diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 00000000..332444a5
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,32 @@
+# Editorial Team
+*.md @privacytools/editorial
+/assets/ @privacytools/editorial
+/pages/ @privacytools/editorial
+/_includes/sections/ @privacytools/editorial
+/index.html @privacytools/editorial
+/font/ @dawidpotocki
+
+# Administration Related Files
+/pages/donate.html @JonahAragon @BurungHantu1605
+/pages/notices.md @JonahAragon
+/pages/sponsors.html @JonahAragon
+/_includes/sponsors/ @JonahAragon
+/assets/img/svg/3rd-party/sponsors/ @JonahAragon
+/README.md @JonahAragon @BurungHantu1605
+/assets/js/redirects.js @JonahAragon
+/.well-known/ @JonahAragon
+/404.html @JonahAragon
+/.github/CODEOWNERS @JonahAragon @BurungHantu1605
+/.github/FUNDING.yml @JonahAragon @BurungHantu1605
+/LICENSE.txt @JonahAragon @BurungHantu1605
+/.travis.yml @JonahAragon @Shifterovich @nitrohorse
+/CNAME @JonahAragon
+/nginx/ @JonahAragon
+
+# WKD
+/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo @Mikaela
+/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b @dawidpotocki
+/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h @dngray
+/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4 @danarel
+/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6 @nitrohorse
+/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63 @JonahAragon
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
new file mode 100644
index 00000000..c987415d
--- /dev/null
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,118 @@
+# Contributing Guidelines
+
+Please read this document in full before contributing.
+
+- [Rules](#rules)
+- [Quality over Quantity](#quality-over-quantity)
+- [Software Criteria](#software-criteria)
+ - [Main (All Software)](#main)
+ - [Providers](#providers)
+ - [DNS](#dns)
+ - [VPN](#vpn)
+ - [Email](#email)
+ - [Hardware](#hardware)
+ - [Software](#software)
+ - [Encryption](#encryption)
+ - [Operating Systems](#operating-systems)
+- [Images](#images)
+- [Licensing](#licensing)
+- [Contributing via email](#contributing-via-email)
+
+## Rules
+
+- Be nice and respectful.
+- English only.
+- Be constructive.
+- Please feel free to *review changes* in the *files changed* tab of any
+ pull request at any time.
+- See also our [Code of Conduct](https://github.com/privacytools/.github/blob/master/CODE_OF_CONDUCT.md)
+
+## Quality over Quantity
+
+We're trying to keep it simple and promote the best tools, not all of them.
+
+## Software Criteria
+
+### Main
+
+- Easy to use. Could your mother use that tool or service? Usability is most important.
+- Cross-platform / Accessible.
+- Privacy respecting.
+- Open Source / Free Software is preferred but not required.
+- Prioritize Products without Vendor Lock-in (decentralized/self-hostable) or data interoperability.
+
+There can be exceptions if no software is available that meet the criteria.
+
+Note: This criteria applies to all of the PrivacyTools website and recommendations.
+
+### Providers
+
+- Prioritize Products by privacy respecting nationality.
+
+### DNS
+
+- Supports DoH or DoT (We love DNSCrypt, but there is already https://github.com/DNSCrypt/dnscrypt-resolvers which is directly supported by dnscrypt-proxy, so we don't consider useful to list providers only supporting it).
+- Supports DNSSEC (https://dnssec.vs.uni-due.de/ can test your current DNS provider).
+- Doesn't log IP addresses during normal operation (If your suggestion logs, please compare its privacy policy with other servers on our table that keep logs).
+- Preferably supports QNAME minimization (if you have access to the dig command, `dig +short txt qnamemintest.internet.nl` or `Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl` if you are on Windows 10)
+
+### VPN
+
+See https://www.privacytools.io/providers/vpn/#criteria for more details.
+
+- Prioritize Products by privacy respecting nationality.
+- Cannot be based in USA or UK.
+- Must be accessible via Open Source Software (e.g. OpenVPN, WireGuard)
+- Use Encryption
+- Accept Cryptocurrency
+- No logging policy
+
+### Email
+
+- Outside of USA
+- Support SMTP SSL
+- Accessible Using Open Source Software (e.g. allows IMAP)
+
+### Hardware
+
+- Must be [H-Node Class A](https://h-node.org/wiki/page/en/compatibility-classes) or equivalent (if applicable)
+- Must prioritize hardware certifications like [RYF](https://ryf.fsf.org/), [OSHWA](https://certification.oshwa.org/), and OSI when available.
+- Cannot lock users to a particular platform.
+
+### Software
+
+- Must be able to download over encrypted network (can be a mirror)
+- Must be Open Source Software
+
+### Encryption
+
+- Only verifiable encryption is to be trusted
+
+### Operating Systems
+
+- Must state if recommends, depends on, or offers non-free software (contrib)
+- No Tracking Policy (opt-in analytics is ok)
+
+## Images
+
+- SVG file format is strongly preferred. PNG files can be used as a fallback if images are too complex or otherwise unsuitable as a vector format.
+- We like to optimize all SVGs we add to the site. [This](https://github.com/privacytools/privacytools.io/pull/1968#issuecomment-652773633) is a helpful guide as to how we do it with [Inkscape](https://inkscape.org/)
+ - Some SVGs generated by Illustrator or Sketch are broken, therefore copying the SVG content to a new canvas is sometimes required. (We found this with the Mailcow logo). Looked fine in local builds but was wrong once rendered through netlify preview etc.
+- We only have SVGs that have a canvas size of 128x128px or 384x128px.
+- Provider logo dimensions are 384px x 128px ([example](https://github.com/privacytools/privacytools.io/blob/master/assets/img/svg/3rd-party/mullvad.svg))
+- Tool logo dimensions are 128px x 128px ([SVG example](https://github.com/privacytools/privacytools.io/blob/master/assets/img/svg/3rd-party/firefox_browser.svg), [PNG example](https://github.com/privacytools/privacytools.io/blob/master/assets/img/png/3rd-party/claws_mail.png))
+
+
+## Licensing
+
+The content and original technology of this website is made available under the Creative Commons Zero v1.0 Universal license text. Some files or folders may include works from other projects with separate licenses, and will be marked as such. **By contributing to this repository, contributors do not necessarily agree to sign a CLA or legally transfer their copyright to the project, but they do at a minimum agree to license their work under the current license of this repository: In this case, the Creative Commons Zero v1.0 Universal.**
+
+## Contributing via email
+
+If you have a GitHub account, or are able to create a GitHub account, we ask that you do not submit issues via email.
+
+If you do not have a GitHub account, you may submit software recommendations or other issues via email without creating a GitHub account by emailing `privacytools@fire.fundersclub.com`. The subject line of your email will become the issue title. Your name will be included in the posted issue.
+
+This repository uses [@fire-bot](https://github.com/fire-bot), [a service](https://fire.fundersclub.com) from FundersClub that converts incoming emails to GitHub issues. By sending a message to the email address above, you will be sharing your email address and message content with FundersClub. FundersClub has a privacy policy at [https://fundersclub.com/catalyst-privacy-policy/](https://fundersclub.com/catalyst-privacy-policy/) you should review before using this service. Any attachments you send via this service may be stored indefinitely by FundersClub for the purpose of making them available within the submitted GitHub issue.
+
+You can view an example of the created issues' format at [#1444](https://github.com/privacytools/privacytools.io/issues/1444).
diff --git a/.github/ISSUE_TEMPLATE/1_Software_Suggestion.md b/.github/ISSUE_TEMPLATE/1_Software_Suggestion.md
new file mode 100644
index 00000000..6da46aa1
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/1_Software_Suggestion.md
@@ -0,0 +1,27 @@
+---
+name: "🆕 Software Suggestion"
+about: Suggest new software that enhances privacy.
+title: "🆕 Software Suggestion | "
+labels: 🆕 software suggestion
+---
+
+## Basic Information
+
+**Name:**
+**Category:**
+**URL:**
+
+## Description
+
+
+
+## Why I am making the suggestion
+
+
+
+
+## My connection with the software
+
+
+
+- [ ] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
diff --git a/.github/ISSUE_TEMPLATE/2_Software_Removal.md b/.github/ISSUE_TEMPLATE/2_Software_Removal.md
new file mode 100644
index 00000000..d806a6a6
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/2_Software_Removal.md
@@ -0,0 +1,21 @@
+---
+name: "❌ Software Removal"
+about: Suggest the removal of outdated, insecure, or otherwise bad software.
+title: "❌ Software Removal | "
+labels: ❌ software removal
+---
+
+## Description
+
+
+
+## Why I am making the suggestion
+
+
+
+
+## My connection with the software
+
+
+
+- [ ] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
diff --git a/.github/ISSUE_TEMPLATE/3_Feature_Suggestion.md b/.github/ISSUE_TEMPLATE/3_Feature_Suggestion.md
new file mode 100644
index 00000000..a56baa49
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/3_Feature_Suggestion.md
@@ -0,0 +1,8 @@
+---
+name: "✨ Feature Suggestion"
+about: Suggest a new feature/section/page for the website.
+title: "✨ Feature Suggestion | "
+labels: ✨ enhancement
+---
+
+## Description
diff --git a/.github/ISSUE_TEMPLATE/4_Content_Correction.md b/.github/ISSUE_TEMPLATE/4_Content_Correction.md
new file mode 100644
index 00000000..58533d13
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/4_Content_Correction.md
@@ -0,0 +1,21 @@
+---
+name: "📝 Content Correction"
+about: Report any inaccurate, incorrect, or outdated information on the website.
+title: "📝 Correction | "
+labels: 📝 correction
+---
+
+## Description
+
+
+
+## Why I am making the suggestion
+
+
+
+
+## My connection with the software
+
+
+
+- [ ] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
diff --git a/.github/ISSUE_TEMPLATE/5_Website_Issues.md b/.github/ISSUE_TEMPLATE/5_Website_Issues.md
new file mode 100644
index 00000000..d2244637
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/5_Website_Issues.md
@@ -0,0 +1,23 @@
+---
+name: "🌐 Website Issue"
+about: Report a bug with the website. (NO CONTENT ISSUES)
+title: "🌐 Website Issue | "
+labels: 🌐 website issue
+---
+
+
+
+## Description
+
+
diff --git a/.github/ISSUE_TEMPLATE/6_Translation_Issues.md b/.github/ISSUE_TEMPLATE/6_Translation_Issues.md
new file mode 100644
index 00000000..95843a0a
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/6_Translation_Issues.md
@@ -0,0 +1,21 @@
+---
+name: "🇦🇶 Translation Issue"
+about: Report any issue with a translated site.
+title: "🇦🇶 Translated Site Issue | "
+labels: 🌐 website issue, 🇦🇶 translations
+---
+
+## Site Affected
+
+**Domain:**
+
+
+- [ ] This site is listed as a translated version of the site in the privacytools.io navbar.
+
+## Description
+
+
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 00000000..52f4ca2b
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,7 @@
+contact_links:
+ - name: Services issues
+ url: https://github.com/privacytools/services/issues/new/choose
+ about: Open any issues/bug reports/requests related to our services (Mastodon, Matrix, etc) here.
+ - name: PrivacyTools Community
+ url: https://forum.privacytools.io/
+ about: Please ask any generic questions on our forum.
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 00000000..46a6286b
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,17 @@
+
+
+## Description
+
+Resolves: #none
+
+#### Check List
+
+- [ ] I understand that by not opening an issue about a software/service/similar addition/removal, this pull request will be closed without merging.
+
+- [ ] I have read and understand [the contributing guidelines](https://github.com/privacytools/privacytools.io/blob/master/.github/CONTRIBUTING.md).
+
+- [ ] The project is [Free Libre](https://en.wikipedia.org/wiki/Free_software) and/or [Open Source](https://en.wikipedia.org/wiki/Open-source_software) Software
+
+* Netlify preview for the mainly edited page:
+
+* Code repository of the project (if applicable):
diff --git a/.github/stale.yml b/.github/stale.yml
new file mode 100644
index 00000000..331880c5
--- /dev/null
+++ b/.github/stale.yml
@@ -0,0 +1,16 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+ - approved
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+ This issue has been automatically marked as stale because it has not had
+ recent activity. It will be closed if no further activity occurs. Thank you
+ for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..bb836e13
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,10 @@
+_site/
+.sass-cache/
+.jekyll-metadata
+.DS_Store
+font/assets/
+font/_sass/
+font/.fontcustom-manifest.json
+assets/webfonts/ptio-font-preview.html
+vendor
+.bundle
diff --git a/.well-known/keybase.txt b/.well-known/keybase.txt
new file mode 100644
index 00000000..320c5cb8
--- /dev/null
+++ b/.well-known/keybase.txt
@@ -0,0 +1,113 @@
+==================================================================
+https://keybase.io/privacytools
+--------------------------------------------------------------------
+
+I hereby claim:
+
+ * I am an admin of https://privacytools.io
+ * I am privacytools (https://keybase.io/privacytools) on keybase.
+ * I have a public key ASAkK34bChwgcSbs249aVEhWUYhfn9PYB0yx8y5hZEdLIAo
+
+To do so, I am signing this object:
+
+{
+ "body": {
+ "key": {
+ "eldest_kid": "0120242b7e1b0a1c207126ecdb8f5a54485651885f9fd3d8074cb1f32e6164474b200a",
+ "host": "keybase.io",
+ "kid": "0120242b7e1b0a1c207126ecdb8f5a54485651885f9fd3d8074cb1f32e6164474b200a",
+ "uid": "81b38301543203013da707b866f13619",
+ "username": "privacytools"
+ },
+ "merkle_root": {
+ "ctime": 1554941326,
+ "hash": "398a76706f68401cae4b733ff7c2bd7ad2fb40598604dd10f49a1f04db1173b26caf1c0bd480689d3d5f30c6b60190a69edc76e62d7ad1c16e19e0432c16b21e",
+ "hash_meta": "ee549365960473d4eec7331ecf3de0e38340c44a4ee61898ca542940b2e2d765",
+ "seqno": 5139256
+ },
+ "service": {
+ "entropy": "mEBRbFG3gU9gRt24VacvKVGm",
+ "hostname": "privacytools.io",
+ "protocol": "https:"
+ },
+ "type": "web_service_binding",
+ "version": 2
+ },
+ "client": {
+ "name": "keybase.io go client",
+ "version": "3.2.1"
+ },
+ "ctime": 1554941350,
+ "expire_in": 504576000,
+ "prev": "9947a42be64540ab809b87df765f3139cedbada82ae04012e97c94060fbed4f8",
+ "seqno": 20,
+ "tag": "signature"
+}
+
+which yields the signature:
+
+hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgJCt+GwocIHEm7NuPWlRIVlGIX5/T2AdMsfMuYWRHSyAKp3BheWxvYWTESpcCFMQgmUekK+ZFQKuAm4ffdl8xOc7bragq4EAS6XyUBg++1PjEIDwvpOGptD6jbBIm52/LR9l4T2xslWcgKtq6zH2HvOGKAgHCo3NpZ8RAeFaHjsUF7kqDas46rMXC1KDIJE520BD57OMws6dnJxbMmJf8O3rRNrLCineR5vpetxjtxGYrhmTWPtgSyYQhD6hzaWdfdHlwZSCkaGFzaIKkdHlwZQildmFsdWXEIGJSitnvAgdVMG+AyewIHT4cBbbWjGh4/cesl/uzqfQZo3RhZ80CAqd2ZXJzaW9uAQ==
+
+And finally, I am proving ownership of this host by posting or
+appending to this document.
+
+View my publicly-auditable identity here: https://keybase.io/privacytools
+
+==================================================================
+
+==================================================================
+https://keybase.io/jonaharagon
+--------------------------------------------------------------------
+
+I hereby claim:
+
+ * I am an admin of https://privacytools.io
+ * I am jonaharagon (https://keybase.io/jonaharagon) on keybase.
+ * I have a public key ASBD2KZniUf0KM-4GzlgrMnnJzEg54hDvlsnGRExgP2IfAo
+
+To do so, I am signing this object:
+
+{
+ "body": {
+ "key": {
+ "eldest_kid": "01014354fcf62ba0752c5ceb6175fbecef4205b22adc102cb9f4963546960039f9c20a",
+ "host": "keybase.io",
+ "kid": "012043d8a6678947f428cfb81b3960acc9e7273120e78843be5b2719113180fd887c0a",
+ "uid": "3164c4d37d2d2bea011091787d7bc119",
+ "username": "jonaharagon"
+ },
+ "merkle_root": {
+ "ctime": 1554921408,
+ "hash": "3e5c007341d4b02dbe29217419189fa111e0dda3c3e9749540f98e85d769fdc7f0587228446bebc9d114535e75c7fbe2d81dbf1d6a9998add9a9b661eabccffa",
+ "hash_meta": "d346ffeac7eb4a94ff2cd518a27ed5cb745933316b4a9e91f102fd0c01118a63",
+ "seqno": 5137134
+ },
+ "service": {
+ "entropy": "3MGOPdt1pbQJ3jJphywjT9e9",
+ "hostname": "privacytools.io",
+ "protocol": "https:"
+ },
+ "type": "web_service_binding",
+ "version": 2
+ },
+ "client": {
+ "name": "keybase.io go client",
+ "version": "3.2.1"
+ },
+ "ctime": 1554921422,
+ "expire_in": 504576000,
+ "prev": "0c6f534ada5683036a1cd98291a995386925a572742e1aa43b2eb20394879ae3",
+ "seqno": 159,
+ "tag": "signature"
+}
+
+which yields the signature:
+
+hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgQ9imZ4lH9CjPuBs5YKzJ5ycxIOeIQ75bJxkRMYD9iHwKp3BheWxvYWTES5cCzJ/EIAxvU0raVoMDahzZgpGplThpJaVydC4apDsusgOUh5rjxCBbnzb214v7MAMQHsGX2UxkYOPGr+WPD0WitCcDTTHkbQIBwqNzaWfEQByeB7GH1rHDvmFL8OZTS7xZ7oq8nbt/ZKJK8mFYoV0rym4akSdPiuzwP013lSH9msC3PhzpWSSTCmZk7OITtQGoc2lnX3R5cGUgpGhhc2iCpHR5cGUIpXZhbHVlxCBSTSnkhCA3soIAlMBA5R2DIINdDx0mk1xlj07KqwrwIKN0YWfNAgKndmVyc2lvbgE=
+
+And finally, I am proving ownership of this host by posting or
+appending to this document.
+
+View my publicly-auditable identity here: https://keybase.io/jonaharagon
+
+==================================================================
diff --git a/.well-known/librehost.json b/.well-known/librehost.json
new file mode 100644
index 00000000..eccf338c
--- /dev/null
+++ b/.well-known/librehost.json
@@ -0,0 +1,19 @@
+{
+ "@context" : "http://schema.org",
+ "@type" : "Organization",
+ "organizationType" : "Informal collective",
+ "name" : "PrivacyTools",
+ "tagLine" : "Private Services: No Ads, No Google Analytics, No Affiliates, and No Cross-Site Requests",
+ "homeUrl" : "https://www.privacytools.io/",
+ "logo" : "https://www.privacytools.io/assets/img/layout/shield.svg",
+ "description": "PrivacyTools is a socially motivated website that provides information and services for protecting your security and privacy online. No Ads, No Google Analytics, No Affiliates, and No Cross-Site Requests.",
+ "communicationLanguages": ["en"],
+ "contactUrl": "https://www.privacytools.io/contact/",
+ "privacyPolicyUrl" : "https://www.privacytools.io/privacy/",
+ "termsOfServiceUrl" : "-",
+ "isServiceProvider" : true,
+ "foundingDate": "2015",
+ "version": "0.0.1",
+ "dateCreated": "2019-05-02T16:25:00Z",
+ "dateModified": "2019-05-02T16:25:00Z"
+}
diff --git a/.well-known/matrix/client b/.well-known/matrix/client
new file mode 100644
index 00000000..ee6d0a59
--- /dev/null
+++ b/.well-known/matrix/client
@@ -0,0 +1,8 @@
+{
+ "m.homeserver": {
+ "base_url": "https://chat.privacytools.io"
+ },
+ "m.identity_server": {
+ "base_url": "https://chat.privacytools.io"
+ }
+}
diff --git a/.well-known/matrix/server b/.well-known/matrix/server
new file mode 100644
index 00000000..2a4992fd
--- /dev/null
+++ b/.well-known/matrix/server
@@ -0,0 +1,3 @@
+{
+ "m.server": "chat.privacytools.io:8448"
+}
diff --git a/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h b/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h
new file mode 100755
index 00000000..1ab53686
Binary files /dev/null and b/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h differ
diff --git a/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo b/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo
new file mode 100755
index 00000000..a8a3161b
Binary files /dev/null and b/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo differ
diff --git a/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b b/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b
new file mode 100755
index 00000000..c03c67ca
Binary files /dev/null and b/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b differ
diff --git a/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63 b/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63
new file mode 100755
index 00000000..9b051997
Binary files /dev/null and b/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63 differ
diff --git a/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4 b/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4
new file mode 100755
index 00000000..3d6b6bd1
Binary files /dev/null and b/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4 differ
diff --git a/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6 b/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6
new file mode 100755
index 00000000..eb0bd0f7
Binary files /dev/null and b/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6 differ
diff --git a/.well-known/openpgpkey/policy b/.well-known/openpgpkey/policy
new file mode 100644
index 00000000..e69de29b
diff --git a/.well-known/security.txt b/.well-known/security.txt
new file mode 100644
index 00000000..f77c69fd
--- /dev/null
+++ b/.well-known/security.txt
@@ -0,0 +1,5 @@
+Contact: admin@privacytools.io
+Encryption: https://www.jonaharagon.com/keys/
+Preferred-Languages: en
+Canonical: https://www.privacytools.io/.well-known/security.txt
+Policy: https://github.com/privacytools/privacytools.io/security/policy
diff --git a/404.html b/404.html
new file mode 100644
index 00000000..6e8e7276
--- /dev/null
+++ b/404.html
@@ -0,0 +1,23 @@
+---
+layout: minimal
+active_page: 404
+---
+
+
If you believe you reached this page in error, please contact us!
