diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 00000000..332444a5
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,32 @@
+# Editorial Team
+*.md @privacytools/editorial
+/assets/ @privacytools/editorial
+/pages/ @privacytools/editorial
+/_includes/sections/ @privacytools/editorial
+/index.html @privacytools/editorial
+/font/ @dawidpotocki
+
+# Administration Related Files
+/pages/donate.html @JonahAragon @BurungHantu1605
+/pages/notices.md @JonahAragon
+/pages/sponsors.html @JonahAragon
+/_includes/sponsors/ @JonahAragon
+/assets/img/svg/3rd-party/sponsors/ @JonahAragon
+/README.md @JonahAragon @BurungHantu1605
+/assets/js/redirects.js @JonahAragon
+/.well-known/ @JonahAragon
+/404.html @JonahAragon
+/.github/CODEOWNERS @JonahAragon @BurungHantu1605
+/.github/FUNDING.yml @JonahAragon @BurungHantu1605
+/LICENSE.txt @JonahAragon @BurungHantu1605
+/.travis.yml @JonahAragon @Shifterovich @nitrohorse
+/CNAME @JonahAragon
+/nginx/ @JonahAragon
+
+# WKD
+/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo @Mikaela
+/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b @dawidpotocki
+/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h @dngray
+/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4 @danarel
+/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6 @nitrohorse
+/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63 @JonahAragon
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
new file mode 100644
index 00000000..c987415d
--- /dev/null
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,118 @@
+# Contributing Guidelines
+
+Please read this document in full before contributing.
+
+- [Rules](#rules)
+- [Quality over Quantity](#quality-over-quantity)
+- [Software Criteria](#software-criteria)
+ - [Main (All Software)](#main)
+ - [Providers](#providers)
+ - [DNS](#dns)
+ - [VPN](#vpn)
+ - [Email](#email)
+ - [Hardware](#hardware)
+ - [Software](#software)
+ - [Encryption](#encryption)
+ - [Operating Systems](#operating-systems)
+- [Images](#images)
+- [Licensing](#licensing)
+- [Contributing via email](#contributing-via-email)
+
+## Rules
+
+- Be nice and respectful.
+- English only.
+- Be constructive.
+- Please feel free to *review changes* in the *files changed* tab of any
+ pull request at any time.
+- See also our [Code of Conduct](https://github.com/privacytools/.github/blob/master/CODE_OF_CONDUCT.md)
+
+## Quality over Quantity
+
+We're trying to keep it simple and promote the best tools, not all of them.
+
+## Software Criteria
+
+### Main
+
+- Easy to use. Could your mother use that tool or service? Usability is most important.
+- Cross-platform / Accessible.
+- Privacy respecting.
+- Open Source / Free Software is preferred but not required.
+- Prioritize Products without Vendor Lock-in (decentralized/self-hostable) or data interoperability.
+
+There can be exceptions if no software is available that meet the criteria.
+
+Note: This criteria applies to all of the PrivacyTools website and recommendations.
+
+### Providers
+
+- Prioritize Products by privacy respecting nationality.
+
+### DNS
+
+- Supports DoH or DoT (We love DNSCrypt, but there is already https://github.com/DNSCrypt/dnscrypt-resolvers which is directly supported by dnscrypt-proxy, so we don't consider useful to list providers only supporting it).
+- Supports DNSSEC (https://dnssec.vs.uni-due.de/ can test your current DNS provider).
+- Doesn't log IP addresses during normal operation (If your suggestion logs, please compare its privacy policy with other servers on our table that keep logs).
+- Preferably supports QNAME minimization (if you have access to the dig command, `dig +short txt qnamemintest.internet.nl` or `Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl` if you are on Windows 10)
+
+### VPN
+
+See https://www.privacytools.io/providers/vpn/#criteria for more details.
+
+- Prioritize Products by privacy respecting nationality.
+- Cannot be based in USA or UK.
+- Must be accessible via Open Source Software (e.g. OpenVPN, WireGuard)
+- Use Encryption
+- Accept Cryptocurrency
+- No logging policy
+
+### Email
+
+- Outside of USA
+- Support SMTP SSL
+- Accessible Using Open Source Software (e.g. allows IMAP)
+
+### Hardware
+
+- Must be [H-Node Class A](https://h-node.org/wiki/page/en/compatibility-classes) or equivalent (if applicable)
+- Must prioritize hardware certifications like [RYF](https://ryf.fsf.org/), [OSHWA](https://certification.oshwa.org/), and OSI when available.
+- Cannot lock users to a particular platform.
+
+### Software
+
+- Must be able to download over encrypted network (can be a mirror)
+- Must be Open Source Software
+
+### Encryption
+
+- Only verifiable encryption is to be trusted
+
+### Operating Systems
+
+- Must state if recommends, depends on, or offers non-free software (contrib)
+- No Tracking Policy (opt-in analytics is ok)
+
+## Images
+
+- SVG file format is strongly preferred. PNG files can be used as a fallback if images are too complex or otherwise unsuitable as a vector format.
+- We like to optimize all SVGs we add to the site. [This](https://github.com/privacytools/privacytools.io/pull/1968#issuecomment-652773633) is a helpful guide as to how we do it with [Inkscape](https://inkscape.org/)
+ - Some SVGs generated by Illustrator or Sketch are broken, therefore copying the SVG content to a new canvas is sometimes required. (We found this with the Mailcow logo). Looked fine in local builds but was wrong once rendered through netlify preview etc.
+- We only have SVGs that have a canvas size of 128x128px or 384x128px.
+- Provider logo dimensions are 384px x 128px ([example](https://github.com/privacytools/privacytools.io/blob/master/assets/img/svg/3rd-party/mullvad.svg))
+- Tool logo dimensions are 128px x 128px ([SVG example](https://github.com/privacytools/privacytools.io/blob/master/assets/img/svg/3rd-party/firefox_browser.svg), [PNG example](https://github.com/privacytools/privacytools.io/blob/master/assets/img/png/3rd-party/claws_mail.png))
+
+
+## Licensing
+
+The content and original technology of this website is made available under the Creative Commons Zero v1.0 Universal license text. Some files or folders may include works from other projects with separate licenses, and will be marked as such. **By contributing to this repository, contributors do not necessarily agree to sign a CLA or legally transfer their copyright to the project, but they do at a minimum agree to license their work under the current license of this repository: In this case, the Creative Commons Zero v1.0 Universal.**
+
+## Contributing via email
+
+If you have a GitHub account, or are able to create a GitHub account, we ask that you do not submit issues via email.
+
+If you do not have a GitHub account, you may submit software recommendations or other issues via email without creating a GitHub account by emailing `privacytools@fire.fundersclub.com`. The subject line of your email will become the issue title. Your name will be included in the posted issue.
+
+This repository uses [@fire-bot](https://github.com/fire-bot), [a service](https://fire.fundersclub.com) from FundersClub that converts incoming emails to GitHub issues. By sending a message to the email address above, you will be sharing your email address and message content with FundersClub. FundersClub has a privacy policy at [https://fundersclub.com/catalyst-privacy-policy/](https://fundersclub.com/catalyst-privacy-policy/) you should review before using this service. Any attachments you send via this service may be stored indefinitely by FundersClub for the purpose of making them available within the submitted GitHub issue.
+
+You can view an example of the created issues' format at [#1444](https://github.com/privacytools/privacytools.io/issues/1444).
diff --git a/.github/ISSUE_TEMPLATE/1_Software_Suggestion.md b/.github/ISSUE_TEMPLATE/1_Software_Suggestion.md
new file mode 100644
index 00000000..6da46aa1
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/1_Software_Suggestion.md
@@ -0,0 +1,27 @@
+---
+name: "🆕 Software Suggestion"
+about: Suggest new software that enhances privacy.
+title: "🆕 Software Suggestion | "
+labels: 🆕 software suggestion
+---
+
+## Basic Information
+
+**Name:**
+**Category:**
+**URL:**
+
+## Description
+
+
+
+## Why I am making the suggestion
+
+
+
+
+## My connection with the software
+
+
+
+- [ ] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
diff --git a/.github/ISSUE_TEMPLATE/2_Software_Removal.md b/.github/ISSUE_TEMPLATE/2_Software_Removal.md
new file mode 100644
index 00000000..d806a6a6
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/2_Software_Removal.md
@@ -0,0 +1,21 @@
+---
+name: "❌ Software Removal"
+about: Suggest the removal of outdated, insecure, or otherwise bad software.
+title: "❌ Software Removal | "
+labels: ❌ software removal
+---
+
+## Description
+
+
+
+## Why I am making the suggestion
+
+
+
+
+## My connection with the software
+
+
+
+- [ ] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
diff --git a/.github/ISSUE_TEMPLATE/3_Feature_Suggestion.md b/.github/ISSUE_TEMPLATE/3_Feature_Suggestion.md
new file mode 100644
index 00000000..a56baa49
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/3_Feature_Suggestion.md
@@ -0,0 +1,8 @@
+---
+name: "✨ Feature Suggestion"
+about: Suggest a new feature/section/page for the website.
+title: "✨ Feature Suggestion | "
+labels: ✨ enhancement
+---
+
+## Description
diff --git a/.github/ISSUE_TEMPLATE/4_Content_Correction.md b/.github/ISSUE_TEMPLATE/4_Content_Correction.md
new file mode 100644
index 00000000..58533d13
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/4_Content_Correction.md
@@ -0,0 +1,21 @@
+---
+name: "📝 Content Correction"
+about: Report any inaccurate, incorrect, or outdated information on the website.
+title: "📝 Correction | "
+labels: 📝 correction
+---
+
+## Description
+
+
+
+## Why I am making the suggestion
+
+
+
+
+## My connection with the software
+
+
+
+- [ ] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
diff --git a/.github/ISSUE_TEMPLATE/5_Website_Issues.md b/.github/ISSUE_TEMPLATE/5_Website_Issues.md
new file mode 100644
index 00000000..d2244637
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/5_Website_Issues.md
@@ -0,0 +1,23 @@
+---
+name: "🌐 Website Issue"
+about: Report a bug with the website. (NO CONTENT ISSUES)
+title: "🌐 Website Issue | "
+labels: 🌐 website issue
+---
+
+
+
+## Description
+
+
diff --git a/.github/ISSUE_TEMPLATE/6_Translation_Issues.md b/.github/ISSUE_TEMPLATE/6_Translation_Issues.md
new file mode 100644
index 00000000..95843a0a
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/6_Translation_Issues.md
@@ -0,0 +1,21 @@
+---
+name: "🇦🇶 Translation Issue"
+about: Report any issue with a translated site.
+title: "🇦🇶 Translated Site Issue | "
+labels: 🌐 website issue, 🇦🇶 translations
+---
+
+## Site Affected
+
+**Domain:**
+
+
+- [ ] This site is listed as a translated version of the site in the privacytools.io navbar.
+
+## Description
+
+
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 00000000..52f4ca2b
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,7 @@
+contact_links:
+ - name: Services issues
+ url: https://github.com/privacytools/services/issues/new/choose
+ about: Open any issues/bug reports/requests related to our services (Mastodon, Matrix, etc) here.
+ - name: PrivacyTools Community
+ url: https://forum.privacytools.io/
+ about: Please ask any generic questions on our forum.
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 00000000..46a6286b
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,17 @@
+
+
+## Description
+
+Resolves: #none
+
+#### Check List
+
+- [ ] I understand that by not opening an issue about a software/service/similar addition/removal, this pull request will be closed without merging.
+
+- [ ] I have read and understand [the contributing guidelines](https://github.com/privacytools/privacytools.io/blob/master/.github/CONTRIBUTING.md).
+
+- [ ] The project is [Free Libre](https://en.wikipedia.org/wiki/Free_software) and/or [Open Source](https://en.wikipedia.org/wiki/Open-source_software) Software
+
+* Netlify preview for the mainly edited page:
+
+* Code repository of the project (if applicable):
diff --git a/.github/stale.yml b/.github/stale.yml
new file mode 100644
index 00000000..331880c5
--- /dev/null
+++ b/.github/stale.yml
@@ -0,0 +1,16 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+ - approved
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+ This issue has been automatically marked as stale because it has not had
+ recent activity. It will be closed if no further activity occurs. Thank you
+ for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..bb836e13
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,10 @@
+_site/
+.sass-cache/
+.jekyll-metadata
+.DS_Store
+font/assets/
+font/_sass/
+font/.fontcustom-manifest.json
+assets/webfonts/ptio-font-preview.html
+vendor
+.bundle
diff --git a/.well-known/keybase.txt b/.well-known/keybase.txt
new file mode 100644
index 00000000..320c5cb8
--- /dev/null
+++ b/.well-known/keybase.txt
@@ -0,0 +1,113 @@
+==================================================================
+https://keybase.io/privacytools
+--------------------------------------------------------------------
+
+I hereby claim:
+
+ * I am an admin of https://privacytools.io
+ * I am privacytools (https://keybase.io/privacytools) on keybase.
+ * I have a public key ASAkK34bChwgcSbs249aVEhWUYhfn9PYB0yx8y5hZEdLIAo
+
+To do so, I am signing this object:
+
+{
+ "body": {
+ "key": {
+ "eldest_kid": "0120242b7e1b0a1c207126ecdb8f5a54485651885f9fd3d8074cb1f32e6164474b200a",
+ "host": "keybase.io",
+ "kid": "0120242b7e1b0a1c207126ecdb8f5a54485651885f9fd3d8074cb1f32e6164474b200a",
+ "uid": "81b38301543203013da707b866f13619",
+ "username": "privacytools"
+ },
+ "merkle_root": {
+ "ctime": 1554941326,
+ "hash": "398a76706f68401cae4b733ff7c2bd7ad2fb40598604dd10f49a1f04db1173b26caf1c0bd480689d3d5f30c6b60190a69edc76e62d7ad1c16e19e0432c16b21e",
+ "hash_meta": "ee549365960473d4eec7331ecf3de0e38340c44a4ee61898ca542940b2e2d765",
+ "seqno": 5139256
+ },
+ "service": {
+ "entropy": "mEBRbFG3gU9gRt24VacvKVGm",
+ "hostname": "privacytools.io",
+ "protocol": "https:"
+ },
+ "type": "web_service_binding",
+ "version": 2
+ },
+ "client": {
+ "name": "keybase.io go client",
+ "version": "3.2.1"
+ },
+ "ctime": 1554941350,
+ "expire_in": 504576000,
+ "prev": "9947a42be64540ab809b87df765f3139cedbada82ae04012e97c94060fbed4f8",
+ "seqno": 20,
+ "tag": "signature"
+}
+
+which yields the signature:
+
+hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgJCt+GwocIHEm7NuPWlRIVlGIX5/T2AdMsfMuYWRHSyAKp3BheWxvYWTESpcCFMQgmUekK+ZFQKuAm4ffdl8xOc7bragq4EAS6XyUBg++1PjEIDwvpOGptD6jbBIm52/LR9l4T2xslWcgKtq6zH2HvOGKAgHCo3NpZ8RAeFaHjsUF7kqDas46rMXC1KDIJE520BD57OMws6dnJxbMmJf8O3rRNrLCineR5vpetxjtxGYrhmTWPtgSyYQhD6hzaWdfdHlwZSCkaGFzaIKkdHlwZQildmFsdWXEIGJSitnvAgdVMG+AyewIHT4cBbbWjGh4/cesl/uzqfQZo3RhZ80CAqd2ZXJzaW9uAQ==
+
+And finally, I am proving ownership of this host by posting or
+appending to this document.
+
+View my publicly-auditable identity here: https://keybase.io/privacytools
+
+==================================================================
+
+==================================================================
+https://keybase.io/jonaharagon
+--------------------------------------------------------------------
+
+I hereby claim:
+
+ * I am an admin of https://privacytools.io
+ * I am jonaharagon (https://keybase.io/jonaharagon) on keybase.
+ * I have a public key ASBD2KZniUf0KM-4GzlgrMnnJzEg54hDvlsnGRExgP2IfAo
+
+To do so, I am signing this object:
+
+{
+ "body": {
+ "key": {
+ "eldest_kid": "01014354fcf62ba0752c5ceb6175fbecef4205b22adc102cb9f4963546960039f9c20a",
+ "host": "keybase.io",
+ "kid": "012043d8a6678947f428cfb81b3960acc9e7273120e78843be5b2719113180fd887c0a",
+ "uid": "3164c4d37d2d2bea011091787d7bc119",
+ "username": "jonaharagon"
+ },
+ "merkle_root": {
+ "ctime": 1554921408,
+ "hash": "3e5c007341d4b02dbe29217419189fa111e0dda3c3e9749540f98e85d769fdc7f0587228446bebc9d114535e75c7fbe2d81dbf1d6a9998add9a9b661eabccffa",
+ "hash_meta": "d346ffeac7eb4a94ff2cd518a27ed5cb745933316b4a9e91f102fd0c01118a63",
+ "seqno": 5137134
+ },
+ "service": {
+ "entropy": "3MGOPdt1pbQJ3jJphywjT9e9",
+ "hostname": "privacytools.io",
+ "protocol": "https:"
+ },
+ "type": "web_service_binding",
+ "version": 2
+ },
+ "client": {
+ "name": "keybase.io go client",
+ "version": "3.2.1"
+ },
+ "ctime": 1554921422,
+ "expire_in": 504576000,
+ "prev": "0c6f534ada5683036a1cd98291a995386925a572742e1aa43b2eb20394879ae3",
+ "seqno": 159,
+ "tag": "signature"
+}
+
+which yields the signature:
+
+hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgQ9imZ4lH9CjPuBs5YKzJ5ycxIOeIQ75bJxkRMYD9iHwKp3BheWxvYWTES5cCzJ/EIAxvU0raVoMDahzZgpGplThpJaVydC4apDsusgOUh5rjxCBbnzb214v7MAMQHsGX2UxkYOPGr+WPD0WitCcDTTHkbQIBwqNzaWfEQByeB7GH1rHDvmFL8OZTS7xZ7oq8nbt/ZKJK8mFYoV0rym4akSdPiuzwP013lSH9msC3PhzpWSSTCmZk7OITtQGoc2lnX3R5cGUgpGhhc2iCpHR5cGUIpXZhbHVlxCBSTSnkhCA3soIAlMBA5R2DIINdDx0mk1xlj07KqwrwIKN0YWfNAgKndmVyc2lvbgE=
+
+And finally, I am proving ownership of this host by posting or
+appending to this document.
+
+View my publicly-auditable identity here: https://keybase.io/jonaharagon
+
+==================================================================
diff --git a/.well-known/librehost.json b/.well-known/librehost.json
new file mode 100644
index 00000000..eccf338c
--- /dev/null
+++ b/.well-known/librehost.json
@@ -0,0 +1,19 @@
+{
+ "@context" : "http://schema.org",
+ "@type" : "Organization",
+ "organizationType" : "Informal collective",
+ "name" : "PrivacyTools",
+ "tagLine" : "Private Services: No Ads, No Google Analytics, No Affiliates, and No Cross-Site Requests",
+ "homeUrl" : "https://www.privacytools.io/",
+ "logo" : "https://www.privacytools.io/assets/img/layout/shield.svg",
+ "description": "PrivacyTools is a socially motivated website that provides information and services for protecting your security and privacy online. No Ads, No Google Analytics, No Affiliates, and No Cross-Site Requests.",
+ "communicationLanguages": ["en"],
+ "contactUrl": "https://www.privacytools.io/contact/",
+ "privacyPolicyUrl" : "https://www.privacytools.io/privacy/",
+ "termsOfServiceUrl" : "-",
+ "isServiceProvider" : true,
+ "foundingDate": "2015",
+ "version": "0.0.1",
+ "dateCreated": "2019-05-02T16:25:00Z",
+ "dateModified": "2019-05-02T16:25:00Z"
+}
diff --git a/.well-known/matrix/client b/.well-known/matrix/client
new file mode 100644
index 00000000..ee6d0a59
--- /dev/null
+++ b/.well-known/matrix/client
@@ -0,0 +1,8 @@
+{
+ "m.homeserver": {
+ "base_url": "https://chat.privacytools.io"
+ },
+ "m.identity_server": {
+ "base_url": "https://chat.privacytools.io"
+ }
+}
diff --git a/.well-known/matrix/server b/.well-known/matrix/server
new file mode 100644
index 00000000..2a4992fd
--- /dev/null
+++ b/.well-known/matrix/server
@@ -0,0 +1,3 @@
+{
+ "m.server": "chat.privacytools.io:8448"
+}
diff --git a/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h b/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h
new file mode 100755
index 00000000..1ab53686
Binary files /dev/null and b/.well-known/openpgpkey/hu/dnrefmbtd6i58w8xfy4imj94cmbw3u3h differ
diff --git a/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo b/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo
new file mode 100755
index 00000000..a8a3161b
Binary files /dev/null and b/.well-known/openpgpkey/hu/mrobfoimg5wz876m7kp6spyu66941weo differ
diff --git a/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b b/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b
new file mode 100755
index 00000000..c03c67ca
Binary files /dev/null and b/.well-known/openpgpkey/hu/nqspr7yd4bgs8ry43zbzpjd45p4iug5b differ
diff --git a/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63 b/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63
new file mode 100755
index 00000000..9b051997
Binary files /dev/null and b/.well-known/openpgpkey/hu/omn8s4nziz8zmyz6f756asto39gefr63 differ
diff --git a/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4 b/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4
new file mode 100755
index 00000000..3d6b6bd1
Binary files /dev/null and b/.well-known/openpgpkey/hu/rse6m7dxfdjo86qhyj6wqs1hcdcp7em4 differ
diff --git a/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6 b/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6
new file mode 100755
index 00000000..eb0bd0f7
Binary files /dev/null and b/.well-known/openpgpkey/hu/zt71pstaerw1jpa5ru3borqmfsnbwnf6 differ
diff --git a/.well-known/openpgpkey/policy b/.well-known/openpgpkey/policy
new file mode 100644
index 00000000..e69de29b
diff --git a/.well-known/security.txt b/.well-known/security.txt
new file mode 100644
index 00000000..f77c69fd
--- /dev/null
+++ b/.well-known/security.txt
@@ -0,0 +1,5 @@
+Contact: admin@privacytools.io
+Encryption: https://www.jonaharagon.com/keys/
+Preferred-Languages: en
+Canonical: https://www.privacytools.io/.well-known/security.txt
+Policy: https://github.com/privacytools/privacytools.io/security/policy
diff --git a/404.html b/404.html
new file mode 100644
index 00000000..6e8e7276
--- /dev/null
+++ b/404.html
@@ -0,0 +1,23 @@
+---
+layout: minimal
+active_page: 404
+---
+
+
If you believe you reached this page in error, please contact us!
+
diff --git a/CNAME b/CNAME
new file mode 100644
index 00000000..916e25fe
--- /dev/null
+++ b/CNAME
@@ -0,0 +1 @@
+www.privacytools.io
\ No newline at end of file
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 00000000..70f8d954
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,16 @@
+source "https://rubygems.org"
+
+# Install github-pages gem (https://jekyllrb.com/docs/github-pages/)
+gem "github-pages", group: :jekyll_plugins
+
+# Plugins
+group :jekyll_plugins do
+ # example: gem "jekyll-feed", "~> 0.6"
+end
+
+# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
+gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby]
+
+# Performance-booster for watching directories on Windows
+gem "wdm", "~> 0.1.0" if Gem.win_platform?
