||
<p>StartMail supports importing <a href="https://support.startmail.com/hc/en-us/articles/360006495557-Import-contacts">contacts</a> however, they are only accessible in the webmail and not through protocols such as <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a>. Contacts are also not stored using zero knowledge encryption, so a <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
|
|
||||||
<p>StartMail has <a href="https://support.startmail.com/hc/en-us/sections/360001889078-Encryption">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
|
|
||||||
<p>StartMail does not operate a .onion service.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
|
|
||||||
<p>StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img
|
|
||||||
src="/assets/img/legacy_svg/3rd-party/ctemplar.svg"
|
|
||||||
data-theme-src="/assets/img/legacy_svg/3rd-party/ctemplar-dark.svg"
|
|
||||||
height="70"
|
|
||||||
width="200"
|
|
||||||
class="img-fluid d-block me-auto ms-auto align-middle"
|
|
||||||
alt="CTemplar">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h2 id="ctemplar" class="anchor"><a href="#ctemplar"><i class="fas fa-link anchor-icon"></i></a> CTemplar {% include badge.html color="info" text="Prime USD $96/y" %}</h2>
|
|
||||||
<p><strong><a href="https://ctemplar.com">CTemplar</a></strong> is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. CTemplar has been in operation since <strong>2018</strong> and is run from <span class="flag-icon flag-icon-is"></span> Iceland. Paid accounts start with 5GB. They offer free accounts by <a href="https://ctemplar.com/email-creation-restriction/">invitation</a>.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
|
|
||||||
<p>Paid accounts can use <a href="https://ctemplar.com/help/answer/add-a-domain/">Custom Domains </a> and <a href="https://ctemplar.com/help/answer/how-to-create-aliases/">aliases</a>.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
|
|
||||||
<p>CTemplar <a href="https://ctemplar.com/help/answer/payment-options/">payment options</a> include Credit cards via Stripe, Bitcoin and Monero.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
|
|
||||||
<p>CTemplar supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://ctemplar.com/help/answer/setting-up-two-factor-authentication-2fa/">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
|
|
||||||
<p>CTemplar has <a href="https://ctemplar.com/help/answer/what-encryption-method-is-used/">zero access encryption at rest</a>, using PGP. They support <a href="https://datatracker.ietf.org/doc/html/draft-autocrypt-lamps-protected-headers-02/">protected headers</a> and therefore there is <a href="https://ctemplar.com/help/answer/subject-encryption/">subject encryption</a>.</p>
|
|
||||||
|
|
||||||
<p>CTemplar supports importing <a href="https://ctemplar.com/help/answer/importing-contacts/">contacts</a> and <a href="https://ctemplar.com/help/answer/contact-encryption/">contacts are encrypted</a> at rest however, they are only accessible in the webmail and apps.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
|
|
||||||
<p>CTemplar has <a href="https://ctemplar.com/help/answer/how-does-encryption-decryption-work-in-ctemplar/">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="warning" text=".onion Service" %}</h5>
|
|
||||||
<p>CTemplar's .onion service <a href="http://ctemplarpizuduxk3fkwrieizstx33kg5chlvrh37nz73pv5smsvl6ad.onion /">ctemplarpizuduxk3fkwrieizstx33kg5chlvrh37nz73pv5smsvl6ad.onion</a> is <a href="https://twitter.com/RealCTemplar/status/1458775445202157570">currently disabled</a> for webmail access, due to a Tor Browser <a href="https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/32865">bug</a>.</p>
|
|
||||||
|
|
||||||
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
|
|
||||||
<p>CTemplar has a <a href="https://ctemplar.com/help/answer/setting-up-a-dead-mans-timer/">dead man timer</a> feature that will automatically send a specific message that you've set after a given period of time.</p>
|
|
||||||
<p>CTemplar also has a feature that allows users verify <a href="https://ctemplar.com/ctemplar-checksum-implementation/">checksums</a> of production pages with a public copy on Github.</p>
|
|
||||||
<p>Electron clients exist for Windows, Mac and Linux. Official clients also exist for iOS and Android (<a href="https://f-droid.org/en/packages/com.ctemplar.app.fdroid">including F-Droid</a>.) All of these clients are <a href="https://github.com/orgs/CTemplar/repositories">open source</a>.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
@ -1,10 +0,0 @@
|
|||||||
|
|
||||||
<div class="card border-danger">
|
|
||||||
<div class="card-header text-danger"><i class="fas fa-exclamation-circle fa-fw"></i> Warning</div>
|
|
||||||
<div class="card-body">
|
|
||||||
<p class="card-text text-danger">When using end-to-end encryption (E2EE) technology like <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy">OpenPGP</a>, email will still have some metadata that is not encrypted in the header of the email. <a href="/providers/email/#metadata">Read more about email metadata.</a></p>
|
|
||||||
<p class="card-text text-danger">OpenPGP also does not support <a href="https://en.wikipedia.org/wiki/Forward_secrecy">Forward secrecy</a>, which means if either your or the recipient's private key is ever stolen, <strong>all</strong> previous messages encrypted with it will be exposed. <a href="/providers/email/#email-encryption">How do I protect my private keys?</a></p>
|
|
||||||
<p class="card-text text-info">Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.</p>
|
|
||||||
<a href="/real-time-communication/" class="btn btn-outline-info">Recommended Instant Messengers</a>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
@ -1,44 +0,0 @@
|
|||||||
<div class="alert alert-warning" role="alert">
|
|
||||||
<strong>If you are currently not using encryption software for your hard disk, emails, or file archives, you should pick one here.</strong>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="VeraCrypt - Disk Encryption"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/veracrypt.svg"
|
|
||||||
image-dark="/assets/img/legacy_svg/3rd-party/veracrypt-dark.svg"
|
|
||||||
description="<strong>VeraCrypt</strong> is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed."