+
diff --git a/CNAME b/CNAME
new file mode 100644
index 00000000..916e25fe
--- /dev/null
+++ b/CNAME
@@ -0,0 +1 @@
+www.privacytools.io
\ No newline at end of file
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 00000000..70f8d954
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,16 @@
+source "https://rubygems.org"
+
+# Install github-pages gem (https://jekyllrb.com/docs/github-pages/)
+gem "github-pages", group: :jekyll_plugins
+
+# Plugins
+group :jekyll_plugins do
+ # example: gem "jekyll-feed", "~> 0.6"
+end
+
+# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
+gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby]
+
+# Performance-booster for watching directories on Windows
+gem "wdm", "~> 0.1.0" if Gem.win_platform?
+
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 00000000..2dce18a7
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,249 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ activesupport (4.2.11.1)
+ i18n (~> 0.7)
+ minitest (~> 5.1)
+ thread_safe (~> 0.3, >= 0.3.4)
+ tzinfo (~> 1.1)
+ addressable (2.6.0)
+ public_suffix (>= 2.0.2, < 4.0)
+ coffee-script (2.4.1)
+ coffee-script-source
+ execjs
+ coffee-script-source (1.11.1)
+ colorator (1.1.0)
+ commonmarker (0.17.13)
+ ruby-enum (~> 0.5)
+ concurrent-ruby (1.1.5)
+ dnsruby (1.61.3)
+ addressable (~> 2.5)
+ em-websocket (0.5.1)
+ eventmachine (>= 0.12.9)
+ http_parser.rb (~> 0.6.0)
+ ethon (0.12.0)
+ ffi (>= 1.3.0)
+ eventmachine (1.2.7)
+ execjs (2.7.0)
+ faraday (0.15.4)
+ multipart-post (>= 1.2, < 3)
+ ffi (1.11.1)
+ forwardable-extended (2.6.0)
+ gemoji (3.0.1)
+ github-pages (198)
+ activesupport (= 4.2.11.1)
+ github-pages-health-check (= 1.16.1)
+ jekyll (= 3.8.5)
+ jekyll-avatar (= 0.6.0)
+ jekyll-coffeescript (= 1.1.1)
+ jekyll-commonmark-ghpages (= 0.1.5)
+ jekyll-default-layout (= 0.1.4)
+ jekyll-feed (= 0.11.0)
+ jekyll-gist (= 1.5.0)
+ jekyll-github-metadata (= 2.12.1)
+ jekyll-mentions (= 1.4.1)
+ jekyll-optional-front-matter (= 0.3.0)
+ jekyll-paginate (= 1.1.0)
+ jekyll-readme-index (= 0.2.0)
+ jekyll-redirect-from (= 0.14.0)
+ jekyll-relative-links (= 0.6.0)
+ jekyll-remote-theme (= 0.3.1)
+ jekyll-sass-converter (= 1.5.2)
+ jekyll-seo-tag (= 2.5.0)
+ jekyll-sitemap (= 1.2.0)
+ jekyll-swiss (= 0.4.0)
+ jekyll-theme-architect (= 0.1.1)
+ jekyll-theme-cayman (= 0.1.1)
+ jekyll-theme-dinky (= 0.1.1)
+ jekyll-theme-hacker (= 0.1.1)
+ jekyll-theme-leap-day (= 0.1.1)
+ jekyll-theme-merlot (= 0.1.1)
+ jekyll-theme-midnight (= 0.1.1)
+ jekyll-theme-minimal (= 0.1.1)
+ jekyll-theme-modernist (= 0.1.1)
+ jekyll-theme-primer (= 0.5.3)
+ jekyll-theme-slate (= 0.1.1)
+ jekyll-theme-tactile (= 0.1.1)
+ jekyll-theme-time-machine (= 0.1.1)
+ jekyll-titles-from-headings (= 0.5.1)
+ jemoji (= 0.10.2)
+ kramdown (= 1.17.0)
+ liquid (= 4.0.0)
+ listen (= 3.1.5)
+ mercenary (~> 0.3)
+ minima (= 2.5.0)
+ nokogiri (>= 1.8.5, < 2.0)
+ rouge (= 2.2.1)
+ terminal-table (~> 1.4)
+ github-pages-health-check (1.16.1)
+ addressable (~> 2.3)
+ dnsruby (~> 1.60)
+ octokit (~> 4.0)
+ public_suffix (~> 3.0)
+ typhoeus (~> 1.3)
+ html-pipeline (2.12.0)
+ activesupport (>= 2)
+ nokogiri (>= 1.4)
+ http_parser.rb (0.6.0)
+ i18n (0.9.5)
+ concurrent-ruby (~> 1.0)
+ jekyll (3.8.5)
+ addressable (~> 2.4)
+ colorator (~> 1.0)
+ em-websocket (~> 0.5)
+ i18n (~> 0.7)
+ jekyll-sass-converter (~> 1.0)
+ jekyll-watch (~> 2.0)
+ kramdown (~> 1.14)
+ liquid (~> 4.0)
+ mercenary (~> 0.3.3)
+ pathutil (~> 0.9)
+ rouge (>= 1.7, < 4)
+ safe_yaml (~> 1.0)
+ jekyll-avatar (0.6.0)
+ jekyll (~> 3.0)
+ jekyll-coffeescript (1.1.1)
+ coffee-script (~> 2.2)
+ coffee-script-source (~> 1.11.1)
+ jekyll-commonmark (1.3.1)
+ commonmarker (~> 0.14)
+ jekyll (>= 3.7, < 5.0)
+ jekyll-commonmark-ghpages (0.1.5)
+ commonmarker (~> 0.17.6)
+ jekyll-commonmark (~> 1)
+ rouge (~> 2)
+ jekyll-default-layout (0.1.4)
+ jekyll (~> 3.0)
+ jekyll-feed (0.11.0)
+ jekyll (~> 3.3)
+ jekyll-gist (1.5.0)
+ octokit (~> 4.2)
+ jekyll-github-metadata (2.12.1)
+ jekyll (~> 3.4)
+ octokit (~> 4.0, != 4.4.0)
+ jekyll-mentions (1.4.1)
+ html-pipeline (~> 2.3)
+ jekyll (~> 3.0)
+ jekyll-optional-front-matter (0.3.0)
+ jekyll (~> 3.0)
+ jekyll-paginate (1.1.0)
+ jekyll-readme-index (0.2.0)
+ jekyll (~> 3.0)
+ jekyll-redirect-from (0.14.0)
+ jekyll (~> 3.3)
+ jekyll-relative-links (0.6.0)
+ jekyll (~> 3.3)
+ jekyll-remote-theme (0.3.1)
+ jekyll (~> 3.5)
+ rubyzip (>= 1.2.1, < 3.0)
+ jekyll-sass-converter (1.5.2)
+ sass (~> 3.4)
+ jekyll-seo-tag (2.5.0)
+ jekyll (~> 3.3)
+ jekyll-sitemap (1.2.0)
+ jekyll (~> 3.3)
+ jekyll-swiss (0.4.0)
+ jekyll-theme-architect (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-cayman (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-dinky (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-hacker (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-leap-day (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-merlot (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-midnight (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-minimal (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-modernist (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-primer (0.5.3)
+ jekyll (~> 3.5)
+ jekyll-github-metadata (~> 2.9)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-slate (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-tactile (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-time-machine (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-titles-from-headings (0.5.1)
+ jekyll (~> 3.3)
+ jekyll-watch (2.2.1)
+ listen (~> 3.0)
+ jemoji (0.10.2)
+ gemoji (~> 3.0)
+ html-pipeline (~> 2.2)
+ jekyll (~> 3.0)
+ kramdown (1.17.0)
+ liquid (4.0.0)
+ listen (3.1.5)
+ rb-fsevent (~> 0.9, >= 0.9.4)
+ rb-inotify (~> 0.9, >= 0.9.7)
+ ruby_dep (~> 1.2)
+ mercenary (0.3.6)
+ mini_portile2 (2.4.0)
+ minima (2.5.0)
+ jekyll (~> 3.5)
+ jekyll-feed (~> 0.9)
+ jekyll-seo-tag (~> 2.1)
+ minitest (5.11.3)
+ multipart-post (2.1.1)
+ nokogiri (1.10.8)
+ mini_portile2 (~> 2.4.0)
+ octokit (4.14.0)
+ sawyer (~> 0.8.0, >= 0.5.3)
+ pathutil (0.16.2)
+ forwardable-extended (~> 2.6)
+ public_suffix (3.1.1)
+ rb-fsevent (0.10.3)
+ rb-inotify (0.10.0)
+ ffi (~> 1.0)
+ rouge (2.2.1)
+ ruby-enum (0.7.2)
+ i18n
+ ruby_dep (1.5.0)
+ rubyzip (2.0.0)
+ safe_yaml (1.0.5)
+ sass (3.7.4)
+ sass-listen (~> 4.0.0)
+ sass-listen (4.0.0)
+ rb-fsevent (~> 0.9, >= 0.9.4)
+ rb-inotify (~> 0.9, >= 0.9.7)
+ sawyer (0.8.2)
+ addressable (>= 2.3.5)
+ faraday (> 0.8, < 2.0)
+ terminal-table (1.8.0)
+ unicode-display_width (~> 1.1, >= 1.1.1)
+ thread_safe (0.3.6)
+ typhoeus (1.3.1)
+ ethon (>= 0.9.0)
+ tzinfo (1.2.5)
+ thread_safe (~> 0.1)
+ unicode-display_width (1.6.0)
+
+PLATFORMS
+ ruby
+
+DEPENDENCIES
+ github-pages
+ tzinfo-data
+
+BUNDLED WITH
+ 2.0.1
diff --git a/LICENSE.txt b/LICENSE.txt
new file mode 100644
index 00000000..670154e3
--- /dev/null
+++ b/LICENSE.txt
@@ -0,0 +1,116 @@
+CC0 1.0 Universal
+
+Statement of Purpose
+
+The laws of most jurisdictions throughout the world automatically confer
+exclusive Copyright and Related Rights (defined below) upon the creator and
+subsequent owner(s) (each and all, an "owner") of an original work of
+authorship and/or a database (each, a "Work").
+
+Certain owners wish to permanently relinquish those rights to a Work for the
+purpose of contributing to a commons of creative, cultural and scientific
+works ("Commons") that the public can reliably and without fear of later
+claims of infringement build upon, modify, incorporate in other works, reuse
+and redistribute as freely as possible in any form whatsoever and for any
+purposes, including without limitation commercial purposes. These owners may
+contribute to the Commons to promote the ideal of a free culture and the
+further production of creative, cultural and scientific works, or to gain
+reputation or greater distribution for their Work in part through the use and
+efforts of others.
+
+For these and/or other purposes and motivations, and without any expectation
+of additional consideration or compensation, the person associating CC0 with a
+Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
+and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
+and publicly distribute the Work under its terms, with knowledge of his or her
+Copyright and Related Rights in the Work and the meaning and intended legal
+effect of CC0 on those rights.
+
+1. Copyright and Related Rights. A Work made available under CC0 may be
+protected by copyright and related or neighboring rights ("Copyright and
+Related Rights"). Copyright and Related Rights include, but are not limited
+to, the following:
+
+ i. the right to reproduce, adapt, distribute, perform, display, communicate,
+ and translate a Work;
+
+ ii. moral rights retained by the original author(s) and/or performer(s);
+
+ iii. publicity and privacy rights pertaining to a person's image or likeness
+ depicted in a Work;
+
+ iv. rights protecting against unfair competition in regards to a Work,
+ subject to the limitations in paragraph 4(a), below;
+
+ v. rights protecting the extraction, dissemination, use and reuse of data in
+ a Work;
+
+ vi. database rights (such as those arising under Directive 96/9/EC of the
+ European Parliament and of the Council of 11 March 1996 on the legal
+ protection of databases, and under any national implementation thereof,
+ including any amended or successor version of such directive); and
+
+ vii. other similar, equivalent or corresponding rights throughout the world
+ based on applicable law or treaty, and any national implementations thereof.
+
+2. Waiver. To the greatest extent permitted by, but not in contravention of,
+applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
+unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
+and Related Rights and associated claims and causes of action, whether now
+known or unknown (including existing as well as future claims and causes of
+action), in the Work (i) in all territories worldwide, (ii) for the maximum
+duration provided by applicable law or treaty (including future time
+extensions), (iii) in any current or future medium and for any number of
+copies, and (iv) for any purpose whatsoever, including without limitation
+commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
+the Waiver for the benefit of each member of the public at large and to the
+detriment of Affirmer's heirs and successors, fully intending that such Waiver
+shall not be subject to revocation, rescission, cancellation, termination, or
+any other legal or equitable action to disrupt the quiet enjoyment of the Work
+by the public as contemplated by Affirmer's express Statement of Purpose.
+
+3. Public License Fallback. Should any part of the Waiver for any reason be
+judged legally invalid or ineffective under applicable law, then the Waiver
+shall be preserved to the maximum extent permitted taking into account
+Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
+is so judged Affirmer hereby grants to each affected person a royalty-free,
+non transferable, non sublicensable, non exclusive, irrevocable and
+unconditional license to exercise Affirmer's Copyright and Related Rights in
+the Work (i) in all territories worldwide, (ii) for the maximum duration
+provided by applicable law or treaty (including future time extensions), (iii)
+in any current or future medium and for any number of copies, and (iv) for any
+purpose whatsoever, including without limitation commercial, advertising or
+promotional purposes (the "License"). The License shall be deemed effective as
+of the date CC0 was applied by Affirmer to the Work. Should any part of the
+License for any reason be judged legally invalid or ineffective under
+applicable law, such partial invalidity or ineffectiveness shall not
+invalidate the remainder of the License, and in such case Affirmer hereby
+affirms that he or she will not (i) exercise any of his or her remaining
+Copyright and Related Rights in the Work or (ii) assert any associated claims
+and causes of action with respect to the Work, in either case contrary to
+Affirmer's express Statement of Purpose.
+
+4. Limitations and Disclaimers.
+
+ a. No trademark or patent rights held by Affirmer are waived, abandoned,
+ surrendered, licensed or otherwise affected by this document.
+
+ b. Affirmer offers the Work as-is and makes no representations or warranties
+ of any kind concerning the Work, express, implied, statutory or otherwise,
+ including without limitation warranties of title, merchantability, fitness
+ for a particular purpose, non infringement, or the absence of latent or
+ other defects, accuracy, or the present or absence of errors, whether or not
+ discoverable, all to the greatest extent permissible under applicable law.
+
+ c. Affirmer disclaims responsibility for clearing rights of other persons
+ that may apply to the Work or any use thereof, including without limitation
+ any person's Copyright and Related Rights in the Work. Further, Affirmer
+ disclaims responsibility for obtaining any necessary consents, permissions
+ or other rights required for any use of the Work.
+
+ d. Affirmer understands and acknowledges that Creative Commons is not a
+ party to this document and has no duty or obligation with respect to this
+ CC0 or use of the Work.
+
+For more information, please see
+
diff --git a/README.md b/README.md
index acaf71d7..cacbb5bf 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,68 @@
-# Privacy Guides
+
+
+# Contributing
+
+It's important for a website like PrivacyTools to be up-to-date. Keep an eye on software updates of the applications listed here. Follow recent news about providers that are recommended. We try our best to keep up but we're not perfect and the internet is changing fast. So if you find an error, or you think a provider should not be listed here, or a qualified service provider is missing or a browser plugin is not the best choice anymore or anything else...
+
+**Talk to us!** If you want to help make privacytools.io the best website it can be, join our Matrix discussion chat at [`#dev:privacytools.io`](https://matrix.to/#/#dev:privacytools.io), where we talk about open issues and PRs in this repo, and changes to the site. You may submit any website suggestions here on GitHub [Issues](https://github.com/privacytools/privacytools.io/issues). Please refer to the [contribution guidelines](.github/CONTRIBUTING.md) and consider stopping by our chat room before submitting. Thank you.
+
+If you want to discuss privacy in general, a new tool, or just something else, feel free to join [our Discourse community](https://forum.privacytools.io/) or our general Matrix room at [`#general:privacytools.io`](https://matrix.to/#/#general:privacytools.io) and start a discussion! This is a community project and we're aiming to deliver the best information available. Thank you for participating.
+
+## Developing
+
+1. Install the latest stable version of [Ruby](https://www.ruby-lang.org/en/downloads/).
+1. Install [Bundler](https://bundler.io/) v2.0.1:
+ * `gem install bundler -v 2.0.1`
+1. Install the required dependencies:
+ * `bundle install`
+1. Build the website (the output can be found in the `_site` directory):
+ * `bundle exec jekyll build`
+1. Serve the website locally with live reloading:
+ * `bundle exec jekyll serve --incremental --livereload`
+
+# Support
+
+- [Donate](https://www.privacytools.io/sponsors/)
+- [Spread the word](https://www.privacytools.io/#participate)
+- [Join our Discourse community](https://forum.privacytools.io/)
+- [Make suggestions on reddit](https://www.reddit.com/r/privacytoolsIO/)
+- View and edit our website source code here on GitHub.
+
+## Backers
+
+Like what we're doing? [Become a backer](https://opencollective.com/privacytools) and show your support for our project.
+
+
+
+
+
+## Sponsors
+
+Are you working with a privacy focused company? Ask your manager or marketing team if your company would be interested in supporting our project. Your support will help us continue to develop this website, promote privacy-respecting tools and services, and reach out to thousands of data privacy newcomers every month. Also, your company's logo will show on GitHub and [our site](https://www.privacytools.io/sponsors/), and who doesn't like a little extra exposure?
+
+## Community Translations
+- [繁体中文 / Chinese](https://privacytools.twngo.xyz/) - [GitHub](https://github.com/twngo/privacytools-zh)
+- [Español / Spanish](https://victorhck.gitlab.io/privacytools-es/) - [GitLab](https://gitlab.com/victorhck/privacytools-es)
+- [Polski / Polish](https://pl.privacytools.io) - [Gitea](https://git.privacytools.io/pl-privacytoolsIO/pl.privacytools.io)
+- [Deutsch / German](https://privacytools.it-sec.rocks/) - [GitHub](https://github.com/Anon215/privacytools.it-sec.rocks)
+- [Français / French](https://privacytools.dreads-unlock.fr/) - [GitLab](https://gitlab.com/Booteille/privacytools)
+- [Italiano / Italian](https://privacytools-it.github.io/) - [GitHub](https://github.com/privacytools-it/privacytools-it.github.io)
+- [Русский / Russian](https://privacytools.ru) - [GitHub](https://github.com/c0rdis/privacytools.ru)
+- [Português / Portuguese](https://www.privacidade.digital/) - [GitHub](https://github.com/PrivacidadeDigital/privacidade.digital)
+
+# License & Notices
+
+Please visit [https://www.privacytools.io/notices/](https://www.privacytools.io/notices/) for license information and other disclaimers. PrivacyTools is provided on an "as-is" basis, without warranty, and disclaiming liability for damages. By contributing to this repository you agree to license your work under the terms of the [license](https://github.com/privacytools/privacytools.io/blob/master/LICENSE.txt) in this repository.
diff --git a/_config.yml b/_config.yml
new file mode 100644
index 00000000..25a9c243
--- /dev/null
+++ b/_config.yml
@@ -0,0 +1,13 @@
+title: PrivacyTools - Encryption Against Global Mass Surveillance
+name: PrivacyTools
+description: You are being watched. PrivacyTools provides knowledge, encryption, and software recommendations to protect you against global mass surveillance.