+
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 00000000..2dce18a7
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,249 @@
+GEM
+ remote: https://rubygems.org/
+ specs:
+ activesupport (4.2.11.1)
+ i18n (~> 0.7)
+ minitest (~> 5.1)
+ thread_safe (~> 0.3, >= 0.3.4)
+ tzinfo (~> 1.1)
+ addressable (2.6.0)
+ public_suffix (>= 2.0.2, < 4.0)
+ coffee-script (2.4.1)
+ coffee-script-source
+ execjs
+ coffee-script-source (1.11.1)
+ colorator (1.1.0)
+ commonmarker (0.17.13)
+ ruby-enum (~> 0.5)
+ concurrent-ruby (1.1.5)
+ dnsruby (1.61.3)
+ addressable (~> 2.5)
+ em-websocket (0.5.1)
+ eventmachine (>= 0.12.9)
+ http_parser.rb (~> 0.6.0)
+ ethon (0.12.0)
+ ffi (>= 1.3.0)
+ eventmachine (1.2.7)
+ execjs (2.7.0)
+ faraday (0.15.4)
+ multipart-post (>= 1.2, < 3)
+ ffi (1.11.1)
+ forwardable-extended (2.6.0)
+ gemoji (3.0.1)
+ github-pages (198)
+ activesupport (= 4.2.11.1)
+ github-pages-health-check (= 1.16.1)
+ jekyll (= 3.8.5)
+ jekyll-avatar (= 0.6.0)
+ jekyll-coffeescript (= 1.1.1)
+ jekyll-commonmark-ghpages (= 0.1.5)
+ jekyll-default-layout (= 0.1.4)
+ jekyll-feed (= 0.11.0)
+ jekyll-gist (= 1.5.0)
+ jekyll-github-metadata (= 2.12.1)
+ jekyll-mentions (= 1.4.1)
+ jekyll-optional-front-matter (= 0.3.0)
+ jekyll-paginate (= 1.1.0)
+ jekyll-readme-index (= 0.2.0)
+ jekyll-redirect-from (= 0.14.0)
+ jekyll-relative-links (= 0.6.0)
+ jekyll-remote-theme (= 0.3.1)
+ jekyll-sass-converter (= 1.5.2)
+ jekyll-seo-tag (= 2.5.0)
+ jekyll-sitemap (= 1.2.0)
+ jekyll-swiss (= 0.4.0)
+ jekyll-theme-architect (= 0.1.1)
+ jekyll-theme-cayman (= 0.1.1)
+ jekyll-theme-dinky (= 0.1.1)
+ jekyll-theme-hacker (= 0.1.1)
+ jekyll-theme-leap-day (= 0.1.1)
+ jekyll-theme-merlot (= 0.1.1)
+ jekyll-theme-midnight (= 0.1.1)
+ jekyll-theme-minimal (= 0.1.1)
+ jekyll-theme-modernist (= 0.1.1)
+ jekyll-theme-primer (= 0.5.3)
+ jekyll-theme-slate (= 0.1.1)
+ jekyll-theme-tactile (= 0.1.1)
+ jekyll-theme-time-machine (= 0.1.1)
+ jekyll-titles-from-headings (= 0.5.1)
+ jemoji (= 0.10.2)
+ kramdown (= 1.17.0)
+ liquid (= 4.0.0)
+ listen (= 3.1.5)
+ mercenary (~> 0.3)
+ minima (= 2.5.0)
+ nokogiri (>= 1.8.5, < 2.0)
+ rouge (= 2.2.1)
+ terminal-table (~> 1.4)
+ github-pages-health-check (1.16.1)
+ addressable (~> 2.3)
+ dnsruby (~> 1.60)
+ octokit (~> 4.0)
+ public_suffix (~> 3.0)
+ typhoeus (~> 1.3)
+ html-pipeline (2.12.0)
+ activesupport (>= 2)
+ nokogiri (>= 1.4)
+ http_parser.rb (0.6.0)
+ i18n (0.9.5)
+ concurrent-ruby (~> 1.0)
+ jekyll (3.8.5)
+ addressable (~> 2.4)
+ colorator (~> 1.0)
+ em-websocket (~> 0.5)
+ i18n (~> 0.7)
+ jekyll-sass-converter (~> 1.0)
+ jekyll-watch (~> 2.0)
+ kramdown (~> 1.14)
+ liquid (~> 4.0)
+ mercenary (~> 0.3.3)
+ pathutil (~> 0.9)
+ rouge (>= 1.7, < 4)
+ safe_yaml (~> 1.0)
+ jekyll-avatar (0.6.0)
+ jekyll (~> 3.0)
+ jekyll-coffeescript (1.1.1)
+ coffee-script (~> 2.2)
+ coffee-script-source (~> 1.11.1)
+ jekyll-commonmark (1.3.1)
+ commonmarker (~> 0.14)
+ jekyll (>= 3.7, < 5.0)
+ jekyll-commonmark-ghpages (0.1.5)
+ commonmarker (~> 0.17.6)
+ jekyll-commonmark (~> 1)
+ rouge (~> 2)
+ jekyll-default-layout (0.1.4)
+ jekyll (~> 3.0)
+ jekyll-feed (0.11.0)
+ jekyll (~> 3.3)
+ jekyll-gist (1.5.0)
+ octokit (~> 4.2)
+ jekyll-github-metadata (2.12.1)
+ jekyll (~> 3.4)
+ octokit (~> 4.0, != 4.4.0)
+ jekyll-mentions (1.4.1)
+ html-pipeline (~> 2.3)
+ jekyll (~> 3.0)
+ jekyll-optional-front-matter (0.3.0)
+ jekyll (~> 3.0)
+ jekyll-paginate (1.1.0)
+ jekyll-readme-index (0.2.0)
+ jekyll (~> 3.0)
+ jekyll-redirect-from (0.14.0)
+ jekyll (~> 3.3)
+ jekyll-relative-links (0.6.0)
+ jekyll (~> 3.3)
+ jekyll-remote-theme (0.3.1)
+ jekyll (~> 3.5)
+ rubyzip (>= 1.2.1, < 3.0)
+ jekyll-sass-converter (1.5.2)
+ sass (~> 3.4)
+ jekyll-seo-tag (2.5.0)
+ jekyll (~> 3.3)
+ jekyll-sitemap (1.2.0)
+ jekyll (~> 3.3)
+ jekyll-swiss (0.4.0)
+ jekyll-theme-architect (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-cayman (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-dinky (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-hacker (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-leap-day (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-merlot (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-midnight (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-minimal (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-modernist (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-primer (0.5.3)
+ jekyll (~> 3.5)
+ jekyll-github-metadata (~> 2.9)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-slate (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-tactile (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-theme-time-machine (0.1.1)
+ jekyll (~> 3.5)
+ jekyll-seo-tag (~> 2.0)
+ jekyll-titles-from-headings (0.5.1)
+ jekyll (~> 3.3)
+ jekyll-watch (2.2.1)
+ listen (~> 3.0)
+ jemoji (0.10.2)
+ gemoji (~> 3.0)
+ html-pipeline (~> 2.2)
+ jekyll (~> 3.0)
+ kramdown (1.17.0)
+ liquid (4.0.0)
+ listen (3.1.5)
+ rb-fsevent (~> 0.9, >= 0.9.4)
+ rb-inotify (~> 0.9, >= 0.9.7)
+ ruby_dep (~> 1.2)
+ mercenary (0.3.6)
+ mini_portile2 (2.4.0)
+ minima (2.5.0)
+ jekyll (~> 3.5)
+ jekyll-feed (~> 0.9)
+ jekyll-seo-tag (~> 2.1)
+ minitest (5.11.3)
+ multipart-post (2.1.1)
+ nokogiri (1.10.8)
+ mini_portile2 (~> 2.4.0)
+ octokit (4.14.0)
+ sawyer (~> 0.8.0, >= 0.5.3)
+ pathutil (0.16.2)
+ forwardable-extended (~> 2.6)
+ public_suffix (3.1.1)
+ rb-fsevent (0.10.3)
+ rb-inotify (0.10.0)
+ ffi (~> 1.0)
+ rouge (2.2.1)
+ ruby-enum (0.7.2)
+ i18n
+ ruby_dep (1.5.0)
+ rubyzip (2.0.0)
+ safe_yaml (1.0.5)
+ sass (3.7.4)
+ sass-listen (~> 4.0.0)
+ sass-listen (4.0.0)
+ rb-fsevent (~> 0.9, >= 0.9.4)
+ rb-inotify (~> 0.9, >= 0.9.7)
+ sawyer (0.8.2)
+ addressable (>= 2.3.5)
+ faraday (> 0.8, < 2.0)
+ terminal-table (1.8.0)
+ unicode-display_width (~> 1.1, >= 1.1.1)
+ thread_safe (0.3.6)
+ typhoeus (1.3.1)
+ ethon (>= 0.9.0)
+ tzinfo (1.2.5)
+ thread_safe (~> 0.1)
+ unicode-display_width (1.6.0)
+
+PLATFORMS
+ ruby
+
+DEPENDENCIES
+ github-pages
+ tzinfo-data
+
+BUNDLED WITH
+ 2.0.1
diff --git a/LICENSE.txt b/LICENSE.txt
new file mode 100644
index 00000000..670154e3
--- /dev/null
+++ b/LICENSE.txt
@@ -0,0 +1,116 @@
+CC0 1.0 Universal
+
+Statement of Purpose
+
+The laws of most jurisdictions throughout the world automatically confer
+exclusive Copyright and Related Rights (defined below) upon the creator and
+subsequent owner(s) (each and all, an "owner") of an original work of
+authorship and/or a database (each, a "Work").
+
+Certain owners wish to permanently relinquish those rights to a Work for the
+purpose of contributing to a commons of creative, cultural and scientific
+works ("Commons") that the public can reliably and without fear of later
+claims of infringement build upon, modify, incorporate in other works, reuse
+and redistribute as freely as possible in any form whatsoever and for any
+purposes, including without limitation commercial purposes. These owners may
+contribute to the Commons to promote the ideal of a free culture and the
+further production of creative, cultural and scientific works, or to gain
+reputation or greater distribution for their Work in part through the use and
+efforts of others.
+
+For these and/or other purposes and motivations, and without any expectation
+of additional consideration or compensation, the person associating CC0 with a
+Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
+and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
+and publicly distribute the Work under its terms, with knowledge of his or her
+Copyright and Related Rights in the Work and the meaning and intended legal
+effect of CC0 on those rights.
+
+1. Copyright and Related Rights. A Work made available under CC0 may be
+protected by copyright and related or neighboring rights ("Copyright and
+Related Rights"). Copyright and Related Rights include, but are not limited
+to, the following:
+
+ i. the right to reproduce, adapt, distribute, perform, display, communicate,
+ and translate a Work;
+
+ ii. moral rights retained by the original author(s) and/or performer(s);
+
+ iii. publicity and privacy rights pertaining to a person's image or likeness
+ depicted in a Work;
+
+ iv. rights protecting against unfair competition in regards to a Work,
+ subject to the limitations in paragraph 4(a), below;
+
+ v. rights protecting the extraction, dissemination, use and reuse of data in
+ a Work;
+
+ vi. database rights (such as those arising under Directive 96/9/EC of the
+ European Parliament and of the Council of 11 March 1996 on the legal
+ protection of databases, and under any national implementation thereof,
+ including any amended or successor version of such directive); and
+
+ vii. other similar, equivalent or corresponding rights throughout the world
+ based on applicable law or treaty, and any national implementations thereof.
+
+2. Waiver. To the greatest extent permitted by, but not in contravention of,
+applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
+unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
+and Related Rights and associated claims and causes of action, whether now
+known or unknown (including existing as well as future claims and causes of
+action), in the Work (i) in all territories worldwide, (ii) for the maximum
+duration provided by applicable law or treaty (including future time
+extensions), (iii) in any current or future medium and for any number of
+copies, and (iv) for any purpose whatsoever, including without limitation
+commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
+the Waiver for the benefit of each member of the public at large and to the
+detriment of Affirmer's heirs and successors, fully intending that such Waiver
+shall not be subject to revocation, rescission, cancellation, termination, or
+any other legal or equitable action to disrupt the quiet enjoyment of the Work
+by the public as contemplated by Affirmer's express Statement of Purpose.
+
+3. Public License Fallback. Should any part of the Waiver for any reason be
+judged legally invalid or ineffective under applicable law, then the Waiver
+shall be preserved to the maximum extent permitted taking into account
+Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
+is so judged Affirmer hereby grants to each affected person a royalty-free,
+non transferable, non sublicensable, non exclusive, irrevocable and
+unconditional license to exercise Affirmer's Copyright and Related Rights in
+the Work (i) in all territories worldwide, (ii) for the maximum duration
+provided by applicable law or treaty (including future time extensions), (iii)
+in any current or future medium and for any number of copies, and (iv) for any
+purpose whatsoever, including without limitation commercial, advertising or
+promotional purposes (the "License"). The License shall be deemed effective as
+of the date CC0 was applied by Affirmer to the Work. Should any part of the
+License for any reason be judged legally invalid or ineffective under
+applicable law, such partial invalidity or ineffectiveness shall not
+invalidate the remainder of the License, and in such case Affirmer hereby
+affirms that he or she will not (i) exercise any of his or her remaining
+Copyright and Related Rights in the Work or (ii) assert any associated claims
+and causes of action with respect to the Work, in either case contrary to
+Affirmer's express Statement of Purpose.
+
+4. Limitations and Disclaimers.
+
+ a. No trademark or patent rights held by Affirmer are waived, abandoned,
+ surrendered, licensed or otherwise affected by this document.
+
+ b. Affirmer offers the Work as-is and makes no representations or warranties
+ of any kind concerning the Work, express, implied, statutory or otherwise,
+ including without limitation warranties of title, merchantability, fitness
+ for a particular purpose, non infringement, or the absence of latent or
+ other defects, accuracy, or the present or absence of errors, whether or not
+ discoverable, all to the greatest extent permissible under applicable law.
+
+ c. Affirmer disclaims responsibility for clearing rights of other persons
+ that may apply to the Work or any use thereof, including without limitation
+ any person's Copyright and Related Rights in the Work. Further, Affirmer
+ disclaims responsibility for obtaining any necessary consents, permissions
+ or other rights required for any use of the Work.
+
+ d. Affirmer understands and acknowledges that Creative Commons is not a
+ party to this document and has no duty or obligation with respect to this
+ CC0 or use of the Work.
+
+For more information, please see
+
diff --git a/README.md b/README.md
index acaf71d7..cacbb5bf 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,68 @@
-# Privacy Guides
+
+
+# Contributing
+
+It's important for a website like PrivacyTools to be up-to-date. Keep an eye on software updates of the applications listed here. Follow recent news about providers that are recommended. We try our best to keep up but we're not perfect and the internet is changing fast. So if you find an error, or you think a provider should not be listed here, or a qualified service provider is missing or a browser plugin is not the best choice anymore or anything else...
+
+**Talk to us!** If you want to help make privacytools.io the best website it can be, join our Matrix discussion chat at [`#dev:privacytools.io`](https://matrix.to/#/#dev:privacytools.io), where we talk about open issues and PRs in this repo, and changes to the site. You may submit any website suggestions here on GitHub [Issues](https://github.com/privacytools/privacytools.io/issues). Please refer to the [contribution guidelines](.github/CONTRIBUTING.md) and consider stopping by our chat room before submitting. Thank you.
+
+If you want to discuss privacy in general, a new tool, or just something else, feel free to join [our Discourse community](https://forum.privacytools.io/) or our general Matrix room at [`#general:privacytools.io`](https://matrix.to/#/#general:privacytools.io) and start a discussion! This is a community project and we're aiming to deliver the best information available. Thank you for participating.
+
+## Developing
+
+1. Install the latest stable version of [Ruby](https://www.ruby-lang.org/en/downloads/).
+1. Install [Bundler](https://bundler.io/) v2.0.1:
+ * `gem install bundler -v 2.0.1`
+1. Install the required dependencies:
+ * `bundle install`
+1. Build the website (the output can be found in the `_site` directory):
+ * `bundle exec jekyll build`
+1. Serve the website locally with live reloading:
+ * `bundle exec jekyll serve --incremental --livereload`
+
+# Support
+
+- [Donate](https://www.privacytools.io/sponsors/)
+- [Spread the word](https://www.privacytools.io/#participate)
+- [Join our Discourse community](https://forum.privacytools.io/)
+- [Make suggestions on reddit](https://www.reddit.com/r/privacytoolsIO/)
+- View and edit our website source code here on GitHub.
+
+## Backers
+
+Like what we're doing? [Become a backer](https://opencollective.com/privacytools) and show your support for our project.
+
+
+
+
+
+## Sponsors
+
+Are you working with a privacy focused company? Ask your manager or marketing team if your company would be interested in supporting our project. Your support will help us continue to develop this website, promote privacy-respecting tools and services, and reach out to thousands of data privacy newcomers every month. Also, your company's logo will show on GitHub and [our site](https://www.privacytools.io/sponsors/), and who doesn't like a little extra exposure?
+
+## Community Translations
+- [繁体中文 / Chinese](https://privacytools.twngo.xyz/) - [GitHub](https://github.com/twngo/privacytools-zh)
+- [Español / Spanish](https://victorhck.gitlab.io/privacytools-es/) - [GitLab](https://gitlab.com/victorhck/privacytools-es)
+- [Polski / Polish](https://pl.privacytools.io) - [Gitea](https://git.privacytools.io/pl-privacytoolsIO/pl.privacytools.io)
+- [Deutsch / German](https://privacytools.it-sec.rocks/) - [GitHub](https://github.com/Anon215/privacytools.it-sec.rocks)
+- [Français / French](https://privacytools.dreads-unlock.fr/) - [GitLab](https://gitlab.com/Booteille/privacytools)
+- [Italiano / Italian](https://privacytools-it.github.io/) - [GitHub](https://github.com/privacytools-it/privacytools-it.github.io)
+- [Русский / Russian](https://privacytools.ru) - [GitHub](https://github.com/c0rdis/privacytools.ru)
+- [Português / Portuguese](https://www.privacidade.digital/) - [GitHub](https://github.com/PrivacidadeDigital/privacidade.digital)
+
+# License & Notices
+
+Please visit [https://www.privacytools.io/notices/](https://www.privacytools.io/notices/) for license information and other disclaimers. PrivacyTools is provided on an "as-is" basis, without warranty, and disclaiming liability for damages. By contributing to this repository you agree to license your work under the terms of the [license](https://github.com/privacytools/privacytools.io/blob/master/LICENSE.txt) in this repository.
diff --git a/_config.yml b/_config.yml
new file mode 100644
index 00000000..25a9c243
--- /dev/null
+++ b/_config.yml
@@ -0,0 +1,13 @@
+title: PrivacyTools - Encryption Against Global Mass Surveillance
+name: PrivacyTools
+description: You are being watched. PrivacyTools provides knowledge, encryption, and software recommendations to protect you against global mass surveillance.
+url: "https://www.privacytools.io"
+production_url: "https://www.privacytools.io"
+sass:
+ style: compressed
+plugins:
+ - jekyll-sitemap
+sitemap:
+file: "/sitemap.xml"
+include: [".well-known"]
+exclude: ["font", "vendor"]
diff --git a/_includes/badge.html b/_includes/badge.html
new file mode 100644
index 00000000..f908ecf8
--- /dev/null
+++ b/_includes/badge.html
@@ -0,0 +1,20 @@
+{% if include.link %}
+ {{ include.text }}
+{% else %}> {{ include.text }}{% endif %}
+
+{% else %}
+ {{include.text}}
+ {% else %}
+ > {% if include.icon %}{% endif %} {{include.text}}
+ {% endif %}
+
+{% endif %}
diff --git a/_includes/breadcrumbs.html b/_includes/breadcrumbs.html
new file mode 100644
index 00000000..b744bb53
--- /dev/null
+++ b/_includes/breadcrumbs.html
@@ -0,0 +1,23 @@
+
diff --git a/_includes/card.html b/_includes/card.html
new file mode 100644
index 00000000..ec676c84
--- /dev/null
+++ b/_includes/card.html
@@ -0,0 +1,76 @@
+
NetGuard provides simple and advanced methods to block certain apps from accessing the internet, without requiring root privileges. Applications and addresses can be individually allowed or denied access to your Wi-Fi and/or mobile connections, allowing you to control exactly which apps are able to phone home or not.
Orbot is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world.
diff --git a/_includes/sections/android-operating-systems.html b/_includes/sections/android-operating-systems.html
new file mode 100644
index 00000000..6825a1bf
--- /dev/null
+++ b/_includes/sections/android-operating-systems.html
@@ -0,0 +1,53 @@
+
Mobile Operating Systems
+
+
Android-based Operating Systems
+
+
+ Even though the source code of the following operating systems is provided, installing Google Apps may compromise your setup.
+
+
+{% include cardv2.html
+ title="CalyxOS"
+ image="/assets/img/svg/3rd-party/calyxos.svg"
+ description='CalyxOS is a custom ROM based on the Android Open Source Project with Pixel phones. It aims to be secure and private by default including a number of good choices for default applications. It also supports verified boot.'
+ badges="info:AOSP"
+ website="https://calyxos.org"
+ gitlab="https://gitlab.com/calyxos"
+%}
+
+{% include cardv2.html
+ title="GrapheneOS"
+ image="/assets/img/svg/3rd-party/grapheneos.svg"
+ image-dark="/assets/img/svg/3rd-party/grapheneos-dark.svg"
+ description='GrapheneOS (formerly known as CopperheadOS) is a free and open-source security- and privacy-focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security.'
+ badges="info:AOSP"
+ website="https://grapheneos.org/"
+ github="https://github.com/GrapheneOS/"
+%}
+
+{% include cardv2.html
+ title="LineageOS (Official Builds)"
+ image="/assets/img/svg/3rd-party/lineageos.svg"
+ description='LineageOS is a custom ROM based on the Android Open Source Project with official support for a wide variety of devices. The project is the successor to the popular CyanogenMod project, focusing on system control and customization, device longevity, and privacy. For security reasons, we do not recommend third-party builds of LineageOS for unsupported devices.'
+ badges="info:AOSP"
+ website="https://www.lineageos.org/"
+ privacy-policy="https://www.lineageos.org/legal/"
+ github="https://github.com/LineageOS"
+%}
+
+
Worth Mentioning
+
+
+
+ MicroG
+ {% include badge.html
+ color="info"
+ text="Add-on Package"
+ %}
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ %}
+ - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at Lineage for microG.
+
+
diff --git a/_includes/sections/browser-addons.html b/_includes/sections/browser-addons.html
new file mode 100644
index 00000000..0c37fb7c
--- /dev/null
+++ b/_includes/sections/browser-addons.html
@@ -0,0 +1,193 @@
+
+
+{% include cardv2.html
+ title="uBlock Origin: Block Ads and Trackers"
+ image="/assets/img/svg/3rd-party/ublock_origin.svg"
+ description="
uBlock Origin is an efficient wide-spectrum blocker that is easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely open source. Advanced mode allows for dynamic filtering. Dynamic filtering allows for extended blocking similar to NoScript and uMatrix (E.g. medium or hard) blocking.
"
+ website="https://addons.mozilla.org/firefox/addon/ublock-origin/"
+ privacy-policy="https://github.com/gorhill/uBlock/wiki/Privacy-policy"
+ forum="https://forum.privacytools.io/t/discussion-ublock-origin/266"
+ github="https://github.com/gorhill/uBlock/"
+ firefox="https://addons.mozilla.org/firefox/addon/ublock-origin/"
+ chrome="https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm"
+ opera="https://addons.opera.com/en/extensions/details/ublock/"
+ edge="https://www.microsoft.com/en-us/p/ublock-origin/9nblggh444l4"
+%}
+
+{% include cardv2.html
+ title="HTTPS Everywhere: Secure Connections"
+ image="/assets/img/svg/3rd-party/https_everywhere.svg"
+ description="HTTPS Everywhere enables encryption of your connections to many major websites, making your browsing more secure. It is a collaboration between The Tor Project and the Electronic Frontier Foundation."
+ website="https://www.eff.org/https-everywhere"
+ privacy-policy="https://www.eff.org/code/privacy/policy"
+ forum="https://forum.privacytools.io/t/discussion-https-everywhere/268"
+ github="https://github.com/EFForg/https-everywhere"
+ firefox="https://addons.mozilla.org/firefox/addon/https-everywhere"
+ chrome="https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp"
+ opera="https://addons.opera.com/en/extensions/details/https-everywhere"
+%}
+
+{% include cardv2.html
+ title="Decentraleyes: Block Content Delivery Networks"
+ image="/assets/img/svg/3rd-party/decentraleyes.svg"
+ description="Decentraleyes emulates Content Delivery Networks locally by intercepting requests, finding the required resource, and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required."
+ website="https://decentraleyes.org/"
+ privacy-policy="https://decentraleyes.org/privacy-policy/"
+ forum="https://forum.privacytools.io/t/discussion-decentraleyes/269"
+ gitlab="https://git.synz.io/Synzvato/decentraleyes"
+ firefox="https://addons.mozilla.org/firefox/addon/decentraleyes"
+ chrome="https://chrome.google.com/webstore/detail/decentraleyes/ldpochfccmkkmhdbclfhpagapcfdljkj"
+ opera="https://addons.opera.com/extensions/details/decentraleyes"
+%}
+
+{% include cardv2.html
+ title="ClearURLs"
+ image="/assets/img/svg/3rd-party/clearurls.svg"
+ description="ClearURLs will automatically remove tracking elements from URLs to help protect your privacy when browsing through the Internet."
+ website="https://gitlab.com/KevinRoebert/ClearUrls"
+ privacy-policy="https://gitlab.com/KevinRoebert/ClearUrls/-/blob/master/PRIVACY.md"
+ forum="https://forum.privacytools.io/t/discussion-clearurls/3353"
+ gitlab="https://gitlab.com/KevinRoebert/ClearUrls"
+ firefox="https://addons.mozilla.org/firefox/addon/clearurls/"
+ chrome="https://chrome.google.com/webstore/detail/clearurls/lckanjgmijmafbedllaakclkaicjfmnk"
+ edge="https://microsoftedge.microsoft.com/addons/detail/mdkdmaickkfdekbjdoojfalpbkgaddei"
+%}
+
+{% include cardv2.html
+ title="xBrowserSync"
+ image="/assets/img/svg/3rd-party/xbrowsersync.svg"
+ description='xBrowserSync synchronizes bookmarks across devices and browsers with end-to-end encryption. Data is encrypted and decrypted on the device, no one but you can read it. No registration is needed, just enter a randomly generated id or QR code on all devices. Different servers are available, and it can also be self-hosted.'
+ website="https://www.xbrowsersync.org/"
+ privacy-policy="https://www.xbrowsersync.org/privacypolicy"
+ github="https://github.com/xbrowsersync"
+ firefox="https://addons.mozilla.org/firefox/addon/xbs/"
+ chrome="https://chrome.google.com/webstore/detail/xbrowsersync/lcbjdhceifofjlpecfpeimnnphbcjgnc"
+ googleplay="https://play.google.com/store/apps/details?id=com.xBrowserSync.android"
+%}
+
+
Worth Mentioning
+
+
+
floccus - Synchronize bookmarks across browsers via Nextcloud, WebDAV or a local file (and thus any file sync solution). For Firefox, Chrome, Edge.
+
+
+
Additional Functionality
+
+
+ These add-ons don't necessarily add to your privacy when browsing the web, but add additional functionality to your browser you may find useful.
+
+
+{% include cardv2.html
+ title="Terms of Service; Didn’t Read: Be Informed"
+ image="/assets/img/svg/3rd-party/terms_of_service_didnt_read.svg"
+ description='Terms of Service; Didn’t Read is an addon that believes "I have read and agree to the Terms of Service" is the biggest lie on the web, and wants to fix it by grading websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analysis and ratings are published transparently by a community of reviewers.'
+ website="https://tosdr.org/"
+ privacy-policy="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-terms-of-service-didn-t-read/270"
+ github="https://github.com/tosdr/"
+ firefox="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/"
+ chrome="https://chrome.google.com/webstore/detail/terms-of-service-didn%E2%80%99t-r/hjdoplcnndgiblooccencgcggcoihigg"
+ opera="https://addons.opera.com/extensions/details/terms-of-service-didnt-read"
+%}
+
+{% include cardv2.html
+ title="Snowflake"
+ image="/assets/img/svg/3rd-party/snowflake.svg"
+ description="Snowflake is a new pluggable transport from the Tor Project. If you have an uncensored connection, running this extension volunteers your connection to be used as a Snowflake proxy to help users unable to connect to the Tor network. Your IP will not be visible to the sites users visit using your proxy, as this extension will not make you an exit node. If your access to the Tor network is blocked, this extension will not assist you, and you should use the Tor Browser instead. Note: This add-on does not work with WebRTC disabled."