|
|
||||||
website="https://veracrypt.fr/"
|
|
||||||
git="https://www.veracrypt.fr/code/"
|
|
||||||
windows="https://www.veracrypt.fr/en/Downloads.html"
|
|
||||||
linux="https://www.veracrypt.fr/en/Downloads.html"
|
|
||||||
mac="https://www.veracrypt.fr/en/Downloads.html"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="GNU Privacy Guard - Email Encryption"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/gnupg.svg"
|
|
||||||
description="<strong>GnuPG</strong> is a GPL-licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government."
|
|
||||||
website="https://gnupg.org/"
|
|
||||||
privacy-policy="https://gnupg.org/privacy-policy.html"
|
|
||||||
git="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git"
|
|
||||||
windows="https://gpg4win.org/download.html"
|
|
||||||
linux="https://gnupg.org/download/index.html#binary"
|
|
||||||
freebsd="https://www.freshports.org/security/gnupg/"
|
|
||||||
openbsd="http://openports.se/security/gnupg"
|
|
||||||
netbsd="http://pkgsrc.se/security/gnupg"
|
|
||||||
mac="https://gpgtools.org/"
|
|
||||||
fdroid="https://f-droid.org/app/org.sufficientlysecure.keychain"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://cryptomator.org/">Cryptomator</a> - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.</li>
|
|
||||||
<li><a href="https://gitlab.com/cryptsetup/cryptsetup/">Linux Unified Key Setup (LUKS)</a> - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.</li>
|
|
||||||
<li><a href="https://www.dyne.org/software/tomb/">Tomb</a> - A simple zsh script for making LUKS containers on the commandline.</li>
|
|
||||||
<li><a href="https://hat.sh/">Hat.sh</a> - A web application that provides secure client-side file encryption in your browser. It can also be selfhosted.</li>
|
|
||||||
<li><a href="https://www.kryptor.co.uk/">Kryptor</a> - Free and open source file encryption software for Windows, macOS, and Linux.</li>
|
|
||||||
</ul>
|
|
@ -1,36 +0,0 @@
|
|||||||
<h2 id="filesharing" class="anchor"><a href="#filesharing"><i class="fas fa-link anchor-icon"></i></a> File Sharing</h2>
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="OnionShare"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/onionshare.svg"
|
|
||||||
website="https://onionshare.org/"
|
|
||||||
tor="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/"
|
|
||||||
description="OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files."
|
|
||||||
github="https://github.com/micahflee/onionshare"
|
|
||||||
windows="https://onionshare.org/#downloads"
|
|
||||||
mac="https://onionshare.org/#downloads"
|
|
||||||
linux="https://onionshare.org/#downloads"
|
|
||||||
freebsd="https://www.freshports.org/www/onionshare/"
|
|
||||||
openbsd="http://openports.se/net/onionshare"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Magic Wormhole"
|
|
||||||
image="/assets/img/legacy_png/3rd-party/magic_wormhole.png"
|
|
||||||
website="https://magic-wormhole.readthedocs.io"
|
|
||||||
description="Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: \"Get things from one computer to another, safely.\""
|
|
||||||
github="https://github.com/warner/magic-wormhole"
|
|
||||||
windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
|
|
||||||
mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
|
|
||||||
linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
|
|
||||||
freebsd="https://www.freshports.org/net/py-magic-wormhole/"
|
|
||||||
openbsd="https://pypi.org/project/magic-wormhole/"
|
|
||||||
netbsd="https://pypi.org/project/magic-wormhole/"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://github.com/schollz/croc">croc</a> - Easily and securely send arbitrary-sized files from one computer to another. Similar to Magic Wormhole but without dependencies.</li>
|
|
||||||
<li><a href="https://freedombox.org/">FreedomBox</a> - Designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or XMPP server, to a wiki, or VPN.</li>
|
|
||||||
</ul>
|
|
@ -1,26 +0,0 @@
|
|||||||
<h2 id="sync" class="anchor">
|
|
||||||
<a href="#sync"><i class="fas fa-link anchor-icon"></i></a>
|
|
||||||
File Sync
|
|
||||||
</h2>
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="Syncthing"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/syncthing.svg"
|
|
||||||
description="<strong>Syncthing</strong> replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third-party, and how it is transmitted over the Internet."
|
|
||||||
website="https://syncthing.net/"
|
|
||||||
github="https://github.com/syncthing?type=source"
|
|
||||||
windows="https://github.com/syncthing/syncthing-gtk/releases/latest"
|
|
||||||
linux="https://github.com/syncthing/syncthing-gtk/releases/latest"
|
|
||||||
mac="https://github.com/syncthing/syncthing-macos/releases/latest"
|
|
||||||
fdroid="https://f-droid.org/packages/com.github.catfriend1.syncthingandroid/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.github.catfriend1.syncthingandroid"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li>
|
|
||||||
<a href="https://git-annex.branchable.com/">git-annex</a> - Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle, whether due to limitations in memory, time, or disk space.