+url: "https://www.privacytools.io"
+production_url: "https://www.privacytools.io"
+sass:
+ style: compressed
+plugins:
+ - jekyll-sitemap
+sitemap:
+file: "/sitemap.xml"
+include: [".well-known"]
+exclude: ["font", "vendor"]
diff --git a/_includes/badge.html b/_includes/badge.html
new file mode 100644
index 00000000..f908ecf8
--- /dev/null
+++ b/_includes/badge.html
@@ -0,0 +1,20 @@
+{% if include.link %}
+ {{ include.text }}
+{% else %}> {{ include.text }}{% endif %}
+
+{% else %}
+ {{include.text}}
+ {% else %}
+ > {% if include.icon %}{% endif %} {{include.text}}
+ {% endif %}
+
+{% endif %}
diff --git a/_includes/breadcrumbs.html b/_includes/breadcrumbs.html
new file mode 100644
index 00000000..b744bb53
--- /dev/null
+++ b/_includes/breadcrumbs.html
@@ -0,0 +1,23 @@
+
diff --git a/_includes/card.html b/_includes/card.html
new file mode 100644
index 00000000..ec676c84
--- /dev/null
+++ b/_includes/card.html
@@ -0,0 +1,76 @@
+
NetGuard provides simple and advanced methods to block certain apps from accessing the internet, without requiring root privileges. Applications and addresses can be individually allowed or denied access to your Wi-Fi and/or mobile connections, allowing you to control exactly which apps are able to phone home or not.
Orbot is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world.
diff --git a/_includes/sections/android-operating-systems.html b/_includes/sections/android-operating-systems.html
new file mode 100644
index 00000000..6825a1bf
--- /dev/null
+++ b/_includes/sections/android-operating-systems.html
@@ -0,0 +1,53 @@
+
Mobile Operating Systems
+
+
Android-based Operating Systems
+
+
+ Even though the source code of the following operating systems is provided, installing Google Apps may compromise your setup.
+
+
+{% include cardv2.html
+ title="CalyxOS"
+ image="/assets/img/svg/3rd-party/calyxos.svg"
+ description='CalyxOS is a custom ROM based on the Android Open Source Project with Pixel phones. It aims to be secure and private by default including a number of good choices for default applications. It also supports verified boot.'
+ badges="info:AOSP"
+ website="https://calyxos.org"
+ gitlab="https://gitlab.com/calyxos"
+%}
+
+{% include cardv2.html
+ title="GrapheneOS"
+ image="/assets/img/svg/3rd-party/grapheneos.svg"
+ image-dark="/assets/img/svg/3rd-party/grapheneos-dark.svg"
+ description='GrapheneOS (formerly known as CopperheadOS) is a free and open-source security- and privacy-focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security.'
+ badges="info:AOSP"
+ website="https://grapheneos.org/"
+ github="https://github.com/GrapheneOS/"
+%}
+
+{% include cardv2.html
+ title="LineageOS (Official Builds)"
+ image="/assets/img/svg/3rd-party/lineageos.svg"
+ description='LineageOS is a custom ROM based on the Android Open Source Project with official support for a wide variety of devices. The project is the successor to the popular CyanogenMod project, focusing on system control and customization, device longevity, and privacy. For security reasons, we do not recommend third-party builds of LineageOS for unsupported devices.'
+ badges="info:AOSP"
+ website="https://www.lineageos.org/"
+ privacy-policy="https://www.lineageos.org/legal/"
+ github="https://github.com/LineageOS"
+%}
+
+
Worth Mentioning
+
+
+
+ MicroG
+ {% include badge.html
+ color="info"
+ text="Add-on Package"
+ %}
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ %}
+ - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at Lineage for microG.
+
+
diff --git a/_includes/sections/browser-addons.html b/_includes/sections/browser-addons.html
new file mode 100644
index 00000000..0c37fb7c
--- /dev/null
+++ b/_includes/sections/browser-addons.html
@@ -0,0 +1,193 @@
+
+
+{% include cardv2.html
+ title="uBlock Origin: Block Ads and Trackers"
+ image="/assets/img/svg/3rd-party/ublock_origin.svg"
+ description="
uBlock Origin is an efficient wide-spectrum blocker that is easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely open source. Advanced mode allows for dynamic filtering. Dynamic filtering allows for extended blocking similar to NoScript and uMatrix (E.g. medium or hard) blocking.
"
+ website="https://addons.mozilla.org/firefox/addon/ublock-origin/"
+ privacy-policy="https://github.com/gorhill/uBlock/wiki/Privacy-policy"
+ forum="https://forum.privacytools.io/t/discussion-ublock-origin/266"
+ github="https://github.com/gorhill/uBlock/"
+ firefox="https://addons.mozilla.org/firefox/addon/ublock-origin/"
+ chrome="https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm"
+ opera="https://addons.opera.com/en/extensions/details/ublock/"
+ edge="https://www.microsoft.com/en-us/p/ublock-origin/9nblggh444l4"
+%}
+
+{% include cardv2.html
+ title="HTTPS Everywhere: Secure Connections"
+ image="/assets/img/svg/3rd-party/https_everywhere.svg"
+ description="HTTPS Everywhere enables encryption of your connections to many major websites, making your browsing more secure. It is a collaboration between The Tor Project and the Electronic Frontier Foundation."
+ website="https://www.eff.org/https-everywhere"
+ privacy-policy="https://www.eff.org/code/privacy/policy"
+ forum="https://forum.privacytools.io/t/discussion-https-everywhere/268"
+ github="https://github.com/EFForg/https-everywhere"
+ firefox="https://addons.mozilla.org/firefox/addon/https-everywhere"
+ chrome="https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp"
+ opera="https://addons.opera.com/en/extensions/details/https-everywhere"
+%}
+
+{% include cardv2.html
+ title="Decentraleyes: Block Content Delivery Networks"
+ image="/assets/img/svg/3rd-party/decentraleyes.svg"
+ description="Decentraleyes emulates Content Delivery Networks locally by intercepting requests, finding the required resource, and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required."
+ website="https://decentraleyes.org/"
+ privacy-policy="https://decentraleyes.org/privacy-policy/"
+ forum="https://forum.privacytools.io/t/discussion-decentraleyes/269"
+ gitlab="https://git.synz.io/Synzvato/decentraleyes"
+ firefox="https://addons.mozilla.org/firefox/addon/decentraleyes"
+ chrome="https://chrome.google.com/webstore/detail/decentraleyes/ldpochfccmkkmhdbclfhpagapcfdljkj"
+ opera="https://addons.opera.com/extensions/details/decentraleyes"
+%}
+
+{% include cardv2.html
+ title="ClearURLs"
+ image="/assets/img/svg/3rd-party/clearurls.svg"
+ description="ClearURLs will automatically remove tracking elements from URLs to help protect your privacy when browsing through the Internet."
+ website="https://gitlab.com/KevinRoebert/ClearUrls"
+ privacy-policy="https://gitlab.com/KevinRoebert/ClearUrls/-/blob/master/PRIVACY.md"
+ forum="https://forum.privacytools.io/t/discussion-clearurls/3353"
+ gitlab="https://gitlab.com/KevinRoebert/ClearUrls"
+ firefox="https://addons.mozilla.org/firefox/addon/clearurls/"
+ chrome="https://chrome.google.com/webstore/detail/clearurls/lckanjgmijmafbedllaakclkaicjfmnk"
+ edge="https://microsoftedge.microsoft.com/addons/detail/mdkdmaickkfdekbjdoojfalpbkgaddei"
+%}
+
+{% include cardv2.html
+ title="xBrowserSync"
+ image="/assets/img/svg/3rd-party/xbrowsersync.svg"
+ description='xBrowserSync synchronizes bookmarks across devices and browsers with end-to-end encryption. Data is encrypted and decrypted on the device, no one but you can read it. No registration is needed, just enter a randomly generated id or QR code on all devices. Different servers are available, and it can also be self-hosted.'
+ website="https://www.xbrowsersync.org/"
+ privacy-policy="https://www.xbrowsersync.org/privacypolicy"
+ github="https://github.com/xbrowsersync"
+ firefox="https://addons.mozilla.org/firefox/addon/xbs/"
+ chrome="https://chrome.google.com/webstore/detail/xbrowsersync/lcbjdhceifofjlpecfpeimnnphbcjgnc"
+ googleplay="https://play.google.com/store/apps/details?id=com.xBrowserSync.android"
+%}
+
+
Worth Mentioning
+
+
+
floccus - Synchronize bookmarks across browsers via Nextcloud, WebDAV or a local file (and thus any file sync solution). For Firefox, Chrome, Edge.
+
+
+
Additional Functionality
+
+
+ These add-ons don't necessarily add to your privacy when browsing the web, but add additional functionality to your browser you may find useful.
+
+
+{% include cardv2.html
+ title="Terms of Service; Didn’t Read: Be Informed"
+ image="/assets/img/svg/3rd-party/terms_of_service_didnt_read.svg"
+ description='Terms of Service; Didn’t Read is an addon that believes "I have read and agree to the Terms of Service" is the biggest lie on the web, and wants to fix it by grading websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analysis and ratings are published transparently by a community of reviewers.'
+ website="https://tosdr.org/"
+ privacy-policy="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-terms-of-service-didn-t-read/270"
+ github="https://github.com/tosdr/"
+ firefox="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/"
+ chrome="https://chrome.google.com/webstore/detail/terms-of-service-didn%E2%80%99t-r/hjdoplcnndgiblooccencgcggcoihigg"
+ opera="https://addons.opera.com/extensions/details/terms-of-service-didnt-read"
+%}
+
+{% include cardv2.html
+ title="Snowflake"
+ image="/assets/img/svg/3rd-party/snowflake.svg"
+ description="Snowflake is a new pluggable transport from the Tor Project. If you have an uncensored connection, running this extension volunteers your connection to be used as a Snowflake proxy to help users unable to connect to the Tor network. Your IP will not be visible to the sites users visit using your proxy, as this extension will not make you an exit node. If your access to the Tor network is blocked, this extension will not assist you, and you should use the Tor Browser instead. Note: This add-on does not work with WebRTC disabled."
+ website="https://snowflake.torproject.org"
+ forum="https://forum.privacytools.io/t/discussion-snowflake/1146"
+ git="https://gitweb.torproject.org/pluggable-transports/snowflake.git"
+ firefox="https://addons.mozilla.org/firefox/addon/torproject-snowflake"
+ chrome="https://chrome.google.com/webstore/detail/snowflake/mafpmfcccpbjnhfhjnllmmalhifmlcie"
+%}
+
+
Persistent storage management
+
+
Desktop
+
+
+ These add-ons are the preferred method for controlling persistent storage data that various websites and web-apps may create on your computer.
+
+
+{% include cardv2.html
+ title="Temporary Containers"
+ image="/assets/img/svg/3rd-party/temporary_containers.svg"
+ image-dark="/assets/img/svg/3rd-party/temporary_containers-dark.svg"
+ description="Temporary Containers allow you to open tabs, websites, and links in automatically managed disposable containers. Containers isolate data websites store (cookies, storage, and more) from each other, enhancing your privacy and security while you browse: Enhance your privacy in Firefox with Temporary Containers."
+ website="https://addons.mozilla.org/firefox/addon/temporary-containers/"
+ privacy-policy="https://addons.mozilla.org/firefox/addon/temporary-containers/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-temporary-containers-multi-account-containers/3354"
+ github="https://github.com/stoically/temporary-containers"
+ firefox="https://addons.mozilla.org/firefox/addon/temporary-containers/"
+%}
+
+{% include cardv2.html
+ title="Firefox Multi-Account Containers"
+ image="/assets/img/svg/3rd-party/firefox_multi_account_containers.svg"
+ description="Firefox Multi-Account Containers allow you to create containers for specific websites. These containers are isolated from eachother. This add-on can be used in conjunctiuon with Temporary Containers to allow persistent logins to websites you specify."
+ website="https://support.mozilla.org/kb/containers"
+ forum="https://forum.privacytools.io/t/discussion-temporary-containers-multi-account-containers/3354"
+ github="https://github.com/mozilla/multi-account-containers"
+ firefox="https://addons.mozilla.org/firefox/addon/multi-account-containers/"
+%}
+
+
Android
+
+
+ Unfortunately the Android version of Firefox doesn't support managing tabs as containers. The recommended extensions below are a substitute, however as APIs do not exist for clearing IndexedDB, Service Workers cache, appCache, or cache by host. As a result they are not as good as the above Temporary Container suggestions.
+
+
+{% include cardv2.html
+ title="ETag Stoppa"
+ image="/assets/img/svg/3rd-party/etag_stoppa.svg"
+ description="ETag Stoppa Prevents Firefox from storing entity tags by removing ETag response headers unconditionally and without exceptions."
+ website="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
+ forum=""
+ github="https://github.com/claustromaniac/etag-stoppa"
+ firefox="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
+%}
+
+{% include cardv2.html
+ title="Cookie AutoDelete: Automatically Delete Cookies"
+ image="/assets/img/png/3rd-party/cookie_autodelete.png"
+ description="Cookie AutoDelete automatically removes cookies, lingering sessions, and other information that can be used to spy on you when they are no longer used by open browser tabs."
+ website="https://addons.mozilla.org/firefox/addon/cookie-autodelete/"
+ forum="https://forum.privacytools.io/t/discussion-cookie-autodelete/267"
+ github="https://github.com/Cookie-AutoDelete/Cookie-AutoDelete"
+ firefox="https://addons.mozilla.org/firefox/addon/cookie-autodelete"
+ chrome="https://chrome.google.com/webstore/detail/cookie-autodelete/fhcgjolkccmbidfldomjliifgaodjagh"
+%}
+
+
For Advanced Users
+
+
+ These addons require quite a lot of interaction from the user, and some of them completely replace the add-ons we've recommended above. Some sites may not work properly without careful configuration.
+
+
+{% include cardv2.html
+ title="uMatrix: Stop Cross-Site Requests"
+ image="/assets/img/png/3rd-party/umatrix.png"
+ description="uMatrix gives you control over the requests that websites make to other websites. Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. uMatrix allows 1st party scripts in its default configuration. If you want the default functionality of NoScript consider blocking 1st party scripts everywhere by default. This addon has been discontinued."
+ website="https://addons.mozilla.org/firefox/addon/umatrix/"
+ privacy-policy="https://github.com/gorhill/uMatrix/wiki/Privacy-policy"
+ forum="https://forum.privacytools.io/t/discussion-umatrix/271"
+ github="https://github.com/gorhill/uMatrix"
+ firefox="https://addons.mozilla.org/firefox/addon/umatrix"
+ chrome="https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf"
+ opera="https://addons.opera.com/extensions/details/umatrix"
+%}
+
+{% include cardv2.html
+ title="CanvasBlocker"
+ image="/assets/img/svg/3rd-party/canvasblocker.svg"
+ description="CanvasBlocker allows users to prevent websites from using some Javascript APIs to fingerprint them. Users can choose to block the APIs entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API."
+ website="https://github.com/kkapsner/CanvasBlocker/"
+ privacy-policy="https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-canvasblocker/3352"
+ github="https://github.com/kkapsner/CanvasBlocker/"
+ firefox="https://addons.mozilla.org/firefox/addon/canvasblocker/"
+%}
diff --git a/_includes/sections/browser-fingerprint.html b/_includes/sections/browser-fingerprint.html
new file mode 100644
index 00000000..787075cb
--- /dev/null
+++ b/_includes/sections/browser-fingerprint.html
@@ -0,0 +1,25 @@
+
Browser Fingerprint - Is your browser configuration unique?
+
+
+ Your Browser sends information that makes you unique amongst millions of users and therefore easy to identify.
+
+
+
When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using cookies. EFF created a Tool called Panopticlick to test your browser to see how unique it is.
You need to find what most browsers are reporting, and then use those variables to bring your browser in the same population. This means having the same fonts, plugins, and extensions installed as the large installed base. You should have a spoofed user-agent string to match what the large userbase has. You need to have the same settings enabled and disabled, such as DNT and WebGL. You need your browser to look as common as everyone else. Disabling JavaScript, using Linux, or even using the Tor Browser Bundle, will make your browser stick out from the masses.
+
+
Modern web browsers have not been architected to assure personal web privacy. Rather than worrying about being fingerprinted, it seems more practical to use free software plugins to regain control. They not only respect your freedom, but your privacy also. You can get much further with these than trying to manipulate your browser's fingerprint.
BrowserLeaks.com - Web browser security testing tools that tell you what exactly personal identity data may be leaked without any permissions when you surf the Internet.
+
diff --git a/_includes/sections/browser-recommendation.html b/_includes/sections/browser-recommendation.html
new file mode 100644
index 00000000..96eca12f
--- /dev/null
+++ b/_includes/sections/browser-recommendation.html
@@ -0,0 +1,143 @@
+
+
+ Browser Recommendations For Desktop
+
+
+{% include cardv2.html
+ title="Firefox"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox is fast, reliable, open-source, and respects your privacy. Don\'t forget to adjust the settings according to our
+ recommendations: Privacy Add-ons WebRTC about:config tweaks.'
+ website="https://firefox.com"
+ privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
+ forum="https://forum.privacytools.io/t/discussion-firefox/279"
+ source="https://hg.mozilla.org/mozilla-central/"
+ windows="https://www.mozilla.org/firefox/windows/"
+ mac="https://www.mozilla.org/firefox/mac/"
+ linux="https://www.mozilla.org/firefox/linux/"
+ freebsd="https://www.freshports.org/www/firefox"
+ openbsd="http://openports.se/www/mozilla-firefox"
+ netbsd="http://pkgsrc.se/www/firefox"
+%}
+
+{% include cardv2.html
+ title="Tor Browser - Provides Anonymity"
+ image="/assets/img/svg/3rd-party/tor_browser.svg"
+ description='Tor Browser is your choice if you need an extra layer of anonymity. It\'s a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption, and an advanced proxy. How does Tor work?'
+ website="https://www.torproject.org/"
+ privacy-policy="https://support.torproject.org/tbb/tbb-3/"
+ tor="http://expyuzz4wqqyqhjn.onion/"
+ forum="https://forum.privacytools.io/t/discussion-tor-browser/278"
+ git="https://trac.torproject.org/projects/tor"
+ windows="https://www.torproject.org/download/"
+ mac="https://www.torproject.org/download/"
+ linux="https://www.torproject.org/download/"
+%}
+
+
+
+ Browser Recommendations For Android
+
+
+{% include cardv2.html
+ title="Firefox"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox is fast, reliable, open-source, and respects your privacy. Don\'t forget to adjust the settings according to our
+ recommendations: Privacy Add-ons WebRTC about:config tweaks.'
+ website="https://www.mozilla.org/en-US/firefox/mobile/"
+ privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
+ forum="https://forum.privacytools.io/t/discussion-firefox/279"
+ github="https://github.com/mozilla-mobile"
+ fdroid="https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefox"
+ android="https://www.mozilla.org/firefox/all/#product-android-release"
+%}
+
+{% include cardv2.html
+ title="Tor Browser - Provides Anonymity"
+ image="/assets/img/svg/3rd-party/tor_browser.svg"
+ description='Tor Browser is your choice if you need an extra layer of anonymity. It\'s a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption and an advanced proxy. How does Tor work?'
+ website="https://www.torproject.org/"
+ privacy-policy="https://support.torproject.org/tbb/tbb-3/"
+ tor="http://expyuzz4wqqyqhjn.onion/"
+ forum="https://forum.privacytools.io/t/discussion-tor-browser-for-android-browsers/1522"
+ git="https://gitweb.torproject.org/tor-browser.git/"
+ android="https://www.torproject.org/download/#android"
+ fdroid="https://guardianproject.info/fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
+%}
+
+{% include cardv2.html
+ title="Bromite"
+ image="/assets/img/svg/3rd-party/bromite.svg"
+ description='Bromite is a Chromium-based browser with privacy and security enhancements, built-in adblocking and DNS over HTTPS support; it includes patches from ungoogled-chromium and other privacy-focused projects. More info can be found on the official website.'