+ website="https://snowflake.torproject.org"
+ forum="https://forum.privacytools.io/t/discussion-snowflake/1146"
+ git="https://gitweb.torproject.org/pluggable-transports/snowflake.git"
+ firefox="https://addons.mozilla.org/firefox/addon/torproject-snowflake"
+ chrome="https://chrome.google.com/webstore/detail/snowflake/mafpmfcccpbjnhfhjnllmmalhifmlcie"
+%}
+
+
Persistent storage management
+
+
Desktop
+
+
+ These add-ons are the preferred method for controlling persistent storage data that various websites and web-apps may create on your computer.
+
+
+{% include cardv2.html
+ title="Temporary Containers"
+ image="/assets/img/svg/3rd-party/temporary_containers.svg"
+ image-dark="/assets/img/svg/3rd-party/temporary_containers-dark.svg"
+ description="Temporary Containers allow you to open tabs, websites, and links in automatically managed disposable containers. Containers isolate data websites store (cookies, storage, and more) from each other, enhancing your privacy and security while you browse: Enhance your privacy in Firefox with Temporary Containers."
+ website="https://addons.mozilla.org/firefox/addon/temporary-containers/"
+ privacy-policy="https://addons.mozilla.org/firefox/addon/temporary-containers/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-temporary-containers-multi-account-containers/3354"
+ github="https://github.com/stoically/temporary-containers"
+ firefox="https://addons.mozilla.org/firefox/addon/temporary-containers/"
+%}
+
+{% include cardv2.html
+ title="Firefox Multi-Account Containers"
+ image="/assets/img/svg/3rd-party/firefox_multi_account_containers.svg"
+ description="Firefox Multi-Account Containers allow you to create containers for specific websites. These containers are isolated from eachother. This add-on can be used in conjunctiuon with Temporary Containers to allow persistent logins to websites you specify."
+ website="https://support.mozilla.org/kb/containers"
+ forum="https://forum.privacytools.io/t/discussion-temporary-containers-multi-account-containers/3354"
+ github="https://github.com/mozilla/multi-account-containers"
+ firefox="https://addons.mozilla.org/firefox/addon/multi-account-containers/"
+%}
+
+
Android
+
+
+ Unfortunately the Android version of Firefox doesn't support managing tabs as containers. The recommended extensions below are a substitute, however as APIs do not exist for clearing IndexedDB, Service Workers cache, appCache, or cache by host. As a result they are not as good as the above Temporary Container suggestions.
+
+
+{% include cardv2.html
+ title="ETag Stoppa"
+ image="/assets/img/svg/3rd-party/etag_stoppa.svg"
+ description="ETag Stoppa Prevents Firefox from storing entity tags by removing ETag response headers unconditionally and without exceptions."
+ website="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
+ forum=""
+ github="https://github.com/claustromaniac/etag-stoppa"
+ firefox="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
+%}
+
+{% include cardv2.html
+ title="Cookie AutoDelete: Automatically Delete Cookies"
+ image="/assets/img/png/3rd-party/cookie_autodelete.png"
+ description="Cookie AutoDelete automatically removes cookies, lingering sessions, and other information that can be used to spy on you when they are no longer used by open browser tabs."
+ website="https://addons.mozilla.org/firefox/addon/cookie-autodelete/"
+ forum="https://forum.privacytools.io/t/discussion-cookie-autodelete/267"
+ github="https://github.com/Cookie-AutoDelete/Cookie-AutoDelete"
+ firefox="https://addons.mozilla.org/firefox/addon/cookie-autodelete"
+ chrome="https://chrome.google.com/webstore/detail/cookie-autodelete/fhcgjolkccmbidfldomjliifgaodjagh"
+%}
+
+
For Advanced Users
+
+
+ These addons require quite a lot of interaction from the user, and some of them completely replace the add-ons we've recommended above. Some sites may not work properly without careful configuration.
+
+
+{% include cardv2.html
+ title="uMatrix: Stop Cross-Site Requests"
+ image="/assets/img/png/3rd-party/umatrix.png"
+ description="uMatrix gives you control over the requests that websites make to other websites. Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. uMatrix allows 1st party scripts in its default configuration. If you want the default functionality of NoScript consider blocking 1st party scripts everywhere by default. This addon has been discontinued."
+ website="https://addons.mozilla.org/firefox/addon/umatrix/"
+ privacy-policy="https://github.com/gorhill/uMatrix/wiki/Privacy-policy"
+ forum="https://forum.privacytools.io/t/discussion-umatrix/271"
+ github="https://github.com/gorhill/uMatrix"
+ firefox="https://addons.mozilla.org/firefox/addon/umatrix"
+ chrome="https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf"
+ opera="https://addons.opera.com/extensions/details/umatrix"
+%}
+
+{% include cardv2.html
+ title="CanvasBlocker"
+ image="/assets/img/svg/3rd-party/canvasblocker.svg"
+ description="CanvasBlocker allows users to prevent websites from using some Javascript APIs to fingerprint them. Users can choose to block the APIs entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API."
+ website="https://github.com/kkapsner/CanvasBlocker/"
+ privacy-policy="https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-canvasblocker/3352"
+ github="https://github.com/kkapsner/CanvasBlocker/"
+ firefox="https://addons.mozilla.org/firefox/addon/canvasblocker/"
+%}
diff --git a/_includes/sections/browser-fingerprint.html b/_includes/sections/browser-fingerprint.html
new file mode 100644
index 00000000..787075cb
--- /dev/null
+++ b/_includes/sections/browser-fingerprint.html
@@ -0,0 +1,25 @@
+
Browser Fingerprint - Is your browser configuration unique?
+
+
+ Your Browser sends information that makes you unique amongst millions of users and therefore easy to identify.
+
+
+
When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using cookies. EFF created a Tool called Panopticlick to test your browser to see how unique it is.
You need to find what most browsers are reporting, and then use those variables to bring your browser in the same population. This means having the same fonts, plugins, and extensions installed as the large installed base. You should have a spoofed user-agent string to match what the large userbase has. You need to have the same settings enabled and disabled, such as DNT and WebGL. You need your browser to look as common as everyone else. Disabling JavaScript, using Linux, or even using the Tor Browser Bundle, will make your browser stick out from the masses.
+
+
Modern web browsers have not been architected to assure personal web privacy. Rather than worrying about being fingerprinted, it seems more practical to use free software plugins to regain control. They not only respect your freedom, but your privacy also. You can get much further with these than trying to manipulate your browser's fingerprint.
BrowserLeaks.com - Web browser security testing tools that tell you what exactly personal identity data may be leaked without any permissions when you surf the Internet.
+
diff --git a/_includes/sections/browser-recommendation.html b/_includes/sections/browser-recommendation.html
new file mode 100644
index 00000000..96eca12f
--- /dev/null
+++ b/_includes/sections/browser-recommendation.html
@@ -0,0 +1,143 @@
+
+
+ Browser Recommendations For Desktop
+
+
+{% include cardv2.html
+ title="Firefox"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox is fast, reliable, open-source, and respects your privacy. Don\'t forget to adjust the settings according to our
+ recommendations: Privacy Add-ons WebRTC about:config tweaks.'
+ website="https://firefox.com"
+ privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
+ forum="https://forum.privacytools.io/t/discussion-firefox/279"
+ source="https://hg.mozilla.org/mozilla-central/"
+ windows="https://www.mozilla.org/firefox/windows/"
+ mac="https://www.mozilla.org/firefox/mac/"
+ linux="https://www.mozilla.org/firefox/linux/"
+ freebsd="https://www.freshports.org/www/firefox"
+ openbsd="http://openports.se/www/mozilla-firefox"
+ netbsd="http://pkgsrc.se/www/firefox"
+%}
+
+{% include cardv2.html
+ title="Tor Browser - Provides Anonymity"
+ image="/assets/img/svg/3rd-party/tor_browser.svg"
+ description='Tor Browser is your choice if you need an extra layer of anonymity. It\'s a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption, and an advanced proxy. How does Tor work?'
+ website="https://www.torproject.org/"
+ privacy-policy="https://support.torproject.org/tbb/tbb-3/"
+ tor="http://expyuzz4wqqyqhjn.onion/"
+ forum="https://forum.privacytools.io/t/discussion-tor-browser/278"
+ git="https://trac.torproject.org/projects/tor"
+ windows="https://www.torproject.org/download/"
+ mac="https://www.torproject.org/download/"
+ linux="https://www.torproject.org/download/"
+%}
+
+
+
+ Browser Recommendations For Android
+
+
+{% include cardv2.html
+ title="Firefox"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox is fast, reliable, open-source, and respects your privacy. Don\'t forget to adjust the settings according to our
+ recommendations: Privacy Add-ons WebRTC about:config tweaks.'
+ website="https://www.mozilla.org/en-US/firefox/mobile/"
+ privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
+ forum="https://forum.privacytools.io/t/discussion-firefox/279"
+ github="https://github.com/mozilla-mobile"
+ fdroid="https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefox"
+ android="https://www.mozilla.org/firefox/all/#product-android-release"
+%}
+
+{% include cardv2.html
+ title="Tor Browser - Provides Anonymity"
+ image="/assets/img/svg/3rd-party/tor_browser.svg"
+ description='Tor Browser is your choice if you need an extra layer of anonymity. It\'s a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption and an advanced proxy. How does Tor work?'
+ website="https://www.torproject.org/"
+ privacy-policy="https://support.torproject.org/tbb/tbb-3/"
+ tor="http://expyuzz4wqqyqhjn.onion/"
+ forum="https://forum.privacytools.io/t/discussion-tor-browser-for-android-browsers/1522"
+ git="https://gitweb.torproject.org/tor-browser.git/"
+ android="https://www.torproject.org/download/#android"
+ fdroid="https://guardianproject.info/fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
+%}
+
+{% include cardv2.html
+ title="Bromite"
+ image="/assets/img/svg/3rd-party/bromite.svg"
+ description='Bromite is a Chromium-based browser with privacy and security enhancements, built-in adblocking and DNS over HTTPS support; it includes patches from ungoogled-chromium and other privacy-focused projects. More info can be found on the official website.'
+ website="https://www.bromite.org/"
+ forum="https://forum.privacytools.io/t/discussion-bromite-browsers/1521"
+ github="https://github.com/bromite/bromite"
+ fdroid="https://www.bromite.org/fdroid"
+ android="https://www.bromite.org/#download-bromite"
+%}
+
+
Worth Mentioning for Android
+
+
+
+ Privacy Browser
+ - An open-source web browser focused on user privacy. Features include integrated ad blocking with EasyList, SSL certificate pinning, and Tor Orbot proxy support.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://play.google.com/store/apps/details?id=com.google.android.webview"
+ tooltip="Privacy Browser relies on the Android System WebView which needs to be kept up to date to fix security issues. One can update WebView by either installing it from Google Play or Aurora Store which you can get from F-Droid."
+ text="Keep WebView up-to-date"
+ %}
+
+
+
+
+
Browser Recommendations For iOS
+
+{% include cardv2.html
+ title="Firefox"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox is fast, reliable, open-source, and respects your privacy. Note: Because of limitations set by Apple in iOS, our recommended tweaks cannot be applied. However, Firefox for iOS has an Enhanced Tracking Protection feature that uses a list provided by Disconnect to identify and block ad, social, and analytics trackers, as well as cryptominers and fingerprinters.'
+ website="https://www.mozilla.org/en-US/firefox/mobile/"
+ privacy-policy="https://www.mozilla.org/en-US/privacy/firefox/"
+ forum="https://forum.privacytools.io/t/discussion-firefox/279"
+ github="https://github.com/mozilla-mobile/firefox-ios"
+ ios="https://apps.apple.com/us/app/firefox-private-safe-browser/id989804926"
+%}
+
+
+{% include cardv2.html
+ title="Onion Browser"
+ image="/assets/img/svg/3rd-party/onion_browser.svg"
+ description='Onion Browser is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the Tor Project. Warning: there are certain anonymity-related issues with Onion Browser due to iOS limitations.'
+ website="https://onionbrowser.com/"
+ privacy-policy="https://onionbrowser.com/privacy-policy"
+ forum="https://forum.privacytools.io/t/discussion-onion-browser-browsers/1523"
+ github="https://github.com/OnionBrowser/OnionBrowser"
+ ios="https://apps.apple.com/us/app/onion-browser/id519296448"
+%}
+
+
+{% include cardv2.html
+ title="DuckDuckGo Privacy Browser"
+ image="/assets/img/svg/3rd-party/duckduckgo.svg"
+ description='DuckDuckGo Privacy Browser is an open-source web browser that has built-in ad and tracker blocking and utilizes ToS;DR to rate the privacy policies of the sites you visit.'
+ website="https://duckduckgo.com/app"
+ privacy-policy="https://duckduckgo.com/privacy"
+ tor="https://3g2upl4pq6kufc4m.onion/app"
+ forum="https://forum.privacytools.io/t/discussion-duckduckgo-privacy-browser-browsers/1524"
+ github="https://github.com/duckduckgo/iOS"
+ ios="https://apps.apple.com/us/app/duckduckgo-privacy-browser/id663592361"
+%}
+
+
Worth Mentioning for iOS
+
+
+
+ SnowHaze
+ - An open-source web browser with built-in ad, tracker, cookie, and fingerprint blocking, all customizable on a per-site basis.
+
+
diff --git a/_includes/sections/browser-tweaks.html b/_includes/sections/browser-tweaks.html
new file mode 100644
index 00000000..9b69d737
--- /dev/null
+++ b/_includes/sections/browser-tweaks.html
@@ -0,0 +1,134 @@
+
Firefox: Privacy Related "about:config" Tweaks
+
+
This is a collection of privacy-related about:config tweaks. We'll show you how to enhance the privacy of your Firefox browser.
+
+
Preparation:
+
+
+
Enter "about:config" in the firefox address bar and press enter.
+
Press the button "Accept the Risk and Continue" [FF71+] or "I accept the risk".
+
Copy and paste each of the preferences below (for example "webgl.disabled") into the search bar, and set each of them to the stated value (such as "true").
+
+
+
Getting started:
+
+
+
privacy.firstparty.isolate = true
+
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)
+
+
privacy.resistFingerprinting = true
+
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
This is Mozilla's new built-in tracking protection. One of it's benefits is blocking tracking (i.e. Google Analytics) on privileged pages where add-ons that usually do that are disabled.
+
+
browser.send_pings = false
+
The attribute would be useful for letting websites track visitors' clicks.
+
+
browser.urlbar.speculativeConnect.enabled = false
+
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. Source
+
+
+
dom.event.clipboardevents.enabled = false
+
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
+
+
media.eme.enabled = false
+
+
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. Details
+
DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.
+
+
+
media.gmp-widevinecdm.enabled = false
+
Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. Details
+
+
media.navigator.enabled = false
+
Websites can track the microphone and camera status of your device.
+
+
network.cookie.cookieBehavior = 1
+
+ Disable cookies
+
+
0 = Accept all cookies by default
+
1 = Only accept from the originating site (block third-party cookies)
+
2 = Block all cookies by default
+
+
+
+
+
+
network.http.referer.XOriginPolicy = 2
+
+ Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.) Source
+
+
0 = Send Referer in all cases
+
1 = Send Referer to same eTLD sites
+
2 = Send Referer only when the full hostnames match
+
+
+
+
network.http.referer.XOriginTrimmingPolicy = 2
+
+ When sending Referer across origins, only send scheme, host, and port in the Referer header of cross-origin requests. Source
+
Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. Details
+
+
Disable Firefox prefetching pages it thinks you will visit next:
+
+ Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details here and here.
+
+
network.dns.disablePrefetch = true
+
network.dns.disablePrefetchFromHTTPS = true
+
network.predictor.enabled = false
+
network.predictor.enable-prefetch = false
+
network.prefetch-next = false
+
+
+
network.IDN_show_punycode = true
+
Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. Source
arkenfox user.js (formerly ghacks-user.js) - An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting.
diff --git a/_includes/sections/browser-webrtc.html b/_includes/sections/browser-webrtc.html
new file mode 100644
index 00000000..3b2fc636
--- /dev/null
+++ b/_includes/sections/browser-webrtc.html
@@ -0,0 +1,58 @@
+
WebRTC IP Leak Test - Is your IP address leaking?
+
+
+ WebRTC is a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN.
+
+
+
While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe. Note: This disables browser-based call functionality that is used for webapps like Discord, Hangouts, Jitsi, etc.
Safari is far stricter with WebRTC than other major browsers, and it does not leak your IP address in its default configuration. If you'd like, you can follow these steps just to double-check your browser:
+
+
+
Choose "Preferences" under the Safari menu in your menu bar.
+
Select the Advanced tab and check the "Show Develop menu in menu bar" box.
+
Exit Preferences and open the Develop menu in your menu bar.
+
In the drop-down menu, open the "WebRTC" submenu and ensure "Enable Legacy WebRTC API" is unchecked. If it's grayed out, even better.
+
+
+
How to disable WebRTC in Google Chrome?
+
+
WebRTC cannot be fully disabled in Chrome; however, it is possible to change its routing settings (and prevent leaks) using an extension. Two open-source solutions include WebRTC Leak Prevent (options may need to be changed depending on the scenario), and uBlock Origin (select "Prevent WebRTC from leaking local IP addresses" in Settings).
diff --git a/_includes/sections/calendar-contacts-sync.html b/_includes/sections/calendar-contacts-sync.html
new file mode 100644
index 00000000..71940410
--- /dev/null
+++ b/_includes/sections/calendar-contacts-sync.html
@@ -0,0 +1,69 @@
+
Calendar and Contacts Sync
+
+
+ If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud, you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Nextcloud"
+ image="/assets/img/svg/3rd-party/nextcloud.svg"
+ description="Nextcloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
+ website="https://nextcloud.com/"
+ privacy-policy="https://nextcloud.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud-calender-contacts-sync-tools/1535"
+ github="https://github.com/nextcloud"
+ windows="https://nextcloud.com/install/"
+ linux="https://nextcloud.com/install/"
+ mac="https://nextcloud.com/install/"
+ freebsd="https://www.freshports.org/deskutils/nextcloudclient/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ android="https://nextcloud.com/install/"
+ ios="https://nextcloud.com/install/"
+%}
+
+{%
+ include cardv2.html
+ title="EteSync"
+ image="/assets/img/svg/3rd-party/etesync.svg"
+ description="EteSync is a secure, end-to-end encrypted, and privacy-respecting cloud backup and synchronization software for your personal information (e.g. contacts and calendars). There are native clients for Android, iOS, and the web, and an adapter layer for most desktop clients. It costs $24 per year to use, or you can host the server yourself for free."
+ website="https://www.etesync.com/"
+ privacy-policy="https://www.etesync.com/tos/#privacy"
+ forum="https://forum.privacytools.io/t/discussion-etesync-calender-contacts-sync-tools/1536"
+ github="https://github.com/etesync"
+ web="https://client.etesync.com/"
+ windows="https://www.etesync.com/install/dav/"
+ mac="https://www.etesync.com/install/dav/"
+ linux="https://www.etesync.com/install/dav/"
+ freebsd="https://www.etesync.com/install/dav/"
+ openbsd="https://www.etesync.com/install/dav/"
+ netbsd="https://www.etesync.com/install/dav/"
+ fdroid="https://f-droid.org/packages/com.etesync.syncadapter/"
+ googleplay="https://play.google.com/store/apps/details?id=com.etesync.syncadapter"
+ ios="https://www.etesync.com/install/ios/"
+%}
+
+{%
+ include cardv2.html
+ title="Email Providers"
+ image="/assets/img/svg/layout/email.svg"
+ description='Many email providers also offer calendar and or contacts sync services. Refer to our Email Provider recommendations to choose an email provider and see if they also offer calendar and/or contacts sync.'
+ website="/providers/email"
+%}
+
+
Worth Mentioning
+
+
+
+ fruux - A unified contacts/calendaring system that works across platforms and devices.
+
+
+
+ Cloud backups - Consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after encrypting them).
+
+
+
+ DecSync - DecSync can be used to synchronize RSS, contacts, and calendars without a server by using file synchronization software such as Syncthing.
+
+
diff --git a/_includes/sections/cloud-storage.html b/_includes/sections/cloud-storage.html
new file mode 100644
index 00000000..252c6746
--- /dev/null
+++ b/_includes/sections/cloud-storage.html
@@ -0,0 +1,31 @@
+
Encrypted Cloud Storage Services
+
+
+ If you are currently using Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Nextcloud - Choose your hoster"
+ image="/assets/img/svg/3rd-party/nextcloud.svg"
+ description="Nextcloud is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control. The only limits on storage and bandwidth are the limits on the server provider you choose."
+ website="https://nextcloud.com/"
+ privacy-policy="https://nextcloud.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud/287"
+ windows="https://nextcloud.com/install/#install-clients"
+ mac="https://nextcloud.com/install/#install-clients"
+ linux="https://nextcloud.com/install/#install-clients"
+ freebsd="https://www.freshports.org/www/nextcloud/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ fdroid="https://f-droid.org/packages/com.nextcloud.client/"
+ googleplay="https://play.google.com/store/apps/details?id=com.nextcloud.client"
+ ios="https://itunes.apple.com/us/app/nextcloud/id1125420102"
+ github="https://github.com/nextcloud"
+%}
+
+
Worth Mentioning
+
+
+
Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration. {% include badge.html color="warning" tooltip="Cryptomator's mobile apps are not open-source." link="https://github.com/cryptomator/cryptomator-android/issues/1#issuecomment-257979375" icon="fas fa-exclamation-triangle" %}
+
CryptPad - Free and end-to-end encrypted real time collaboration sharing folders, media, and documents.
+
diff --git a/_includes/sections/decentralized-video.html b/_includes/sections/decentralized-video.html
new file mode 100644
index 00000000..6893b395
--- /dev/null
+++ b/_includes/sections/decentralized-video.html
@@ -0,0 +1,14 @@
+
Decentralized Video Platforms
+
+
+ If you are currently using a platform like YouTube or Vimeo, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="PeerTube"
+ image="/assets/img/svg/3rd-party/peertube.svg"
+ description='PeerTube, developed by Framasoft, is a free and decentralized alternative to video platforms, with over 400,000 videos published by over 50,000 users and viewed over 10 million times. If you are looking for a server to join, you are welcome to join our hosted instance: tube.privacytools.io'
+ website="https://joinpeertube.org"
+ github="https://github.com/Chocobozzz/PeerTube"
+ web="https://joinpeertube.org/#what-is-peertube"
+%}
diff --git a/_includes/sections/dns.html b/_includes/sections/dns.html
new file mode 100644
index 00000000..aa89c5f8
--- /dev/null
+++ b/_includes/sections/dns.html
@@ -0,0 +1,668 @@
+
+ Encrypted DNS Resolvers
+
+
+
+ DNS-over-HTTPS, DNS-over-TLS, and DNSCrypt resolvers will not make you anonymous. Using Anonymized DNSCrypt hides only your DNS traffic from your Internet Service Provider. However, using any of these protocols will prevent DNS hijacking, and make your DNS requests harder for third parties to eavesdrop on and tamper with. If you are currently using Google's DNS resolver, you should pick an alternative here. See the definitions below.
+
+
+
+ Encrypted DNS Client Recommendations for Desktop
+
+
+{%
+ include cardv2.html
+ title="Unbound"
+ image="/assets/img/svg/3rd-party/unbound.svg"
+ description='A validating, recursive, caching DNS resolver, supporting DNS-over-TLS, and has been independently audited.'
+ website="https://nlnetlabs.nl/projects/unbound/about/"
+ forum="https://forum.privacytools.io/t/discussion-unbound/3563"
+ github="https://github.com/NLnetLabs/unbound"
+%}
+
+{%
+ include cardv2.html
+ title="dnscrypt-proxy"
+ image="/assets/img/svg/3rd-party/dnscrypt-proxy.svg"
+ description='A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and Anonymized DNSCrypt, a relay-based protocol that the hides client IP address.'
+ website="https://github.com/DNSCrypt/dnscrypt-proxy/wiki"
+ forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
+ github="https://github.com/DNSCrypt/dnscrypt-proxy"
+%}
+
+{%
+ include cardv2.html
+ title="Stubby"
+ image="/assets/img/png/3rd-party/stubby.png"
+ description='An application that acts as a local DNS-over-TLS stub resolver. Stubby can be used in combination with Unbound by managing the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections) with Unbound providing a local cache.'
+ website="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby"
+ forum="https://forum.privacytools.io/t/discussion-stubby/3582"
+ github="https://github.com/getdnsapi/stubby"
+%}
+
+{%
+ include cardv2.html
+ title="Firefox's built-in DNS-over-HTTPS resolver"
+ image="/assets/img/svg/3rd-party/firefox_browser.svg"
+ description='Firefox comes with built-in DNS-over-HTTPS support for NextDNS and Cloudflare but users can manually use any other DoH resolver.'
+ labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.cloudflare.com/1.1.1.1/privacy/firefox::text==Warning::tooltip==Cloudflare logs a limited amount of data about the DNS requests that are sent to their custom resolver for Firefox."
+ website="https://support.mozilla.org/en-US/kb/firefox-dns-over-https"
+ privacy-policy="https://wiki.mozilla.org/Security/DOH-resolver-policy"
+ forum="https://forum.privacytools.io/t/discussion-firefox-s-built-in-dns-over-https-resolver/3564"
+%}
+
+
+
+
+ Encrypted DNS Client Recommendations for Android
+
+
+{%
+ include cardv2.html
+ title="Android 9's built-in DNS-over-TLS resolver"
+ image="/assets/img/svg/3rd-party/android.svg"
+ description="Android 9 (Pie) comes with built-in DNS-over-TLS support without the need for a 3rd-party application."
+ labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.google.com/speed/public-dns/docs/using#android_9_pie_or_later::text==Warning::tooltip==Android 9's DoT settings have no effect when used concurrently with VPN-based apps which override the DNS."