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
@ -1,15 +0,0 @@
|
|||||||
<h2 id="iaddons" class="anchor"><a href="#iaddons"><i class="fas fa-link anchor-icon"></i></a> iOS Privacy Add-ons</h2>
|
|
||||||
|
|
||||||
<div class="container-fluid">
|
|
||||||
|
|
||||||
<div class="row mb-2">
|
|
||||||
<div class="col-lg-3 col-sm-12 pt-lg-5">
|
|
||||||
<img src="/assets/img/legacy_png/3rd-party/adguard.png" height="70" width="70" class="img-fluid d-block me-auto ms-auto align-middle" alt="AdGuard">
|
|
||||||
</div>
|
|
||||||
<div class="col">
|
|
||||||
<h3>Block content in Safari with <a href="https://adguard.com/en/adguard-ios/overview.html">AdGuard for iOS</a></h3>
|
|
||||||
<p><strong>AdGuard for iOS</strong> is a free (and <a href="https://github.com/AdguardTeam/AdguardForiOS">open-source</a>) content-blocking app that allows you to set filters within Safari. As required by iOS, it uses the native <a href="https://developer.apple.com/documentation/safariservices/creating_a_content_blocker">Content Blocker API</a> for even greater privacy.</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</div>
|
|
@ -1,88 +0,0 @@
|
|||||||
<h2 id="kdl" class="anchor"><a href="#kdl"><i class="fas fa-link anchor-icon"></i></a> Key Disclosure Law</h2>
|
|
||||||
|
|
||||||
<h3>Who is required to hand over the encryption keys to authorities?</h3>
|
|
||||||
|
|
||||||
<p>Mandatory <a href="https://en.wikipedia.org/wiki/Key_disclosure_law">key disclosure laws</a> require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.</p> <p><a href="https://en.wikipedia.org/wiki/Steganography">Steganography</a> involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).</p>
|
|
||||||
|
|
||||||
<div class="row mb-2">
|
|
||||||
|
|
||||||
{% include legacy/panel.html color="danger"
|
|
||||||
title="Key disclosure laws apply"
|
|
||||||
body='
|
|
||||||
<ol class="card-ol">
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Antigua_and_Barbuda">Antigua and Barbuda</a> <div class="float-end"><span class="flag-icon flag-icon-ag"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Australia">Australia</a> <div class="float-end"><span class="flag-icon flag-icon-au"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#France">France</a> <div class="float-end"><span class="flag-icon flag-icon-fr"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#India">India</a> <div class="float-end"><span class="flag-icon flag-icon-in"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Ireland">Ireland</a> <div class="float-end"><span class="flag-icon flag-icon-ie"></span></div></li>
|
|
||||||
<li><a href="https://edri.org/norway-introduces-forced-biometric-authentication/">Norway</a> <div class="float-end"><span class="flag-icon flag-icon-no"></span></div></li>
|
|
||||||
<li><a href="https://www.bloomberg.com/news/articles/2018-03-20/telegram-loses-bid-to-stop-russia-from-getting-encryption-keys">Russia</a> <div class="float-end"><span class="flag-icon flag-icon-ru"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#South_Africa">South Africa</a> <div class="float-end"><span class="flag-icon flag-icon-za"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom">United Kingdom</a> <div class="float-end"><span class="flag-icon flag-icon-gb"></span></div></li>
|
|
||||||
</ol>
|
|
||||||
'
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/panel.html color="danger"
|
|
||||||
title="Key disclosure laws may apply"
|
|
||||||
body='
|
|
||||||
<ol class="card-ol">
|
|
||||||
<li><a href="https://tweakers.net/nieuws/163116/belgische-rechter-verdachte-mag-verplicht-worden-code-smartphone-af-te-staan.html">Belgium</a> <div class="float-end"><span class="flag-icon flag-icon-be"></span></div></li>
|
|
||||||
<li><a href="https://www.riigiteataja.ee/akt/106012016019">Estonia</a> <div class="float-end"><span class="flag-icon flag-icon-ee"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Finland">Finland *</a> <div class="float-end"><span class="flag-icon flag-icon-fi"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#New_Zealand">New Zealand</a> (unclear) <div class="float-end"><span class="flag-icon flag-icon-nz"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#The_Netherlands">The Netherlands *</a> <div class="float-end"><span class="flag-icon flag-icon-nl"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Sweden">Sweden</a> (proposed) <div class="float-end"><span class="flag-icon flag-icon-se"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#United_States">United States</a> (see related info) <div class="float-end"><span class="flag-icon flag-icon-us"></span></div></li>
|
|
||||||
</ol>
|
|
||||||
'
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/panel.html color="secondary"
|
|
||||||
title="Key disclosure laws don't apply"
|
|
||||||
body='
|
|
||||||
<ol class="card-ol">
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Canada">Canada</a> <div class="float-end"><span class="flag-icon flag-icon-ca"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Czech_Republic">Czech Republic</a> <div class="float-end"><span class="flag-icon flag-icon-cz"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Germany">Germany</a> <div class="float-end"><span class="flag-icon flag-icon-de"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Iceland">Iceland</a> <div class="float-end"><span class="flag-icon flag-icon-is"></span></div></li>
|
|
||||||
<li><a href="https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/italy">Italy</a> <div class="float-end"><span class="flag-icon flag-icon-it"></span></div></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Poland">Poland</a> <div class="float-end"><span class="flag-icon flag-icon-pl"></span></div></li>
|
|
||||||
<li><a href="https://www.wikipedia.org/wiki/Key_disclosure_law#Switzerland">Switzerland</a> <div class="float-end"><span class="flag-icon flag-icon-ch"></span></div></li>
|
|
||||||
</ol>
|
|
||||||
'
|
|
||||||
%}
|
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<p>* <em>People who know how to access a system may be ordered to share their knowledge. However, this doesn't apply to the suspect itself or family members.</em></p>
|
|
||||||
|
|
||||||
<h3>Related Information</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law">Wikipedia page on key disclosure law</a></li>
|
|
||||||