+ website="https://www.bromite.org/"
+ forum="https://forum.privacytools.io/t/discussion-bromite-browsers/1521"
+ github="https://github.com/bromite/bromite"
+ fdroid="https://www.bromite.org/fdroid"
+ android="https://www.bromite.org/#download-bromite"
+%}
+
+
Worth Mentioning for Android
+
+
+
+ Privacy Browser
+ - An open-source web browser focused on user privacy. Features include integrated ad blocking with EasyList, SSL certificate pinning, and Tor Orbot proxy support.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://play.google.com/store/apps/details?id=com.google.android.webview"
+ tooltip="Privacy Browser relies on the Android System WebView which needs to be kept up to date to fix security issues. One can update WebView by either installing it from Google Play or Aurora Store which you can get from F-Droid."
+ text="Keep WebView up-to-date"
+ %}
+
+
+
+
+
Browser Recommendations For iOS
+
+{% include cardv2.html
+ title="Firefox"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox is fast, reliable, open-source, and respects your privacy. Note: Because of limitations set by Apple in iOS, our recommended tweaks cannot be applied. However, Firefox for iOS has an Enhanced Tracking Protection feature that uses a list provided by Disconnect to identify and block ad, social, and analytics trackers, as well as cryptominers and fingerprinters.'
+ website="https://www.mozilla.org/en-US/firefox/mobile/"
+ privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
+ forum="https://forum.privacytools.io/t/discussion-firefox/279"
+ github="https://github.com/mozilla-mobile/firefox-ios"
+ ios="https://apps.apple.com/us/app/firefox-private-safe-browser/id989804926"
+%}
+
+
+{% include cardv2.html
+ title="Onion Browser"
+ image="/assets/img/svg/3rd-party/onion_browser.svg"
+ description='Onion Browser is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the Tor Project. Warning: there are certain anonymity-related issues with Onion Browser due to iOS limitations.'
+ website="https://onionbrowser.com/"
+ privacy-policy="https://onionbrowser.com/privacy-policy"
+ forum="https://forum.privacytools.io/t/discussion-onion-browser-browsers/1523"
+ github="https://github.com/OnionBrowser/OnionBrowser"
+ ios="https://apps.apple.com/us/app/onion-browser/id519296448"
+%}
+
+
+{% include cardv2.html
+ title="DuckDuckGo Privacy Browser"
+ image="/assets/img/svg/3rd-party/duckduckgo.svg"
+ description='DuckDuckGo Privacy Browser is an open-source web browser that has built-in ad and tracker blocking and utilizes ToS;DR to rate the privacy policies of the sites you visit.'
+ website="https://duckduckgo.com/app"
+ privacy-policy="https://duckduckgo.com/privacy"
+ tor="https://3g2upl4pq6kufc4m.onion/app"
+ forum="https://forum.privacytools.io/t/discussion-duckduckgo-privacy-browser-browsers/1524"
+ github="https://github.com/duckduckgo/iOS"
+ ios="https://apps.apple.com/us/app/duckduckgo-privacy-browser/id663592361"
+%}
+
+
Worth Mentioning for iOS
+
+
+
+ SnowHaze
+ - An open-source web browser with built-in ad, tracker, cookie, and fingerprint blocking, all customizable on a per-site basis.
+
+
diff --git a/_includes/sections/browser-tweaks.html b/_includes/sections/browser-tweaks.html
new file mode 100644
index 00000000..9b69d737
--- /dev/null
+++ b/_includes/sections/browser-tweaks.html
@@ -0,0 +1,134 @@
+
Firefox: Privacy Related "about:config" Tweaks
+
+
This is a collection of privacy-related about:config tweaks. We'll show you how to enhance the privacy of your Firefox browser.
+
+
Preparation:
+
+
+
Enter "about:config" in the firefox address bar and press enter.
+
Press the button "Accept the Risk and Continue" [FF71+] or "I accept the risk".
+
Copy and paste each of the preferences below (for example "webgl.disabled") into the search bar, and set each of them to the stated value (such as "true").
+
+
+
Getting started:
+
+
+
privacy.firstparty.isolate = true
+
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)
+
+
privacy.resistFingerprinting = true
+
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
This is Mozilla's new built-in tracking protection. One of it's benefits is blocking tracking (i.e. Google Analytics) on privileged pages where add-ons that usually do that are disabled.
+
+
browser.send_pings = false
+
The attribute would be useful for letting websites track visitors' clicks.
+
+
browser.urlbar.speculativeConnect.enabled = false
+
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. Source
+
+
+
dom.event.clipboardevents.enabled = false
+
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
+
+
media.eme.enabled = false
+
+
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. Details
+
DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.
+
+
+
media.gmp-widevinecdm.enabled = false
+
Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. Details
+
+
media.navigator.enabled = false
+
Websites can track the microphone and camera status of your device.
+
+
network.cookie.cookieBehavior = 1
+
+ Disable cookies
+
+
0 = Accept all cookies by default
+
1 = Only accept from the originating site (block third-party cookies)
+
2 = Block all cookies by default
+
+
+
+
+
+
network.http.referer.XOriginPolicy = 2
+
+ Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.) Source
+
+
0 = Send Referer in all cases
+
1 = Send Referer to same eTLD sites
+
2 = Send Referer only when the full hostnames match
+
+
+
+
network.http.referer.XOriginTrimmingPolicy = 2
+
+ When sending Referer across origins, only send scheme, host, and port in the Referer header of cross-origin requests. Source
+
Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. Details
+
+
Disable Firefox prefetching pages it thinks you will visit next:
+
+ Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details here and here.
+
+
network.dns.disablePrefetch = true
+
network.dns.disablePrefetchFromHTTPS = true
+
network.predictor.enabled = false
+
network.predictor.enable-prefetch = false
+
network.prefetch-next = false
+
+
+
network.IDN_show_punycode = true
+
Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. Source
arkenfox user.js (formerly ghacks-user.js) - An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting.
diff --git a/_includes/sections/browser-webrtc.html b/_includes/sections/browser-webrtc.html
new file mode 100644
index 00000000..3b2fc636
--- /dev/null
+++ b/_includes/sections/browser-webrtc.html
@@ -0,0 +1,58 @@
+
WebRTC IP Leak Test - Is your IP address leaking?
+
+
+ WebRTC is a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN.
+
+
+
While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe. Note: This disables browser-based call functionality that is used for webapps like Discord, Hangouts, Jitsi, etc.
Safari is far stricter with WebRTC than other major browsers, and it does not leak your IP address in its default configuration. If you'd like, you can follow these steps just to double-check your browser:
+
+
+
Choose "Preferences" under the Safari menu in your menu bar.
+
Select the Advanced tab and check the "Show Develop menu in menu bar" box.
+
Exit Preferences and open the Develop menu in your menu bar.
+
In the drop-down menu, open the "WebRTC" submenu and ensure "Enable Legacy WebRTC API" is unchecked. If it's grayed out, even better.
+
+
+
How to disable WebRTC in Google Chrome?
+
+
WebRTC cannot be fully disabled in Chrome; however, it is possible to change its routing settings (and prevent leaks) using an extension. Two open-source solutions include WebRTC Leak Prevent (options may need to be changed depending on the scenario), and uBlock Origin (select "Prevent WebRTC from leaking local IP addresses" in Settings).
diff --git a/_includes/sections/calendar-contacts-sync.html b/_includes/sections/calendar-contacts-sync.html
new file mode 100644
index 00000000..71940410
--- /dev/null
+++ b/_includes/sections/calendar-contacts-sync.html
@@ -0,0 +1,69 @@
+
Calendar and Contacts Sync
+
+
+ If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud, you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Nextcloud"
+ image="/assets/img/svg/3rd-party/nextcloud.svg"
+ description="Nextcloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
+ website="https://nextcloud.com/"
+ privacy-policy="https://nextcloud.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud-calender-contacts-sync-tools/1535"
+ github="https://github.com/nextcloud"
+ windows="https://nextcloud.com/install/"
+ linux="https://nextcloud.com/install/"
+ mac="https://nextcloud.com/install/"
+ freebsd="https://www.freshports.org/deskutils/nextcloudclient/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ android="https://nextcloud.com/install/"
+ ios="https://nextcloud.com/install/"
+%}
+
+{%
+ include cardv2.html
+ title="EteSync"
+ image="/assets/img/svg/3rd-party/etesync.svg"
+ description="EteSync is a secure, end-to-end encrypted, and privacy-respecting cloud backup and synchronization software for your personal information (e.g. contacts and calendars). There are native clients for Android, iOS, and the web, and an adapter layer for most desktop clients. It costs $24 per year to use, or you can host the server yourself for free."
+ website="https://www.etesync.com/"
+ privacy-policy="https://www.etesync.com/tos/#privacy"
+ forum="https://forum.privacytools.io/t/discussion-etesync-calender-contacts-sync-tools/1536"
+ github="https://github.com/etesync"
+ web="https://client.etesync.com/"
+ windows="https://www.etesync.com/install/dav/"
+ mac="https://www.etesync.com/install/dav/"
+ linux="https://www.etesync.com/install/dav/"
+ freebsd="https://www.etesync.com/install/dav/"
+ openbsd="https://www.etesync.com/install/dav/"
+ netbsd="https://www.etesync.com/install/dav/"
+ fdroid="https://f-droid.org/packages/com.etesync.syncadapter/"
+ googleplay="https://play.google.com/store/apps/details?id=com.etesync.syncadapter"
+ ios="https://www.etesync.com/install/ios/"
+%}
+
+{%
+ include cardv2.html
+ title="Email Providers"
+ image="/assets/img/svg/layout/email.svg"
+ description='Many email providers also offer calendar and or contacts sync services. Refer to our Email Provider recommendations to choose an email provider and see if they also offer calendar and/or contacts sync.'
+ website="/providers/email"
+%}
+
+
Worth Mentioning
+
+
+
+ fruux - A unified contacts/calendaring system that works across platforms and devices.
+
+
+
+ Cloud backups - Consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after encrypting them).
+
+
+
+ DecSync - DecSync can be used to synchronize RSS, contacts, and calendars without a server by using file synchronization software such as Syncthing.
+
+
diff --git a/_includes/sections/cloud-storage.html b/_includes/sections/cloud-storage.html
new file mode 100644
index 00000000..252c6746
--- /dev/null
+++ b/_includes/sections/cloud-storage.html
@@ -0,0 +1,31 @@
+
Encrypted Cloud Storage Services
+
+
+ If you are currently using Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Nextcloud - Choose your hoster"
+ image="/assets/img/svg/3rd-party/nextcloud.svg"
+ description="Nextcloud is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control. The only limits on storage and bandwidth are the limits on the server provider you choose."
+ website="https://nextcloud.com/"
+ privacy-policy="https://nextcloud.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud/287"
+ windows="https://nextcloud.com/install/#install-clients"
+ mac="https://nextcloud.com/install/#install-clients"
+ linux="https://nextcloud.com/install/#install-clients"
+ freebsd="https://www.freshports.org/www/nextcloud/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ fdroid="https://f-droid.org/packages/com.nextcloud.client/"
+ googleplay="https://play.google.com/store/apps/details?id=com.nextcloud.client"
+ ios="https://itunes.apple.com/us/app/nextcloud/id1125420102"
+ github="https://github.com/nextcloud"
+%}
+
+
Worth Mentioning
+
+
+
Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration. {% include badge.html color="warning" tooltip="Cryptomator's mobile apps are not open-source." link="https://github.com/cryptomator/cryptomator-android/issues/1#issuecomment-257979375" icon="fas fa-exclamation-triangle" %}
+
CryptPad - Free and end-to-end encrypted real time collaboration sharing folders, media, and documents.
+
diff --git a/_includes/sections/decentralized-video.html b/_includes/sections/decentralized-video.html
new file mode 100644
index 00000000..6893b395
--- /dev/null
+++ b/_includes/sections/decentralized-video.html
@@ -0,0 +1,14 @@
+
Decentralized Video Platforms
+
+
+ If you are currently using a platform like YouTube or Vimeo, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="PeerTube"
+ image="/assets/img/svg/3rd-party/peertube.svg"
+ description='PeerTube, developed by Framasoft, is a free and decentralized alternative to video platforms, with over 400,000 videos published by over 50,000 users and viewed over 10 million times. If you are looking for a server to join, you are welcome to join our hosted instance: tube.privacytools.io'
+ website="https://joinpeertube.org"
+ github="https://github.com/Chocobozzz/PeerTube"
+ web="https://joinpeertube.org/#what-is-peertube"
+%}
diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
new file mode 100644
index 00000000..aa89c5f8
--- /dev/null
+++ b/_includes/sections/dns.html
@@ -0,0 +1,668 @@
+
+ Encrypted DNS Resolvers
+
+
+
+ DNS-over-HTTPS, DNS-over-TLS, and DNSCrypt resolvers will not make you anonymous. Using Anonymized DNSCrypt hides only your DNS traffic from your Internet Service Provider. However, using any of these protocols will prevent DNS hijacking, and make your DNS requests harder for third parties to eavesdrop on and tamper with. If you are currently using Google's DNS resolver, you should pick an alternative here. See the definitions below.
+
+
+
+ Encrypted DNS Client Recommendations for Desktop
+
+
+{%
+ include cardv2.html
+ title="Unbound"
+ image="/assets/img/svg/3rd-party/unbound.svg"
+ description='A validating, recursive, caching DNS resolver, supporting DNS-over-TLS, and has been independently audited.'
+ website="https://nlnetlabs.nl/projects/unbound/about/"
+ forum="https://forum.privacytools.io/t/discussion-unbound/3563"
+ github="https://github.com/NLnetLabs/unbound"
+%}
+
+{%
+ include cardv2.html
+ title="dnscrypt-proxy"
+ image="/assets/img/svg/3rd-party/dnscrypt-proxy.svg"
+ description='A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and Anonymized DNSCrypt, a relay-based protocol that the hides client IP address.'
+ website="https://github.com/DNSCrypt/dnscrypt-proxy/wiki"
+ forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
+ github="https://github.com/DNSCrypt/dnscrypt-proxy"
+%}
+
+{%
+ include cardv2.html
+ title="Stubby"
+ image="/assets/img/png/3rd-party/stubby.png"
+ description='An application that acts as a local DNS-over-TLS stub resolver. Stubby can be used in combination with Unbound by managing the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections) with Unbound providing a local cache.'
+ website="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby"
+ forum="https://forum.privacytools.io/t/discussion-stubby/3582"
+ github="https://github.com/getdnsapi/stubby"
+%}
+
+{%
+ include cardv2.html
+ title="Firefox's built-in DNS-over-HTTPS resolver"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox comes with built-in DNS-over-HTTPS support for NextDNS and Cloudflare but users can manually use any other DoH resolver.'
+ labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.cloudflare.com/1.1.1.1/privacy/firefox::text==Warning::tooltip==Cloudflare logs a limited amount of data about the DNS requests that are sent to their custom resolver for Firefox."
+ website="https://support.mozilla.org/en-US/kb/firefox-dns-over-https"
+ privacy-policy="https://wiki.mozilla.org/Security/DOH-resolver-policy"
+ forum="https://forum.privacytools.io/t/discussion-firefox-s-built-in-dns-over-https-resolver/3564"
+%}
+
+
+
+
+ Encrypted DNS Client Recommendations for Android
+
+
+{%
+ include cardv2.html
+ title="Android 9's built-in DNS-over-TLS resolver"
+ image="/assets/img/svg/3rd-party/android.svg"
+ description="Android 9 (Pie) comes with built-in DNS-over-TLS support without the need for a 3rd-party application."
+ labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.google.com/speed/public-dns/docs/using#android_9_pie_or_later::text==Warning::tooltip==Android 9's DoT settings have no effect when used concurrently with VPN-based apps which override the DNS."
+ website="https://support.google.com/android/answer/9089903#private_dns"
+ forum="https://forum.privacytools.io/t/discussion-android-9s-built-in-dns-over-tls-resolver/3562"
+%}
+
+{%
+ include cardv2.html
+ title="Nebulo"
+ image="/assets/img/png/3rd-party/nebulo.png"
+ description='An open-source Android client supporting DNS-over-HTTPS and DNS-over-TLS, caching DNS responses, and locally logging DNS queries.'
+ website="https://git.frostnerd.com/PublicAndroidApps/smokescreen/-/blob/master/README.md"
+ privacy-policy="https://smokescreen.app/privacypolicy"
+ forum="https://forum.privacytools.io/t/discussion-nebulo/3565"
+ fdroid="https://git.frostnerd.com/PublicAndroidApps/smokescreen#f-droid"
+ googleplay="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen"
+ source="https://git.frostnerd.com/PublicAndroidApps/smokescreen"
+%}
+
+
+
+
+ Encrypted DNS Client Recommendations for iOS
+
+
+{%
+ include cardv2.html
+ title="DNSCloak"
+ image="/assets/img/png/3rd-party/dnscloak.png"
+ description='An open-source iOS client supporting DNS-over-HTTPS, DNSCrypt, and dnscrypt-proxy options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can add custom resolvers by DNS stamp.'
+ website="https://github.com/s-s/dnscloak/blob/master/README.md"
+ privacy-policy="https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view"
+ forum="https://forum.privacytools.io/t/discussion-dnscloak/3566"
+ ios="https://apps.apple.com/app/id1452162351"
+ github="https://github.com/s-s/dnscloak"
+%}
+
+
+ In iOS, iPadOS, tvOS 14 and macOS 11, DoT and DoH were introduced. DoT and DoH are supported natively by installation of profiles (through mobileconfig files opened in Safari).
+ After installation, the encrypted DNS server can be selected in Settings → General → VPN and Network → DNS.
+
+ A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
+
+
+
DNS-over-HTTPS (DoH)
+
+ Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
+
+
+
DNSCrypt
+
+ With an open specification, DNSCrypt is an older, yet robust method for encrypting DNS.
+
+
+
Anonymized DNSCrypt
+
+ A lightweight protocol that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by dnscrypt-proxy and a limited number of relays.
+
diff --git a/_includes/sections/email-clients.html b/_includes/sections/email-clients.html
new file mode 100644
index 00000000..3b79f346
--- /dev/null
+++ b/_includes/sections/email-clients.html
@@ -0,0 +1,99 @@
+
Desktop Email Clients
+
+{% include cardv2.html
+ title="Thunderbird"
+ image="/assets/img/svg/3rd-party/thunderbird.svg"
+ description="Thunderbird is a free, open source, cross-platform email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client developed by the Thunderbird community, and previously by the Mozilla Foundation."
+ website="https://www.thunderbird.net/"
+ privacy-policy="https://www.mozilla.org/privacy/thunderbird/"
+ forum="https://forum.privacytools.io/t/discussion-thunderbird/659"
+ source="https://hg.mozilla.org/comm-central/"
+ windows="https://www.thunderbird.net"
+ mac="https://www.thunderbird.net"
+ linux="https://www.thunderbird.net/"
+ freebsd="https://www.freshports.org/mail/thunderbird/"
+ openbsd="http://openports.se/mail/mozilla-thunderbird"
+ netbsd="http://pkgsrc.se/mail/thunderbird"
+%}
+
+{% include cardv2.html
+ title="Mailpile"
+ image="/assets/img/svg/3rd-party/mailpile.svg"
+ description="Mailpile is a free, community funded, open source email client with user-friendly encryption and privacy features."
+ website="https://www.mailpile.is/"
+ privacy-policy="https://www.mailpile.is/privacy.html"
+ tor="clgs64523yi2bkhz.onion"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/mailpile/Mailpile"
+ linux="https://www.mailpile.is/download/linux.html"
+%}
+
+{% include cardv2.html
+ title="Mailvelope"
+ image="/assets/img/svg/3rd-party/mailvelope.svg"
+ description="Mailvelope is a browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard."
+ website="https://www.mailvelope.com/en"
+ privacy-policy="https://www.mailvelope.com/en/privacy-policy"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/mailvelope/mailvelope"
+ firefox="https://addons.mozilla.org/firefox/addon/mailvelope/"
+ chrome="https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke?hl"
+ edge="https://microsoftedge.microsoft.com/addons/detail/mailvelope/dgcbddhdhjppfdfjpciagmmibadmoapc"
+%}
+
+
Worth Mentioning
+
+
+
NeoMutt - NeoMutt is an open-source command line mail reader (or MUA) for Linux and BSD. It’s a fork of Mutt with added features.