+ website="https://support.google.com/android/answer/9089903#private_dns"
+ forum="https://forum.privacytools.io/t/discussion-android-9s-built-in-dns-over-tls-resolver/3562"
+%}
+
+{%
+ include cardv2.html
+ title="Nebulo"
+ image="/assets/img/png/3rd-party/nebulo.png"
+ description='An open-source Android client supporting DNS-over-HTTPS and DNS-over-TLS, caching DNS responses, and locally logging DNS queries.'
+ website="https://git.frostnerd.com/PublicAndroidApps/smokescreen/-/blob/master/README.md"
+ privacy-policy="https://smokescreen.app/privacypolicy"
+ forum="https://forum.privacytools.io/t/discussion-nebulo/3565"
+ fdroid="https://git.frostnerd.com/PublicAndroidApps/smokescreen#f-droid"
+ googleplay="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen"
+ source="https://git.frostnerd.com/PublicAndroidApps/smokescreen"
+%}
+
+
+
+
+ Encrypted DNS Client Recommendations for iOS
+
+
+{%
+ include cardv2.html
+ title="DNSCloak"
+ image="/assets/img/png/3rd-party/dnscloak.png"
+ description='An open-source iOS client supporting DNS-over-HTTPS, DNSCrypt, and dnscrypt-proxy options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can add custom resolvers by DNS stamp.'
+ website="https://github.com/s-s/dnscloak/blob/master/README.md"
+ privacy-policy="https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view"
+ forum="https://forum.privacytools.io/t/discussion-dnscloak/3566"
+ ios="https://apps.apple.com/app/id1452162351"
+ github="https://github.com/s-s/dnscloak"
+%}
+
+
+ In iOS, iPadOS, tvOS 14 and macOS 11, DoT and DoH were introduced. DoT and DoH are supported natively by installation of profiles (through mobileconfig files opened in Safari).
+ After installation, the encrypted DNS server can be selected in Settings → General → VPN and Network → DNS.
+
+ A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
+
+
+
DNS-over-HTTPS (DoH)
+
+ Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
+
+
+
DNSCrypt
+
+ With an open specification, DNSCrypt is an older, yet robust method for encrypting DNS.
+
+
+
Anonymized DNSCrypt
+
+ A lightweight protocol that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by dnscrypt-proxy and a limited number of relays.
+
diff --git a/_includes/sections/email-clients.html b/_includes/sections/email-clients.html
new file mode 100644
index 00000000..3b79f346
--- /dev/null
+++ b/_includes/sections/email-clients.html
@@ -0,0 +1,99 @@
+
Desktop Email Clients
+
+{% include cardv2.html
+ title="Thunderbird"
+ image="/assets/img/svg/3rd-party/thunderbird.svg"
+ description="Thunderbird is a free, open source, cross-platform email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client developed by the Thunderbird community, and previously by the Mozilla Foundation."
+ website="https://www.thunderbird.net/"
+ privacy-policy="https://www.mozilla.org/privacy/thunderbird/"
+ forum="https://forum.privacytools.io/t/discussion-thunderbird/659"
+ source="https://hg.mozilla.org/comm-central/"
+ windows="https://www.thunderbird.net"
+ mac="https://www.thunderbird.net"
+ linux="https://www.thunderbird.net/"
+ freebsd="https://www.freshports.org/mail/thunderbird/"
+ openbsd="http://openports.se/mail/mozilla-thunderbird"
+ netbsd="http://pkgsrc.se/mail/thunderbird"
+%}
+
+{% include cardv2.html
+ title="Mailpile"
+ image="/assets/img/svg/3rd-party/mailpile.svg"
+ description="Mailpile is a free, community funded, open source email client with user-friendly encryption and privacy features."
+ website="https://www.mailpile.is/"
+ privacy-policy="https://www.mailpile.is/privacy.html"
+ tor="clgs64523yi2bkhz.onion"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/mailpile/Mailpile"
+ linux="https://www.mailpile.is/download/linux.html"
+%}
+
+{% include cardv2.html
+ title="Mailvelope"
+ image="/assets/img/svg/3rd-party/mailvelope.svg"
+ description="Mailvelope is a browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard."
+ website="https://www.mailvelope.com/en"
+ privacy-policy="https://www.mailvelope.com/en/privacy-policy"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/mailvelope/mailvelope"
+ firefox="https://addons.mozilla.org/firefox/addon/mailvelope/"
+ chrome="https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke?hl"
+ edge="https://microsoftedge.microsoft.com/addons/detail/mailvelope/dgcbddhdhjppfdfjpciagmmibadmoapc"
+%}
+
+
Worth Mentioning
+
+
+
NeoMutt - NeoMutt is an open-source command line mail reader (or MUA) for Linux and BSD. It’s a fork of Mutt with added features.
+
+
+
+
+
Mobile Email Clients
+
+
Android Email Clients
+
+{% include cardv2.html
+ title="FairEmail"
+ image="/assets/img/svg/3rd-party/fairemail.svg"
+ description="FairEmail is a minimal, open source email app, using open standards (IMAP, SMTP, OpenPGP) with a low data and battery usage."
+ website="https://email.faircode.eu/"
+ privacy-policy="https://github.com/M66B/FairEmail/blob/master/PRIVACY.md"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/M66B/FairEmail"
+ fdroid="https://f-droid.org/en/packages/eu.faircode.email/"
+ googleplay="https://play.google.com/store/apps/details?id=eu.faircode.email"
+%}
+
+{% include cardv2.html
+ title="K-9 Mail"
+ image="/assets/img/svg/3rd-party/k9mail.svg"
+ description="K-9 Mail is an independent mail application that supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP."
+ website="https://k9mail.app/"
+ privacy-policy="https://k9mail.app/privacy"
+ forum="https://forum.privacytools.io/t/"
+ github="https://github.com/k9mail"
+ fdroid="https://f-droid.org/packages/com.fsck.k9/"
+ googleplay="https://play.google.com/store/apps/details?id=com.fsck.k9"
+%}
+
+
iOS Email Clients
+
+{% include cardv2.html
+ title="Canary Mail"
+ image="/assets/img/svg/3rd-party/canarymail.svg"
+ labels="color==warning::link==https://canarymail.io/faq.html::text==Closed source::tooltip==The source programming code for Canary Mail is not available. Canary Mail is a proprietary application."
+ description="Canary Mail is a paid email client designed to make end-to-end encryption seamless with security features such as a biometric app lock."
+ website="https://canarymail.io/"
+ privacy-policy="https://canarymail.io/privacy.html"
+ forum="https://forum.privacytools.io/t/"
+ ios="https://apps.apple.com/us/app/canary-mail/id1236045954"
+%}
+
+
+
Worth Mentioning
+
+
+
Letterbox - Letterbox is a free open-source mail client for iOS made as a part of an ongoing research project at the Freie Universität Berlin, Germany.
+
+
diff --git a/_includes/sections/email-providers.html b/_includes/sections/email-providers.html
new file mode 100644
index 00000000..ae636377
--- /dev/null
+++ b/_includes/sections/email-providers.html
@@ -0,0 +1,237 @@
+
Recommended Email Services
+
+
+ Our recommended providers operate outside of the US, adopt modern email technology, and meet our other criteria for listing. We also have a detailed comparison table of the below providers on the wiki.
+
+
+
+
+
+
+
+
+
+
ProtonMail {% include badge.html color="info" text="Free" %}
+
ProtonMail.com is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since 2013. ProtonMail is based in Genève, Switzerland. Accounts start with 500 MB storage with their free plan.
+
+
Free accounts have some limitations and do not allow the use of the ProtonMail Bridge, which is required to use a recommended email client (e.g. Thunderbird) or to search email by body text. Paid accounts are available starting at €48/y which include features like ProtonMail Bridge, additional storage, custom domain support, and more. The webmail and mobile apps can only search To:, From:, Date: and Subject: (this is likely to change when v4.0 of ProtonMail is released).
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
+
Paid ProtonMail users can use their own domain with the service. Catch-all addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports subaddressing, which is useful for users who don't want to purchase a domain.
+
+
{% include badge.html color="success" text="Payment Methods" %}
+
ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.
+
+
{% include badge.html color="success" text="Account Security" %}
{% include badge.html color="success" text="Email Encryption" %}
+
ProtonMail has integrated OpenPGP encryption in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to encrypt messages to non-ProtonMail users without the need for them to sign up for a ProtonMail account or use software like OpenPGP.
+
ProtonMail also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.
+
+
{% include badge.html color="success" text=".onion Service" %}
{% include badge.html color="info" text="Extra Functionality" %}
+
ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.
+
+
+
+
+
+
+
+
Mailbox.org {% include badge.html color="info" text="€12/y" %}
+
Mailbox.org is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since 2014. Mailbox.org is based in Berlin, Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
+
Mailbox.org lets users use their own domain and they support catch-all addresses. Mailbox.org also supports subaddressing, which is useful for users who don't want to purchase a domain.
+
+
{% include badge.html color="warning" text="Payment Methods" %}
+
Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.
+
+
{% include badge.html color="success" text="Account Security" %}
{% include badge.html color="warning" text="Data Security" %}
+
Mailbox.org allows for encryption of incoming mail using their encrypted mailbox. New messages that you receive will then be immediately encrypted with your public key.
+
However, Open-Exchange, the software platform used by Mailbox.org, does not support the encryption of your address book and calendar. A standalone option may be more appropriate for that information.
+
+
{% include badge.html color="success" text="Email Encryption" %}
+
Mailbox.org has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow remote recipients to decrypt an email on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
+
Mailbox.org also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.
+
+
{% include badge.html color="warning" text=".onion Service" %}
+
You can access your Mailbox.org account via IMAP/SMTP using their .onion service. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
+
All accounts come with limited cloud storage that can be encrypted. Mailbox.org also offers the alias @secure.mailbox.org, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports Exchange ActiveSync in addition to standard access protocols like IMAP and POP3.
+
+
+
+
+
+
+
+
Posteo {% include badge.html color="info" text="€12/y" %}
+
Posteo.de is an email provider that focuses on anonymous, secure, and private email. Their servers are powered by 100% sustainable energy. They have been in operation since 2009. Posteo is based in Germany and has a free 14-day trial. Posteo comes with 2 GB for the monthly cost and an extra gigabyte can be purchased for €0.25 per month.
+
+
{% include badge.html color="warning" text="Domains and Aliases" %}
{% include badge.html color="warning" text="Payment Methods" %}
+
Posteo does not accept Bitcoin or other cryptocurrencies as a form of payment, however they do accept cash-by-mail. They also accept credit/debit cards, bank transfers, and PayPal, and remove PII (personally identifiable information) that they receive in connection with these payment methods.
+
+
{% include badge.html color="success" text="Account Security" %}
{% include badge.html color="success" text="Email Encryption" %}
+
Posteo has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also support the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Posteo to find the OpenPGP keys of Posteo users easily, for cross-provider E2EE.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
Posteo does not operate a .onion service.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
Disroot {% include badge.html color="info" text="Free" %}
+
Disroot offers email amongst other services. The service is maintained by volunteers and its community. They have been in operation since 2015. Disroot is based in Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
+
Disroot lets users use their own domain. They have aliases, however you must manually apply for them.
+
+
{% include badge.html color="success" text="Payment Methods" %}
+
Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.
+
+
{% include badge.html color="success" text="Account Security" %}
+
Disroot supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
+
+
{% include badge.html color="warning" text="Data Security" %}
+
Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.
+
Disroot also uses the standard CalDAV and CardDAV protocols for calendars and contacts, which do not support E2EE. A standalone option may be more appropriate.
+
+
{% include badge.html color="success" text="Email Encryption" %}
+
Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a Web Key Directory (WKD) for users on their platform.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
Disroot does not operate a .onion service.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
+
They offer other services such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app available in F-Droid.
+
+
+
+
+
+
+
+
Tutanota {% include badge.html color="info" text="Free" %}
+
Tutanota.com is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since 2011 and is based in Hanover, Germany. Accounts start with 1GB storage with their free plan.
Tutanota does have plans to support AutoCrypt. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
Tutanota does not operate a .onion service but may consider it in the future.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
Tutanota also has a business feature called Secure Connect. This ensures customer contact to the business uses E2EE. The feature costs €240/y.
+
+
+
+
+
+
+
+
StartMail {% include badge.html color="info" text="Personal USD $59.95/y" %}
+
StartMail.com is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since 2014 and is based in Boulevard 11, Zeist Netherlands. Accounts start with 10GB. They offer a 30-day trial.
+
+
{% include badge.html color="success" text="Domains and Aliases" %}
{% include badge.html color="warning" text="Payment Methods" %}
+
StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other payment options such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.
+
+
{% include badge.html color="success" text="Account Security" %}
+
StartMail supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
+
+
{% include badge.html color="warning" text="Data Security" %}
+
StartMail has zero access encryption at rest, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.
+
+
StartMail supports importing contacts however, they are only accessible in the webmail and not through protocols such as CalDAV. Contacts are also not stored using zero knowledge encryption, so a standalone option may be more appropriate.
+
+
{% include badge.html color="success" text="Email Encryption" %}
+
StartMail has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys.
+
+
{% include badge.html color="danger" text=".onion Service" %}
+
StartMail does not operate a .onion service.
+
+
{% include badge.html color="info" text="Extra Functionality" %}
+
StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.
+
+
+
diff --git a/_includes/sections/email-warning.html b/_includes/sections/email-warning.html
new file mode 100644
index 00000000..ac524a13
--- /dev/null
+++ b/_includes/sections/email-warning.html
@@ -0,0 +1,10 @@
+
+
+
Warning
+
+
When using end-to-end encryption (E2EE) technology like OpenPGP, email will still have some metadata that is not encrypted in the header of the email. Read more about email metadata.
+
OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. How do I protect my private keys?
+
Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.
diff --git a/_includes/sections/file-encryption.html b/_includes/sections/file-encryption.html
new file mode 100644
index 00000000..dc85b5df
--- /dev/null
+++ b/_includes/sections/file-encryption.html
@@ -0,0 +1,80 @@
+
File Encryption Software
+
+
+ If you are currently not using encryption software for your hard disk, emails, or file archives, you should pick one here.
+
+
+{%
+ include cardv2.html
+ title="VeraCrypt - Disk Encryption"
+ image="/assets/img/svg/3rd-party/veracrypt.svg"
+ image-dark="/assets/img/svg/3rd-party/veracrypt-dark.svg"
+ description="VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed."
+ website="https://veracrypt.fr/"
+ forum="https://forum.privacytools.io/t/discussion-veracrypt-file-encryption/1532"
+ git="https://www.veracrypt.fr/code/"
+ windows="https://www.veracrypt.fr/en/Downloads.html"
+ linux="https://www.veracrypt.fr/en/Downloads.html"
+ mac="https://www.veracrypt.fr/en/Downloads.html"
+%}
+
+{%
+ include cardv2.html
+ title="GNU Privacy Guard - Email Encryption"
+ image="/assets/img/svg/3rd-party/gnupg.svg"
+ description="GnuPG is a GPL-licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government."
+ website="https://gnupg.org/"
+ privacy-policy="https://gnupg.org/privacy-policy.html"
+ forum="https://forum.privacytools.io/t/discussion-gnupg-file-encryption/1533"
+ git="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git"
+ windows="https://gpg4win.org/download.html"
+ linux="https://gnupg.org/download/index.html#binary"
+ freebsd="https://www.freshports.org/security/gnupg/"
+ openbsd="http://openports.se/security/gnupg"
+ netbsd="http://pkgsrc.se/security/gnupg"
+ mac="https://gpgtools.org/"
+ fdroid="https://f-droid.org/app/org.sufficientlysecure.keychain"
+ googleplay="https://play.google.com/store/apps/details?id=org.sufficientlysecure.keychain"
+%}
+
+{%
+ include cardv2.html
+ title="7 Zip"
+ image="/assets/img/svg/3rd-party/7zip.svg"
+ description='7-Zip is a free and open-source file archiver, a utility used to place groups of files within compressed containers. On Linux, MacOS etc. the command-line tool p7zip is used and integrates into various interfaces such as FileRoller, Xarchiver, Ark.'
+ website="https://7-zip.org"
+ forum="https://forum.privacytools.io/t/discussion-7-zip/3024"
+ source="https://sourceforge.net/projects/sevenzip/files/"
+ windows="https://7-zip.org/download.html"
+ linux="https://sourceforge.net/projects/p7zip/files"
+ freebsd="https://www.freshports.org/archivers/p7zip"
+ openbsd="https://sourceforge.net/projects/p7zip"
+ netbsd="https://sourceforge.net/projects/p7zip"
+%}
+
+
Worth Mentioning
+
+
+
+ Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
+ {% include badge.html
+ color="warning"
+ text="Closed source"
+ icon="fas fa-exclamation-triangle"
+ link="https://github.com/cryptomator/cryptomator-android/issues/1#issuecomment-257979375"
+ tooltip="Cryptomator's mobile apps are not open-source."
+ %}
+
+
Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
+
Tomb - A simple zsh script for making LUKS containers on the commandline.
+
Hat.sh - A cross-platform, serverless JavaScript web application that provides secure file encryption using the AES-256-GCM algorithm in your browser. It can also be downloaded and run offline.
+
+ Kryptor is a file encryption program for Windows, MacOS, and Linux.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ text="Beta"
+ tooltip="As Kryptor is still in beta, it may not be stable."
+ %}
+
+
diff --git a/_includes/sections/file-sharing.html b/_includes/sections/file-sharing.html
new file mode 100644
index 00000000..68336e02
--- /dev/null
+++ b/_includes/sections/file-sharing.html
@@ -0,0 +1,46 @@
+
File Sharing
+
+{% include cardv2.html
+ title="OnionShare"
+ image="/assets/img/svg/3rd-party/onionshare.svg"
+ website="https://onionshare.org/"
+ tor="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/"
+ description="OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files."
+ forum="https://forum.privacytools.io/t/discussion-onionshare/754"
+ github="https://github.com/micahflee/onionshare"
+ windows="https://onionshare.org/#downloads"
+ mac="https://onionshare.org/#downloads"
+ linux="https://onionshare.org/#downloads"
+ freebsd="https://www.freshports.org/www/onionshare/"
+ openbsd="http://openports.se/net/onionshare"
+%}
+
+{% include cardv2.html
+ title="Magic Wormhole"
+ image="/assets/img/png/3rd-party/magic_wormhole.png"
+ website="https://magic-wormhole.readthedocs.io"
+ description="Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: \"Get things from one computer to another, safely.\""
+ forum="https://forum.privacytools.io/t/discussion-magic-wormhole/756"
+ github="https://github.com/warner/magic-wormhole"
+ windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ freebsd="https://www.freshports.org/net/py-magic-wormhole/"
+ openbsd="https://pypi.org/project/magic-wormhole/"
+ netbsd="https://pypi.org/project/magic-wormhole/"
+%}
+
+
Worth Mentioning
+
+
+
FramaDrop - Stores a file of any size for 24h. Data is end-to-end encrypted from your browser, powered by LuFi.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://framasoft.org/en/cgu/"
+ tooltip="FramaDrop logs IP addresses and fingerprints the browser for an unclear amount of time."
+ %}
+
+
croc - Easily and securely send arbitrary-sized files from one computer to another. Similar to Magic Wormhole but without dependencies.
+
FreedomBox - Designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or XMPP server, to a wiki, or VPN.
+
diff --git a/_includes/sections/file-sync.html b/_includes/sections/file-sync.html
new file mode 100644
index 00000000..bdf50f45
--- /dev/null
+++ b/_includes/sections/file-sync.html
@@ -0,0 +1,29 @@
+
+
+{%
+ include cardv2.html
+ title="Syncthing"
+ image="/assets/img/svg/3rd-party/syncthing.svg"
+ description="Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third-party, and how it is transmitted over the Internet."
+ website="https://syncthing.net/"
+ forum="https://forum.privacytools.io/t/discussion-syncthing/1627/2"
+ github="https://github.com/syncthing?type=source"
+ windows="https://github.com/syncthing/syncthing-gtk/releases/latest"
+ linux="https://github.com/syncthing/syncthing-gtk/releases/latest"
+ mac="https://github.com/syncthing/syncthing-macos/releases/latest"
+ fdroid="https://f-droid.org/packages/com.github.catfriend1.syncthingandroid/"
+ googleplay="https://play.google.com/store/apps/details?id=com.github.catfriend1.syncthingandroid"
+%}
+
+
Worth Mentioning
+
+
+
+ git-annex - Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle, whether due to limitations in memory, time, or disk space.
+
+
diff --git a/_includes/sections/fourteen-eyes.html b/_includes/sections/fourteen-eyes.html
new file mode 100644
index 00000000..5b4c6e67
--- /dev/null
+++ b/_includes/sections/fourteen-eyes.html
@@ -0,0 +1,45 @@
+
Global Mass Surveillance - The Fourteen Eyes
+
+
+
+
The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence. Members of this group, known as the Five Eyes, focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to not spy on each other as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each other's citizens and share intelligence to avoid breaking domestic laws that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third-party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes); however, Five Eyes and third-party countries can and do spy on each other.
You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. {{ site.name }} provides services, tools and knowledge to protect your privacy against global mass surveillance.
+
+
+
diff --git a/_includes/sections/hosting-provider.html b/_includes/sections/hosting-provider.html
new file mode 100644
index 00000000..72d6cb58
--- /dev/null
+++ b/_includes/sections/hosting-provider.html
@@ -0,0 +1,23 @@
+
Secure Hosting Provider
+
+{% include cardv2.html
+ title="Data Center: Bahnhof"
+ image="/assets/img/svg/3rd-party/bahnhof.svg"
+ image-dark="/assets/img/svg/3rd-party/bahnhof-dark.svg"
+ description="Bahnhof is one of Sweden’s largest network operators, founded in 1994. They specialize in innovative data center construction: Extreme security coupled with low-cost green energy has made them world famous."
+ website="https://www.bahnhof.net/"
+ privacy-policy="https://bahnhof.se/filestorage/userfiles/file/PrivacyPolicy_Bahnhof.pdf"
+ forum="https://forum.privacytools.io/t/discussion-bahnhof-net/341"
+%}
+
+{% include cardv2.html
+ title="VPS & Domain: Njalla"
+ image="/assets/img/svg/3rd-party/njalla.svg"
+ image-dark="/assets/img/svg/3rd-party/njalla-dark.svg"
+ description="Njalla is a privacy-aware domain registration service and VPS provider based in Nevis (with VPS data centers in Sweden). It is created by people from The Pirate Bay and IPredator VPN. Accepted payments: Bitcoin, Litecoin, Monero, Zcash, DASH, Bitcoin Cash and PayPal."
+ website="https://njal.la/"
+ labels="color==warning::link==https://github.com/privacytools/privacytools.io/issues/1920::text==Warning::tooltip==Njalla blocks port 25 traffic."
+ tor="http://njalladnspotetti.onion"
+ forum="https://forum.privacytools.io/t/discussion-njalla/339"
+%}
+
diff --git a/_includes/sections/instant-messenger.html b/_includes/sections/instant-messenger.html
new file mode 100644
index 00000000..c0cc44d3
--- /dev/null
+++ b/_includes/sections/instant-messenger.html
@@ -0,0 +1,182 @@
+
+
+ Encrypted Instant Messengers
+
+
+
+ If you are currently using an Instant Messenger like Telegram, LINE, Viber, WhatsApp, or plain SMS, you should pick an alternative here.
+
+
We only recommend instant messenger programs or apps that support end-to-end encryption (E2EE). When E2EE is used, all transmissions (messages, voice, video, etc.) are encrypted before they are sent from your device. E2EE protects both the authenticity and confidentiality of the transmission as they pass through any part of the network (servers, etc.).
+
+
All the client programs/apps we chose are free and open-source software unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.
+
+
We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.
+
+
+
+ Centralized
+
+
+
Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.
+
+{%
+ include cardv2.html
+ title="Signal"
+ image="/assets/img/svg/3rd-party/signal.svg"
+ description='Signal is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Its protocol has also been indepedently audited (PDF)'
+ labels="color==warning::text==Requires phone number::tooltip==Signal requires your phone number as an personal identifier which means anyone you communicate with will see it.|text==VoIP"
+ website="https://signal.org/"
+ privacy-policy="https://signal.org/legal/"
+ forum="https://forum.privacytools.io/t/discussion-signal/664"
+ github="https://github.com/signalapp"
+ windows="https://signal.org/download/"
+ mac="https://signal.org/download/"
+ linux="https://signal.org/download/"
+ googleplay="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms"
+ android="https://signal.org/android/apk/#apk-danger"
+ ios="https://apps.apple.com/app/signal-private-messenger/id874139669"
+%}
+
+
+
+
+
Advantages
+
+
New features and changes can be implemented more quickly.
Being forbidden from connecting third-party clients to the centralized network that might provide for greater customization or better user experience. Often defined in Terms and Conditions of usage.
+
Poor or no documentation for third-party developers.
+
+
The ownership, privacy policy, and operations of the service can change easily when a single entity controls it, potentially compromising the service later on.
+
+
+
+
+
+
+
+
+ Federated
+
+
+
Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
+
+{%
+ include cardv2.html
+ title="Element"
+ image="/assets/img/svg/3rd-party/element.svg"
+ description='Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.'
+ labels="text==VoIP"
+ website="https://element.io"
+ privacy-policy="https://element.io/privacy"
+ forum="https://forum.privacytools.io/t/discussion-element-io/665"
+ github="https://github.com/vector-im/element-web"
+ windows="https://element.io/get-started"
+ mac="https://element.io/get-started"
+ linux="https://element.io/get-started"
+ fdroid="https://f-droid.org/packages/im.vector.app/"
+ googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
+ ios="https://apps.apple.com/app/vector/id1083446067"
+ web="https://app.element.io"
+%}
+
+
+
+
+
Advantages
+
+
Allows for greater control over your own data when running your own server.
+
Allows you to choose who to trust your data with by choosing between multiple "public" servers.
+
Often allows for third party clients which can provide a more native, customized, or accessible experience.
+
Generally a less juicy target for governments wanting backdoor access to everything as the trust is decentralized. The server may be hosted independently from the organization developing the software.
+
Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)
+
Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.
+
+
+
+
Disadvantages
+
+
Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
+
Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
+
Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.
+
Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.