<li><a href="https://law.stackexchange.com/questions/1523/can-a-us-citizen-be-required-to-provide-the-authentication-key-for-encrypted-dat">law.stackexchange.com question about key disclosure law in US</a></li>
|
|
||||||
<li><a href="https://peertube.mastodon.host/videos/watch/e09915eb-5962-4830-a02f-8da5c2b59e71">DEFCON 20: Crypto and the Cops: the Law of Key Disclosure and Forced Decryption</a></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h3 id="usa" class="anchor">Why is it not recommended to choose a US-based service?</h3>
|
|
||||||
|
|
||||||
<img src="/assets/img/legacy_svg/layout/great_seal_of_the_united_states_obverse.svg" width="200" height="200" class="img-fluid float-end ms-3" alt="USA">
|
|
||||||
|
|
||||||
<p>Services based in the United States are not recommended because of the country's surveillance programs and use of <a href="https://www.eff.org/issues/national-security-letters/faq">National Security Letters</a> (NSLs) with accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to <a href="https://www.schneier.com/blog/archives/2013/08/more_on_the_nsa.html">secretly force</a> companies to grant complete access to customer data and transform the service into a tool of mass surveillance.</p>
|
|
||||||
|
|
||||||
<p>An example of this is <a href="https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order">Lavabit</a> – a secure email service created by Ladar Levison. The FBI <a href="https://www.vice.com/en_us/article/nzz888/lavabit-founder-ladar-levison-discusses-his-federal-battle-for-privacy">requested</a> Snowden's records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service's SSL keys. Having the SSL keys would allow them to access
|
|
||||||
communications (both metadata and unencrypted content) in real time for all of Lavabit's customers, not just Snowden's.</p>
|
|
||||||
|
|
||||||
<p>Ultimately, Levison turned over the SSL keys and <a href="https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email">shut down</a> the service at the same time. The US government then <a href="https://www.cnbc.com/id/100962389">threatened Levison with arrest</a>, saying that shutting down the service was a violation of the court order.</p>
|
|
||||||
|
|
||||||
<h3>Related Information</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://www.bestvpn.com/the-ultimate-privacy-guide/#avoidus">Avoid all US and UK based services</a></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Surespot#History">Proof that warrant canaries work based on the surespot example.</a></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/UKUSA_Agreement">The United Kingdom – United States of America Agreement (UKUSA)</a></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order">Lavabit: Suspension and gag order</a></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law">Key disclosure law</a></li>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Mass_surveillance">Wikipedia: Mass Surveillance</a></li>
|
|
||||||
</ul>
|
|
@ -1,26 +0,0 @@
|
|||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="MAT2"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/mat2.svg"
|
|
||||||
description="<strong>MAT2</strong> is free software, which allows the removal of metadata of image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Nautilus, the default file manager of GNOME."
|
|
||||||
website="https://0xacab.org/jvoisin/mat2"
|
|
||||||
gitlab="https://0xacab.org/jvoisin/mat2"
|
|
||||||
windows="https://pypi.org/project/mat2/"
|
|
||||||
mac="https://pypi.org/project/mat2/"
|
|
||||||
linux="https://pypi.org/project/mat2/"
|
|
||||||
freebsd="https://pypi.org/project/mat2/"
|
|
||||||
openbsd="https://pypi.org/project/mat2/"
|
|
||||||
netbsd="https://pypi.org/project/mat2/"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="ExifCleaner"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/exifcleaner.svg"
|
|
||||||
description='<strong>ExifCleaner</strong> is a freeware, open source graphical app that uses <a href="https://exiftool.org/">ExifTool</a> to remove <a href="https://en.wikipedia.org/wiki/Exif">exif</a> metadata from images, videos, and PDF documents using a simple drag and drop interface. It supports multi-core batch processing and dark mode.'
|
|
||||||
website="https://exifcleaner.com"
|
|
||||||
github="https://github.com/szTheory/exifcleaner"
|
|
||||||
windows="https://github.com/szTheory/exifcleaner/releases"
|
|
||||||
mac="https://github.com/szTheory/exifcleaner/releases"
|
|
||||||
linux="https://github.com/szTheory/exifcleaner/releases"
|
|
||||||
%}
|
|
@ -1,52 +0,0 @@
|
|||||||
<h2 id="notebook" class="anchor"><a href="#notebook"><i class="fas fa-link anchor-icon"></i></a> Digital Notebook</h2>
|
|
||||||
|
|
||||||
<div class="alert alert-warning" role="alert">
|
|
||||||
<strong>If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, you should pick an alternative here.</strong>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Joplin"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/joplin.svg"
|
|
||||||
description="Joplin is a free, open-source, and fully-featured note-taking and to-do application which can handle a large number of markdown notes organized into notebooks and tags. It offers end-to-end encryption and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes."
|
|
||||||
website="https://joplinapp.org/"
|
|
||||||
privacy-policy="https://joplinapp.org/privacy/"
|
|
||||||
github="https://github.com/laurent22/joplin"
|
|
||||||
windows="https://joplinapp.org/#desktop-applications"
|
|
||||||
mac="https://joplinapp.org/#desktop-applications"
|
|
||||||
linux="https://joplinapp.org/#desktop-applications"
|
|
||||||
freebsd="https://www.npmjs.com/package/joplin"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=net.cozic.joplin"
|
|
||||||
android="https://joplinapp.org/#mobile-applications"
|
|
||||||
ios="https://apps.apple.com/app/id1315599797"
|
|
||||||
firefox="https://addons.mozilla.org/en-US/firefox/addon/joplin-web-clipper/"
|
|
||||||
chrome="https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Standard Notes"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/standard_notes.svg"
|
|
||||||
description='Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. It features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors. It has also been <a href="https://s3.amazonaws.com/standard-notes/security/Report-SN-Audit.pdf">independently audited (PDF)</a>.'