+
+
+
+
+
Mobile Email Clients
+
+
Android Email Clients
+
+{% include cardv2.html
+ title="FairEmail"
+ image="/assets/img/svg/3rd-party/fairemail.svg"
+ description="FairEmail is a minimal, open source email app, using open standards (IMAP, SMTP, OpenPGP) with a low data and battery usage."
+ website="https://email.faircode.eu/"
+ privacy-policy="https://github.com/M66B/FairEmail/blob/master/PRIVACY.md"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/M66B/FairEmail"
+ fdroid="https://f-droid.org/en/packages/eu.faircode.email/"
+ googleplay="https://play.google.com/store/apps/details?id=eu.faircode.email"
+%}
+
+{% include cardv2.html
+ title="K-9 Mail"
+ image="/assets/img/svg/3rd-party/k9mail.svg"
+ description="K-9 Mail is an independent mail application that supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP."
+ website="https://k9mail.app/"
+ privacy-policy="https://k9mail.app/privacy"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/k9mail"
+ fdroid="https://f-droid.org/packages/com.fsck.k9/"
+ googleplay="https://play.google.com/store/apps/details?id=com.fsck.k9"
+%}
+
+
iOS Email Clients
+
+{% include cardv2.html
+ title="Canary Mail"
+ image="/assets/img/svg/3rd-party/canarymail.svg"
+ labels="color==warning::link==https://canarymail.io/faq.html::text==Closed source::tooltip==The source programming code for Canary Mail is not available. Canary Mail is a proprietary application."
+ description="Canary Mail is a paid email client designed to make end-to-end encryption seamless with security features such as a biometric app lock."
+ website="https://canarymail.io/"
+ privacy-policy="https://canarymail.io/privacy.html"
+ forum="https://forum.privacytools.io/t/"
+ ios="https://apps.apple.com/us/app/canary-mail/id1236045954"
+%}
+
+
+
Worth Mentioning
+
+
+
Letterbox - Letterbox is a free open-source mail client for iOS made as a part of an ongoing research project at the Freie Universität Berlin, Germany.
+
+
diff --git a/_includes/sections/email-providers.html b/_includes/sections/email-providers.html
new file mode 100644
index 00000000..ae636377
--- /dev/null
+++ b/_includes/sections/email-providers.html
@@ -0,0 +1,237 @@
+
Recommended Email Services
+
+
+ Our recommended providers operate outside of the US, adopt modern email technology, and meet our other criteria for listing. We also have a detailed comparison table of the below providers on the wiki.
+
+
+
+
+
+
+
+
+
+
ProtonMail {% include badge.html color="info" text="Free" %}
+
ProtonMail.com is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since 2013. ProtonMail is based in Genève, Switzerland. Accounts start with 500 MB storage with their free plan.
+
+
Free accounts have some limitations and do not allow the use of the ProtonMail Bridge, which is required to use a recommended email client (e.g. Thunderbird) or to search email by body text. Paid accounts are available starting at €48/y which include features like ProtonMail Bridge, additional storage, custom domain support, and more. The webmail and mobile apps can only search To:, From:, Date: and Subject: (this is likely to change when v4.0 of ProtonMail is released).
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
+
Paid ProtonMail users can use their own domain with the service. Catch-all addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports subaddressing, which is useful for users who don't want to purchase a domain.
+
+
{% include badge.html color="success" text="Payment Methods" %}
+
ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.
+
+
{% include badge.html color="success" text="Account Security" %}
{% include badge.html color="success" text="Email Encryption" %}
+
ProtonMail has integrated OpenPGP encryption in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to encrypt messages to non-ProtonMail users without the need for them to sign up for a ProtonMail account or use software like OpenPGP.
+
ProtonMail also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.
+
+
{% include badge.html color="success" text=".onion Service" %}
{% include badge.html color="info" text="Extra Functionality" %}
+
ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.
+
+
+
+
+
+
+
+
Mailbox.org {% include badge.html color="info" text="€12/y" %}
+
Mailbox.org is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since 2014. Mailbox.org is based in Berlin, Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
+
Mailbox.org lets users use their own domain and they support catch-all addresses. Mailbox.org also supports subaddressing, which is useful for users who don't want to purchase a domain.
+
+
{% include badge.html color="warning" text="Payment Methods" %}
+
Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.
+
+
{% include badge.html color="success" text="Account Security" %}
{% include badge.html color="warning" text="Data Security" %}
+
Mailbox.org allows for encryption of incoming mail using their encrypted mailbox. New messages that you receive will then be immediately encrypted with your public key.
+
However, Open-Exchange, the software platform used by Mailbox.org, does not support the encryption of your address book and calendar. A standalone option may be more appropriate for that information.
+
+
{% include badge.html color="success" text="Email Encryption" %}
+
Mailbox.org has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow remote recipients to decrypt an email on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
+
Mailbox.org also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.
+
+
{% include badge.html color="warning" text=".onion Service" %}
+
You can access your Mailbox.org account via IMAP/SMTP using their .onion service. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
+
All accounts come with limited cloud storage that can be encrypted. Mailbox.org also offers the alias @secure.mailbox.org, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports Exchange ActiveSync in addition to standard access protocols like IMAP and POP3.
+
+
+
+
+
+
+
+
Posteo {% include badge.html color="info" text="€12/y" %}
+
Posteo.de is an email provider that focuses on anonymous, secure, and private email. Their servers are powered by 100% sustainable energy. They have been in operation since 2009. Posteo is based in Germany and has a free 14-day trial. Posteo comes with 2 GB for the monthly cost and an extra gigabyte can be purchased for €0.25 per month.
+
+
{% include badge.html color="warning" text="Domains and Aliases" %}
{% include badge.html color="warning" text="Payment Methods" %}
+
Posteo does not accept Bitcoin or other cryptocurrencies as a form of payment, however they do accept cash-by-mail. They also accept credit/debit cards, bank transfers, and PayPal, and remove PII (personally identifiable information) that they receive in connection with these payment methods.
+
+
{% include badge.html color="success" text="Account Security" %}
{% include badge.html color="success" text="Email Encryption" %}
+
Posteo has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also support the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Posteo to find the OpenPGP keys of Posteo users easily, for cross-provider E2EE.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
Posteo does not operate a .onion service.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
Disroot {% include badge.html color="info" text="Free" %}
+
Disroot offers email amongst other services. The service is maintained by volunteers and its community. They have been in operation since 2015. Disroot is based in Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
+
Disroot lets users use their own domain. They have aliases, however you must manually apply for them.
+
+
{% include badge.html color="success" text="Payment Methods" %}
+
Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.
+
+
{% include badge.html color="success" text="Account Security" %}
+
Disroot supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
+
+
{% include badge.html color="warning" text="Data Security" %}
+
Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.
+
Disroot also uses the standard CalDAV and CardDAV protocols for calendars and contacts, which do not support E2EE. A standalone option may be more appropriate.
+
+
{% include badge.html color="success" text="Email Encryption" %}
+
Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a Web Key Directory (WKD) for users on their platform.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
Disroot does not operate a .onion service.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
+
They offer other services such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app available in F-Droid.
+
+
+
+
+
+
+
+
Tutanota {% include badge.html color="info" text="Free" %}
+
Tutanota.com is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since 2011 and is based in Hanover, Germany. Accounts start with 1GB storage with their free plan.
Tutanota does have plans to support AutoCrypt. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
Tutanota does not operate a .onion service but may consider it in the future.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
Tutanota also has a business feature called Secure Connect. This ensures customer contact to the business uses E2EE. The feature costs €240/y.
+
+
+
+
+
+
+
+
StartMail {% include badge.html color="info" text="Personal USD $59.95/y" %}
+
StartMail.com is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since 2014 and is based in Boulevard 11, Zeist Netherlands. Accounts start with 10GB. They offer a 30-day trial.
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
{% include badge.html color="warning" text="Payment Methods" %}
+
StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other payment options such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.
+
+
{% include badge.html color="success" text="Account Security" %}
+
StartMail supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
+
+
{% include badge.html color="warning" text="Data Security" %}
+
StartMail has zero access encryption at rest, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.
+
+
StartMail supports importing contacts however, they are only accessible in the webmail and not through protocols such as CalDAV. Contacts are also not stored using zero knowledge encryption, so a standalone option may be more appropriate.
+
+
{% include badge.html color="success" text="Email Encryption" %}
+
StartMail has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
StartMail does not operate a .onion service.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
+
StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.
+
+
+
diff --git a/_includes/sections/email-warning.html b/_includes/sections/email-warning.html
new file mode 100644
index 00000000..ac524a13
--- /dev/null
+++ b/_includes/sections/email-warning.html
@@ -0,0 +1,10 @@
+
+
+
Warning
+
+
When using end-to-end encryption (E2EE) technology like OpenPGP, email will still have some metadata that is not encrypted in the header of the email. Read more about email metadata.
+
OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. How do I protect my private keys?
+
Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.
diff --git a/_includes/sections/file-encryption.html b/_includes/sections/file-encryption.html
new file mode 100644
index 00000000..dc85b5df
--- /dev/null
+++ b/_includes/sections/file-encryption.html
@@ -0,0 +1,80 @@
+
File Encryption Software
+
+
+ If you are currently not using encryption software for your hard disk, emails, or file archives, you should pick one here.
+
+
+{%
+ include cardv2.html
+ title="VeraCrypt - Disk Encryption"
+ image="/assets/img/svg/3rd-party/veracrypt.svg"
+ image-dark="/assets/img/svg/3rd-party/veracrypt-dark.svg"
+ description="VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed."
+ website="https://veracrypt.fr/"
+ forum="https://forum.privacytools.io/t/discussion-veracrypt-file-encryption/1532"
+ git="https://www.veracrypt.fr/code/"
+ windows="https://www.veracrypt.fr/en/Downloads.html"
+ linux="https://www.veracrypt.fr/en/Downloads.html"
+ mac="https://www.veracrypt.fr/en/Downloads.html"
+%}
+
+{%
+ include cardv2.html
+ title="GNU Privacy Guard - Email Encryption"
+ image="/assets/img/svg/3rd-party/gnupg.svg"
+ description="GnuPG is a GPL-licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government."
+ website="https://gnupg.org/"
+ privacy-policy="https://gnupg.org/privacy-policy.html"
+ forum="https://forum.privacytools.io/t/discussion-gnupg-file-encryption/1533"
+ git="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git"
+ windows="https://gpg4win.org/download.html"
+ linux="https://gnupg.org/download/index.html#binary"
+ freebsd="https://www.freshports.org/security/gnupg/"
+ openbsd="http://openports.se/security/gnupg"
+ netbsd="http://pkgsrc.se/security/gnupg"
+ mac="https://gpgtools.org/"
+ fdroid="https://f-droid.org/app/org.sufficientlysecure.keychain"
+ googleplay="https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain"
+%}
+
+{%
+ include cardv2.html
+ title="7 Zip"
+ image="/assets/img/svg/3rd-party/7zip.svg"
+ description='7-Zip is a free and open-source file archiver, a utility used to place groups of files within compressed containers. On Linux, MacOS etc. the command-line tool p7zip is used and integrates into various interfaces such as FileRoller, Xarchiver, Ark.'
+ website="https://7-zip.org"
+ forum="https://forum.privacytools.io/t/discussion-7-zip/3024"
+ source="https://sourceforge.net/projects/sevenzip/files/"
+ windows="https://7-zip.org/download.html"
+ linux="https://sourceforge.net/projects/p7zip/files"
+ freebsd="https://www.freshports.org/archivers/p7zip"
+ openbsd="https://sourceforge.net/projects/p7zip"
+ netbsd="https://sourceforge.net/projects/p7zip"
+%}
+
+
Worth Mentioning
+
+
+
+ Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
+ {% include badge.html
+ color="warning"
+ text="Closed source"
+ icon="fas fa-exclamation-triangle"
+ link="https://github.com/cryptomator/cryptomator-android/issues/1#issuecomment-257979375"
+ tooltip="Cryptomator's mobile apps are not open-source."
+ %}
+
+
Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
+
Tomb - A simple zsh script for making LUKS containers on the commandline.
+
Hat.sh - A cross-platform, serverless JavaScript web application that provides secure file encryption using the AES-256-GCM algorithm in your browser. It can also be downloaded and run offline.
+
+ Kryptor is a file encryption program for Windows, MacOS, and Linux.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ text="Beta"
+ tooltip="As Kryptor is still in beta, it may not be stable."
+ %}
+
+
diff --git a/_includes/sections/file-sharing.html b/_includes/sections/file-sharing.html
new file mode 100644
index 00000000..68336e02
--- /dev/null
+++ b/_includes/sections/file-sharing.html
@@ -0,0 +1,46 @@
+
File Sharing
+
+{% include cardv2.html
+ title="OnionShare"
+ image="/assets/img/svg/3rd-party/onionshare.svg"
+ website="https://onionshare.org/"
+ tor="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/"
+ description="OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files."
+ forum="https://forum.privacytools.io/t/discussion-onionshare/754"
+ github="https://github.com/micahflee/onionshare"
+ windows="https://onionshare.org/#downloads"
+ mac="https://onionshare.org/#downloads"
+ linux="https://onionshare.org/#downloads"
+ freebsd="https://www.freshports.org/www/onionshare/"
+ openbsd="http://openports.se/net/onionshare"
+%}
+
+{% include cardv2.html
+ title="Magic Wormhole"
+ image="/assets/img/png/3rd-party/magic_wormhole.png"
+ website="https://magic-wormhole.readthedocs.io"
+ description="Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: \"Get things from one computer to another, safely.\""
+ forum="https://forum.privacytools.io/t/discussion-magic-wormhole/756"
+ github="https://github.com/warner/magic-wormhole"
+ windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ freebsd="https://www.freshports.org/net/py-magic-wormhole/"
+ openbsd="https://pypi.org/project/magic-wormhole/"
+ netbsd="https://pypi.org/project/magic-wormhole/"
+%}
+
+
Worth Mentioning
+
+
+
FramaDrop - Stores a file of any size for 24h. Data is end-to-end encrypted from your browser, powered by LuFi.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://framasoft.org/en/cgu/"
+ tooltip="FramaDrop logs IP addresses and fingerprints the browser for an unclear amount of time."
+ %}
+
+
croc - Easily and securely send arbitrary-sized files from one computer to another. Similar to Magic Wormhole but without dependencies.
+
FreedomBox - Designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or XMPP server, to a wiki, or VPN.
+
diff --git a/_includes/sections/file-sync.html b/_includes/sections/file-sync.html
new file mode 100644
index 00000000..bdf50f45
--- /dev/null
+++ b/_includes/sections/file-sync.html
@@ -0,0 +1,29 @@
+
+
+{%
+ include cardv2.html
+ title="Syncthing"
+ image="/assets/img/svg/3rd-party/syncthing.svg"
+ description="Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third-party, and how it is transmitted over the Internet."
+ website="https://syncthing.net/"
+ forum="https://forum.privacytools.io/t/discussion-syncthing/1627/2"
+ github="https://github.com/syncthing?type=source"
+ windows="https://github.com/syncthing/syncthing-gtk/releases/latest"
+ linux="https://github.com/syncthing/syncthing-gtk/releases/latest"
+ mac="https://github.com/syncthing/syncthing-macos/releases/latest"
+ fdroid="https://f-droid.org/packages/com.github.catfriend1.syncthingandroid/"
+ googleplay="https://play.google.com/store/apps/details?id=com.github.catfriend1.syncthingandroid"
+%}
+
+
Worth Mentioning
+
+
+
+ git-annex - Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle, whether due to limitations in memory, time, or disk space.
+
+
diff --git a/_includes/sections/fourteen-eyes.html b/_includes/sections/fourteen-eyes.html
new file mode 100644
index 00000000..5b4c6e67
--- /dev/null
+++ b/_includes/sections/fourteen-eyes.html
@@ -0,0 +1,45 @@
+
Global Mass Surveillance - The Fourteen Eyes
+
+
+
+
The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence. Members of this group, known as the Five Eyes, focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to not spy on each other as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each other's citizens and share intelligence to avoid breaking domestic laws that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third-party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes); however, Five Eyes and third-party countries can and do spy on each other.
You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. {{ site.name }} provides services, tools and knowledge to protect your privacy against global mass surveillance.
+
+
+
diff --git a/_includes/sections/hosting-provider.html b/_includes/sections/hosting-provider.html
new file mode 100644
index 00000000..72d6cb58
--- /dev/null
+++ b/_includes/sections/hosting-provider.html
@@ -0,0 +1,23 @@
+
Secure Hosting Provider
+
+{% include cardv2.html
+ title="Data Center: Bahnhof"
+ image="/assets/img/svg/3rd-party/bahnhof.svg"
+ image-dark="/assets/img/svg/3rd-party/bahnhof-dark.svg"
+ description="Bahnhof is one of Sweden’s largest network operators, founded in 1994. They specialize in innovative data center construction: Extreme security coupled with low-cost green energy has made them world famous."
+ website="https://www.bahnhof.net/"
+ privacy-policy="https://bahnhof.se/filestorage/userfiles/file/PrivacyPolicy_Bahnhof.pdf"
+ forum="https://forum.privacytools.io/t/discussion-bahnhof-net/341"
+%}
+
+{% include cardv2.html
+ title="VPS & Domain: Njalla"
+ image="/assets/img/svg/3rd-party/njalla.svg"
+ image-dark="/assets/img/svg/3rd-party/njalla-dark.svg"
+ description="Njalla is a privacy-aware domain registration service and VPS provider based in Nevis (with VPS data centers in Sweden). It is created by people from The Pirate Bay and IPredator VPN. Accepted payments: Bitcoin, Litecoin, Monero, Zcash, DASH, Bitcoin Cash and PayPal."
+ website="https://njal.la/"
+ labels="color==warning::link==https://github.com/privacytools/privacytools.io/issues/1920::text==Warning::tooltip==Njalla blocks port 25 traffic."
+ tor="http://njalladnspotetti.onion"
+ forum="https://forum.privacytools.io/t/discussion-njalla/339"
+%}
+
diff --git a/_includes/sections/instant-messenger.html b/_includes/sections/instant-messenger.html
new file mode 100644
index 00000000..c0cc44d3
--- /dev/null
+++ b/_includes/sections/instant-messenger.html
@@ -0,0 +1,182 @@
+
+
+ Encrypted Instant Messengers
+
+
+
+ If you are currently using an Instant Messenger like Telegram, LINE, Viber, WhatsApp, or plain SMS, you should pick an alternative here.
+
+
We only recommend instant messenger programs or apps that support end-to-end encryption (E2EE). When E2EE is used, all transmissions (messages, voice, video, etc.) are encrypted before they are sent from your device. E2EE protects both the authenticity and confidentiality of the transmission as they pass through any part of the network (servers, etc.).
+
+
All the client programs/apps we chose are free and open-source software unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.
+
+
We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.
+
+
+
+ Centralized
+
+
+
Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.
+
+{%
+ include cardv2.html
+ title="Signal"
+ image="/assets/img/svg/3rd-party/signal.svg"
+ description='Signal is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Its protocol has also been indepedently audited (PDF)'
+ labels="color==warning::text==Requires phone number::tooltip==Signal requires your phone number as an personal identifier which means anyone you communicate with will see it.|text==VoIP"
+ website="https://signal.org/"
+ privacy-policy="https://signal.org/legal/"
+ forum="https://forum.privacytools.io/t/discussion-signal/664"
+ github="https://github.com/signalapp"
+ windows="https://signal.org/download/"
+ mac="https://signal.org/download/"
+ linux="https://signal.org/download/"
+ googleplay="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms"
+ android="https://signal.org/android/apk/#apk-danger"
+ ios="https://apps.apple.com/app/signal-private-messenger/id874139669"
+%}
+
+
+
+
+
Advantages
+
+
New features and changes can be implemented more quickly.
Being forbidden from connecting third-party clients to the centralized network that might provide for greater customization or better user experience. Often defined in Terms and Conditions of usage.
+
Poor or no documentation for third-party developers.
+
+
The ownership, privacy policy, and operations of the service can change easily when a single entity controls it, potentially compromising the service later on.
+
+
+
+
+
+
+
+
+ Federated
+
+
+
Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
+
+{%
+ include cardv2.html
+ title="Element"
+ image="/assets/img/svg/3rd-party/element.svg"
+ description='Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.'