Peer-to-Peer instant messengers connect directly to each other without requiring third-party servers. Clients (peers) usually find each other through the use of a distributed computing network. Examples of this include DHT (distributed hash table) (used with technologies like torrents and IPFS, for example). Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the Scuttlebutt social networking protocol). Once a peer has found a route to its contact via any of these methods, a direct connection between them is made.
+
+{%
+ include cardv2.html
+ title="Briar"
+ image="/assets/img/svg/3rd-party/briar.svg"
+ description="Encrypted instant messenger that connects to contacts via Wi-Fi, Bluetooth, or Tor over the internet to synchronize messages. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis."
+ website="https://briarproject.org"
+ privacy-policy="https://briarproject.org/privacy-policy/"
+ forum="https://forum.privacytools.io/t/discussion-briar/2114"
+ gitlab="https://code.briarproject.org/briar/briar"
+ fdroid="https://f-droid.org/packages/org.briarproject.briar.android/"
+ googleplay="https://play.google.com/store/apps/details?id=org.briarproject.briar.android"
+%}
+
+{%
+ include cardv2.html
+ title="Jami"
+ image="/assets/img/svg/3rd-party/jami.svg"
+ description="Encrypted instant messaging and video calling software. All communications are E2EE using TLS 1.3 and never stored elsewhere than on user's devices, even when TURN servers are used."
+ labels="color==warning::link==https://git.jami.net/savoirfairelinux/ring-project/issues/765::text==Warning::tooltip==This software is partially centralized but can be self-hosted.|text==VoIP"
+ website="https://jami.net/"
+ privacy-policy="https://jami.net/privacy-policy/"
+ forum="https://forum.privacytools.io/t/discussion-jami/2116"
+ gitlab="https://git.jami.net/savoirfairelinux"
+ windows="https://jami.net/download-jami-windows"
+ mac="https://jami.net/download-jami-macos"
+ linux="https://jami.net/download-jami-linux"
+ fdroid="https://f-droid.org/packages/cx.ring/"
+ googleplay="https://play.google.com/store/apps/details?id=cx.ring"
+ ios="https://itunes.apple.com/app/ring-a-gnu-package/id1306951055?mt=8"
+%}
+
+
+
+
+
Advantages
+
+
Minimal information is exposed to third parties.
+
Modern P2P platforms implement end-to-end encryption by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.
+
+
+
+
Disadvantages
+
+
Reduced feature set:
+
+
Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.
+
Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.
+
+
Your IP address and that of the contacts you're communicating with may be visible if you do not use the software in conjunction with a self contained network, such as Tor or I2P. Many countries have some form of mass surveillance and/or metadata retention.
+
+
+
+
diff --git a/_includes/sections/key-disclosure-law.html b/_includes/sections/key-disclosure-law.html
new file mode 100644
index 00000000..c51e857f
--- /dev/null
+++ b/_includes/sections/key-disclosure-law.html
@@ -0,0 +1,88 @@
+
Key Disclosure Law
+
+
Who is required to hand over the encryption keys to authorities?
+
+
Mandatory key disclosure laws require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.
Steganography involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).
* (people who know how to access a system may be ordered to share their knowledge, however, this doesn't apply to the suspect itself or family members.)
Why is it not recommended to choose a US-based service?
+
+
+
+
Services based in the United States are not recommended because of the country's surveillance programs and use of National Security Letters (NSLs) with accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to secretly force companies to grant complete access to customer data and transform the service into a tool of mass surveillance.
+
+
An example of this is Lavabit – a secure email service created by Ladar Levison. The FBI requested Snowden's records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service's SSL keys. Having the SSL keys would allow them to access
+communications (both metadata and unencrypted content) in real time for all of Lavabit's customers, not just Snowden's.
+
+
Ultimately, Levison turned over the SSL keys and shut down the service at the same time. The US government then threatened Levison with arrest, saying that shutting down the service was a violation of the court order.
diff --git a/_includes/sections/notebooks.html b/_includes/sections/notebooks.html
new file mode 100644
index 00000000..09fbafee
--- /dev/null
+++ b/_includes/sections/notebooks.html
@@ -0,0 +1,69 @@
+
Digital Notebook
+
+
+ If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Joplin"
+ image="/assets/img/svg/3rd-party/joplin.svg"
+ description="Joplin is a free, open-source, and fully-featured note-taking and to-do application which can handle a large number of markdown notes organized into notebooks and tags. It offers end-to-end encryption and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes."
+ website="https://joplinapp.org/"
+ privacy-policy="https://joplinapp.org/privacy/"
+ github="https://github.com/laurent22/joplin"
+ windows="https://joplinapp.org/#desktop-applications"
+ mac="https://joplinapp.org/#desktop-applications"
+ linux="https://joplinapp.org/#desktop-applications"
+ freebsd="https://www.npmjs.com/package/joplin"
+ googleplay="https://play.google.com/store/apps/details?id=net.cozic.joplin"
+ android="https://joplinapp.org/#mobile-applications"
+ ios="https://itunes.apple.com/us/app/joplin/id1315599797"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/joplin-web-clipper/"
+ chrome="https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek"
+%}
+
+{% include cardv2.html
+ title="Standard Notes"
+ image="/assets/img/svg/3rd-party/standard_notes.svg"
+ description='Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. It features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors. It has also been independently audited (PDF).'
+ website="https://standardnotes.org/"
+ privacy-policy="https://standardnotes.org/privacy"
+ github="https://github.com/standardnotes"
+ windows="https://standardnotes.org/#get-started"
+ mac="https://standardnotes.org/#get-started"
+ linux="https://standardnotes.org/#get-started"
+ ios="https://itunes.apple.com/us/app/standard-notes/id1285392450"
+ fdroid="https://f-droid.org/packages/com.standardnotes/"
+ googleplay="https://play.google.com/store/apps/details?id=com.standardnotes"
+ web="https://app.standardnotes.org/"
+%}
+
+{% include cardv2.html
+ title="Turtl"
+ image="/assets/img/svg/3rd-party/turtl.svg"
+ description="Turtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you're writing, Turtl keeps it all safe from everyone but you and those you share with."
+ website="https://turtlapp.com/"
+ privacy-policy="https://turtlapp.com/privacy/"
+ github="https://github.com/turtl"
+ windows="https://turtlapp.com/download/"
+ mac="https://turtlapp.com/download/"
+ linux="https://turtlapp.com/download/"
+ googleplay="https://play.google.com/store/apps/details?id=com.lyonbros.turtl"
+ android="https://turtlapp.com/download/"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/turtl-bookmarking/"
+ chrome="https://chrome.google.com/webstore/detail/turtl/dgcojenhfdjhieoglmiaheihjadlpcml"
+%}
+
+
Warning
+
+
+
Note: As of Dec 2018, Joplin does not support password/pin protection for the application itself or individual notes/notebooks. Data is still encrypted in transit and at sync location using your master key. See open issue.
+
+
+
Worth Mentioning
+
+
+
EteSync - Secure, end-to-end encrypted, and privacy respecting sync for your contacts, calendars, tasks and notes.
+
Paperwork - An open-source and self-hosted solution. For PHP / MySQL servers.
+
Org-mode - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system.
+
diff --git a/_includes/sections/operating-systems.html b/_includes/sections/operating-systems.html
new file mode 100644
index 00000000..cb30dec5
--- /dev/null
+++ b/_includes/sections/operating-systems.html
@@ -0,0 +1,86 @@
+
Introductory Operating Systems
+
+
+ If you are currently using an operating system that collects data like Windows 10, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Fedora Workstation"
+ image="/assets/img/svg/3rd-party/fedora.svg"
+ description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops. Fedora by default comes with the GNOME desktop environment, other desktop environments are also available.'
+ badges="info:Linux"
+ website="https://getfedora.org/"
+ privacy-policy="https://fedoraproject.org/wiki/Legal:PrivacyPolicy?rd=Legal/PrivacyPolicy"
+ git="https://src.fedoraproject.org/"
+%}
+
+{% include cardv2.html
+ title="Ubuntu"
+ image="/assets/img/svg/3rd-party/ubuntu.svg"
+ description='Ubuntu is a Linux distribution developed by Canonical Ltd. Ubuntu is a reliable and distribution that is user-friendly and can be run on desktops, servers, and IoT devices. Ubuntu uses GNOME as the default desktop environment, while other desktop environments are also available.'
+ badges="info:Linux"
+ website="https://ubuntu.com"
+ privacy-policy="https://ubuntu.com/legal/data-privacy"
+ git="https://launchpad.net/ubuntu"
+%}
+
+
Advanced Operating Systems
+
+
+ These options have advanced features and are unique in some way. These options will likely require the user to read technical background documentation.
+
+
+{% include cardv2.html
+ title="Alpine Linux"
+ image="/assets/img/svg/3rd-party/alpinelinux.svg"
+ description='Alpine Linux is a very minimal distribution designed to be secure and very resource efficient. Alpine Linux can run from RAM, and merge configuration files into the system on boot using Alpine local backup. Alpine Linux is often used on servers and in Linux containers.'
+ badges="info:Linux"
+ website="https://alpinelinux.org/"
+ privacy-policy="https://alpinelinux.org/privacy-policy.html"
+ gitlab="https://gitlab.alpinelinux.org"
+%}
+
+{% include cardv2.html
+ title="Arch Linux"
+ image="/assets/img/svg/3rd-party/archlinux.svg"
+ description='A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement.'
+ badges="info:Linux"
+ labels="color==success::link==https://tests.reproducible-builds.org/archlinux/archlinux.html::text==Reproducible builds"
+ website="https://www.archlinux.org/"
+ privacy-policy="https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy"
+ gitlab="https://gitlab.archlinux.org"
+%}
+
+{% include cardv2.html
+ title="Debian"
+ image="/assets/img/svg/3rd-party/debian.svg"
+ description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
+ badges="info:Linux"
+ labels="color==success::link==https://reproducible.debian.net::text==Reproducible builds"
+ website="https://www.debian.org/"
+ privacy-policy="https://www.debian.org/legal/privacy"
+ tor="http://sejnfjrq6szgca7v.onion"
+ gitlab="https://salsa.debian.org/qa/debsources"
+%}
+
+{% include cardv2.html
+ title="NixOS"
+ image="/assets/img/svg/3rd-party/nixos.svg"
+ description='NixOS is a Linux distribution with a unique approach to package and configuration management. Built on top of the Nix package manager, it is completely declarative, makes upgrading systems reliable, and has many other advantages.'
+ badges="info:Linux"
+ labels="color==success::link==https://r13y.com::text==Reproducible builds"
+ website="https://nixos.org"
+ privacy-policy="https://nixos.wiki/wiki/NixOS_Wiki:Privacy_policy"
+ github="https://github.com/NixOS"
+%}
+
+{% include cardv2.html
+ title="Qubes OS"
+ image="/assets/img/svg/3rd-party/qubes_os.svg"
+ description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
+ badges="info:Xen"
+ website="https://www.qubes-os.org/"
+ privacy-policy="https://www.qubes-os.org/privacy/"
+ github="https://github.com/QubesOS"
+ tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
+%}
diff --git a/_includes/sections/other-mobile-operating-systems.html b/_includes/sections/other-mobile-operating-systems.html
new file mode 100644
index 00000000..f1cb488d
--- /dev/null
+++ b/_includes/sections/other-mobile-operating-systems.html
@@ -0,0 +1,11 @@
+
Other Mobile Operating Systems
+
+{% include cardv2.html
+ title="Ubuntu Touch"
+ image="/assets/img/svg/3rd-party/ubuntu.svg"
+ description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported."
+ badges="info:Linux"
+ website="https://ubuntu-touch.io/"
+ privacy-policy="https://ubports.com/privacy"
+ github="https://github.com/ubports"
+%}
diff --git a/_includes/sections/participate.html b/_includes/sections/participate.html
new file mode 100644
index 00000000..674557a7
--- /dev/null
+++ b/_includes/sections/participate.html
@@ -0,0 +1,38 @@
+
+
Participate with suggestions and constructive criticism
+
+
+
It's important for a website like {{ site.name }} to stay up-to-date. Keep an eye on software updates for the applications listed on our site. Follow recent news about providers that we recommend. We try our best to keep up, but we're not perfect and the internet is changing fast. If you find an error, or you think a provider should not be listed here, or a qualified service provider is missing, or a browser plugin is not the best choice anymore, or anything else... Talk to us please. You can also find us on several Matrix rooms, primarily #general:privacytools.io. XMPP users can join there via #general#privacytools.io@matrix.org. When using our services, users should follow our Code of Conduct.
+
+
+
+ {% include card.html color="success"
+ title="Discourse & Reddit"
+ image="/assets/img/svg/3rd-party/discourse.svg"
+ url="https://forum.privacytools.io/"
+ website="Discourse"
+ extra_button='Reddit'
+ description='Join our Discourse community to stay up to date on privacy news or make suggestions!'
+ %}
+
+ {% include card.html color="primary"
+ title="Follow on Mastodon & Twitter"
+ image="/assets/img/svg/3rd-party/mastodon.svg"
+ url="https://social.privacytools.io/@privacytools"
+ website="Mastodon"
+ extra_button='Twitter'
+ description="Get the latest privacy-related updates from our Mastodon Feed. Follow us today!"
+ %}
+
+ {% include card.html color="warning"
+ title="Develop on GitHub"
+ font="fab fa-github"
+ url="https://github.com/privacytools/privacytools.io"
+ website="GitHub"
+ description="The complete website source code is available on GitHub. Join our developer team!"
+ extra_button='Contributor List'
+ %}
+
+
+
+
This is a community project aiming to deliver the best information available to improve privacy online. Thank you for participating. This project needs you.
diff --git a/_includes/sections/password-managers.html b/_includes/sections/password-managers.html
new file mode 100644
index 00000000..a529e1f3
--- /dev/null
+++ b/_includes/sections/password-managers.html
@@ -0,0 +1,90 @@
+
Password Manager Software
+
+
+ If you are currently using a password manager software like 1Password, LastPass, Roboform, or iCloud Keychain, you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Bitwarden - Cloud/Self-host"
+ image="/assets/img/svg/3rd-party/bitwarden.svg"
+ description="Bitwarden is a free and open-source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
+ website="https://bitwarden.com/"
+ privacy-policy="https://bitwarden.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-bitwarden/1343"
+ github="https://github.com/bitwarden"
+ web="https://vault.bitwarden.com/#/"
+ windows="https://bitwarden.com/#download"
+ linux="https://bitwarden.com/#download"
+ freebsd="https://www.npmjs.com/package/@bitwarden/cli"
+ openbsd="https://www.npmjs.com/package/@bitwarden/cli"
+ netbsd="https://www.npmjs.com/package/@bitwarden/cli"
+ mac="https://bitwarden.com/#download"
+ firefox="https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/"
+ chrome="https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb"
+ safari="https://safari-extensions.apple.com/details/?id=com.bitwarden.safari-LTZ2PFU5D6"
+ opera="https://addons.opera.com/extensions/details/bitwarden-free-password-manager/"
+ edge="https://www.microsoft.com/store/apps/9P6KXL0SVNNL"
+ fdroid="https://mobileapp.bitwarden.com/fdroid/"
+ googleplay="https://play.google.com/store/apps/details?id=com.x8bit.bitwarden"
+ ios="https://itunes.apple.com/app/bitwarden-free-password-manager/id1137397744?mt=8"
+%}
+
+{%
+ include cardv2.html
+ title="KeePassXC - Local"
+ image="/assets/img/svg/3rd-party/keepassxc.svg"
+ description="KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager."
+ website="https://keepassxc.org/"
+ privacy-policy="https://keepassxc.org/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-keepassxc/1344/2"
+ github="https://github.com/keepassxreboot/keepassxc"
+ windows="https://keepassxc.org/download/#windows"
+ linux="https://keepassxc.org/download/#linux"
+ mac="https://keepassxc.org/download/#mac"
+ freebsd="https://www.freshports.org/security/keepassxc/"
+ openbsd="http://openports.se/security/keepassxc"
+ netbsd="http://pkgsrc.se/security/keepassxc"
+ fdroid="https://f-droid.org/packages/com.kunzisoft.keepass.libre/"
+ googleplay="https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.free"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser"
+ chrome="https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk"
+%}
+
+{%
+ include cardv2.html
+ title="LessPass - Browser"
+ image="/assets/img/svg/3rd-party/lesspass.svg"
+ description="LessPass is a free and open-source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security."
+ website="https://lesspass.com/"
+ privacy-policy="https://addons.mozilla.org/en-US/firefox/addon/lesspass/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-keepassxc/1344/2"
+ github="https://github.com/lesspass/lesspass"
+ windows="https://pypi.org/project/lesspass/"
+ mac="https://pypi.org/project/lesspass/"
+ linux="https://pypi.org/project/lesspass/"
+ freebsd="https://pypi.org/project/lesspass/"
+ firefox="https://addons.mozilla.org/en-US/firefox/addon/lesspass/"
+ chrome="https://chrome.google.com/webstore/detail/lesspass/lcmbpoclaodbgkbjafnkbbinogcbnjih"
+ fdroid="https://f-droid.org/packages/com.lesspass.android"
+ googleplay="https://play.google.com/store/apps/details?id=com.lesspass.android"
+%}
+
+
Worth Mentioning
+
+
+
+ Master Password - A password manager based on an ingenious password-generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site, and your master password. No syncing, backups, or internet access needed.
+
+
+
+ Psono - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails. All secrets are protected by a master password. Uses NACL Crypto, a combination of Curve25519, Salsa20 and Poly1305.
+
+
+
+ Password Safe - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire username/password list.
+
+
+ Pass - Pass is a bare-bones password store that keeps passwords using gpg2 encrypted files inside a simple directory tree residing at ~/.password-store. It has a simple terminal interface where the user can perform the usual actions, and it's functionality can be extended by plugins. It can also be used in scripts without having to input the actual password in plain text.
+
+
diff --git a/_includes/sections/paste-services.html b/_includes/sections/paste-services.html
new file mode 100644
index 00000000..5fa5c1ef
--- /dev/null
+++ b/_includes/sections/paste-services.html
@@ -0,0 +1,21 @@
+
Pastebin Services
+
+{% include cardv2.html
+title="PrivateBin"
+image="/assets/img/svg/3rd-party/privatebin.svg"
+description="PrivateBin is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin."
+website="https://privatebin.info/"
+forum="https://forum.privacytools.io/t/discussion-privatebin/296"
+github="https://github.com/PrivateBin/PrivateBin"
+%}
+
+
+{% include cardv2.html
+title="CryptPad"
+image="/assets/img/svg/3rd-party/cryptpad.svg"
+description="CryptPad is an open-source, zero knowledge, and real-time collaborative editor. Data is encrypted/decrypted in the browser, using Salsa20 with Poly1305 to encrypt pads."
+website="https://cryptpad.fr/pad/"
+privacy-policy="https://cryptpad.fr/privacy.html"
+forum="https://forum.privacytools.io/t/discussion-cryptpad/1270"
+github="https://github.com/xwiki-labs/cryptpad"
+%}
diff --git a/_includes/sections/privacy-resources.html b/_includes/sections/privacy-resources.html
new file mode 100644
index 00000000..d294f741
--- /dev/null
+++ b/_includes/sections/privacy-resources.html
@@ -0,0 +1,41 @@
+
More Privacy Resources
+
+
Guides
+
+
+
Surveillance Self-Defense by EFF - Guide to defending yourself from surveillance by using secure technology and developing careful practices.
+
The Crypto Paper - Privacy, Security and Anonymity for Every Internet User.
The Ultimate Privacy Guide - Excellent privacy guide written by the creators of the bestVPN.com website.
+
IVPN Privacy Guides - These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation.
Freedom of the Press Foundation - Supporting and defending journalism dedicated to transparency and accountability since 2012.
+
Erfahrungen.com - German review aggregator website of privacy-related services.
+
Open Wireless Movement - a coalition of Internet freedom advocates, companies, organizations, and technologists working to develop new wireless technologies and to inspire a movement of Internet openness.
+
privacy.net - What does the US government know about you?
PRISM Break - We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.
+
Security in-a-Box - A guide to digital security for activists and human rights defenders throughout the world.
+
SecureDrop - An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created
+ by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.
+
Security First - Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.
+
Osalt - A directory to help you find open source alternatives to proprietary tools.
+
AlternativeTo - A directory to help find alternatives to other software, with the option to only show open source software
+
+
+
Note: Just being open source does not make software secure!
diff --git a/_includes/sections/productivity-tools.html b/_includes/sections/productivity-tools.html
new file mode 100644
index 00000000..41c4feb3
--- /dev/null
+++ b/_includes/sections/productivity-tools.html
@@ -0,0 +1,97 @@
+
Productivity Tools
+
+{%
+ include cardv2.html
+ title="CryptPad"
+ image="/assets/img/svg/3rd-party/cryptpad.svg"
+ description="CryptPad is a private-by-design alternative to popular office tools and cloud services. All content is end-to-end encrypted. It is free and open-source, enabling anyone to verify its security by auditing the code. The development team is supported by donations and grants. No registration is required, and it can be used anonymously via Tor Browser."
+ website="https://cryptpad.fr/"
+ privacy-policy="https://cryptpad.fr/privacy.html"
+ forum="https://forum.privacytools.io/t/discussion-cryptpad-productivity-tools/1537"
+ github="https://github.com/xwiki-labs/cryptpad"
+ web="https://cryptpad.fr/"
+%}
+
+{%
+ include cardv2.html
+ title="Etherpad"
+ image="/assets/img/svg/3rd-party/etherpad.svg"
+ description="Etherpad is a highly customizable open-source online editor providing collaborative editing in real time. Here are a list of sites that run Etherpad."
+ website="https://etherpad.org/"
+ forum="https://forum.privacytools.io/t/discussion-etherpad-productivity-tools/1538"
+ github="https://github.com/ether/etherpad-lite"
+ web="https://github.com/ether/etherpad-lite/wiki/Sites-that-run-Etherpad"
+ windows="https://github.com/ether/etherpad-lite#windows"
+ linux="https://github.com/ether/etherpad-lite#installation"
+ mac="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ freebsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ openbsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+ netbsd="https://github.com/ether/etherpad-lite#gnulinux-and-other-unix-like-systems"
+%}
+
+{%
+ include cardv2.html
+ title="Write.as"
+ image="/assets/img/svg/3rd-party/writeas.svg"
+ image-dark="/assets/img/svg/3rd-party/writeas-dark.svg"
+ description="Write.as is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
+ website="https://write.as/"
+ privacy-policy="https://write.as/privacy"
+ forum="https://forum.privacytools.io/t/discussion-write-as-productivity-tools/1539"
+ tor="http://writeas7pm7rcdqg.onion"
+ git="https://code.as/writeas"
+ web="https://write.as/pad"
+ windows="https://github.com/writeas/writeas-cli"
+ mac="https://github.com/writeas/writeas-cli"
+ linux="https://write.as/apps"
+ chrome="https://write.as/apps"
+ googleplay="https://play.google.com/store/apps/details?id=com.abunchtell.writeas"
+ ios="https://itunes.apple.com/app/apple-store/id1000755153"
+%}
+
+
Worth Mentioning
+
+
+
Cryptee - Free privacy-friendly service for storing Documents, files and Photos
+
EtherCalc - EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions.
+
Disroot - Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.
+
dudle - An online scheduling application, free and open-source. Schedule meetings or make small online polls. No email collection or the need of registration.
+
Framadate - A free and open-source online service for planning an appointment or making a decision quickly and easily. No registration is required.
+
+{%
+ include cardv2.html
+ title="MAT2"
+ image="/assets/img/svg/3rd-party/mat2.svg"
+ description="MAT2 is free software, which allows the removal of metadata of image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Nautilus, the default file manager of GNOME."
+ website="https://0xacab.org/jvoisin/mat2"
+ forum="https://forum.privacytools.io/t/discussion-mat/1559"
+ gitlab="https://0xacab.org/jvoisin/mat2"
+ windows="https://pypi.org/project/mat2/"
+ mac="https://pypi.org/project/mat2/"
+ linux="https://pypi.org/project/mat2/"
+ freebsd="https://pypi.org/project/mat2/"
+ openbsd="https://pypi.org/project/mat2/"
+ netbsd="https://pypi.org/project/mat2/"
+%}
+
+{%
+ include cardv2.html
+ title="ExifCleaner"
+ image="/assets/img/svg/3rd-party/exifcleaner.svg"
+ description='ExifCleaner is a freeware, open source graphical app that uses ExifTool to remove exif metadata from images, videos, and PDF documents using a simple drag and drop interface. It supports multi-core batch processing and dark mode.'
+ website="https://exifcleaner.com"
+ forum="https://forum.privacytools.io/t/discussion-mat/TODOADDTHIS"
+ github="https://github.com/szTheory/exifcleaner"
+ windows="https://github.com/szTheory/exifcleaner/releases"
+ mac="https://github.com/szTheory/exifcleaner/releases"
+ linux="https://github.com/szTheory/exifcleaner/releases"
+%}
diff --git a/_includes/sections/quotes.html b/_includes/sections/quotes.html
new file mode 100644
index 00000000..49f8bcb5
--- /dev/null
+++ b/_includes/sections/quotes.html
@@ -0,0 +1,53 @@
+
+
Privacy? I don't have anything to hide.
+
+
+
+ Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a
+ pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I
+ want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." Not a single person has taken me up on that offer.
+
+
+
+
+
The primary reason for window curtains in our house, is to stop people from being able to see in. The reason we don’t want them to see in is because we consider much of what we do inside our homes to be private. Whether that be having dinner at the table, watching a movie with your kids, or even engaging in intimate or sexual acts with your partner. None of these things are illegal by any means but even knowing this, we still keep the curtains and blinds on our windows. We clearly have this strong desire for privacy when it comes to our personal life and the public.
+
+
+
+
+
[...] But saying that you don't need or want privacy because you have nothing to hide is to assume that no one should have, or could have, to hide anything -- including their immigration status, unemployment history, financial history, and health records. You're assuming that no one, including yourself, might object to revealing to anyone information about their religious beliefs, political affiliations, and sexual activities, as casually as some choose to reveal their movie and music tastes and reading preferences.