|
|
||||||
website="https://standardnotes.org/"
|
|
||||||
privacy-policy="https://standardnotes.org/privacy"
|
|
||||||
github="https://github.com/standardnotes"
|
|
||||||
windows="https://standardnotes.org/#get-started"
|
|
||||||
mac="https://standardnotes.org/#get-started"
|
|
||||||
linux="https://standardnotes.org/#get-started"
|
|
||||||
ios="https://apps.apple.com/app/id1285392450"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.standardnotes"
|
|
||||||
web="https://app.standardnotes.org/"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Warning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li>Note: As of Dec 2018, Joplin does not support password/pin protection for the application itself or individual notes/notebooks. Data is still encrypted in transit and at sync location using your master key. See <a href='https://github.com/laurent22/joplin/issues/289'>open issue</a>.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://www.etesync.com/">EteSync</a> - Secure, end-to-end encrypted, and privacy respecting sync for your contacts, calendars, tasks and notes.</li>
|
|
||||||
<li><a href="https://paperwork.cloud/">Paperwork</a> - An open-source and self-hosted solution. For PHP / MySQL servers.</li>
|
|
||||||
<li><a href="https://orgmode.org">Org-mode</a> - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system. </li>
|
|
||||||
</ul>
|
|
@ -1,61 +0,0 @@
|
|||||||
<h2 id="pw" class="anchor"><a href="#pw"><i class="fas fa-link anchor-icon"></i></a> Password Manager Software</h2>
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="Bitwarden - Cloud/Self-host"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/bitwarden.svg"
|
|
||||||
description="<strong>Bitwarden</strong> is a free and open-source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
|
|
||||||
website="https://bitwarden.com/"
|
|
||||||
privacy-policy="https://bitwarden.com/privacy/"
|
|
||||||
github="https://github.com/bitwarden"
|
|
||||||
web="https://vault.bitwarden.com/#/"
|
|
||||||
windows="https://bitwarden.com/download/"
|
|
||||||
linux="https://bitwarden.com/download/"
|
|
||||||
freebsd="https://www.npmjs.com/package/@bitwarden/cli"
|
|
||||||
openbsd="https://www.npmjs.com/package/@bitwarden/cli"
|
|
||||||
netbsd="https://www.npmjs.com/package/@bitwarden/cli"
|
|
||||||
mac="https://apps.apple.com/app/bitwarden/id1352778147"
|
|
||||||
firefox="https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/"
|
|
||||||
chrome="https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb"
|
|
||||||
safari="https://apps.apple.com/app/id1352778147"
|
|
||||||
opera="https://addons.opera.com/extensions/details/bitwarden-free-password-manager/"
|
|
||||||
edge="https://microsoftedge.microsoft.com/addons/detail/jbkfoedolllekgbhcbcoahefnbanhhlh"
|
|
||||||
fdroid="https://mobileapp.bitwarden.com/fdroid/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.x8bit.bitwarden"
|
|
||||||
ios="https://apps.apple.com/app/id1137397744"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="KeePassXC - Local"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/keepassxc.svg"
|
|
||||||
description="<strong>KeePassXC</strong> is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager."
|
|
||||||
website="https://keepassxc.org/"
|
|
||||||
privacy-policy="https://keepassxc.org/privacy/"
|
|
||||||
github="https://github.com/keepassxreboot/keepassxc"
|
|
||||||
windows="https://keepassxc.org/download/#windows"
|
|
||||||
linux="https://keepassxc.org/download/#linux"
|
|
||||||
mac="https://keepassxc.org/download/#mac"
|
|
||||||
freebsd="https://www.freshports.org/security/keepassxc/"
|
|
||||||
openbsd="http://openports.se/security/keepassxc"
|
|
||||||
netbsd="http://pkgsrc.se/security/keepassxc"
|
|
||||||
fdroid="https://f-droid.org/packages/com.kunzisoft.keepass.libre/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.free"
|
|
||||||
firefox="https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser"
|
|
||||||
chrome="https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li>
|
|
||||||
<a href="https://psono.com/">Psono</a> - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails. All secrets are protected by a master password. Uses <a href="https://nacl.cr.yp.to/">NACL Crypto</a>, a combination of Curve25519, Salsa20 and Poly1305.
|
|
||||||
</li>
|
|
||||||
|
|
||||||
<li>
|
|
||||||
<a href="https://pwsafe.org/">Password Safe</a> - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire username/password list.
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href="https://www.passwordstore.org/">Pass</a> - Pass is a bare-bones password store that keeps passwords using gpg2 encrypted files inside a simple directory tree residing at <code>~/.password-store</code>. It has a simple terminal interface where the user can perform the usual actions, and it's functionality can be extended by plugins. It can also be used in scripts without having to input the actual password in plain text.