+ labels="text==VoIP"
+ website="https://element.io"
+ privacy-policy="https://element.io/privacy"
+ forum="https://forum.privacytools.io/t/discussion-element-io/665"
+ github="https://github.com/vector-im/element-web"
+ windows="https://element.io/get-started"
+ mac="https://element.io/get-started"
+ linux="https://element.io/get-started"
+ fdroid="https://f-droid.org/packages/im.vector.app/"
+ googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
+ ios="https://apps.apple.com/app/vector/id1083446067"
+ web="https://app.element.io"
+%}
+
+
+
+
+
Advantages
+
+
Allows for greater control over your own data when running your own server.
+
Allows you to choose who to trust your data with by choosing between multiple "public" servers.
+
Often allows for third party clients which can provide a more native, customized, or accessible experience.
+
Generally a less juicy target for governments wanting backdoor access to everything as the trust is decentralized. The server may be hosted independently from the organization developing the software.
+
Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)
+
Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.
+
+
+
+
Disadvantages
+
+
Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
+
Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
+
Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.
+
Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.
Peer-to-Peer instant messengers connect directly to each other without requiring third-party servers. Clients (peers) usually find each other through the use of a distributed computing network. Examples of this include DHT (distributed hash table) (used with technologies like torrents and IPFS, for example). Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the Scuttlebutt social networking protocol). Once a peer has found a route to its contact via any of these methods, a direct connection between them is made.
+
+{%
+ include cardv2.html
+ title="Briar"
+ image="/assets/img/svg/3rd-party/briar.svg"
+ description="Encrypted instant messenger that connects to contacts via Wi-Fi, Bluetooth, or Tor over the internet to synchronize messages. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis."
+ website="https://briarproject.org"
+ privacy-policy="https://briarproject.org/privacy-policy/"
+ forum="https://forum.privacytools.io/t/discussion-briar/2114"
+ gitlab="https://code.briarproject.org/briar/briar"
+ fdroid="https://f-droid.org/packages/org.briarproject.briar.android/"
+ googleplay="https://play.google.com/store/apps/details?id=org.briarproject.briar.android"
+%}
+
+{%
+ include cardv2.html
+ title="Jami"
+ image="/assets/img/svg/3rd-party/jami.svg"
+ description="Encrypted instant messaging and video calling software. All communications are E2EE using TLS 1.3 and never stored elsewhere than on user's devices, even when TURN servers are used."
+ labels="color==warning::link==https://git.jami.net/savoirfairelinux/ring-project/issues/765::text==Warning::tooltip==This software is partially centralized but can be self-hosted.|text==VoIP"
+ website="https://jami.net/"
+ privacy-policy="https://jami.net/privacy-policy/"
+ forum="https://forum.privacytools.io/t/discussion-jami/2116"
+ gitlab="https://git.jami.net/savoirfairelinux"
+ windows="https://jami.net/download-jami-windows"
+ mac="https://jami.net/download-jami-macos"
+ linux="https://jami.net/download-jami-linux"
+ fdroid="https://f-droid.org/packages/cx.ring/"
+ googleplay="https://play.google.com/store/apps/details?id=cx.ring"
+ ios="https://itunes.apple.com/app/ring-a-gnu-package/id1306951055?mt=8"
+%}
+
+
+
+
+
Advantages
+
+
Minimal information is exposed to third parties.
+
Modern P2P platforms implement end-to-end encryption by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.
+
+
+
+
Disadvantages
+
+
Reduced feature set:
+
+
Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.
+
Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.
+
+
Your IP address and that of the contacts you're communicating with may be visible if you do not use the software in conjunction with a self contained network, such as Tor or I2P. Many countries have some form of mass surveillance and/or metadata retention.
+
+
+
+
diff --git a/_includes/sections/key-disclosure-law.html b/_includes/sections/key-disclosure-law.html
new file mode 100644
index 00000000..c51e857f
--- /dev/null
+++ b/_includes/sections/key-disclosure-law.html
@@ -0,0 +1,88 @@
+
Key Disclosure Law
+
+
Who is required to hand over the encryption keys to authorities?
+
+
Mandatory key disclosure laws require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.
Steganography involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).
* (people who know how to access a system may be ordered to share their knowledge, however, this doesn't apply to the suspect itself or family members.)
Why is it not recommended to choose a US-based service?
+
+
+
+
Services based in the United States are not recommended because of the country's surveillance programs and use of National Security Letters (NSLs) with accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to secretly force companies to grant complete access to customer data and transform the service into a tool of mass surveillance.
+
+
An example of this is Lavabit – a secure email service created by Ladar Levison. The FBI requested Snowden's records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service's SSL keys. Having the SSL keys would allow them to access
+communications (both metadata and unencrypted content) in real time for all of Lavabit's customers, not just Snowden's.
+
+
Ultimately, Levison turned over the SSL keys and shut down the service at the same time. The US government then threatened Levison with arrest, saying that shutting down the service was a violation of the court order.
diff --git a/_includes/sections/notebooks.html b/_includes/sections/notebooks.html
new file mode 100644
index 00000000..09fbafee
--- /dev/null
+++ b/_includes/sections/notebooks.html
@@ -0,0 +1,69 @@
+
Digital Notebook
+
+
+ If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Joplin"
+ image="/assets/img/svg/3rd-party/joplin.svg"
+ description="Joplin is a free, open-source, and fully-featured note-taking and to-do application which can handle a large number of markdown notes organized into notebooks and tags. It offers end-to-end encryption and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes."
+ website="https://joplinapp.org/"
+ privacy-policy="https://joplinapp.org/privacy/"
+ github="https://github.com/laurent22/joplin"
+ windows="https://joplinapp.org/#desktop-applications"
+ mac="https://joplinapp.org/#desktop-applications"
+ linux="https://joplinapp.org/#desktop-applications"
+ freebsd="https://www.npmjs.com/package/joplin"
+ googleplay="https://play.google.com/store/apps/details?id=net.cozic.joplin"
+ android="https://joplinapp.org/#mobile-applications"
+ ios="https://itunes.apple.com/us/app/joplin/id1315599797"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/joplin-web-clipper/"
+ chrome="https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek"
+%}
+
+{% include cardv2.html
+ title="Standard Notes"
+ image="/assets/img/svg/3rd-party/standard_notes.svg"
+ description='Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. It features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors. It has also been independently audited (PDF).'
+ website="https://standardnotes.org/"
+ privacy-policy="https://standardnotes.org/privacy"
+ github="https://github.com/standardnotes"
+ windows="https://standardnotes.org/#get-started"
+ mac="https://standardnotes.org/#get-started"
+ linux="https://standardnotes.org/#get-started"
+ ios="https://itunes.apple.com/us/app/standard-notes/id1285392450"
+ fdroid="https://f-droid.org/packages/com.standardnotes/"
+ googleplay="https://play.google.com/store/apps/details?id=com.standardnotes"
+ web="https://app.standardnotes.org/"
+%}
+
+{% include cardv2.html
+ title="Turtl"
+ image="/assets/img/svg/3rd-party/turtl.svg"
+ description="Turtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you're writing, Turtl keeps it all safe from everyone but you and those you share with."
+ website="https://turtlapp.com/"
+ privacy-policy="https://turtlapp.com/privacy/"
+ github="https://github.com/turtl"
+ windows="https://turtlapp.com/download/"
+ mac="https://turtlapp.com/download/"
+ linux="https://turtlapp.com/download/"
+ googleplay="https://play.google.com/store/apps/details?id=com.lyonbros.turtl"
+ android="https://turtlapp.com/download/"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/turtl-bookmarking/"
+ chrome="https://chrome.google.com/webstore/detail/turtl/dgcojenhfdjhieoglmiaheihjadlpcml"
+%}
+
+
Warning
+
+
+
Note: As of Dec 2018, Joplin does not support password/pin protection for the application itself or individual notes/notebooks. Data is still encrypted in transit and at sync location using your master key. See open issue.
+
+
+
Worth Mentioning
+
+
+
EteSync - Secure, end-to-end encrypted, and privacy respecting sync for your contacts, calendars, tasks and notes.
+
Paperwork - An open-source and self-hosted solution. For PHP / MySQL servers.
+
Org-mode - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system.
+
diff --git a/_includes/sections/operating-systems.html b/_includes/sections/operating-systems.html
new file mode 100644
index 00000000..cb30dec5
--- /dev/null
+++ b/_includes/sections/operating-systems.html
@@ -0,0 +1,86 @@
+
Introductory Operating Systems
+
+
+ If you are currently using an operating system that collects data like Windows 10, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Fedora Workstation"
+ image="/assets/img/svg/3rd-party/fedora.svg"
+ description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops. Fedora by default comes with the GNOME desktop environment, other desktop environments are also available.'
+ badges="info:Linux"
+ website="https://getfedora.org/"
+ privacy-policy="https://fedoraproject.org/wiki/Legal:PrivacyPolicy?rd=Legal/PrivacyPolicy"
+ git="https://src.fedoraproject.org/"
+%}
+
+{% include cardv2.html
+ title="Ubuntu"
+ image="/assets/img/svg/3rd-party/ubuntu.svg"
+ description='Ubuntu is a Linux distribution developed by Canonical Ltd. Ubuntu is a reliable and distribution that is user-friendly and can be run on desktops, servers, and IoT devices. Ubuntu uses GNOME as the default desktop environment, while other desktop environments are also available.'
+ badges="info:Linux"
+ website="https://ubuntu.com"
+ privacy-policy="https://ubuntu.com/legal/data-privacy"
+ git="https://launchpad.net/ubuntu"
+%}
+
+
Advanced Operating Systems
+
+
+ These options have advanced features and are unique in some way. These options will likely require the user to read technical background documentation.
+
+
+{% include cardv2.html
+ title="Alpine Linux"
+ image="/assets/img/svg/3rd-party/alpinelinux.svg"
+ description='Alpine Linux is a very minimal distribution designed to be secure and very resource efficient. Alpine Linux can run from RAM, and merge configuration files into the system on boot using Alpine local backup. Alpine Linux is often used on servers and in Linux containers.'
+ badges="info:Linux"
+ website="https://alpinelinux.org/"
+ privacy-policy="https://alpinelinux.org/privacy-policy.html"
+ gitlab="https://gitlab.alpinelinux.org"
+%}
+
+{% include cardv2.html
+ title="Arch Linux"
+ image="/assets/img/svg/3rd-party/archlinux.svg"
+ description='A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement.'
+ badges="info:Linux"
+ labels="color==success::link==https://tests.reproducible-builds.org/archlinux/archlinux.html::text==Reproducible builds"
+ website="https://www.archlinux.org/"
+ privacy-policy="https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy"
+ gitlab="https://gitlab.archlinux.org"
+%}
+
+{% include cardv2.html
+ title="Debian"
+ image="/assets/img/svg/3rd-party/debian.svg"
+ description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
+ badges="info:Linux"
+ labels="color==success::link==https://reproducible.debian.net::text==Reproducible builds"
+ website="https://www.debian.org/"
+ privacy-policy="https://www.debian.org/legal/privacy"
+ tor="http://sejnfjrq6szgca7v.onion"
+ gitlab="https://salsa.debian.org/qa/debsources"
+%}
+
+{% include cardv2.html
+ title="NixOS"
+ image="/assets/img/svg/3rd-party/nixos.svg"
+ description='NixOS is a Linux distribution with a unique approach to package and configuration management. Built on top of the Nix package manager, it is completely declarative, makes upgrading systems reliable, and has many other advantages.'
+ badges="info:Linux"
+ labels="color==success::link==https://r13y.com::text==Reproducible builds"
+ website="https://nixos.org"
+ privacy-policy="https://nixos.wiki/wiki/NixOS_Wiki:Privacy_policy"
+ github="https://github.com/NixOS"
+%}
+
+{% include cardv2.html
+ title="Qubes OS"
+ image="/assets/img/svg/3rd-party/qubes_os.svg"
+ description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
+ badges="info:Xen"
+ website="https://www.qubes-os.org/"
+ privacy-policy="https://www.qubes-os.org/privacy/"
+ github="https://github.com/QubesOS"
+ tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
+%}
diff --git a/_includes/sections/other-mobile-operating-systems.html b/_includes/sections/other-mobile-operating-systems.html
new file mode 100644
index 00000000..f1cb488d
--- /dev/null
+++ b/_includes/sections/other-mobile-operating-systems.html
@@ -0,0 +1,11 @@
+
Other Mobile Operating Systems
+
+{% include cardv2.html
+ title="Ubuntu Touch"
+ image="/assets/img/svg/3rd-party/ubuntu.svg"
+ description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported."
+ badges="info:Linux"
+ website="https://ubuntu-touch.io/"
+ privacy-policy="https://ubports.com/privacy"
+ github="https://github.com/ubports"
+%}
diff --git a/_includes/sections/participate.html b/_includes/sections/participate.html
new file mode 100644
index 00000000..674557a7
--- /dev/null
+++ b/_includes/sections/participate.html
@@ -0,0 +1,38 @@
+
+
Participate with suggestions and constructive criticism
+
+
+
It's important for a website like {{ site.name }} to stay up-to-date. Keep an eye on software updates for the applications listed on our site. Follow recent news about providers that we recommend. We try our best to keep up, but we're not perfect and the internet is changing fast. If you find an error, or you think a provider should not be listed here, or a qualified service provider is missing, or a browser plugin is not the best choice anymore, or anything else... Talk to us please. You can also find us on several Matrix rooms, primarily #general:privacytools.io. XMPP users can join there via #general#privacytools.io@matrix.org. When using our services, users should follow our Code of Conduct.
+
+
+
+ {% include card.html color="success"
+ title="Discourse & Reddit"
+ image="/assets/img/svg/3rd-party/discourse.svg"
+ url="https://forum.privacytools.io/"
+ website="Discourse"
+ extra_button='Reddit'
+ description='Join our Discourse community to stay up to date on privacy news or make suggestions!'
+ %}
+
+ {% include card.html color="primary"
+ title="Follow on Mastodon & Twitter"
+ image="/assets/img/svg/3rd-party/mastodon.svg"
+ url="https://social.privacytools.io/@privacytools"
+ website="Mastodon"
+ extra_button='Twitter'
+ description="Get the latest privacy-related updates from our Mastodon Feed. Follow us today!"
+ %}
+
+ {% include card.html color="warning"
+ title="Develop on GitHub"
+ font="fab fa-github"
+ url="https://github.com/privacytools/privacytools.io"
+ website="GitHub"
+ description="The complete website source code is available on GitHub. Join our developer team!"
+ extra_button='Contributor List'
+ %}
+
+
+
+
This is a community project aiming to deliver the best information available to improve privacy online. Thank you for participating. This project needs you.
diff --git a/_includes/sections/password-managers.html b/_includes/sections/password-managers.html
new file mode 100644
index 00000000..a529e1f3
--- /dev/null
+++ b/_includes/sections/password-managers.html
@@ -0,0 +1,90 @@
+
Password Manager Software
+
+
+ If you are currently using a password manager software like 1Password, LastPass, Roboform, or iCloud Keychain, you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Bitwarden - Cloud/Self-host"
+ image="/assets/img/svg/3rd-party/bitwarden.svg"
+ description="Bitwarden is a free and open-source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
+ website="https://bitwarden.com/"
+ privacy-policy="https://bitwarden.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-bitwarden/1343"
+ github="https://github.com/bitwarden"
+ web="https://vault.bitwarden.com/#/"
+ windows="https://bitwarden.com/#download"
+ linux="https://bitwarden.com/#download"
+ freebsd="https://www.npmjs.com/package/@bitwarden/cli"
+ openbsd="https://www.npmjs.com/package/@bitwarden/cli"
+ netbsd="https://www.npmjs.com/package/@bitwarden/cli"
+ mac="https://bitwarden.com/#download"
+ firefox="https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/"
+ chrome="https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb"
+ safari="https://safari-extensions.apple.com/details/?id=com.bitwarden.safari-LTZ2PFU5D6"
+ opera="https://addons.opera.com/extensions/details/bitwarden-free-password-manager/"
+ edge="https://www.microsoft.com/store/apps/9P6KXL0SVNNL"
+ fdroid="https://mobileapp.bitwarden.com/fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=com.x8bit.bitwarden"
+ ios="https://itunes.apple.com/app/bitwarden-free-password-manager/id1137397744?mt=8"
+%}
+
+{%
+ include cardv2.html
+ title="KeePassXC - Local"
+ image="/assets/img/svg/3rd-party/keepassxc.svg"
+ description="KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager."
+ website="https://keepassxc.org/"
+ privacy-policy="https://keepassxc.org/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-keepassxc/1344/2"
+ github="https://github.com/keepassxreboot/keepassxc"
+ windows="https://keepassxc.org/download/#windows"
+ linux="https://keepassxc.org/download/#linux"
+ mac="https://keepassxc.org/download/#mac"
+ freebsd="https://www.freshports.org/security/keepassxc/"
+ openbsd="http://openports.se/security/keepassxc"
+ netbsd="http://pkgsrc.se/security/keepassxc"
+ fdroid="https://f-droid.org/packages/com.kunzisoft.keepass.libre/"
+ googleplay="https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.free"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser"
+ chrome="https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk"
+%}
+
+{%
+ include cardv2.html
+ title="LessPass - Browser"
+ image="/assets/img/svg/3rd-party/lesspass.svg"
+ description="LessPass is a free and open-source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security."
+ website="https://lesspass.com/"
+ privacy-policy="https://addons.mozilla.org/en-US/firefox/addon/lesspass/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-keepassxc/1344/2"
+ github="https://github.com/lesspass/lesspass"
+ windows="https://pypi.org/project/lesspass/"
+ mac="https://pypi.org/project/lesspass/"
+ linux="https://pypi.org/project/lesspass/"
+ freebsd="https://pypi.org/project/lesspass/"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/lesspass/"
+ chrome="https://chrome.google.com/webstore/detail/lesspass/lcmbpoclaodbgkbjafnkbbinogcbnjih"
+ fdroid="https://f-droid.org/packages/com.lesspass.android"
+ googleplay="https://play.google.com/store/apps/details?id=com.lesspass.android"
+%}
+
+
Worth Mentioning
+
+
+
+ Master Password - A password manager based on an ingenious password-generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site, and your master password. No syncing, backups, or internet access needed.
+
+
+
+ Psono - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails. All secrets are protected by a master password. Uses NACL Crypto, a combination of Curve25519, Salsa20 and Poly1305.
+
+
+
+ Password Safe - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire username/password list.
+
+
+ Pass - Pass is a bare-bones password store that keeps passwords using gpg2 encrypted files inside a simple directory tree residing at ~/.password-store. It has a simple terminal interface where the user can perform the usual actions, and it's functionality can be extended by plugins. It can also be used in scripts without having to input the actual password in plain text.
+
+
diff --git a/_includes/sections/paste-services.html b/_includes/sections/paste-services.html
new file mode 100644
index 00000000..5fa5c1ef
--- /dev/null
+++ b/_includes/sections/paste-services.html
@@ -0,0 +1,21 @@
+
Pastebin Services
+
+{% include cardv2.html
+title="PrivateBin"
+image="/assets/img/svg/3rd-party/privatebin.svg"
+description="PrivateBin is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin."
+website="https://privatebin.info/"
+forum="https://forum.privacytools.io/t/discussion-privatebin/296"
+github="https://github.com/PrivateBin/PrivateBin"
+%}
+
+
+{% include cardv2.html
+title="CryptPad"
+image="/assets/img/svg/3rd-party/cryptpad.svg"
+description="CryptPad is an open-source, zero knowledge, and real-time collaborative editor. Data is encrypted/decrypted in the browser, using Salsa20 with Poly1305 to encrypt pads."
+website="https://cryptpad.fr/pad/"
+privacy-policy="https://cryptpad.fr/privacy.html"
+forum="https://forum.privacytools.io/t/discussion-cryptpad/1270"
+github="https://github.com/xwiki-labs/cryptpad"
+%}
diff --git a/_includes/sections/privacy-resources.html b/_includes/sections/privacy-resources.html
new file mode 100644
index 00000000..d294f741
--- /dev/null
+++ b/_includes/sections/privacy-resources.html
@@ -0,0 +1,41 @@
+
More Privacy Resources
+
+
Guides
+
+
+
Surveillance Self-Defense by EFF - Guide to defending yourself from surveillance by using secure technology and developing careful practices.
+
The Crypto Paper - Privacy, Security and Anonymity for Every Internet User.
The Ultimate Privacy Guide - Excellent privacy guide written by the creators of the bestVPN.com website.
+
IVPN Privacy Guides - These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation.
Freedom of the Press Foundation - Supporting and defending journalism dedicated to transparency and accountability since 2012.
+
Erfahrungen.com - German review aggregator website of privacy-related services.