+
+
+
+
+
Privacy is not a luxury [in America]: it is a right – one that we need to defend in the digital realm as much as in the physical realm. We need to stay vigilant to maintain access to that right, though ... especially as technology continues to advance...
Ultimately, saying that you don't care about privacy because you have nothing to hide is no different from saying you don't care about freedom of speech because you have nothing to say. Or that you don't care about freedom of the press because you don't like to read. Or that you don't care about freedom of religion because you don't believe in God. Or that you don't care about the freedom to peacably assemble because you're a lazy, antisocial agoraphobe.
+
+
+
+
+
The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all
+ I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is
+ not something I am willing to support or live under.
+
+
+
+
+
We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we're not being watched can we really test the limits of who we want to be. It's really in the private realm where
+ dissent, creativity and personal exploration lie.
+
+
diff --git a/_includes/sections/resources.html b/_includes/sections/resources.html
new file mode 100644
index 00000000..66e6c395
--- /dev/null
+++ b/_includes/sections/resources.html
@@ -0,0 +1,55 @@
+
+
+ {% include card.html color="success"
+ title="Providers"
+ icon="fas fa-server"
+ iconcolor="dark"
+ page="/providers/"
+ description="Discover privacy-centric online services, including email providers, VPN operators, DNS administrators, and more!"
+ %}
+
+ {% include card.html color="primary"
+ title="Web Browsers"
+ icon="far fa-compass"
+ iconcolor="dark"
+ page="/browsers/"
+ description="Find a web browser that respects your privacy, and discover how to harden your browser against tracking and leaks."
+ %}
+
+ {% include card.html color="warning"
+ title="Software"
+ icon="far fa-window-restore"
+ iconcolor="dark"
+ page="/software/"
+ description="Discover a variety of open source software built to protect your privacy and keep your digital data secure."
+ %}
+
+ {% include card.html color="info"
+ title="Operating Systems"
+ icon="fas fa-desktop"
+ iconcolor="dark"
+ page="/operating-systems/"
+ description="Find out how your operating system is compromising your privacy, and what simple alternatives exist."
+ %}
+
+ {% include card.html color="secondary"
+ title="PrivacyTools Services"
+ icon="far fa-eye-slash"
+ iconcolor="dark"
+ page="/services/"
+ description="The PrivacyTools team is proud to launch a variety of privacy-centric online services, including a Mastodon instance, search engine, and more!"
+ %}
+
+ {% include card.html color="danger"
+ title="Donate"
+ icon="fas fa-donate"
+ iconcolor="dark"
+ page="/donate/"
+ description="We can't operate this site without the generous contributions we receive from our viewers. If you love privacy and our website please consider donating."
+ %}
+
+
diff --git a/_includes/sections/router-firmware.html b/_includes/sections/router-firmware.html
new file mode 100644
index 00000000..c9d36cf6
--- /dev/null
+++ b/_includes/sections/router-firmware.html
@@ -0,0 +1,32 @@
+
Open Source Router Firmware
+
+{% include cardv2.html
+ title="OpenWrt"
+ image="/assets/img/svg/3rd-party/openwrt.svg"
+ image-dark="/assets/img/svg/3rd-party/openwrt-dark.svg"
+ description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
+ badges="info:Linux"
+ website="https://openwrt.org/"
+ git="https://git.openwrt.org/"
+%}
+
+{% include cardv2.html
+ title="pfSense"
+ image="/assets/img/svg/3rd-party/pfsense.svg"
+ image-dark="/assets/img/svg/3rd-party/pfsense-dark.svg"
+ description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
+ badges="info:BSD"
+ website="https://www.pfsense.org/"
+ privacy-policy="https://www.pfsense.org/privacy.html"
+ github="https://github.com/pfsense/"
+%}
+
+{% include cardv2.html
+ title="LibreCMC"
+ image="/assets/img/svg/3rd-party/librecmc.svg"
+ image-dark="/assets/img/svg/3rd-party/librecmc-dark.svg"
+ description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
+ badges="info:GNU/Linux"
+ website="https://librecmc.org"
+ git="https://gogs.librecmc.org/libreCMC/libreCMC"
+%}
diff --git a/_includes/sections/search-engines.html b/_includes/sections/search-engines.html
new file mode 100644
index 00000000..dc2d5c4b
--- /dev/null
+++ b/_includes/sections/search-engines.html
@@ -0,0 +1,57 @@
+
Privacy Respecting Search Engines
+
+
+ If you are currently using search engines like Google, Bing, or Yahoo, you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Searx"
+ image="/assets/img/svg/3rd-party/searx.svg"
+ description='Searx is an open-source, self-hostable, metasearch engine, aggregating the results of other search engines while not storing information about its users. There is a list of public instances or you can try the PrivacyTools instance.'
+ website="https://searx.me/"
+ tor="http://ulrn6sryqaifefld.onion"
+ forum="https://forum.privacytools.io/t/discussion-searx/283"
+ github="https://github.com/asciimoo/searx"
+%}
+
+{%
+ include cardv2.html
+ title="DuckDuckGo"
+ image="/assets/img/svg/3rd-party/duckduckgo.svg"
+ description='DuckDuckGo is a "search engine that doesn\'t track you." Some of DuckDuckGo\'s code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA.'
+ website="https://duckduckgo.com/"
+ privacy-policy="https://duckduckgo.com/privacy"
+ tor="http://3g2upl4pq6kufc4m.onion"
+ forum="https://forum.privacytools.io/t/discussion-duckduckgo/285"
+ github="https://github.com/duckduckgo"
+%}
+
+{%
+ include cardv2.html
+ title="Qwant"
+ image="/assets/img/svg/3rd-party/qwant.svg"
+ description='Qwant is a search engine with its philosophy based on two principles: no user tracking and no filter bubble. The company is based in France.'
+ website="https://www.qwant.com/"
+ privacy-policy="https://about.qwant.com/legal/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-qwant/286"
+ github="https://github.com/Qwant/"
+%}
+
+{% include cardv2.html
+ title="Startpage.com"
+ image="/assets/img/svg/3rd-party/startpage.svg"
+ description='Startpage.com is a search engine that provides Google search results with complete privacy protection. Startpage BV is a Netherlands-based company that has been dedicated to privacy-respecting search since 2006.'
+ labels="color==warning::link==https://support.startpage.com/index.php?/Knowledgebase/Article/View/1277/0/startpage-ceo-robert-beens-discusses-the-investment-from-privacy-one--system1::text==Warning::tooltip==Startpage.com was recently acquired by United States-based System1."
+ website="https://www.startpage.com/"
+ privacy-policy="https://www.startpage.com/en/privacy-policy/"
+ forum="https://forum.privacytools.io/t/delisted-discussion-startpage/284"
+%}
+
+
YaCy - An open-source, peer-to-peer search engine powered by its users.
+
diff --git a/_includes/sections/self-contained-networks.html b/_includes/sections/self-contained-networks.html
new file mode 100644
index 00000000..a467ab96
--- /dev/null
+++ b/_includes/sections/self-contained-networks.html
@@ -0,0 +1,103 @@
+
Self-contained Networks
+
+
+ If you are currently browsing clearnet and want to access the dark web, this section is for you.
+
+
+{% include cardv2.html
+ title="Tor"
+ image="/assets/img/svg/3rd-party/tor.svg"
+ description="The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool."
+ website="https://www.torproject.org/"
+ tor="http://expyuzz4wqqyqhjn.onion"
+ forum="https://forum.privacytools.io/t/discussion-tor/1589"
+ windows="https://www.torproject.org/download/"
+ mac="https://www.torproject.org/download/"
+ linux="https://www.torproject.org/download/"
+ freebsd="https://www.freshports.org/security/tor"
+ openbsd="http://openports.se/net/tor"
+ netbsd="http://pkgsrc.se/net/tor"
+ fdroid="https://support.torproject.org/tormobile/tormobile-7/"
+ googleplay="https://play.google.com/store/apps/details?id=org.torproject.torbrowser"
+ android="https://www.torproject.org/download/#android"
+ git="https://gitweb.torproject.org/tor.git"
+%}
+
+{% include cardv2.html
+ title="I2P Anonymous Network"
+ image="/assets/img/svg/3rd-party/i2p.svg"
+ image-dark="/assets/img/svg/3rd-party/i2p-dark.svg"
+ description="The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses."
+ website="https://geti2p.net/"
+ forum="https://forum.privacytools.io/t/discussion-i2p/1590"
+ i2p="http://i2p-projekt.i2p/"
+ windows="https://geti2p.net/en/download#windows"
+ mac="https://geti2p.net/en/download#mac"
+ linux="https://geti2p.net/en/download#unix"
+ freebsd="https://www.freshports.org/security/i2p/"
+ openbsd="http://openports.se/net/i2pd"
+ netbsd="http://pkgsrc.se/wip/i2pd"
+ fdroid="https://f-droid.org/app/net.i2p.android.router"
+ googleplay="https://play.google.com/store/apps/details?id=net.i2p.android"
+ android="https://download.i2p2.de/android/current/"
+ source="https://geti2p.net/en/get-involved/guides/new-developers#getting-the-i2p-code"
+%}
+
+{% include cardv2.html
+ title="The Freenet Project"
+ image="/assets/img/svg/3rd-party/freenet.svg"
+ description="Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection."
+ website="https://freenetproject.org/"
+ forum="https://forum.privacytools.io/t/discussion-freenet/1591"
+ windows="https://freenetproject.org/pages/download.html#windows"
+ mac="https://freenetproject.org/pages/download.html#os-x"
+ linux="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ freebsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ openbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ netbsd="https://freenetproject.org/pages/download.html#gnulinux-posix"
+ github="https://github.com/freenet/"
+%}
+
+
Worth Mentioning
+
+
+
+ ZeroNet - Open, free, and uncensorable websites, using Bitcoin cryptography and BitTorrent network.
+ {% include badge.html
+ color="danger"
+ icon="fas fa-exclamation-triangle"
+ tooltip="Your IP address isn't hidden by default and won't be, unless you enforce Tor usage."
+ text="Not anonymous"
+ %}
+
+
RetroShare - An open source, cross-platform, friend-to-friend, secure, and decentralized communication platform.
+
I2P-Bote - End-to-end encrypted decentralized mail system within the I2P network.
+
GNUnet - GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy.
+
+ IPFSandIPFS Companion- A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. IPFS Companion is a browser extension for redirecting queries to a gateway of your choice (generally local).
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://github.com/privacytools/privacytools.io/pull/361#issuecomment-344414022"
+ text="Supercookie warning"
+ %}
+
+
+ Yggdrasil
+ - An early-stage implementation of a fully end-to-end encrypted IPv6 network. It is lightweight, self-arranging, supported on multiple platforms, and allows pretty much any IPv6-capable application to communicate securely with other Yggdrasil nodes. Yggdrasil does not require you to have IPv6 Internet connectivity - it also works over IPv4.
+
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ tooltip="The project is currently in early stages but it is being actively developed."
+ text="Experimental"
+ %}
+ {% include badge.html
+ color="danger"
+ icon="fas fa-exclamation-triangle"
+ link=""
+ tooltip="Yggdrasil doesn't provide anonymity by default. Your peers know your IP address unless you configure it to only use Tor/I2P peers."
+ text="Not anonymous by default"
+ %}
+
+
diff --git a/_includes/sections/selfhosted-cloud.html b/_includes/sections/selfhosted-cloud.html
new file mode 100644
index 00000000..ff6899c5
--- /dev/null
+++ b/_includes/sections/selfhosted-cloud.html
@@ -0,0 +1,43 @@
+
Self-Hosted Cloud Server Software
+
+
+ If you are currently using a Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud, you should think about hosting it on your own.
+
+
+{% include cardv2.html
+ title="Nextcloud"
+ image="/assets/img/svg/3rd-party/nextcloud.svg"
+ description="Nextcloud is a suite of free and open-source client-server software for creating your own file hosting services on a private server you control. The only limits on storage and bandwidth are the limits on the server provider you choose."
+ website="https://nextcloud.com/"
+ privacy-policy="https://nextcloud.com/privacy/"
+ forum="https://forum.privacytools.io/t/discussion-nextcloud/287"
+ windows="https://nextcloud.com/install/#install-clients"
+ mac="https://nextcloud.com/install/#install-clients"
+ linux="https://nextcloud.com/install/#install-clients"
+ freebsd="https://www.freshports.org/www/nextcloud/"
+ openbsd="http://openports.se/www/nextcloud"
+ netbsd="http://pkgsrc.se/www/php-nextcloud"
+ fdroid="https://f-droid.org/packages/com.nextcloud.client/"
+ googleplay="https://play.google.com/store/apps/details?id=com.nextcloud.client"
+ ios="https://itunes.apple.com/us/app/nextcloud/id1125420102"
+ github="https://github.com/nextcloud"
+%}
+
+{% include cardv2.html
+ title="Tahoe-LAFS"
+ image="/assets/img/svg/3rd-party/tahoe-lafs.svg"
+ image-dark="/assets/img/svg/3rd-party/tahoe-lafs-dark.svg"
+ website="https://www.tahoe-lafs.org/"
+ forum="https://forum.privacytools.io/t/discussion-tahoe-lafs/1662"
+ description="Tahoe-LAFS is a free and open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security."
+ windows="https://github.com/tahoe-lafs/tahoe-lafs#via-pip"
+ mac="https://github.com/tahoe-lafs/tahoe-lafs#via-pip"
+ linux="https://github.com/tahoe-lafs/tahoe-lafs#using-os-packages"
+ netbsd="http://pkgsrc.se/filesystems/tahoe-lafs"
+ git="https://www.tahoe-lafs.org/trac/tahoe-lafs/browser"
+%}
+
+
Worth Mentioning
+
+
CryptPad - An open-source and end-to-end encrypted real-time collaborative editor that lets you share folders, media, and documents.
+
diff --git a/_includes/sections/social-networks.html b/_includes/sections/social-networks.html
new file mode 100644
index 00000000..25a498d2
--- /dev/null
+++ b/_includes/sections/social-networks.html
@@ -0,0 +1,81 @@
+
Decentralized Social Networks
+
+
+ If you are currently using Social Networks like Facebook or Twitter, you should pick an alternative here.
+
+
+{% include cardv2.html
+ title="Mastodon - Twitter Alternative"
+ image="/assets/img/svg/3rd-party/mastodon.svg"
+ description='Mastodon is a social network based on open web protocols and free, open-source software. It is decentralized like email, users can exist on different servers or even different platforms but still communicate with each other. It also has the most users, and the most diverse (in terms of interests) users, it looks good, and it is easy to setup yourself. If you are looking for a server to join, you are welcome to join our hosted instance: social.privacytools.io'
+ website="https://joinmastodon.org/"
+ forum="https://forum.privacytools.io/t/discussion-mastodon/289"
+ github="https://github.com/tootsuite/mastodon"
+ windows="https://joinmastodon.org/apps"
+ mac="https://joinmastodon.org/apps"
+ linux="https://joinmastodon.org/apps"
+ freebsd="https://joinmastodon.org/apps"
+ openbsd="https://joinmastodon.org/apps"
+ netbsd="https://joinmastodon.org/apps"
+ android="https://joinmastodon.org/apps"
+ sailfish="https://joinmastodon.org/apps"
+ ios="https://joinmastodon.org/apps"
+ web="https://joinmastodon.org/#getting-started"
+%}
+
+{% include cardv2.html
+ title="diaspora* - Google+ Alternative"
+ image="/assets/img/svg/3rd-party/diaspora.svg"
+ description="diaspora* is based on three key philosophies: Decentralization, Freedom, and Privacy. It is intended to address privacy concerns related to centralized social networks by allowing users set up their own server (or \"pod\") to host content. Pods can then interact to share status updates, photographs, and other social data."
+ website="https://diasporafoundation.org/"
+ forum="https://forum.privacytools.io/t/discussion-diaspora/290"
+ github="https://github.com/diaspora/diaspora"
+ android="https://wiki.diasporafoundation.org/Tools_to_use_with_Diaspora#Android"
+ web="https://diasporafoundation.org/"
+%}
+
+{% include cardv2.html
+ title="Friendica - Facebook Alternative"
+ image="/assets/img/svg/3rd-party/friendica.svg"
+ description="Friendica has an emphasis on extensive privacy settings and easy server installation. It aims to federate with as many other social networks as possible. Currently, Friendica users can integrate contacts from Facebook, Twitter, Diaspora, GNU social, App.net, Pump.io and other services in their social streams."
+ website="https://friendi.ca/"
+ forum="https://forum.privacytools.io/t/discussion-friendica/291"
+ github="https://github.com/friendica/friendica"
+ windows="https://friendi.ca/resources/mobile-clients/"
+ linux="https://friendi.ca/resources/mobile-clients/"
+ android="https://friendi.ca/resources/mobile-clients/"
+ sailfish="https://friendi.ca/resources/mobile-clients/"
+ web="https://friendi.ca/"
+%}
+
+{% include cardv2.html
+ title="PixelFed - Instagram Alternative"
+ image="/assets/img/svg/3rd-party/pixelfed.svg"
+ description='PixelFed is a free and ethical photo sharing platform, powered by ActivityPub federation. Pixelfed is an open-source, federated platform. You can run your own instance or join an existing one.'
+ website="https://pixelfed.org/"
+ forum="https://forum.privacytools.io/t/discussion-pixelfed/293"
+ github="https://github.com/pixelfed"
+ web="https://pixelfed.org/"
+%}
+
+{% include cardv2.html
+ title="Pleroma - Twitter Alternative"
+ image="/assets/img/svg/3rd-party/pleroma.svg"
+ description="Pleroma is a free, federated social networking server built on open protocols. It is compatible with Mastodon and many other ActivityPub and OStatus implementations."
+ website="https://pleroma.social"
+ forum="https://forum.privacytools.io/t/discussion-pleroma/2307"
+ gitlab="https://git.pleroma.social/pleroma/pleroma/"
+ windows="https://docs-develop.pleroma.social/backend/clients/#desktop"
+ mac="https://docs-develop.pleroma.social/backend/clients/#desktop"
+ linux="https://docs-develop.pleroma.social/backend/clients/#desktop"
+ android="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ fdroid="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ googleplay="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ ios="https://docs-develop.pleroma.social/backend/clients/#handheld"
+ web="https://docs-develop.pleroma.social/backend/clients/#alternative-web-interfaces"
+%}
+
+
Worth Mentioning
+
+
Movim - A federated social platform that relies on the XMPP standard and therefore allows you to exchange with many other clients on all devices.
+
diff --git a/_includes/sections/social-news-aggregator.html b/_includes/sections/social-news-aggregator.html
new file mode 100644
index 00000000..70805e56
--- /dev/null
+++ b/_includes/sections/social-news-aggregator.html
@@ -0,0 +1,48 @@
+
Social News Aggregators
+
+
+ If you are currently using a online bulletin board like Reddit, you should pick an alternative here.
+
+
+{% include cardv2.html
+title="Aether"
+image="/assets/img/svg/3rd-party/aether.svg"
+description='Aether is a free and open-source decentralized social news aggregator with a built-in voting system.'
+website="https://getaether.net/"
+privacy-policy="https://getaether.net/privacypolicy/"
+forum="https://forum.privacytools.io/t/discussion-aether/1256"
+github="https://github.com/nehbit/aether"
+windows="https://getaether.net/download/"
+mac="https://getaether.net/download/"
+linux="https://getaether.net/download/"
+%}
+
+{% include cardv2.html
+title="Tildes"
+image="/assets/img/svg/3rd-party/tildes.svg"
+description='Tildes is a web-based self-hostable online bulletin board. It is licensed under AGPLv3.'
+website="https://tildes.net"
+privacy-policy="https://docs.tildes.net/policies/privacy-policy"
+forum="https://forum.privacytools.io/t/discussion-tildes/1257"
+gitlab="https://gitlab.com/tildes/tildes"
+web="https://tildes.net"
+%}
+
+{% include cardv2.html
+title="Raddle"
+image="/assets/img/png/3rd-party/raddle.png"
+description="Raddle is a public Postmill instance focused on privacy and anti-censorship."
+website="https://raddle.me"
+privacy-policy="https://raddle.me/wiki/privacy_policy"
+forum="https://forum.privacytools.io/t/discussion-raddle/1258"
+gitlab="https://gitlab.com/postmill/"
+web="https://raddle.me"
+%}
+
+
+ If your project or organization currently uses a platform like Discord or Slack you should pick an alternative here.
+
+
+{%
+ include cardv2.html
+ title="Element"
+ image="/assets/img/svg/3rd-party/element.svg"
+ description='Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.'
+ labels="text==VoIP"
+ website="https://element.io"
+ privacy-policy="https://element.io/privacy"
+ forum="https://forum.privacytools.io/t/discussion-element-io/665"
+ github="https://github.com/vector-im/element-web"
+ windows="https://element.io/get-started"
+ mac="https://element.io/get-started"
+ linux="https://element.io/get-started"
+ fdroid="https://f-droid.org/packages/im.vector.app/"
+ googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
+ ios="https://apps.apple.com/app/vector/id1083446067"
+ web="https://app.element.io"
+%}
+
+{%
+ include cardv2.html
+ title="Rocket.chat"
+ image="/assets/img/svg/3rd-party/rocketchat.svg"
+ description="Rocket.chat is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE."
+ labels="color==warning::link==https://rocket.chat/docs/user-guides/end-to-end-encryption/::text==Experimental E2EE::tooltip==Regarding E2EE their documentation states 'This feature is currently in alpha. It's also not yet supported on mobile'. There is no forward secrecy so compromised decryption password would leak all messages. Federation was also added afterwards, potentially causing room for mistakes.|text==VoIP"
+ website="https://rocket.chat/"
+ privacy-policy="https://rocket.chat/privacy"
+ forum="https://forum.privacytools.io/t/discussion-rocket-chat/1223"
+ github="https://github.com/rocketchat/"
+ windows="https://rocket.chat/install"
+ mac="https://itunes.apple.com/us/app/rocket-chat/id1086818840"
+ linux="https://rocket.chat/install"
+ fdroid="https://f-droid.org/packages/chat.rocket.android"
+ googleplay="https://play.google.com/store/apps/details?id=chat.rocket.android"
+ ios="https://itunes.apple.com/app/rocket-chat/id1148741252"
+%}
diff --git a/_includes/sections/tor-operating-systems.html b/_includes/sections/tor-operating-systems.html
new file mode 100644
index 00000000..835df24f
--- /dev/null
+++ b/_includes/sections/tor-operating-systems.html
@@ -0,0 +1,24 @@
+
Tor-Focused Distributions
+
+
+ These Linux distributions are developed with the purpose of directing all network traffic through Tor.
+
+
+{% include cardv2.html
+ title="Tails"
+ image="/assets/img/svg/3rd-party/tails.svg"
+ description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
+ badges="info:Linux"
+ website="https://tails.boum.org/"
+ git="https://git-tails.immerda.ch/tails/"
+ %}
+
+{% include cardv2.html
+ title="Whonix"
+ image="/assets/img/svg/3rd-party/whonix.svg"
+ description='A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor network to accomplish this. Whonix is best used in conjunction with Qubes.'
+ badges="info:Linux"
+ website="https://www.whonix.org/"
+ tor="http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/"
+ github="https://github.com/Whonix"
+%}
diff --git a/_includes/sections/video-frontends.html b/_includes/sections/video-frontends.html
new file mode 100644
index 00000000..c790135b
--- /dev/null
+++ b/_includes/sections/video-frontends.html
@@ -0,0 +1,14 @@
+
Frontends and Proxies
+
+
+ If you are currently using a platform like YouTube, you can keep watching videos without sharing your IP.
+
+
+{% include cardv2.html
+ title="Invidious"
+ image="/assets/img/svg/3rd-party/invidious.svg"
+ description='Invidious is an alternative front-end to YouTube. It is free software, with no advertising or Javascript dependency to play videos, with lots of other features that allow you to have a complete YouTube experience, sans Google.'
+ website="https://invidio.us"
+ github="https://github.com/omarroth/invidious"
+ web="https://instances.invidio.us"
+%}
diff --git a/_includes/sections/voice-video-messenger.html b/_includes/sections/voice-video-messenger.html
new file mode 100644
index 00000000..f3e39871
--- /dev/null
+++ b/_includes/sections/voice-video-messenger.html
@@ -0,0 +1,62 @@
+
Video/Voice Calling
+
+
+ If you are currently using a Video/Voice Calling app like Google Hangouts, Skype, Viber or Zoom, you should pick an alternative here. Please note that many of the above instant messengers also support {% include badge.html color="info" text="VoIP" %}. The software listed below are primarily Voice/Video focused.
+
+
+{% include cardv2.html
+ title="Linphone"
+ image="/assets/img/svg/3rd-party/linphone.svg"
+ website="https://www.linphone.org/"
+ privacy-policy="https://www.linphone.org/terms-and-privacy"
+ description="Linphone is an open-source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication."
+ forum="https://forum.privacytools.io/t/discussion-linphone/751"
+ github="https://github.com/BelledonneCommunications"
+ windows="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+ linux="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+ mac="https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner"
+ fdroid="https://f-droid.org/packages/org.linphone"
+ googleplay="https://play.google.com/store/apps/details?id=org.linphone"
+ ios="https://apps.apple.com/us/app/linphone/id360065638"
+%}
+
+{% include cardv2.html
+ title="Jitsi Meet"
+ image="/assets/img/svg/3rd-party/jitsi.svg"
+ website="https://jitsi.org/jitsi-meet/"
+ privacy-policy="https://jitsi.org/security/"
+ description='Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application with optional E2EE. It can be used from the browser, in desktop applications or on smartphones. Additional features include screen sharing for presentations and an always-on-top floating call window when minimized. See the list of public Jitsi Meet instances.'
+ labels="color==warning::text==Requires WebRTC::tooltip==Our Firefox tweaks recommend disabling WebRTC as it can be used to leak your IP address even behind a VPN, which is why Tor Browser disables it.|color==warning::link==https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/e2ee.md::text==Experimental E2EE::tooltip==E2EE in Jitsi Meet is dependent on Insertable Streams, which is currently supported in Chrome but not Firefox. The mobile apps also do not support E2EE for the moment. Prefer to use the desktop apps instead."