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
@ -1,39 +0,0 @@
|
|||||||
<h2 id="resources" class="anchor"><a href="#resources"><i class="fas fa-link anchor-icon"></i></a> More Privacy Resources</h2>
|
|
||||||
|
|
||||||
<h3>Guides</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://ssd.eff.org/"><strong>Surveillance Self-Defense by EFF</strong></a> - Guide to defending yourself from surveillance by using secure technology and developing careful practices.</li>
|
|
||||||
<li><a href="https://github.com/cryptoseb/CryptoPaper"><strong>The Crypto Paper</strong></a> - Privacy, Security and Anonymity for Every Internet User.</li>
|
|
||||||
<li><a href="https://emailselfdefense.fsf.org/en/"><strong>Email Self-Defense by FSF</strong></a> - A guide to fighting surveillance with GnuPG encryption.</li>
|
|
||||||
<li><a href="https://www.bestvpn.com/the-ultimate-privacy-guide/"><strong>The Ultimate Privacy Guide</strong></a> - Excellent privacy guide written by the creators of the bestVPN.com website.</li>
|
|
||||||
<li><a href="https://www.ivpn.net/privacy-guides"><strong>IVPN Privacy Guides</strong></a> - These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation.</li>
|
|
||||||
<li><a href="https://fried.com/privacy"><strong>The Ultimate Guide to Online Privacy</strong></a> - Comprehensive "Ninja Privacy Tips" and 150+ tools.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h3>Information</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://freedom.press/"><strong>Freedom of the Press Foundation</strong></a> - Supporting and defending journalism dedicated to transparency and accountability since 2012.</li>
|
|
||||||
<li><a href="https://openwireless.org/"><strong>Open Wireless Movement</strong></a> - a coalition of Internet freedom advocates, companies, organizations, and technologists working to develop new wireless technologies and to inspire a movement of Internet openness.</li>
|
|
||||||
<li><a href="https://privacy.net/us-government-surveillance-spying-data"><strong>privacy.net</strong></a> - What does the US government know about you?</li>
|
|
||||||
<li><a href="https://www.grc.com/securitynow.htm"><strong>Security Now!</strong></a> - Weekly Internet Security Podcast by Steve Gibson and Leo Laporte.</li>
|
|
||||||
<li><a href="https://www.jupiterbroadcasting.com/show/techsnap/"><strong>TechSNAP</strong></a> - Weekly Systems, Network, and Administration Podcast. Every week TechSNAP covers the stories that impact those of us in the tech industry.</li>
|
|
||||||
<li><a href="https://tosdr.org/"><strong>Terms of Service; Didn't Read</strong></a> - "I have read and agree to the Terms" is the biggest lie on the web. We aim to fix that.</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h3>Tools</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://ipleak.net/"><strong>ipleak.net</strong></a> - IP/DNS Detect - What is your IP, what is your DNS, what informations you send to websites.</li>
|
|
||||||
<li><a href="https://www.ghacks.net/2015/12/28/the-ultimate-online-privacy-test-resource-list/"><strong>The ultimate Online Privacy Test Resource List</strong></a> - A collection of Internet sites that check whether your web browser leaks information.</li>
|
|
||||||
<li><a href="https://prism-break.org/"><strong>PRISM Break</strong></a> - We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.</li>
|
|
||||||
<li><a href="https://securityinabox.org/"><strong>Security in-a-Box</strong></a> - A guide to digital security for activists and human rights defenders throughout the world.</li>
|
|
||||||
<li><a href="https://securedrop.org/"><strong>SecureDrop</strong></a> - An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created
|
|
||||||
by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.</li>
|
|
||||||
<li><a href="https://secfirst.org/"><strong>Security First</strong></a> - Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.</li>
|
|
||||||
<li><a href="https://www.osalt.com/"><strong>Osalt</strong></a> - A directory to help you find open source alternatives to proprietary tools.</li>
|
|
||||||
<li><a href="https://alternativeto.net/"><strong>AlternativeTo</strong></a> - A directory to help find alternatives to other software, with the option to only show open source software</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<p>Note: Just being open source does not make software secure!</p>
|
|
@ -1,47 +0,0 @@
|
|||||||
{% include legacy/cardv2.html
|
|
||||||
title="PrivateBin"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/privatebin.svg"
|
|
||||||
description="<strong>PrivateBin</strong> is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin. Do note that it uses JavaScript to handle encryption, so you must trust the provider to the extent that they do not inject any malicious JavaScript to get your private key. Consider self-hosting to mitigate this threat."
|
|
||||||
website="https://privatebin.info/"
|
|
||||||
github="https://github.com/PrivateBin/PrivateBin"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="CryptPad"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/cryptpad.svg"
|
|
||||||
description="<strong>CryptPad</strong> is a private-by-design alternative to popular office tools. All content is end-to-end encrypted. Do note that it uses JavaScript to handle encryption, so you must trust the provider to the extent that they do not inject any malicious JavaScript to get your private key. Consider self-hosting to mitigate this threat."