+
Open Wireless Movement - a coalition of Internet freedom advocates, companies, organizations, and technologists working to develop new wireless technologies and to inspire a movement of Internet openness.
+
privacy.net - What does the US government know about you?
PRISM Break - We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.
+
Security in-a-Box - A guide to digital security for activists and human rights defenders throughout the world.
+
SecureDrop - An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created
+ by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.
+
Security First - Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.
+
Osalt - A directory to help you find open source alternatives to proprietary tools.
+
AlternativeTo - A directory to help find alternatives to other software, with the option to only show open source software
+
+
+
Note: Just being open source does not make software secure!
diff --git a/_includes/sections/productivity-tools.html b/_includes/sections/productivity-tools.html
new file mode 100644
index 00000000..41c4feb3
--- /dev/null
+++ b/_includes/sections/productivity-tools.html
@@ -0,0 +1,97 @@
+
Productivity Tools
+
+{%
+ include cardv2.html
+ title="CryptPad"
+ image="/assets/img/svg/3rd-party/cryptpad.svg"
+ description="CryptPad is a private-by-design alternative to popular office tools and cloud services. All content is end-to-end encrypted. It is free and open-source, enabling anyone to verify its security by auditing the code. The development team is supported by donations and grants. No registration is required, and it can be used anonymously via Tor Browser."
+ website="https://cryptpad.fr/"
+ privacy-policy="https://cryptpad.fr/privacy.html"
+ forum="https://forum.privacytools.io/t/discussion-cryptpad-productivity-tools/1537"
+ github="https://github.com/xwiki-labs/cryptpad"
+ web="https://cryptpad.fr/"
+%}
+
+{%
+ include cardv2.html
+ title="Etherpad"
+ image="/assets/img/svg/3rd-party/etherpad.svg"
+ description="Etherpad is a highly customizable open-source online editor providing collaborative editing in real time. Here are a list of sites that run Etherpad."
+ website="https://etherpad.org/"
+ forum="https://forum.privacytools.io/t/discussion-etherpad-productivity-tools/1538"
+ github="https://github.com/ether/etherpad-lite"
+ web="https://github.com/ether/etherpad-lite/wiki/Sites-that-run-Etherpad"
+ windows="https://github.com/ether/etherpad-lite#windows"
+ linux="https://github.com/ether/etherpad-lite#installation"
+ mac="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ freebsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ openbsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ netbsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+%}
+
+{%
+ include cardv2.html
+ title="Write.as"
+ image="/assets/img/svg/3rd-party/writeas.svg"
+ image-dark="/assets/img/svg/3rd-party/writeas-dark.svg"
+ description="Write.as is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
+ website="https://write.as/"
+ privacy-policy="https://write.as/privacy"
+ forum="https://forum.privacytools.io/t/discussion-write-as-productivity-tools/1539"
+ tor="http://writeas7pm7rcdqg.onion"
+ git="https://code.as/writeas"
+ web="https://write.as/pad"
+ windows="https://github.com/writeas/writeas-cli"
+ mac="https://github.com/writeas/writeas-cli"
+ linux="https://write.as/apps"
+ chrome="https://write.as/apps"
+ googleplay="https://play.google.com/store/apps/details?id=com.abunchtell.writeas"
+ ios="https://itunes.apple.com/app/apple-store/id1000755153"
+%}
+
+
Worth Mentioning
+
+
+
Cryptee - Free privacy-friendly service for storing Documents, files and Photos
+
EtherCalc - EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions.
+
Disroot - Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.
+
dudle - An online scheduling application, free and open-source. Schedule meetings or make small online polls. No email collection or the need of registration.
+
Framadate - A free and open-source online service for planning an appointment or making a decision quickly and easily. No registration is required.
+
+{%
+ include cardv2.html
+ title="MAT2"
+ image="/assets/img/svg/3rd-party/mat2.svg"
+ description="MAT2 is free software, which allows the removal of metadata of image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Nautilus, the default file manager of GNOME."
+ website="https://0xacab.org/jvoisin/mat2"
+ forum="https://forum.privacytools.io/t/discussion-mat/1559"
+ gitlab="https://0xacab.org/jvoisin/mat2"
+ windows="https://pypi.org/project/mat2/"
+ mac="https://pypi.org/project/mat2/"
+ linux="https://pypi.org/project/mat2/"
+ freebsd="https://pypi.org/project/mat2/"
+ openbsd="https://pypi.org/project/mat2/"
+ netbsd="https://pypi.org/project/mat2/"
+%}
+
+{%
+ include cardv2.html
+ title="ExifCleaner"
+ image="/assets/img/svg/3rd-party/exifcleaner.svg"
+ description='ExifCleaner is a freeware, open source graphical app that uses ExifTool to remove exif metadata from images, videos, and PDF documents using a simple drag and drop interface. It supports multi-core batch processing and dark mode.'
+ website="https://exifcleaner.com"
+ forum="https://forum.privacytools.io/t/discussion-mat/TODOADDTHIS"
+ github="https://github.com/szTheory/exifcleaner"
+ windows="https://github.com/szTheory/exifcleaner/releases"
+ mac="https://github.com/szTheory/exifcleaner/releases"
+ linux="https://github.com/szTheory/exifcleaner/releases"
+%}
diff --git a/_includes/sections/quotes.html b/_includes/sections/quotes.html
new file mode 100644
index 00000000..49f8bcb5
--- /dev/null
+++ b/_includes/sections/quotes.html
@@ -0,0 +1,53 @@
+
+
Privacy? I don't have anything to hide.
+
+
+
+ Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a
+ pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I
+ want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." Not a single person has taken me up on that offer.
+
+
+
+
+
The primary reason for window curtains in our house, is to stop people from being able to see in. The reason we don’t want them to see in is because we consider much of what we do inside our homes to be private. Whether that be having dinner at the table, watching a movie with your kids, or even engaging in intimate or sexual acts with your partner. None of these things are illegal by any means but even knowing this, we still keep the curtains and blinds on our windows. We clearly have this strong desire for privacy when it comes to our personal life and the public.
+
+
+
+
+
[...] But saying that you don't need or want privacy because you have nothing to hide is to assume that no one should have, or could have, to hide anything -- including their immigration status, unemployment history, financial history, and health records. You're assuming that no one, including yourself, might object to revealing to anyone information about their religious beliefs, political affiliations, and sexual activities, as casually as some choose to reveal their movie and music tastes and reading preferences.
+
+
+
+
+
Privacy is not a luxury [in America]: it is a right – one that we need to defend in the digital realm as much as in the physical realm. We need to stay vigilant to maintain access to that right, though ... especially as technology continues to advance...
Ultimately, saying that you don't care about privacy because you have nothing to hide is no different from saying you don't care about freedom of speech because you have nothing to say. Or that you don't care about freedom of the press because you don't like to read. Or that you don't care about freedom of religion because you don't believe in God. Or that you don't care about the freedom to peacably assemble because you're a lazy, antisocial agoraphobe.
+
+
+
+
+
The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all
+ I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is
+ not something I am willing to support or live under.
+
+
+
+
+
We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we're not being watched can we really test the limits of who we want to be. It's really in the private realm where
+ dissent, creativity and personal exploration lie.
+
+
diff --git a/_includes/sections/resources.html b/_includes/sections/resources.html
new file mode 100644
index 00000000..66e6c395
--- /dev/null
+++ b/_includes/sections/resources.html
@@ -0,0 +1,55 @@
+
+
+ {% include card.html color="success"
+ title="Providers"
+ icon="fas fa-server"
+ iconcolor="dark"
+ page="/providers/"
+ description="Discover privacy-centric online services, including email providers, VPN operators, DNS administrators, and more!"
+ %}
+
+ {% include card.html color="primary"
+ title="Web Browsers"
+ icon="far fa-compass"
+ iconcolor="dark"
+ page="/browsers/"
+ description="Find a web browser that respects your privacy, and discover how to harden your browser against tracking and leaks."
+ %}
+
+ {% include card.html color="warning"
+ title="Software"
+ icon="far fa-window-restore"
+ iconcolor="dark"
+ page="/software/"
+ description="Discover a variety of open source software built to protect your privacy and keep your digital data secure."
+ %}
+
+ {% include card.html color="info"
+ title="Operating Systems"
+ icon="fas fa-desktop"
+ iconcolor="dark"
+ page="/operating-systems/"
+ description="Find out how your operating system is compromising your privacy, and what simple alternatives exist."
+ %}
+
+ {% include card.html color="secondary"
+ title="PrivacyTools Services"
+ icon="far fa-eye-slash"
+ iconcolor="dark"
+ page="/services/"
+ description="The PrivacyTools team is proud to launch a variety of privacy-centric online services, including a Mastodon instance, search engine, and more!"
+ %}
+
+ {% include card.html color="danger"
+ title="Donate"
+ icon="fas fa-donate"
+ iconcolor="dark"
+ page="/donate/"
+ description="We can't operate this site without the generous contributions we receive from our viewers. If you love privacy and our website please consider donating."
+ %}
+
+
diff --git a/_includes/sections/router-firmware.html b/_includes/sections/router-firmware.html
new file mode 100644
index 00000000..c9d36cf6
--- /dev/null
+++ b/_includes/sections/router-firmware.html
@@ -0,0 +1,32 @@
+
Open Source Router Firmware
+
+{% include cardv2.html
+ title="OpenWrt"
+ image="/assets/img/svg/3rd-party/openwrt.svg"
+ image-dark="/assets/img/svg/3rd-party/openwrt-dark.svg"
+ description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
+ badges="info:Linux"
+ website="https://openwrt.org/"
+ git="https://git.openwrt.org/"
+%}
+
+{% include cardv2.html
+ title="pfSense"
+ image="/assets/img/svg/3rd-party/pfsense.svg"
+ image-dark="/assets/img/svg/3rd-party/pfsense-dark.svg"
+ description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
+ badges="info:BSD"
+ website="https://www.pfsense.org/"
+ privacy-policy="https://www.pfsense.org/privacy.html"
+ github="https://github.com/pfsense/"
+%}
+
+{% include cardv2.html
+ title="LibreCMC"
+ image="/assets/img/svg/3rd-party/librecmc.svg"
+ image-dark="/assets/img/svg/3rd-party/librecmc-dark.svg"
+ description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
+ badges="info:GNU/Linux"
+ website="https://librecmc.org"
+ git="https://gogs.librecmc.org/libreCMC/libreCMC"
+%}
diff --git a/_includes/sections/search-engines.html b/_includes/sections/search-engines.html
new file mode 100644
index 00000000..dc2d5c4b
--- /dev/null
+++ b/_includes/sections/search-engines.html
@@ -0,0 +1,57 @@
+
Privacy Respecting Search Engines
+
+
+ If you are currently using search engines like Google, Bing, or Yahoo, you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Searx"
+ image="/assets/img/svg/3rd-party/searx.svg"
+ description='Searx is an open-source, self-hostable, metasearch engine, aggregating the results of other search engines while not storing information about its users. There is a list of public instances or you can try the PrivacyTools instance.'
+ website="https://searx.me/"
+ tor="http://ulrn6sryqaifefld.onion"
+ forum="https://forum.privacytools.io/t/discussion-searx/283"
+ github="https://github.com/asciimoo/searx"
+%}
+
+{%
+ include cardv2.html
+ title="DuckDuckGo"
+ image="/assets/img/svg/3rd-party/duckduckgo.svg"
+ description='DuckDuckGo is a "search engine that doesn\'t track you." Some of DuckDuckGo\'s code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA.'
+ website="https://duckduckgo.com/"
+ privacy-policy="https://duckduckgo.com/privacy"
+ tor="http://3g2upl4pq6kufc4m.onion"
+ forum="https://forum.privacytools.io/t/discussion-duckduckgo/285"
+ github="https://github.com/duckduckgo"
+%}
+
+{%
+ include cardv2.html
+ title="Qwant"
+ image="/assets/img/svg/3rd-party/qwant.svg"
+ description='Qwant is a search engine with its philosophy based on two principles: no user tracking and no filter bubble. The company is based in France.'
+ website="https://www.qwant.com/"
+ privacy-policy="https://about.qwant.com/legal/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-qwant/286"
+ github="https://github.com/Qwant/"
+%}
+
+{% include cardv2.html
+ title="Startpage.com"
+ image="/assets/img/svg/3rd-party/startpage.svg"
+ description='Startpage.com is a search engine that provides Google search results with complete privacy protection. Startpage BV is a Netherlands-based company that has been dedicated to privacy-respecting search since 2006.'
+ labels="color==warning::link==https://support.startpage.com/index.php?/Knowledgebase/Article/View/1277/0/startpage-ceo-robert-beens-discusses-the-investment-from-privacy-one--system1::text==Warning::tooltip==Startpage.com was recently acquired by United States-based System1."
+ website="https://www.startpage.com/"
+ privacy-policy="https://www.startpage.com/en/privacy-policy/"
+ forum="https://forum.privacytools.io/t/delisted-discussion-startpage/284"
+%}
+
+
YaCy - An open-source, peer-to-peer search engine powered by its users.
+
diff --git a/_includes/sections/self-contained-networks.html b/_includes/sections/self-contained-networks.html
new file mode 100644
index 00000000..a467ab96
--- /dev/null
+++ b/_includes/sections/self-contained-networks.html
@@ -0,0 +1,103 @@
+
Self-contained Networks
+
+
+ If you are currently browsing clearnet and want to access the dark web, this section is for you.
+
+
+{% include cardv2.html
+ title="Tor"
+ image="/assets/img/svg/3rd-party/tor.svg"
+ description="The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool."
+ website="https://www.torproject.org/"
+ tor="http://expyuzz4wqqyqhjn.onion"
+ forum="https://forum.privacytools.io/t/discussion-tor/1589"
+ windows="https://www.torproject.org/download/"
+ mac="https://www.torproject.org/download/"
+ linux="https://www.torproject.org/download/"
+ freebsd="https://www.freshports.org/security/tor"
+ openbsd="http://openports.se/net/tor"
+ netbsd="http://pkgsrc.se/net/tor"
+ fdroid="https://support.torproject.org/tormobile/tormobile-7/"
+ googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
+ android="https://www.torproject.org/download/#android"
+ git="https://gitweb.torproject.org/tor.git"
+%}
+
+{% include cardv2.html
+ title="I2P Anonymous Network"
+ image="/assets/img/svg/3rd-party/i2p.svg"
+ image-dark="/assets/img/svg/3rd-party/i2p-dark.svg"
+ description="The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses."
+ website="https://geti2p.net/"
+ forum="https://forum.privacytools.io/t/discussion-i2p/1590"
+ i2p="http://i2p-projekt.i2p/"
+ windows="https://geti2p.net/en/download#windows"
+ mac="https://geti2p.net/en/download#mac"
+ linux="https://geti2p.net/en/download#unix"
+ freebsd="https://www.freshports.org/security/i2p/"
+ openbsd="http://openports.se/net/i2pd"
+ netbsd="http://pkgsrc.se/wip/i2pd"
+ fdroid="https://f-droid.org/app/net.i2p.android.router"
+ googleplay="https://play.google.com/store/apps/details?id=net.i2p.android"
+ android="https://download.i2p2.de/android/current/"
+ source="https://geti2p.net/en/get-involved/guides/new-developers#getting-the-i2p-code"
+%}
+
+{% include cardv2.html
+ title="The Freenet Project"
+ image="/assets/img/svg/3rd-party/freenet.svg"
+ description="Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection."
+ website="https://freenetproject.org/"
+ forum="https://forum.privacytools.io/t/discussion-freenet/1591"
+ windows="https://freenetproject.org/pages/download.html#windows"
+ mac="https://freenetproject.org/pages/download.html#os-x"
+ linux="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ freebsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ openbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ netbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ github="https://github.com/freenet/"
+%}
+
+
Worth Mentioning
+
+
+
+ ZeroNet - Open, free, and uncensorable websites, using Bitcoin cryptography and BitTorrent network.
+ {% include badge.html
+ color="danger"
+ icon="fas fa-exclamation-triangle"
+ tooltip="Your IP address isn't hidden by default and won't be, unless you enforce Tor usage."
+ text="Not anonymous"
+ %}
+
+
RetroShare - An open source, cross-platform, friend-to-friend, secure, and decentralized communication platform.
+
I2P-Bote - End-to-end encrypted decentralized mail system within the I2P network.
+
GNUnet - GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy.
+
+ IPFSandIPFS Companion- A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. IPFS Companion is a browser extension for redirecting queries to a gateway of your choice (generally local).
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://github.com/privacytools/privacytools.io/pull/361#issuecomment-344414022"
+ text="Supercookie warning"
+ %}
+
+
+ Yggdrasil
+ - An early-stage implementation of a fully end-to-end encrypted IPv6 network. It is lightweight, self-arranging, supported on multiple platforms, and allows pretty much any IPv6-capable application to communicate securely with other Yggdrasil nodes. Yggdrasil does not require you to have IPv6 Internet connectivity - it also works over IPv4.
+
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ tooltip="The project is currently in early stages but it is being actively developed."
+ text="Experimental"
+ %}
+ {% include badge.html
+ color="danger"
+ icon="fas fa-exclamation-triangle"
+ link=""
+ tooltip="Yggdrasil doesn't provide anonymity by default. Your peers know your IP address unless you configure it to only use Tor/I2P peers."
+ text="Not anonymous by default"
+ %}
+
+
diff --git a/_includes/sections/selfhosted-cloud.html b/_includes/sections/selfhosted-cloud.html
new file mode 100644
index 00000000..ff6899c5
--- /dev/null
+++ b/_includes/sections/selfhosted-cloud.html
@@ -0,0 +1,43 @@
+
Self-Hosted Cloud Server Software
+
+
+ If you are currently using a Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud, you should think about hosting it on your own.
+
+
+{% include cardv2.html
+ title="Nextcloud"
+ image="/assets/img/svg/3rd-party/nextcloud.svg"
+ description="Nextcloud is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control. The only limits on storage and bandwidth are the limits on the server provider you choose."
+ website="https://nextcloud.com/"
+ privacy-policy="https://nextcloud.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud/287"
+ windows="https://nextcloud.com/install/#install-clients"
+ mac="https://nextcloud.com/install/#install-clients"
+ linux="https://nextcloud.com/install/#install-clients"
+ freebsd="https://www.freshports.org/www/nextcloud/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ fdroid="https://f-droid.org/packages/com.nextcloud.client/"
+ googleplay="https://play.google.com/store/apps/details?id=com.nextcloud.client"
+ ios="https://itunes.apple.com/us/app/nextcloud/id1125420102"
+ github="https://github.com/nextcloud"
+%}
+
+{% include cardv2.html
+ title="Tahoe-LAFS"
+ image="/assets/img/svg/3rd-party/tahoe-lafs.svg"
+ image-dark="/assets/img/svg/3rd-party/tahoe-lafs-dark.svg"
+ website="https://www.tahoe-lafs.org/"
+ forum="https://forum.privacytools.io/t/discussion-tahoe-lafs/1662"
+ description="Tahoe-LAFS is a free and open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security."
+ windows="https://github.com/tahoe-lafs/tahoe-lafs#via-pip"
+ mac="https://github.com/tahoe-lafs/tahoe-lafs#via-pip"
+ linux="https://github.com/tahoe-lafs/tahoe-lafs#using-os-packages"
+ netbsd="http://pkgsrc.se/filesystems/tahoe-lafs"
+ git="https://www.tahoe-lafs.org/trac/tahoe-lafs/browser"
+%}
+
+
Worth Mentioning
+
+
CryptPad - An open-source and end-to-end encrypted real-time collaborative editor that lets you share folders, media, and documents.
+
diff --git a/_includes/sections/social-networks.html b/_includes/sections/social-networks.html
new file mode 100644
index 00000000..25a498d2
--- /dev/null
+++ b/_includes/sections/social-networks.html
@@ -0,0 +1,81 @@
+
Decentralized Social Networks
+
+
+ If you are currently using Social Networks like Facebook or Twitter, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Mastodon - Twitter Alternative"
+ image="/assets/img/svg/3rd-party/mastodon.svg"
+ description='Mastodon is a social network based on open web protocols and free, open-source software. It is decentralized like email, users can exist on different servers or even different platforms but still communicate with each other. It also has the most users, and the most diverse (in terms of interests) users, it looks good, and it is easy to setup yourself. If you are looking for a server to join, you are welcome to join our hosted instance: social.privacytools.io'
+ website="https://joinmastodon.org/"
+ forum="https://forum.privacytools.io/t/discussion-mastodon/289"
+ github="https://github.com/tootsuite/mastodon"
+ windows="https://joinmastodon.org/apps"
+ mac="https://joinmastodon.org/apps"
+ linux="https://joinmastodon.org/apps"
+ freebsd="https://joinmastodon.org/apps"
+ openbsd="https://joinmastodon.org/apps"
+ netbsd="https://joinmastodon.org/apps"
+ android="https://joinmastodon.org/apps"
+ sailfish="https://joinmastodon.org/apps"
+ ios="https://joinmastodon.org/apps"
+ web="https://joinmastodon.org/#getting-started"
+%}
+
+{% include cardv2.html
+ title="diaspora* - Google+ Alternative"
+ image="/assets/img/svg/3rd-party/diaspora.svg"
+ description="diaspora* is based on three key philosophies: Decentralization, Freedom, and Privacy. It is intended to address privacy concerns related to centralized social networks by allowing users set up their own server (or \"pod\") to host content. Pods can then interact to share status updates, photographs, and other social data."