+ forum="https://forum.privacytools.io/t/discussion-jitsi-meet/1577"
+ github="https://github.com/jitsi/jitsi-meet"
+ windows="https://github.com/jitsi/jitsi-meet-electron/releases"
+ linux="https://github.com/jitsi/jitsi-meet-electron/releases"
+ mac="https://github.com/jitsi/jitsi-meet-electron/releases"
+ fdroid="https://f-droid.org/en/packages/org.jitsi.meet/"
+ googleplay="https://play.google.com/store/apps/details?id=org.jitsi.meet"
+ ios="https://apps.apple.com/us/app/jitsi-meet/id1165103905"
+%}
+
+{% include cardv2.html
+ title="Mumble"
+ image="/assets/img/svg/3rd-party/mumble.svg"
+ website="https://mumble.info/"
+ description="Mumble is an open-source, low-latency, and high quality voice chat application primarily intended for use while gaming. Note that while Mumble doesn't log messages or record by default, it's missing end-to-end encryption, so self-hosting is recommended."
+ forum="https://forum.privacytools.io/t/discussion-mumble/1289"
+ github="https://github.com/mumble-voip/"
+ windows="https://www.mumble.info/downloads"
+ linux="https://www.mumble.info/downloads"
+ mac="https://www.mumble.info/downloads"
+ android="https://www.mumble.info/downloads/#third-party-clients"
+ ios="https://apps.apple.com/us/app/mumble/id443472808?ls=1"
+%}
+
+
Mullvad.net is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. Mullvad is based in Sweden and does not have a free trial.
+
{% include badge.html color="success" text="35 Countries" %}
+
Mullvad has servers in 35 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
+
{% include badge.html color="success" text="Independently Audited" %}
+
Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:
+
+
...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
{% include badge.html color="success" text="Open Source Clients" %}
+
Mullvad provides the source code for their desktop and mobile clients in their GitHub organization.
+
{% include badge.html color="success" text="Accepts Bitcoin" %}
+
Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.
+
{% include badge.html color="success" text="WireGuard Support" %}
+
In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
+
{% include badge.html color="success" text="IPv6 Support" %}
+
Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.
+
{% include badge.html color="success" text="Remote Port Forwarding" %}
{% include badge.html color="success" text="Mobile Clients" %}
+
Mullvad has published App Store and Google Play clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
+
{% include badge.html color="info" text="Extra Functionality" %}
+
The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at xcln5hkbriyklr6n.onion.
+
+
+
+
+
+
+
+
+ ProtonVPN
+ {% include badge.html color="info" text="Free" %}
+ {% include badge.html color="info" text="Basic USD $48/y" %}
+ {% include badge.html color="secondary" text="Plus USD $96/y" %}
+
+
ProtonVPN.com is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. They offer a further 14% discount for buying a 2 year subscription.
+
{% include badge.html color="success" text="44 Countries" %}
+
ProtonVPN has servers in 44 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
+
{% include badge.html color="success" text="Independently Audited" %}
+
As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at protonvpn.com.
+
{% include badge.html color="success" text="Open Source Clients" %}
+
ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization.
+
{% include badge.html color="success" text="Accepts Bitcoin" %}
+
ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.
+
{% include badge.html color="success" text="Mobile Clients" %}
+
In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
+
{% include badge.html color="warning" text="No Port Forwarding" %}
+
ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.
+
{% include badge.html color="info" text="Extra Functionality" %}
+
The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.
IVPN.net is another premium VPN provider, and they have been in operation since 2009. IVPN is based in Gibraltar and offers a 3 day free trial.
+
{% include badge.html color="success" text="32 Countries" %}
+
IVPN has servers in 32 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.
+
We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.
+
{% include badge.html color="success" text="Independently Audited" %}
{% include badge.html color="success" text="Accepts Bitcoin" %}
+
In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin and cash/local currency (on annual plans) as anonymous forms of payment.
+
{% include badge.html color="success" text="WireGuard Support" %}
+
In addition to standard OpenVPN connections, IVPN supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.
+
{% include badge.html color="success" text="Remote Port Forwarding" %}
{% include badge.html color="success" text="Mobile Clients" %}
+
In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.
+
{% include badge.html color="info" text="Extra Functionality" %}
+
The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "AntiTracker" functionality, which blocks advertising networks and trackers from the network level.
+
+
+
+
+
+ Note: Using a VPN provider will not make you anonymous, but it will give you better privacy in certain situations. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.
+
diff --git a/_includes/sections/warrant-canary.html b/_includes/sections/warrant-canary.html
new file mode 100644
index 00000000..d5cf761e
--- /dev/null
+++ b/_includes/sections/warrant-canary.html
@@ -0,0 +1,22 @@
+
What is a warrant canary?
+
+
+
+
A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.
This tool uses some known methods that attempt to disable major tracking features in Windows 10.
+
+
Related Information
+
+
+
Microsoft Privacy Statement - Microsoft collects, uses and discloses personal information as described here. This allows OneDrive data, Cortana searches, and MS browser history to be sold to third parties.
+
Cortana and privacy - To personalize your experience and provide the best possible suggestions, Cortana accesses your email and other communications and collects data about your contacts (People), like their title, suffix, first name, last name, middle name, nicknames, and company name. If you call, email, or text someone or they call, email, or text you, Cortana collects that person’s email address or phone number.
You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities.
+
At PrivacyTools, we provide services, tools, and knowledge to protect your privacy against global mass surveillance, and moderate a thriving community of privacy-minded individuals like yourself to discuss and learn about new advances in protecting your online data. This website serves as the centerpiece of our organization, where we research and recommend various software solutions for our community.
+
Transparency is our strongest value, and it's what sets us apart from the rest of the "privacy recommendations" community. Editorial changes to this website and the products we recommend are always discussed on our extensive issue tracker, drafted in a public pull request open for further discussion, and logged in a comprehensive commit log dating back to our original founding date in 2015. The core team members listed below are responsible for most of the edits and final decisions to changes on this website and across our services, but this website is truly the work of hundreds contributors and fact checkers working to make sure our recommendations are solid and trustworthy.
+
Additionally, we are a not-for-profit organization. We do not utilize paid recommendations or affiliate programs to make the recommendations on this website. Unfortunately this practice is very common elsewhere online, which makes it difficult to trust other review sites. We are unique in this area, in that all of our research is conducted independently, and we will never accept payments to modify, add, or remove any of our reviews or recommendations. Our finances are provided entirely by our community donors and sponsors, and are handled by the Open Collective Foundation 501(c)(3). Because we are operating as a charity in the United States, we are legally obligated to only use our funding to further our mission of spreading privacy education and promoting online services like Mastodon, Matrix, and WriteFreely. This website is a public resource, not a profit generator. To that regard, all our financial transactions (incoming and outgoing) are logged and made available to the public via our page at opencollective.com/privacytools.
+
We take the operation of our various services very seriously, and require all participants to adhere to our Code of Conduct. For any questions or to report abuse, please see our CoC’s Enforcement section.
+
+
+
+
+
+
Team Members
+
+
+
+
+{% include team.html
+avatar="burung.png"
+name="Burung Hantu"
+role="Founder"
+bio="I founded PrivacyTools in 2015 to share resources and tools, allowing users to avoid international mass-surveillance programs."
+keys="https://keybase.io/privacytools"
+mastodon="https://social.privacytools.io/@BurungHantu"
+twitter="privacytoolsIO"
+%}
+
+{% include team.html
+avatar="blacklight447.png"
+name="Niek de Wilde"
+bio="I research new privacy recommendations and moderate our communities. My expertise is endpoint security and networking."
+role="Editor-in-chief"
+email="mailto:blacklight447@privacytools.io"
+mastodon="https://social.privacytools.io/@blacklight447"
+blog="blacklight447"
+%}
+
+{% include team.html
+avatar="dngray.png"
+name="dngray"
+nick="Daniel Gray"
+bio="I liaise with and research privacy-focused services to refine our recommendations. My background is infosec and network security."
+website="https://dngray.netlify.com"
+email="https://dngray.netlify.com/email"
+keys="https://keybase.io/dngray"
+mastodon="https://social.privacytools.io/@dngray"
+%}
+
+{% include team.html
+avatar="freddy.png"
+name="Freddy Marsden"
+nick="Freddy"
+bio="I'm an amateur writer covering privacy, security and open-source development."
+role="Blogging & Education"
+website="https://write.privacytools.io/freddy/"
+email="mailto:freddy@privacytools.io"
+mastodon="https://social.privacytools.io/@freddy"
+blog="freddy"
+%}
+
+{% include team.html
+avatar="lynn.png"
+name="Lynn Stephenson"
+bio="I'm a software developer doing some pentesting on the side, specializing in security, cryptography, networking, web development, and accessibility."
+role="Researcher"
+email="mailto:lynn@privacytools.io"
+mastodon="https://ioc.exchange/@lynn_stephenson"
+%}
+
+{% include team.html
+avatar="trai_dep.png"
+name="trai_dep"
+role="Subreddit Mod"
+bio="I'm the moderator at r/Privacy and r/privacytoolsIO. Day to day, I am also – irony alert – an (ethical) digital marketer."
+email="mailto:trai_dep@privacytools.io"
+website="https://www.reddit.com/user/trai_dep"
+%}
+
+
+
+
+
+
+
Of course, we couldn't do any of this without our very generous financial contributors, website contributors, and the countless community members that help share new ideas and spread the word! Thank you.
It's very important to us to stay up-to-date on the latest changes in the privacy space. If you have a software recommendation for us, or want to request a change on this website, please don't hesitate to reach out in one of the following ways.
For complete transparency, software and providers will only be considered for this website after discussions take place on our GitHub issue tracker. We of course don't make any changes in secret.
+
Join our Matrix room at #general:privacytools.io to chat with us and other members about this site and privacy in general! If you need a Matrix account, you can sign up with our own homeserver (https://chat.privacytools.io) using Riot.
If you are able, please consider contributing to our development and outreach programs. Contributions via OpenCollective to {{ site.name }} are tax deductible for US taxpayers. These funds are transparently and primarily used to cover server costs.
Our website is free of advertisements and not affiliated with any listed providers. Your donation will cover our costs for servers, domains, coffee, beer, and pizza.
+
You may also contribute via the cryptocurrencies below, however we will not be able to provide a receipt for your contribution. Your contribution will be considered an anonymous, unrestricted contribution and paid to our Fiscal Host at OpenCollective when we convert to currency.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
We prefer Bitcoin donations to be above $5 due to the state of the network's transaction fees. You are welcome to donate any smaller or larger amount on any other cryptocurrency, such as Bitcoin Cash, Ethereum, or Stellar.
+
+
More Cryptocurrencies
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
The {{ site.name }} team does not necessarily endorse all of the cryptocurrencies listed on this page. Please conduct your own research before purchasing any cryptocurrencies.
+ We will try and keep this page up-to-date with added sections and other content, but to be guaranteed the latest recommendations, we recommend you check out our new Providers, Browsers, Software, and OS pages in the navbar above :)
+
+
+{% include sections/header.html %}
+
+{% include sections/quotes.html %}
+
+{% include sections/fourteen-eyes.html %}
+
+{% include sections/key-disclosure-law.html %}
+
+{% include sections/vpn.html %}
+
+{% include sections/warrant-canary.html %}
+
+{% include sections/browser-recommendation.html %}
+
+{% include sections/browser-fingerprint.html %}
+
+{% include sections/browser-webrtc.html %}
+
+{% include sections/browser-addons.html %}
+
+{% include sections/browser-tweaks.html %}
+
+{% include sections/email-providers.html %}
+
+{% include sections/email-clients.html %}
+
+{% include sections/search-engines.html %}
+
+{% include sections/instant-messenger.html %}
+
+{% include sections/voice-video-messenger.html %}
+
+{% include sections/teamchat.html %}
+
+{% include sections/file-sharing.html %}
+
+{% include sections/cloud-storage.html %}
+
+{% include sections/selfhosted-cloud.html %}
+
+{% include sections/hosting-provider.html %}
+
+{% include sections/file-sync.html %}
+
+{% include sections/password-managers.html %}
+
+{% include sections/calendar-contacts-sync.html %}
+
+{% include sections/file-encryption.html %}
+
+{% include sections/self-contained-networks.html %}
+
+{% include sections/social-networks.html %}
+
+{% include sections/social-news-aggregator.html %}
+
+{% include sections/decentralized-video.html %}
+
+{% include sections/video-frontends.html %}
+
+{% include sections/dns.html %}
+
+{% include sections/notebooks.html %}
+
+{% include sections/paste-services.html %}
+
+{% include sections/productivity-tools.html %}
+
+{% include sections/operating-systems.html %}
+
+{% include sections/tor-operating-systems.html %}
+
+{% include sections/android-operating-systems.html %}
+
+{% include sections/android-addons.html %}
+
+{% include sections/other-mobile-operating-systems.html %}
+
+{% include sections/router-firmware.html %}
+
+{% include sections/windows10.html %}
+
+{% include sections/privacy-resources.html %}
+
+{% include sections/participate.html %}
diff --git a/pages/os.html b/pages/os.html
new file mode 100644
index 00000000..536f2cf3
--- /dev/null
+++ b/pages/os.html
@@ -0,0 +1,26 @@
+---
+layout: page
+permalink: /operating-systems/
+title: "Operating Systems"
+description: "Even your own computer could be compromising your privacy. Discover our recommended OS choices for all the devices you use."
+---
+
+{% include sections/operating-systems.html %}
+
+
+
+{% include sections/tor-operating-systems.html %}
+
+{% include sections/android-operating-systems.html %}
+
+{% include sections/android-addons.html %}
+
+{% include sections/other-mobile-operating-systems.html %}
+
+{% include sections/router-firmware.html %}
+
+{% include sections/windows10.html %}
diff --git a/pages/privacy.md b/pages/privacy.md
new file mode 100644
index 00000000..0277fd50
--- /dev/null
+++ b/pages/privacy.md
@@ -0,0 +1,114 @@
+---
+layout: page
+permalink: /privacy/
+title: "Privacy Q&A"
+description: "This Privacy Statement explains what information PrivacyTools and its related entities collect about its users, what we do with that information, and how we handle the content you place in our products and services."
+---
+
+## Who is {{ site.name }}?
+
+{{ site.name }} is an unincorporated community developing this website and a number of privacy-friendly services. The current list of public team members [can be found on GitHub](https://github.com/orgs/privacytools/people). In order to operate these services, {{ site.name }} receives hosting and administration services from Aragon Ventures LLC.
+
+## How does {{ site.name }} collect data about me?
+
+We collect data:
+
+* When you browse a website, forum, or other {{ site.name }} service.
+* When you create an account on a {{ site.name }} service.
+* When you post, send private messages, or otherwise participate on a {{ site.name }} service.
+
+This data will be collected regardless of browser, device, or app used to access our services. We do not buy or otherwise receive data from data brokers.
+
+## What data do you collect and why?
+
+### We collect data about visits to our websites.
+
+When you visit a {{ site.name }} website or service, regardless of whether you have an account or not, the website may use cookies, server logs, and other methods to collect the following data:
+
+* What pages you visit,
+* Your anonymized IP address: We anonymize the last 3 bytes of your IP, e.g. 192.xxx.xxx.xxx.
+
+We use this data to:
+
+* Optimize websites and services, so that they are quick and easy to use,
+* Diagnose and debug technical errors,
+* Defend websites and services from abuse and technical attacks.
+
+This data is processed under our [Legitimate Interest](https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/legitimate-interests/when-can-we-rely-on-legitimate-interests/) to provide our services to you in a an efficient and secure manner and to ensure the legal compliance and proper administration of our business.
+
+Raw data such as pages visited, anonymized visitor IPs, and visitor actions will be retained for 60 days. In special circumstances—such as extended investigations regarding a technical attack—we may preserve logged data for longer periods for analysis. We store aggregate statistics about use of the websites and services we host indefinitely, but those statistics do not include data identifiable to you personally.
+
+### We collect account data.
+
+On some websites and services we provide, many features may require an account. For example, on forum.privacytools.io an account is required to post and reply to topics.
+
+To sign up for most accounts, we will collect a name, username, email, and password. In the event a website requires more information than just that data, that will be clearly marked and noted in a separate privacy statement, per-site.
+
+We use your account data to identify you on the website, and to create pages specific to you, such as your profile page. We will also use your account data to publish a public profile for you on our services.
+
+We use your email to:
+
+* Notify you about posts and other activity on the websites or services.
+* Reset your password and help keep your account secure.
+* Contact you in special circumstances related to your account.
+* Contact you about legal requests, such as DMCA takedown requests.
+
+On some websites and services you may provide additional information for your account, such as a short biography, avatar, your location, or your birthday. We make that information available to everyone who can access the website or service in question. This information is not required to use any of our services, and can be erased at any time.
+
+We will store your account data as long as your account remains open. After closing an account, we may retain some or all of your account data in the form of backups or archives for up to 90 days.
+
+## Who is my data shared with?
+
+When you use services provided by {{ site.name }} your data is shared with Aragon Ventures LLC, in order to facilitate their hosting obligations. Aragon Ventures LLC may collect and use your data as described in their privacy statement at [https://aragon.ventures/privacy](https://aragon.ventures/privacy/).
+
+Your account data, posts, and other activities on {{ site.name }} services is shared with others as mentioned in the section about account data.
+
+## Where is my data stored?
+
+Your data is stored on servers provided by Aragon Ventures LLC, a company incorporated in Minnesota, United States. The primary datacenter for {{ site.name }} is located in France. Some websites, services, or backups may reside in datacenters in multiple jurisdictions, including the United States and the European Union.
+
+## Is {{ site.name }} GDPR compliant?
+
+We respect privacy rights under [Regulation (EU) 2016/679](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG), the European Union’s General Data Protection Regulation (GDPR). Information that GDPR requires us to give can be found throughout this document.
+
+## What are my data protection rights?
+
+We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
+
+* **The right to access** – You have the right to request access to your personal data, or copies of your personal data from us. We may charge you a small fee for providing a copy of your data.
+* **The right to rectification** – You have the right to request that we correct any information you believe is inaccurate or incomplete.
+* **The right to erasure** – You have the right to request that we erase your personal data, under certain conditions.
+* **The right to restrict processing** – You have the right to request that we restrict the processing of your personal data, under certain conditions.
+* **The right to object to processing** – You have the right to object to our processing of your personal data, under certain conditions.
+* **The right to data portability** – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
+
+## How can I contact the {{ site.name }} team about privacy?
+
+The {{ site.name }} team generally does not have access to personal data outside of limited access granted via some moderation panels. Inquiries regarding your personal information should be sent directly to the data controller for these services, Aragon Ventures LLC:
+
+```
+Jonah Aragon
+Services Administrator, Aragon Ventures LLC
+privacy@aragon.ventures
+```
+
+or write to:
+
+```
+Aragon Ventures LLC
+PO Box 201
+Anoka, MN 55303
+United States
+```
+
+For all other inquiries, you can contact the team via methods described on our [contact page]({{ site.production_url }}/contact/).
+
+For complaints under GDPR more generally, European Union users may lodge complaints with their local data protection supervisory authorities.
+
+## How can I find out about changes to this document?
+
+This version of our privacy statement took effect October 9th, 2019.
+
+We will post any new versions of this statement at [{{ site.production_url }}/privacy/]({{ site.production_url }}/privacy/). We may change how we announce changes in future versions of this document. In the meantime we may update our contact information at any time without announcing a change. Please refer to [{{ site.production_url }}/privacy/]({{ site.production_url }}/privacy/) for the latest contact information at any time.
+
+A full [revision history](https://github.com/privacytools/privacytools.io/commits/master/pages/privacy.md) for this page can be found on GitHub.
diff --git a/pages/providers.html b/pages/providers.html
new file mode 100644
index 00000000..e78f9a4a
--- /dev/null
+++ b/pages/providers.html
@@ -0,0 +1,30 @@
+---
+layout: page
+permalink: /providers/
+title: "Providers"
+description: "There's a ton of people providing services online. Discover which ones you should avoid and our recommendations for a variety of services."
+---
+
+
Services
+
+
Click on whatever service you need to view our recommendations.
+
+{% include sections/fourteen-eyes.html %}
+
+{% include sections/key-disclosure-law.html %}
+
+{% include sections/warrant-canary.html %}
diff --git a/pages/providers/dns.html b/pages/providers/dns.html
new file mode 100644
index 00000000..a8d1196d
--- /dev/null
+++ b/pages/providers/dns.html
@@ -0,0 +1,10 @@
+---
+layout: page
+permalink: /providers/dns/
+title: "Encrypted DNS Resolvers"
+description: "Don't let Google see all your DNS traffic. Discover privacy-centric alternatives to the traditional DNS providers."
+breadcrumb: "DNS"
+---
+
+{% include sections/dns.html %}
+
diff --git a/pages/providers/email.html b/pages/providers/email.html
new file mode 100644
index 00000000..ac9a6f64
--- /dev/null
+++ b/pages/providers/email.html
@@ -0,0 +1,270 @@
+---
+layout: page
+permalink: /providers/email/
+title: "Private Email Providers"
+description: "Find a secure email provider that will keep your privacy in mind. Don't settle for ad-supported platforms. Never trust any company with your privacy, always encrypt."
+---
+
+{% include sections/email-warning.html %}
+
+{% include sections/email-providers.html %}
+
+
+
Our Email Provider Criteria
+
+
Please note we are not affiliated with any of the providers we recommend. This allows us to provide completely objective recommendations. We have developed a clear set of requirements for any Email provider wishing to be recommended, including implementing industry best practices, modern technology and more. We suggest you familiarize yourself with this list before choosing an Email provider, and conduct your own research to ensure the Email provider you choose is the right choice for you.
+
+
+
+
+
{% include badge.html color="info" text="Jurisdiction" %}
+
Operating outside the five/nine/fourteen-eyes countries is not necessarily a guarantee of privacy, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on global mass surveillance and avoiding the US and UK to learn more about why we feel this is important.
+
+
+
Minimum to Qualify:
+
+
Operating outside the USA or other Five Eyes countries.
+
+
+
+
Best Case:
+
+
Operating outside the USA or other Fourteen Eyes countries.
+
Operating inside a country with strong consumer protection laws.
+
+
+
+
+
{% include badge.html color="info" text="Technology" %}
+
We regard these features as important in order to provide a safe and optimal service to users. Users should consider the provider which has the features they require.
+
+
+
Minimum to Qualify:
+
+
Encrypts account data at rest.
+
Integrated webmail encryption provides convenience to users who want improve on having no E2EE encryption.
+
+
+
+
Best Case:
+
+
Encrypts account data at rest with zero-access encryption.
+
Allow users to use their own domain name. Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad, be acquired by another company which doesn't prioritize privacy etc.
+
Support for WKD to allow improved discovery of public OpenPGP keys via HTTP. GnuPG users can get a key by typing: gpg --locate-key example_user@example.com
+
Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
+
Availability of the email provider's services via an onion service.
Use of standard email access protocols such as IMAP, SMTP or JMAP. Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
+
+
+
+
+
{% include badge.html color="info" text="Privacy" %}
+
We prefer our recommended providers to collect as little data as possible.
+
+
+
Minimum to Qualify:
+
+
Protect sender's IP address. Filter it from showing in the Received header field.
+
Don't require personally identifiable information (PII) besides username and password.
+
Privacy policy that meets the requirements defined by the GDPR
+
+
+
+
Best Case:
+
+
Accepts Bitcoin, cash, and other forms of cryptocurrency and/or anonymous payment options (gift cards, etc.)
+
+
+
+
+
{% include badge.html color="info" text="Security" %}
+
Email servers deal with a lot of very sensitive data. We expect that providers will adopt best industry practices in order to protect their users.
No TLS errors/vulnerabilities when being profiled by tools such as Hardenize, testssl.sh or Qualys SSL Labs, this includes certificate related errors, poor or weak ciphers suites, weak DH parameters such as those that led to Logjam.
Support for hardware authentication, ie U2F and WebAuthn. U2F and WebAuthn are more secure as they use a private key stored on a client-side hardware device to authenticate users, as opposed to a shared secret that is stored on the web server and on the client side when using TOTP. Furthermore, U2F and WebAuthn are more resistant to phishing as their authentication response is based on the authenticated domain name.
+
Zero access encryption, builds on encryption at rest. The difference being the provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
{% include badge.html color="info" text="Trust" %}
+
You wouldn't trust your finances to someone with a fake identity, so why trust them with your email? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.
+
+
+
Minimum to Qualify:
+
+
Public-facing leadership or ownership.
+
+
+
+
Best Case:
+
+
Public-facing leadership.
+
Frequent transparency reports.
+
+
+
+
+
{% include badge.html color="info" text="Marketing" %}
+
With the email providers we recommend we like to see responsible marketing.
+
+
+
Minimum to Qualify:
+
+
Must self host analytics (no Google Analytics etc). The provider's site must also comply with DNT (Do Not Track) for those users who want to opt-out.
+
+
Must not have any marketing which is irresponsible:
+
+
Claims of "unbreakable encryption". Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
+
Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, e.g.:
+
+
Reusing personal information e.g. (email accounts, unique pseudonyms etc) that they accessed without anonymity software (Tor, VPN etc)
Clear and easy to read documentation. This includes things like, setting up 2FA, email clients, OpenPGP, etc.
+
+
+
+
+
{% include badge.html color="info" text="Additional Functionality" %}
+
While not strictly requirements, there are some factors we looked into when determining which providers to recommend.
+
+
+
+
+
+
Email encryption
+
+
+
+
What is end-to-end encryption (E2EE) encryption in email?
+
End-to-end encryption (E2EE) is a way of encrypting email contents so that nobody but the recipient(s) can read the email message.
+
How can I encrypt my email?
+
The standard way to do email E2EE and have it work between different email providers is with OpenPGP. There are different implementations of the OpenPGP standard, the most common being GnuPG and OpenPGP.js.
Email providers which allow you to use standard access protocols like IMAP and SMTP can be used with any of the email clients we recommend. This can be less secure as you are now relying on email providers to ensure that their encryption implementation works and has not been compromised in anyway.