|
|
||||||
website="https://cryptpad.fr/"
|
|
||||||
privacy-policy="https://cryptpad.fr/pad/#/2/pad/view/GcNjAWmK6YDB3EO2IipRZ0fUe89j43Ryqeb4fjkjehE/"
|
|
||||||
github="https://github.com/xwiki-labs/cryptpad"
|
|
||||||
web="https://cryptpad.fr/"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{%
|
|
||||||
include legacy/cardv2.html
|
|
||||||
title="Write.as"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/writeas.svg"
|
|
||||||
image-dark="/assets/img/legacy_svg/3rd-party/writeas-dark.svg"
|
|
||||||
description="<strong>Write.as</strong> is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
|
|
||||||
website="https://write.as/"
|
|
||||||
privacy-policy="https://write.as/privacy"
|
|
||||||
tor="http://writeasw4b635r4o3vec6mu45s47ohfyro5vayzx2zjwod4pjswyovyd.onion"
|
|
||||||
git="https://code.as/writeas"
|
|
||||||
web="https://write.as/pad"
|
|
||||||
windows="https://github.com/writeas/writeas-cli"
|
|
||||||
mac="https://github.com/writeas/writeas-cli"
|
|
||||||
linux="https://write.as/apps"
|
|
||||||
chrome="https://write.as/apps"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=com.abunchtell.writeas"
|
|
||||||
ios="https://apps.apple.com/app/id1531530896"
|
|
||||||
%}
|
|
||||||
|
|
||||||
<h3>Worth Mentioning</h3>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://crypt.ee/">Cryptee</a> - Free privacy-friendly service for storing Documents, files and Photos</li>
|
|
||||||
<li><a href="https://dudle.inf.tu-dresden.de/anonymous/">dudle</a> - An online scheduling application, free and open-source. Schedule meetings or make small online polls. No email collection or the need of registration.</li>
|
|
||||||
<li><a href="https://framadate.org/">Framadate</a> - A free and open-source online service for planning an appointment or making a decision quickly and easily. No registration is required.</li>
|
|
||||||
<li><a href="https://www.libreoffice.org/">LibreOffice</a> - Free and open-source office suite.</li>
|
|
||||||
<li><a href="https://vscodium.com/">VSCodium</a> - Scripts to automatically build Microsoft's Visual Studio Code editor without branding or telemetry.</li>
|
|
||||||
</ul>
|
|
@ -1,53 +0,0 @@
|
|||||||
<div class="page-header">
|
|
||||||
<h2>Privacy? I don't have anything to hide.</h2>
|
|
||||||
</div>
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p><a href="https://www.ted.com/talks/glenn_greenwald_why_privacy_matters" title="Glenn Greenwald - Why privacy matters - TED Talk"><img src="/assets/img/legacy_png/layout/glenn_greenwald.png" width="170px" class="img-fluid float-end ms-2" alt="Glenn Greenwald: Why privacy matters"></a>
|
|
||||||
Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a
|
|
||||||
pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I
|
|
||||||
want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." <strong>Not a single person has taken me up on that offer.</strong></p>
|
|
||||||
<footer class="blockquote-footer">Glenn Greenwald in <cite title="Why privacy matters - TED Talk"><a href="https://www.ted.com/talks/glenn_greenwald_why_privacy_matters">Why privacy matters - TED Talk</a></cite></footer>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p>The primary reason for window curtains in our house, is to stop people from being able to see in. The reason we don’t want them to see in is because we consider much of what we do inside our homes to be private. Whether that be having dinner at the table, watching a movie with your kids, or even engaging in intimate or sexual acts with your partner. None of these things are illegal by any means but even knowing this, we still keep the curtains and blinds on our windows. We clearly have this strong desire for privacy when it comes to our personal life and the public.</p>
|
|
||||||
<footer class="blockquote-footer">Joshua in <cite title="The Crypto Paper"><a href="https://github.com/cryptoseb/CryptoPaper#let-me-explain-further">The Crypto Paper</a></cite></footer>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p>[...] But saying that you don't need or want privacy because you have nothing to hide is to assume that no one should have, or could have, to hide anything -- including their immigration status, unemployment history, financial history, and health records. You're assuming that no one, including yourself, might object to revealing to anyone information about their religious beliefs, political affiliations, and sexual activities, as casually as some choose to reveal their movie and music tastes and reading preferences.</p>
|
|
||||||
<footer class="blockquote-footer">Edward Snowden in <cite title="Permanent Record"><a href="https://en.wikipedia.org/wiki/Permanent_Record_(autobiography)">Permanent Record</a></cite></footer>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p>Privacy is not a luxury [in America]: it is a right – one that we need to defend in the digital realm as much as in the physical realm. We need to stay vigilant to maintain access to that right, though ... especially as technology continues to advance...</p>
|
|
||||||
<footer class="blockquote-footer">Chelsea Manning in <cite title="The Guardian"><a href="https://www.theguardian.com/commentisfree/2016/feb/22/privacy-is-a-right-not-a-luxury-and-its-increasingly-at-risk-for-lgbt-people">The Guardian</a></cite></footer>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
<h4>Read also:</h4>
|
|
||||||
|
|
||||||
<ul>
|
|
||||||
<li><a href="https://en.wikipedia.org/wiki/Nothing_to_hide_argument">Nothing to hide argument (Wikipedia)</a></li>
|
|
||||||
<li><a href="https://www.reddit.com/r/privacy/comments/3hynvp/how_do_you_counter_the_i_have_nothing_to_hide/">How do you counter the "I have nothing to hide?" argument? (reddit.com)</a></li>
|
|
||||||
<li><a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565">'I've Got Nothing to Hide' and Other Misunderstandings of Privacy (Daniel J. Solove - San Diego Law Review)</a></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h2 id="quotes" class="anchor"><a href="#quotes"><i class="fas fa-link anchor-icon"></i></a> Quotes</h2>
|
|
||||||
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p>Ultimately, saying that you don't care about privacy because you have nothing to hide is no different from saying you don't care about freedom of speech because you have nothing to say. Or that you don't care about freedom of the press because you don't like to read. Or that you don't care about freedom of religion because you don't believe in God. Or that you don't care about the freedom to peacably assemble because you're a lazy, antisocial agoraphobe. </p>
|
|
||||||
<footer class="blockquote-footer">Edward Snowden in <cite title="Permanent Record"><a href="https://en.wikipedia.org/wiki/Permanent_Record_(autobiography)">Permanent Record</a></cite></footer>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p>The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all
|
|
||||||
I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is
|
|
||||||
not something I am willing to support or live under. </p>
|
|
||||||
<footer class="blockquote-footer">Edward Snowden in <cite title="Edward Snowden, NSA files source: 'If they want to get you, in time they will"><a href="https://www.theguardian.com/world/2013/jun/09/nsa-whistleblower-edward-snowden-why">The Guardian</a></cite></footer>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
<blockquote class="blockquote">
|
|
||||||
<p>We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we're not being watched can we really test the limits of who we want to be. It's really in the private realm where
|
|
||||||
dissent, creativity and personal exploration lie.</p>
|
|
||||||
<footer class="blockquote-footer">Glenn Greenwald in <cite title="Glenn Greenwald On Why Privacy Is Vital, Even If You 'Have Nothing To Hide"><a href="https://www.huffingtonpost.com/2014/06/20/glenn-greenwald-privacy_n_5509704.html">Huffington Post</a></cite></footer>
|
|
||||||
</blockquote>
|
|
@ -1,55 +0,0 @@
|
|||||||
<h2 id="os" class="anchor">Privacy Tools</h2>
|
|
||||||
|
|
||||||
<p><a href="/classic/"><i class="fas fa-info-circle"></i> Prefer the classic site? View a single-page layout.</a></p>
|
|
||||||
|
|
||||||
<div class="row">
|
|
||||||
|
|
||||||
{% include legacy/card.html color="success"
|
|
||||||
title="Providers"
|
|
||||||
icon="fas fa-server"
|
|
||||||
iconcolor="dark"
|
|
||||||
page="/providers/"
|
|
||||||
description="Discover privacy-centric online services, including email providers, VPN operators, DNS administrators, and more!"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/card.html color="primary"
|
|
||||||
title="Web Browsers"
|
|
||||||
icon="far fa-compass"
|
|
||||||
iconcolor="dark"
|
|
||||||
page="/browsers/"
|
|
||||||
description="Find a web browser that respects your privacy, and discover how to harden your browser against tracking and leaks."