+ website="https://diasporafoundation.org/"
+ forum="https://forum.privacytools.io/t/discussion-diaspora/290"
+ github="https://github.com/diaspora/diaspora"
+ android="https://wiki.diasporafoundation.org/Tools_to_use_with_Diaspora#Android"
+ web="https://diasporafoundation.org/"
+%}
+
+{% include cardv2.html
+ title="Friendica - Facebook Alternative"
+ image="/assets/img/svg/3rd-party/friendica.svg"
+ description="Friendica has an emphasis on extensive privacy settings and easy server installation. It aims to federate with as many other social networks as possible. Currently, Friendica users can integrate contacts from Facebook, Twitter, Diaspora, GNU social, App.net, Pump.io and other services in their social streams."
+ website="https://friendi.ca/"
+ forum="https://forum.privacytools.io/t/discussion-friendica/291"
+ github="https://github.com/friendica/friendica"
+ windows="https://friendi.ca/resources/mobile-clients/"
+ linux="https://friendi.ca/resources/mobile-clients/"
+ android="https://friendi.ca/resources/mobile-clients/"
+ sailfish="https://friendi.ca/resources/mobile-clients/"
+ web="https://friendi.ca/"
+%}
+
+{% include cardv2.html
+ title="PixelFed - Instagram Alternative"
+ image="/assets/img/svg/3rd-party/pixelfed.svg"
+ description='PixelFed is a free and ethical photo sharing platform, powered by ActivityPub federation. Pixelfed is an open-source, federated platform. You can run your own instance or join an existing one.'
+ website="https://pixelfed.org/"
+ forum="https://forum.privacytools.io/t/discussion-pixelfed/293"
+ github="https://github.com/pixelfed"
+ web="https://pixelfed.org/"
+%}
+
+{% include cardv2.html
+ title="Pleroma - Twitter Alternative"
+ image="/assets/img/svg/3rd-party/pleroma.svg"
+ description="Pleroma is a free, federated social networking server built on open protocols. It is compatible with Mastodon and many other ActivityPub and OStatus implementations."
+ website="https://pleroma.social"
+ forum="https://forum.privacytools.io/t/discussion-pleroma/2307"
+ gitlab="https://git.pleroma.social/pleroma/pleroma/"
+ windows="https://docs-develop.pleroma.social/backend/clients/#desktop"
+ mac="https://docs-develop.pleroma.social/backend/clients/#desktop"
+ linux="https://docs-develop.pleroma.social/backend/clients/#desktop"
+ android="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ fdroid="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ googleplay="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ ios="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ web="https://docs-develop.pleroma.social/backend/clients/#alternative-web-interfaces"
+%}
+
+
Worth Mentioning
+
+
Movim - A federated social platform that relies on the XMPP standard and therefore allows you to exchange with many other clients on all devices.
+
diff --git a/_includes/sections/social-news-aggregator.html b/_includes/sections/social-news-aggregator.html
new file mode 100644
index 00000000..70805e56
--- /dev/null
+++ b/_includes/sections/social-news-aggregator.html
@@ -0,0 +1,48 @@
+
Social News Aggregators
+
+
+ If you are currently using a online bulletin board like Reddit, you should pick an alternative here.
+
+
+{% include cardv2.html
+title="Aether"
+image="/assets/img/svg/3rd-party/aether.svg"
+description='Aether is a free and open-source decentralized social news aggregator with a built-in voting system.'
+website="https://getaether.net/"
+privacy-policy="https://getaether.net/privacypolicy/"
+forum="https://forum.privacytools.io/t/discussion-aether/1256"
+github="https://github.com/nehbit/aether"
+windows="https://getaether.net/download/"
+mac="https://getaether.net/download/"
+linux="https://getaether.net/download/"
+%}
+
+{% include cardv2.html
+title="Tildes"
+image="/assets/img/svg/3rd-party/tildes.svg"
+description='Tildes is a web-based self-hostable online bulletin board. It is licensed under AGPLv3.'
+website="https://tildes.net"
+privacy-policy="https://docs.tildes.net/policies/privacy-policy"
+forum="https://forum.privacytools.io/t/discussion-tildes/1257"
+gitlab="https://gitlab.com/tildes/tildes"
+web="https://tildes.net"
+%}
+
+{% include cardv2.html
+title="Raddle"
+image="/assets/img/png/3rd-party/raddle.png"
+description="Raddle is a public Postmill instance focused on privacy and anti-censorship."
+website="https://raddle.me"
+privacy-policy="https://raddle.me/wiki/privacy_policy"
+forum="https://forum.privacytools.io/t/discussion-raddle/1258"
+gitlab="https://gitlab.com/postmill/"
+web="https://raddle.me"
+%}
+
+
+ If your project or organization currently uses a platform like Discord or Slack you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Element"
+ image="/assets/img/svg/3rd-party/element.svg"
+ description='Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.'
+ labels="text==VoIP"
+ website="https://element.io"
+ privacy-policy="https://element.io/privacy"
+ forum="https://forum.privacytools.io/t/discussion-element-io/665"
+ github="https://github.com/vector-im/element-web"
+ windows="https://element.io/get-started"
+ mac="https://element.io/get-started"
+ linux="https://element.io/get-started"
+ fdroid="https://f-droid.org/packages/im.vector.app/"
+ googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
+ ios="https://apps.apple.com/app/vector/id1083446067"
+ web="https://app.element.io"
+%}
+
+{%
+ include cardv2.html
+ title="Rocket.chat"
+ image="/assets/img/svg/3rd-party/rocketchat.svg"
+ description="Rocket.chat is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE."
+ labels="color==warning::link==https://rocket.chat/docs/user-guides/end-to-end-encryption/::text==Experimental E2EE::tooltip==Regarding E2EE their documentation states 'This feature is currently in alpha. It's also not yet supported on mobile'. There is no forward secrecy so compromised decryption password would leak all messages. Federation was also added afterwards, potentially causing room for mistakes.|text==VoIP"
+ website="https://rocket.chat/"
+ privacy-policy="https://rocket.chat/privacy"
+ forum="https://forum.privacytools.io/t/discussion-rocket-chat/1223"
+ github="https://github.com/rocketchat/"
+ windows="https://rocket.chat/install"
+ mac="https://itunes.apple.com/us/app/rocket-chat/id1086818840"
+ linux="https://rocket.chat/install"
+ fdroid="https://f-droid.org/packages/chat.rocket.android"
+ googleplay="https://play.google.com/store/apps/details?id=chat.rocket.android"
+ ios="https://itunes.apple.com/app/rocket-chat/id1148741252"
+%}
diff --git a/_includes/sections/tor-operating-systems.html b/_includes/sections/tor-operating-systems.html
new file mode 100644
index 00000000..835df24f
--- /dev/null
+++ b/_includes/sections/tor-operating-systems.html
@@ -0,0 +1,24 @@
+
Tor-Focused Distributions
+
+
+ These Linux distributions are developed with the purpose of directing all network traffic through Tor.
+
+
+{% include cardv2.html
+ title="Tails"
+ image="/assets/img/svg/3rd-party/tails.svg"
+ description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
+ badges="info:Linux"
+ website="https://tails.boum.org/"
+ git="https://git-tails.immerda.ch/tails/"
+ %}
+
+{% include cardv2.html
+ title="Whonix"
+ image="/assets/img/svg/3rd-party/whonix.svg"
+ description='A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor network to accomplish this. Whonix is best used in conjunction with Qubes.'
+ badges="info:Linux"
+ website="https://www.whonix.org/"
+ tor="http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/"
+ github="https://github.com/Whonix"
+%}
diff --git a/_includes/sections/video-frontends.html b/_includes/sections/video-frontends.html
new file mode 100644
index 00000000..c790135b
--- /dev/null
+++ b/_includes/sections/video-frontends.html
@@ -0,0 +1,14 @@
+
Frontends and Proxies
+
+
+ If you are currently using a platform like YouTube, you can keep watching videos without sharing your IP.
+
+
+{% include cardv2.html
+ title="Invidious"
+ image="/assets/img/svg/3rd-party/invidious.svg"
+ description='Invidious is an alternative front-end to YouTube. It is free software, with no advertising or Javascript dependency to play videos, with lots of other features that allow you to have a complete YouTube experience, sans Google.'
+ website="https://invidio.us"
+ github="https://github.com/omarroth/invidious"
+ web="https://instances.invidio.us"
+%}
diff --git a/_includes/sections/voice-video-messenger.html b/_includes/sections/voice-video-messenger.html
new file mode 100644
index 00000000..f3e39871
--- /dev/null
+++ b/_includes/sections/voice-video-messenger.html
@@ -0,0 +1,62 @@
+
Video/Voice Calling
+
+
+ If you are currently using a Video/Voice Calling app like Google Hangouts, Skype, Viber or Zoom, you should pick an alternative here. Please note that many of the above instant messengers also support {% include badge.html color="info" text="VoIP" %}. The software listed below are primarily Voice/Video focused.
+
+
+{% include cardv2.html
+ title="Linphone"
+ image="/assets/img/svg/3rd-party/linphone.svg"
+ website="https://www.linphone.org/"
+ privacy-policy="https://www.linphone.org/terms-and-privacy"
+ description="Linphone is an open-source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication."
+ forum="https://forum.privacytools.io/t/discussion-linphone/751"
+ github="https://github.com/BelledonneCommunications"
+ windows="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+ linux="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+ mac="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+ fdroid="https://f-droid.org/packages/org.linphone"
+ googleplay="https://play.google.com/store/apps/details?id=org.linphone"
+ ios="https://apps.apple.com/us/app/linphone/id360065638"
+%}
+
+{% include cardv2.html
+ title="Jitsi Meet"
+ image="/assets/img/svg/3rd-party/jitsi.svg"
+ website="https://jitsi.org/jitsi-meet/"
+ privacy-policy="https://jitsi.org/security/"
+ description='Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application with optional E2EE. It can be used from the browser, in desktop applications or on smartphones. Additional features include screen sharing for presentations and an always-on-top floating call window when minimized. See the list of public Jitsi Meet instances.'
+ labels="color==warning::text==Requires WebRTC::tooltip==Our Firefox tweaks recommend disabling WebRTC as it can be used to leak your IP address even behind a VPN, which is why Tor Browser disables it.|color==warning::link==https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/e2ee.md::text==Experimental E2EE::tooltip==E2EE in Jitsi Meet is dependent on Insertable Streams, which is currently supported in Chrome but not Firefox. The mobile apps also do not support E2EE for the moment. Prefer to use the desktop apps instead."
+ forum="https://forum.privacytools.io/t/discussion-jitsi-meet/1577"
+ github="https://github.com/jitsi/jitsi-meet"
+ windows="https://github.com/jitsi/jitsi-meet-electron/releases"
+ linux="https://github.com/jitsi/jitsi-meet-electron/releases"
+ mac="https://github.com/jitsi/jitsi-meet-electron/releases"
+ fdroid="https://f-droid.org/en/packages/org.jitsi.meet/"
+ googleplay="https://play.google.com/store/apps/details?id=org.jitsi.meet"
+ ios="https://apps.apple.com/us/app/jitsi-meet/id1165103905"
+%}
+
+{% include cardv2.html
+ title="Mumble"
+ image="/assets/img/svg/3rd-party/mumble.svg"
+ website="https://mumble.info/"
+ description="Mumble is an open-source, low-latency, and high quality voice chat application primarily intended for use while gaming. Note that while Mumble doesn't log messages or record by default, it's missing end-to-end encryption, so self-hosting is recommended."
+ forum="https://forum.privacytools.io/t/discussion-mumble/1289"
+ github="https://github.com/mumble-voip/"
+ windows="https://www.mumble.info/downloads"
+ linux="https://www.mumble.info/downloads"
+ mac="https://www.mumble.info/downloads"
+ android="https://www.mumble.info/downloads/#third-party-clients"
+ ios="https://apps.apple.com/us/app/mumble/id443472808?ls=1"
+%}
+
+
Mullvad.net is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. Mullvad is based in Sweden and does not have a free trial.
+
{% include badge.html color="success" text="35 Countries" %}
+
Mullvad has servers in 35 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
+
{% include badge.html color="success" text="Independently Audited" %}
+
Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:
+
+
...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
{% include badge.html color="success" text="Open Source Clients" %}
+
Mullvad provides the source code for their desktop and mobile clients in their GitHub organization.
+
{% include badge.html color="success" text="Accepts Bitcoin" %}
+
Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.
+
{% include badge.html color="success" text="WireGuard Support" %}
+
In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
+
{% include badge.html color="success" text="IPv6 Support" %}
+
Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.
+
{% include badge.html color="success" text="Remote Port Forwarding" %}
{% include badge.html color="success" text="Mobile Clients" %}
+
Mullvad has published App Store and Google Play clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
+
{% include badge.html color="info" text="Extra Functionality" %}
+
The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at xcln5hkbriyklr6n.onion.
+
+
+
+
+
+
+
+
+ ProtonVPN
+ {% include badge.html color="info" text="Free" %}
+ {% include badge.html color="info" text="Basic USD $48/y" %}
+ {% include badge.html color="secondary" text="Plus USD $96/y" %}
+
+
ProtonVPN.com is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. They offer a further 14% discount for buying a 2 year subscription.
+
{% include badge.html color="success" text="44 Countries" %}
+
ProtonVPN has servers in 44 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
+
{% include badge.html color="success" text="Independently Audited" %}
+
As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at protonvpn.com.
+
{% include badge.html color="success" text="Open Source Clients" %}
+
ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization.
+
{% include badge.html color="success" text="Accepts Bitcoin" %}
+
ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.
+
{% include badge.html color="success" text="Mobile Clients" %}
+
In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
+
{% include badge.html color="warning" text="No Port Forwarding" %}
+
ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.
+
{% include badge.html color="info" text="Extra Functionality" %}
+
The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.
IVPN.net is another premium VPN provider, and they have been in operation since 2009. IVPN is based in Gibraltar and offers a 3 day free trial.
+
{% include badge.html color="success" text="32 Countries" %}
+
IVPN has servers in 32 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
+
{% include badge.html color="success" text="Independently Audited" %}
{% include badge.html color="success" text="Accepts Bitcoin" %}
+
In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin and cash/local currency (on annual plans) as anonymous forms of payment.
+
{% include badge.html color="success" text="WireGuard Support" %}
+
In addition to standard OpenVPN connections, IVPN supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
+
{% include badge.html color="success" text="Remote Port Forwarding" %}
{% include badge.html color="success" text="Mobile Clients" %}
+
In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
+
{% include badge.html color="info" text="Extra Functionality" %}
+
The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "AntiTracker" functionality, which blocks advertising networks and trackers from the network level.
+
+
+
+
+
+ Note: Using a VPN provider will not make you anonymous, but it will give you better privacy in certain situations. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.
+
diff --git a/_includes/sections/warrant-canary.html b/_includes/sections/warrant-canary.html
new file mode 100644
index 00000000..d5cf761e
--- /dev/null
+++ b/_includes/sections/warrant-canary.html
@@ -0,0 +1,22 @@
+
What is a warrant canary?
+
+
+
+
A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.
This tool uses some known methods that attempt to disable major tracking features in Windows 10.
+
+
Related Information
+
+
+
Microsoft Privacy Statement - Microsoft collects, uses and discloses personal information as described here. This allows OneDrive data, Cortana searches, and MS browser history to be sold to third parties.
+
Cortana and privacy - To personalize your experience and provide the best possible suggestions, Cortana accesses your email and other communications and collects data about your contacts (People), like their title, suffix, first name, last name, middle name, nicknames, and company name. If you call, email, or text someone or they call, email, or text you, Cortana collects that person’s email address or phone number.
+
+
+
+
+ 
+
+
+## Sponsors
+
+Are you working with a privacy focused company? Ask your manager or marketing team if your company would be interested in supporting our project. Your support will help us continue to develop this website, promote privacy-respecting tools and services, and reach out to thousands of data privacy newcomers every month. Also, your company's logo will show on GitHub and [our site](https://www.privacytools.io/sponsors/), and who doesn't like a little extra exposure?
+
+## Community Translations
+- [繁体中文 / Chinese](https://privacytools.twngo.xyz/) - [GitHub](https://github.com/twngo/privacytools-zh)
+- [Español / Spanish](https://victorhck.gitlab.io/privacytools-es/) - [GitLab](https://gitlab.com/victorhck/privacytools-es)
+- [Polski / Polish](https://pl.privacytools.io) - [Gitea](https://git.privacytools.io/pl-privacytoolsIO/pl.privacytools.io)
+- [Deutsch / German](https://privacytools.it-sec.rocks/) - [GitHub](https://github.com/Anon215/privacytools.it-sec.rocks)
+- [Français / French](https://privacytools.dreads-unlock.fr/) - [GitLab](https://gitlab.com/Booteille/privacytools)
+- [Italiano / Italian](https://privacytools-it.github.io/) - [GitHub](https://github.com/privacytools-it/privacytools-it.github.io)
+- [Русский / Russian](https://privacytools.ru) - [GitHub](https://github.com/c0rdis/privacytools.ru)
+- [Português / Portuguese](https://www.privacidade.digital/) - [GitHub](https://github.com/PrivacidadeDigital/privacidade.digital)
+
+# License & Notices
+
+Please visit [https://www.privacytools.io/notices/](https://www.privacytools.io/notices/) for license information and other disclaimers. PrivacyTools is provided on an "as-is" basis, without warranty, and disclaiming liability for damages. By contributing to this repository you agree to license your work under the terms of the [license](https://github.com/privacytools/privacytools.io/blob/master/LICENSE.txt) in this repository.
diff --git a/_config.yml b/_config.yml
new file mode 100644
index 00000000..25a9c243
--- /dev/null
+++ b/_config.yml
@@ -0,0 +1,13 @@
+title: PrivacyTools - Encryption Against Global Mass Surveillance
+name: PrivacyTools
+description: You are being watched. PrivacyTools provides knowledge, encryption, and software recommendations to protect you against global mass surveillance.
+url: "https://www.privacytools.io"
+production_url: "https://www.privacytools.io"
+sass:
+ style: compressed
+plugins:
+ - jekyll-sitemap
+sitemap:
+file: "/sitemap.xml"
+include: [".well-known"]
+exclude: ["font", "vendor"]
diff --git a/_includes/badge.html b/_includes/badge.html
new file mode 100644
index 00000000..f908ecf8
--- /dev/null
+++ b/_includes/badge.html
@@ -0,0 +1,20 @@
+{% if include.link %}
+ {{ include.text }}
+{% else %}> {{ include.text }}{% endif %}
+
+{% else %}
+ {{include.text}}
+ {% else %}
+ > {% if include.icon %}{% endif %} {{include.text}}
+ {% endif %}
+
+{% endif %}
diff --git a/_includes/breadcrumbs.html b/_includes/breadcrumbs.html
new file mode 100644
index 00000000..b744bb53
--- /dev/null
+++ b/_includes/breadcrumbs.html
@@ -0,0 +1,23 @@
+
diff --git a/_includes/card.html b/_includes/card.html
new file mode 100644
index 00000000..ec676c84
--- /dev/null
+++ b/_includes/card.html
@@ -0,0 +1,76 @@
+
+ {% endif %}
+
+ {% if include.git %}
+ 
+ {% endif %}
+
+ {% if include.extra_button %}
+ {{include.extra_button}}
+ {% endif %}
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+
+
+ 
+ 
+
++ Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a + pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I + want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." Not a single person has taken me up on that offer.
+ 
+ 
+ 
+
+
+
+
{% endif %}
+ 
+ 
+ 
+ 
+ 
+
+ 
+
+ 
+
+ 
+
+ 
+
+