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/card.html color="warning"
|
|
||||||
title="Software"
|
|
||||||
icon="far fa-window-restore"
|
|
||||||
iconcolor="dark"
|
|
||||||
page="/software/"
|
|
||||||
description="Discover a variety of open source software built to protect your privacy and keep your digital data secure."
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/card.html color="info"
|
|
||||||
title="Operating Systems"
|
|
||||||
icon="fas fa-desktop"
|
|
||||||
iconcolor="dark"
|
|
||||||
page="/operating-systems/"
|
|
||||||
description="Find out how your operating system is compromising your privacy, and what simple alternatives exist."
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/card.html color="secondary"
|
|
||||||
title="Privacy Guides Services"
|
|
||||||
icon="far fa-eye-slash"
|
|
||||||
iconcolor="dark"
|
|
||||||
page="/services/"
|
|
||||||
description="The Privacy Guides team is proud to launch a variety of privacy-centric online services, including a Mastodon instance, search engine, and more!"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/card.html color="danger"
|
|
||||||
title="Donate"
|
|
||||||
icon="fas fa-donate"
|
|
||||||
iconcolor="dark"
|
|
||||||
page="/donate/"
|
|
||||||
description="We can't operate this site without the generous contributions we receive from our viewers. If you love privacy and our website please consider donating."
|
|
||||||
%}
|
|
||||||
|
|
||||||
</div>
|
|
@ -1,53 +0,0 @@
|
|||||||
<h2 id="darknets" class="anchor"><a href="#darknets"><i class="fas fa-link anchor-icon"></i></a> Self-contained Networks</h2>
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="Tor"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/tor.svg"
|
|
||||||
description="The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool."
|
|
||||||
website="https://www.torproject.org/"
|
|
||||||
tor="http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion"
|
|
||||||
windows="https://www.torproject.org/download/"
|
|
||||||
mac="https://www.torproject.org/download/"
|
|
||||||
linux="https://www.torproject.org/download/"
|
|
||||||
freebsd="https://www.freshports.org/security/tor"
|
|
||||||
openbsd="http://openports.se/net/tor"
|
|
||||||
netbsd="http://pkgsrc.se/net/tor"
|
|
||||||
fdroid="https://support.torproject.org/tormobile/tormobile-7/"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
|
|
||||||
android="https://www.torproject.org/download/#android"
|
|
||||||
git="https://gitweb.torproject.org/tor.git"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="I2P Anonymous Network"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/i2p.svg"
|
|
||||||
image-dark="/assets/img/legacy_svg/3rd-party/i2p-dark.svg"
|
|
||||||
description="The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses."
|
|
||||||
website="https://geti2p.net/"
|
|
||||||
i2p="http://i2p-projekt.i2p/"
|
|
||||||
windows="https://geti2p.net/en/download#windows"
|
|
||||||
mac="https://geti2p.net/en/download#mac"
|
|
||||||
linux="https://geti2p.net/en/download#unix"
|
|
||||||
freebsd="https://www.freshports.org/security/i2p/"
|
|
||||||
openbsd="http://openports.se/net/i2pd"
|
|
||||||
netbsd="http://pkgsrc.se/wip/i2pd"
|
|
||||||
fdroid="https://f-droid.org/app/net.i2p.android.router"
|
|
||||||
googleplay="https://play.google.com/store/apps/details?id=net.i2p.android"
|
|
||||||
android="https://download.i2p2.de/android/current/"
|
|
||||||
source="https://geti2p.net/en/get-involved/guides/new-developers#getting-the-i2p-code"
|
|
||||||
%}
|
|
||||||
|
|
||||||
{% include legacy/cardv2.html
|
|
||||||
title="The Freenet Project"
|
|
||||||
image="/assets/img/legacy_svg/3rd-party/freenet.svg"
|
|
||||||
description="Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection."
|
|
||||||
website="https://freenetproject.org/"
|
|
||||||
windows="https://freenetproject.org/pages/download.html#windows"
|
|
||||||
mac="https://freenetproject.org/pages/download.html#os-x"
|
|
||||||
linux="https://freenetproject.org/pages/download.html#gnulinux-posix"
|
|
||||||
freebsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
|
|
||||||
openbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
|
|
||||||
netbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
|
|
||||||
github="https://github.com/freenet/"
|
|
||||||
%}
|
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user