+
+
+
How do I protect my private keys?
+
A smartcard (such as a Yubikey or Nitrokey) works by receiving an encrypted email message from a device (phone, tablet, computer etc) running an email/webmail client. The message is then decrypted by the smartcard and the decrypted content is sent back to the device.
+
It is advantageous for the decryption to occur on the smartcard so as to avoid possibly exposing your private key to a compromised device.
+
+
+
+
+
Email metadata
+
+
+
+
Who can see the email metadata?
+
Email metadata is able to be seen by your email client software (or webmail) and any servers relaying the message from you to any recipients. Sometimes email servers will also use external parties to protect against spam.
+
What is email metadata?
+
Email software will often show some visible headers that you may have seen such as: To, From, Cc, Date, Subject.
+
+
When is email metadata used?
+
Client software may use it to show who a message is from and what time it was received. Servers may use it to determine where an email message must be sent, among other purposes not transparent to the user.
+
+
+
Where is the email metadata?
+
Email metadata is stored in the message header of the email message.
+
Why can't email metadata be E2EE?
+
Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally and is also optional, therefore, only the message content is protected.
+
How is my metadata protected?
+
When emails travel between email providers an encrypted connection is negotiated using Opportunistic TLS. This protects the metadata from outside observers, but as it is not E2EE, server administrators can snoop on the metadata of an email.
Advanced users may consider setting up their own email server. Mailservers require attention and continuous maintenance in order to keep things secure and mail delivery reliable.
Mail-in-a-Box is an automated setup script for deploying a mail server on Ubuntu. Its goal is to make it easier for users to set up their own mail server.
Mailcow is a more advanced mail server perfect for those with a bit more Linux experience. It has everything you need in a Docker container: A mailserver with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support. Mailcow Dockerized docs
+
+
For a more manual approach we've picked out these two articles.
diff --git a/pages/providers/hosting.html b/pages/providers/hosting.html
new file mode 100644
index 00000000..29d1d407
--- /dev/null
+++ b/pages/providers/hosting.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /providers/hosting/
+title: "Web Hosting"
+description: "Find a web hosting provider that won't track your visitors or give into government data requests."
+---
+
+{% include sections/hosting-provider.html %}
diff --git a/pages/providers/paste.html b/pages/providers/paste.html
new file mode 100644
index 00000000..1a852648
--- /dev/null
+++ b/pages/providers/paste.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /providers/paste/
+title: "Pastebin hosting services"
+description: "Find a pastebin provider that won't read your content to share sensitive code or other information."
+---
+
+{% include sections/paste-services.html %}
diff --git a/pages/providers/search-engines.html b/pages/providers/search-engines.html
new file mode 100644
index 00000000..f466421a
--- /dev/null
+++ b/pages/providers/search-engines.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /providers/search-engines/
+title: "Search Engines"
+description: "Find a search engine that doesn't track your queries or build an advertising profile based on your searches."
+---
+
+{% include sections/search-engines.html %}
diff --git a/pages/providers/social-networks.html b/pages/providers/social-networks.html
new file mode 100644
index 00000000..6c4bbdeb
--- /dev/null
+++ b/pages/providers/social-networks.html
@@ -0,0 +1,23 @@
+---
+layout: page
+permalink: /providers/social-networks/
+title: "Social Networks"
+description: "Find a social network that doesn't pry into your data or monetize your profile."
+---
+
+{% include sections/social-networks.html %}
+
+
Stop using Facebook - A curated list of reasons to stop using Facebook and how to do it.
+
diff --git a/pages/providers/social-news-aggregator.html b/pages/providers/social-news-aggregator.html
new file mode 100644
index 00000000..a37354ad
--- /dev/null
+++ b/pages/providers/social-news-aggregator.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /providers/social-news-aggregator/
+title: "Social News Aggregator"
+description: "Stay up-to-date with privacy-respecting online bulletin boards."
+---
+
+{% include sections/social-news-aggregator.html %}
diff --git a/pages/providers/storage.html b/pages/providers/storage.html
new file mode 100644
index 00000000..a71ec8dc
--- /dev/null
+++ b/pages/providers/storage.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /providers/cloud-storage/
+title: "Cloud Storage"
+description: "Find a cloud storage provider that won't look through your files."
+---
+
+{% include sections/cloud-storage.html %}
diff --git a/pages/providers/video.html b/pages/providers/video.html
new file mode 100644
index 00000000..21fb82c5
--- /dev/null
+++ b/pages/providers/video.html
@@ -0,0 +1,10 @@
+---
+layout: page
+permalink: /providers/video/
+title: "Video Platforms"
+description: "Find a platform to watch and host videos that doesn't pry into your data or monetize your profile."
+---
+
+{% include sections/decentralized-video.html %}
+
+{% include sections/video-frontends.html %}
diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html
new file mode 100644
index 00000000..2116e6b3
--- /dev/null
+++ b/pages/providers/vpn.html
@@ -0,0 +1,297 @@
+---
+layout: page
+permalink: /providers/vpn/
+title: "VPN Services"
+description: "Find a no-logging VPN operator who isn't out to sell or read your web traffic."
+breadcrumb: "VPN"
+---
+
+
+
Warning
+
+
Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.
+
If you are looking for anonymity, you should use the Tor Browser instead of a VPN.
+
If you're looking for added security, you should always ensure you're connecting to websites using encrypted DNS and HTTPS. A VPN is not a replacement for good security practices.
+
If you're looking for additional privacy from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand the risks involved.
Please note we are not affiliated with any of the providers we recommend. This allows us to provide completely objective recommendations. We have developed a clear set of requirements for any VPN provider wishing to be recommended, including strong encryption, independent security audits, modern technology, and more. We suggest you familiarize yourself with this list before choosing a VPN provider, and conduct your own research to ensure the VPN provider you choose is as trustworthy as possible.
+
+
+
+
+
{% include badge.html color="info" text="Jurisdiction" %}
+
Operating outside the five/nine/fourteen-eyes countries is not a guarantee of privacy necessarily, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on global mass surveillance and avoiding the US and UK to learn more about why we feel this is important.
+
+
+
Minimum to Qualify:
+
+
Operating outside the USA or other Five Eyes countries.
+
+
+
+
Best Case:
+
+
Operating outside the USA or other Fourteen Eyes countries.
+
Operating inside a country with strong consumer protection laws.
+
+
+
+
+
{% include badge.html color="info" text="Technology" %}
+
We require all our recommended VPN providers to provide OpenVPN configuration files to be used in any client. If a VPN provides their own custom client, we require a killswitch to block network data leaks when disconnected.
+
+
+
Minimum to Qualify:
+
+
OpenVPN support.
+
Killswitch built in to clients.
+
If VPN clients are provided, they should be open source, like the VPN software they generally have built into them. We believe that source code availability provides greater transparency to the user about what their device is actually doing. We like to see these applications available in F-Droid.
+
+
+
+
Best Case:
+
+
OpenVPN and WireGuard support.
+
Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)
+
Easy-to-use VPN clients
+
Supports IPv6. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.
+
Capability of remote port forwarding assists in creating connections when using P2P (Peer-to-Peer) filesharing software, Freenet, or hosting a server (e.g., Mumble).
+
+
+
+
+
{% include badge.html color="info" text="Privacy" %}
+
We prefer our recommended providers to collect as little data as possible. Not collecting personal information on registration, and accepting anonymous forms of payment are required.
+
+
+
Minimum to Qualify:
+
+
Bitcoin or cash payment option.
+
No personal information required to register: Only username, password, and email at most.
+
+
+
+
Best Case:
+
+
Accepts Bitcoin, cash, and other forms of cryptocurrency and/or anonymous payment options (gift cards, etc.)
+
No personal information accepted (autogenerated username, no email required, etc.)
+
+
+
+
+
{% include badge.html color="info" text="Security" %}
+
A VPN is pointless if it can't even provide adequate security. We require all our recommended providers to abide by current security standards for their OpenVPN connections. Ideally, they would use more future-proof encryption schemes by default. We also require an independent third-party to audit the provider's security, ideally in a very comprehensive manner and on a repeated (yearly) basis.
+
+
+
Minimum to Qualify:
+
+
Strong Encryption Schemes: OpenVPN with SHA-256 authentication; RSA-2048 or better handshake; AES-256-GCM or AES-256-CBC data encryption.
+
Perfect Forward Secrecy (PFS).
+
Published security audits from a reputable third-party firm.
+
+
+
+
Best Case:
+
+
Strongest Encryption: RSA-4096.
+
Perfect Forward Secrecy (PFS).
+
Comprehensive published security audits from a reputable third-party firm.
+
Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
+
+
+
+
+
{% include badge.html color="info" text="Trust" %}
+
You wouldn't trust your finances to someone with a fake identity, so why trust them with your internet data? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.
+
+
+
Minimum to Qualify:
+
+
Public-facing leadership or ownership.
+
+
+
+
Best Case:
+
+
Public-facing leadership.
+
Frequent transparency reports.
+
+
+
+
+
{% include badge.html color="info" text="Marketing" %}
+
With the VPN providers we recommend we like to see responsible marketing.
+
+
+
Minimum to Qualify:
+
+
Must self host analytics (no Google Analytics etc). The provider's site must also comply with DNT (Do Not Track) for those users who want to opt-out.
+
+
+
Must not have any marketing which is irresponsible:
+
+
Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, eg:
+
+
Reusing personal information eg. (email accounts, unique pseudonyms etc) that they accessed without anonymity software (Tor, VPN etc)
Claim that a single circuit VPN is "more anonymous" than Tor, which is a circuit of 3 or more hops that regularly changes.
+
Use responsible language, eg it is okay to say that a VPN is "disconnected" or "not connected", however claiming that a user is "exposed", "vulnerable" or "compromised" is needless use of alarming language that may be incorrect. For example the visiting user might be on another VPN provider's service or using Tor.
+
+
+
+
Best Case:
+
Responsible marketing that is both educational and useful to the consumer could include:
Availability of the VPN provider's website over a .onion Hidden Service
+
+
+
+
+
{% include badge.html color="info" text="Additional Functionality" %}
+
While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.
+
+
+
+
+
+
Further Information and Dangers
+
+
+
+
+
Should I use a VPN?
+
The answer to this question is not a particularly helpful one: It depends. It depends on what you're expecting a VPN to do for you, who you're trying to hide your traffic from, and what applications you're using.
+
In most cases, VPNs do little to protect your privacy or enhance your security, unless paired with other changes.
+
VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
+
What if I need encryption?
+
In most cases, most of your traffic is already encrypted! Over 98% of the top 3000 websites offer HTTPS, meaning your non-DNS traffic is safe regardless of using a VPN. It is incredibly rare for applications that handle personal data to not support HTTPS in 2019, especially with services like Let's Encrypt offering free HTTPS certificates to any website operator.
+
Even if a site you visit doesn't support HTTPS, a VPN will not protect you, because a VPN cannot magically encrypt the traffic between the VPN's servers and the website's servers. Installing an extension like HTTPS Everywhere and making sure every site you visit uses HTTPS is far more helpful than using a VPN.
+
Should I use encrypted DNS with a VPN?
+
The answer to this question is also not very helpful: it depends. Your VPN provider may have their own DNS servers, but if they don't, the traffic between your VPN provider and the DNS server isn't encrypted. You need to trust the encrypted DNS provider in addition to the VPN provider and unless your client and target server support encrypted SNI, the VPN provider can still see which domains you are visiting.
+
However you shouldn't use encrypted DNS with Tor. This would direct all of your DNS requests through a single circuit, and would allow the encrypted DNS provider to deanonymize you.
+
What if I need anonymity?
+
VPNs cannot provide strong anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data.
+
+
+
Shouldn't I hide my IP address?
+
The idea that your IP address is sensitive information, or that your location is given away with all your internet traffic is fearmongering on the part of VPN providers and their marketing. Your IP address is an insignificant amount of personal data tracking companies use to identify you, because many users' IP addresses change very frequently (Dynamic IP addresses, switching networks, switching devices, etc.). Your IP address also does not give away more than the very generalized location of your Internet Service Provider. It does not give away your home address, for example, despite common perception.
+
Should I use Tor and a VPN?
+
By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides 0 additional benefit to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. Read more about Tor bridges and why using a VPN is not necessary.
+
Are VPNs ever useful?
+
A VPN may still be useful to you in a variety of scenarios, such as:
+
+
Hiding your traffic from only your Internet Service Provider.
+
Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
+
+
For use cases like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're trusting the provider. In pretty much any other scenario you should be using a secure-by-design tool such as Tor.
+ Free VPN App Investigation
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"
+ tooltip="This site has affiliate based recommendations. They get paid for referring visitors to specific VPN providers."
+ text="Affiliate program"
+ %}
+
+
+ Hidden VPN owners unveiled: 101 VPN products run by just 23 companies
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"
+ tooltip="This site has affiliate based recommendations. They get paid for referring visitors to specific VPN providers."
+ text="Affiliate program"
+ %}
+
+
+ This Chinese company is secretly behind 24 popular apps seeking dangerous permissions
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"
+ tooltip="This site has affiliate based recommendations. They get paid for referring visitors to specific VPN providers."
+ text="Affiliate program"
+ %}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
VPN Related breaches - why external auditing is important!
diff --git a/pages/services/chat.html b/pages/services/chat.html
new file mode 100644
index 00000000..56aaa20d
--- /dev/null
+++ b/pages/services/chat.html
@@ -0,0 +1,104 @@
+---
+layout: default
+permalink: /services/chat/
+title: "Matrix"
+description: "chat.privacytools.io is our official Matrix homeserver. You can register a user account on this homeserver using any Matrix client, no email required."
+---
+
+{% include breadcrumbs.html %}
+
+
+
Matrix
+
chat.privacytools.io is our official Matrix homeserver.
+
+
You can register a user account on this homeserver using any Matrix client, no email required. However, you do not need to be a member of this homeserver to join our rooms, and choosing a smaller instance or buying or hosting your own will help promote decentralization and performance on Matrix!
To register on or connect to our homeserver, simply use https://chat.privacytools.io as the homeserver in your Matrix client.
+
You must read and accept our community code of conduct before joining our rooms or using our services.
+
+{%
+ include cardv2.html
+ title="Element"
+ image="/assets/img/svg/3rd-party/element.svg"
+ description='Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.'
+ labels="text==VoIP"
+ website="https://element.io"
+ privacy-policy="https://element.io/privacy"
+ forum="https://forum.privacytools.io/t/discussion-element-io/665"
+ github="https://github.com/vector-im/element-web"
+ windows="https://element.io/get-started"
+ mac="https://element.io/get-started"
+ linux="https://element.io/get-started"
+ fdroid="https://f-droid.org/packages/im.vector.app/"
+ googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
+ ios="https://apps.apple.com/app/vector/id1083446067"
+ web="https://app.element.io"
+%}
+
+
If you're asked to enter a custom homeserver URL in a Matrix client, enter https://chat.privacytools.io, not privacytools.io or element.privacytools.io. You do not need to change your identity server, in fact https://vector.im is the only functional one, by design.
+
+
These details will be autofilled for you in most clients if you enter your full username (e.g. @alice:privacytools.io rather than alice) into the username field. In general it is preferable to do that rather than trying to remember what the homeserver URL is.
+
+
Frequently Asked Questions
+
+
Is #general:privacytools.io or #privacy:privacytools.io chat end-to-end encrypted?
+
No. Messages sent to the #general chat are encrypted from with client-to-server encryption, i.e. HTTPS. This means that your messages can't be viewed by an attacker on your network, or your ISP, etc. However, because this is a public chat room anybody can view your messages if they are a member, and newcomers will be able to see all message history. Do not say anything in rooms that don't use End-to-End (E2E) encryption that you wouldn't want tied to you personally.
+
+
Isn't Matrix behind Cloudflare?
+
The default matrix.org homeserver is behind Cloudflare. The PrivacyTools homeserver is not.
+
+
Isn't Matrix slow?
+
It can be, for some! Due to the trememdous amount of people registering on the matrix.org homeserver, it is often overloaded and occasionally slow to respond. Therefore, users on that homeserver occasionally report a less than ideal chat experience. If that's you, you can fix this problem by switching to another homeserver. Good alternatives include...
+
+
ours of course, at chat.privacytools.io, you're here right?
running your own by installing Synapse — certainly the best option for the technically inclined!
+
+
Note that at time of writing, switching homeservers requires re-registering with another account at that server, as nomadic identities haven't been implemented yet.
+
+
What happens when I remove a message in Element?
+
Your homeserver will send a removal request for that message and some clients will render it as a black line, but by editing the source it's possibly for homeserver to not respect it and do nothing. If the room is bridged to protocols that don't support message removals (IRC, XMPP), their users see nothing happening. Don’t say anything you wouldn’t want to remain in the chat forever.
+
+
Why do XMPP users keep joining and leaving all the time?
I'm not using the PrivacyTools homeserver, can I find PrivacyTools rooms in Element?
+
Yes! Open the room explorer (compass icon on Element desktop), click the server selection drop down next to the search bar, click "Add a new server", type privacytools.io, and click Add. You should then be able to view and search through rooms that the PrivacyTools server is aware of. Note that not every room hosted on PrivacyTools is affiliated with or moderated by the PrivacyTools team.
+
+
Rooms
+
To join a room, just type /join [room address] in any room. You can run this command from any server, not just ours!
+
The PrivacyTools administration operates the following channels:
+
+
#dev:privacytools.io: Discussions relating to building www.privacytools.io.
+
#forum:privacytools.io: All PrivacyTools Forum updates (Automated).
+
#general:privacytools.io: Main discussion room.
+
#github:privacytools.io: GitHub updates for @privacytools (Automated).
+
#guides:privacytools.io: Privacy Guides development work.
+
#privacy:privacytools.io: On-topic privacy, security, opsec discussion and support.
#nothing_to_hide:privacytools.io: More general privacy chat.
+
#_oftc_#Tor-Project:matrix.org: Official Tor Project chat room!
+
#plume:disroot.org: Discussion for Plume: Federated blogging.
+
#element-android:matrix.org: Element Android discussion and support.
+
#element-ios:matrix.org: Element iOS discussion and support.
+
#element-web:matrix.org: Element Web/Desktop discussion and support.
+
+
If you are a room operator and want your room listed here, feel free to contact us. Especially if you operate a large room and/or are a member of our homeserver!
+
We do not necessarily endorse any of the content in these listed rooms.
+
+
Contact
+
For server related issues, the administrator of this homeserver is Jonah, who can be reached on Matrix at @jonah:privacytools.io.
+
For moderation related issues or anything else, you can contact Jonah or anyone in the team (listed in the +team:privacytools.io community) via Matrix, or via email at support@privacytools.io.
diff --git a/pages/services/services.html b/pages/services/services.html
new file mode 100644
index 00000000..fe374139
--- /dev/null
+++ b/pages/services/services.html
@@ -0,0 +1,43 @@
+---
+layout: page
+permalink: /services/
+title: "Services from PrivacyTools"
+description: "The PrivacyTools team is proud to introduce a suite of privacy-centric online services to connect you with other privacy-minded individuals and stay safe and secure online. No advertisers, no Google Analytics, no tracking, no third-party requests of any kind."
+---
+
+
We currently have the following free-to-use services online now.
More services are on the way. If there's something that would be super beneficial for us to run, don't hesitate to reach out and ask. And of course, if you like our services, please consider donating to support our server costs, any donation helps!
We are providing these services because we believe in decentralized and federated networks, and free and open source software. The tools we host are a great and convenient entry-point to these services like Matrix, Mastodon, and WriteFreely. We hope that we are able to spur the adoption of these alternative networks, and we strongly believe all of our services are far better than traditional providers, such as Twitter, Facebook, and Google.
+
However, as with any hosted, online service, remember that using our services involves risks that may or may not be acceptable to you. Using online services requires trust in the service provider. We don't know of any surefire way to evaluate a provider for privacy, or provide a service that we can guarantee is operating in a privacy-respecting way. Of course we strive to provide the best services possible for our community, but at the end of the day this involves you trusting us and the system administrators that host our services.
+
As always, never trust a service provider with sensitive information, even if they are trustworthy.
+
We also recommend you don't centralize all your online activity around a single provider's services (such as ours). This is because it is not a good idea to give a single party control over everything you do online.
+
We highly recommend hosting your own services whenever possible. Not only is it a fantastic learning experience, but it allows you to have services entirely in your control. There are a number of great resources available, including...
You can also join us on Matrix at #general:privacytools.io and ask around! We are always happy to help you start hosting your own services.
+
The services we provide here are for the benefit of our community, and we collect as little data as possible. But it is a convenience more than a recommendation. You should always avoid trusting others with your information, and always encrypt.
diff --git a/pages/software.html b/pages/software.html
new file mode 100644
index 00000000..4e08ad12
--- /dev/null
+++ b/pages/software.html
@@ -0,0 +1,24 @@
+---
+layout: page
+permalink: /software/
+title: "Software"
+description: "Discover a variety of open-source software built to protect your privacy and keep your digital data secure."
+---
+
+
Click on whatever software you need to view our recommendations.
diff --git a/pages/software/cal-card.html b/pages/software/cal-card.html
new file mode 100644
index 00000000..70cecdd0
--- /dev/null
+++ b/pages/software/cal-card.html
@@ -0,0 +1,9 @@
+---
+layout: page
+permalink: /software/calendar-contacts/
+title: "Calendar and Contact Sync Tools"
+description: "Discover free, open-source, and secure ways to sync your contacts and calendars across your devices."
+breadcrumb: "Calendar and Contacts"
+---
+
+{% include sections/calendar-contacts-sync.html %}
diff --git a/pages/software/cloud.html b/pages/software/cloud.html
new file mode 100644
index 00000000..c14b8938
--- /dev/null
+++ b/pages/software/cloud.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /software/cloud/
+title: "Self Hosted \"Cloud\""
+description: "Discover how to securely and privately self-host your cloud with open-source software."
+---
+
+{% include sections/selfhosted-cloud.html %}
diff --git a/pages/software/email.html b/pages/software/email.html
new file mode 100644
index 00000000..1ce7dd68
--- /dev/null
+++ b/pages/software/email.html
@@ -0,0 +1,11 @@
+---
+layout: page
+permalink: /software/email/
+title: "Email Clients"
+description: "Discover free, open-source, and secure email clients, along with some email alternatives you may not have considered."
+---
+
+{% include sections/email-warning.html %}
+
+{% include sections/email-clients.html %}
+
diff --git a/pages/software/encryption.html b/pages/software/encryption.html
new file mode 100644
index 00000000..18cbd06a
--- /dev/null
+++ b/pages/software/encryption.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /software/encryption-tools/
+title: "Encryption Tools"
+description: "Discover free, open-source, and secure ways to encrypt your sensitive data to keep it from prying eyes."
+---
+
+{% include sections/file-encryption.html %}
diff --git a/pages/software/file-sharing.html b/pages/software/file-sharing.html
new file mode 100644
index 00000000..cd3e83db
--- /dev/null
+++ b/pages/software/file-sharing.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /software/file-sharing/
+title: "File Sharing"
+description: "Discover how to share your files with your friends and family or anonymously, without a middleman."
+---
+
+{% include sections/file-sharing.html %}
diff --git a/pages/software/file-sync.html b/pages/software/file-sync.html
new file mode 100644
index 00000000..54012237
--- /dev/null
+++ b/pages/software/file-sync.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /software/file-sync/
+title: "File Sync"
+description: "Discover free, open-source, and secure ways to sync your files across your devices."
+---
+
+{% include sections/file-sync.html %}
diff --git a/pages/software/networks.html b/pages/software/networks.html
new file mode 100644
index 00000000..aa86cb7f
--- /dev/null
+++ b/pages/software/networks.html
@@ -0,0 +1,15 @@
+---
+layout: page
+permalink: /software/networks/
+title: "Self-Contained Networks"
+description: "If you are currently browsing clearnet and want to access the dark web, this section is for you."
+hidedesc: true
+---
+
+{% include sections/self-contained-networks.html %}
+
+
diff --git a/pages/software/productivity.html b/pages/software/productivity.html
new file mode 100644
index 00000000..d9f2f913
--- /dev/null
+++ b/pages/software/productivity.html
@@ -0,0 +1,8 @@
+---
+layout: page
+permalink: /software/productivity/
+title: "Productivity Tools"
+description: "Get working and collaborating without sharing your documents with a middleman or trusting a cloud provider."
+---
+
+{% include sections/productivity-tools.html %}
diff --git a/pages/software/real-time-communication.html b/pages/software/real-time-communication.html
new file mode 100644
index 00000000..69285c20
--- /dev/null
+++ b/pages/software/real-time-communication.html
@@ -0,0 +1,91 @@
+---
+layout: page
+permalink: /software/real-time-communication/
+title: "Real-Time Communication"
+description: "Discover secure and private ways to communicate with others online without letting any third parties read your messages."
+---
+
+{% include sections/instant-messenger.html %}
+
+
+
+
+
+ Recent news about breaking E2EE on centralized instant messengers
+
A massive thank you to the following organization-level sponsors of {{ site.name }}, who pledge $250+:
+
+
+ {% include sponsors/gold.html %}
+
+
+
The {{ site.name }} website and services are a community project. There is no advertising, affiliate links, or other forms of monetization. Your donations here directly support hosting this website and compensating contributors to this project.
These individuals and organizations pledge $100 - $249 to the organization.
+
+
+ {% include sponsors/silver.html %}
+
+
+
Backers
+
These individuals and organizations pledge $10 - $99 to the organization.
+{% include sponsors/list.html %}
+
+
Why sponsor {{ site.name }}?
+
This sponsorship program is designed to allow companies, organizations, and individuals partner with the {{ site.name }} team to support our vision of a more privacy-respecting internet and the greater online community.
+
With this exposure and sponsorship, your customers will recognize your intrinsic understanding and commitment to user privacy. Moreover, you'll directly contribute to our mission of spreading privacy-respecting tools and knowledge worldwide!
+
At PrivacyTools, we believe in...
+
+
Privacy, of course. Privacy gives you as a user control over how your information is used and spread online. Trustworthy and secure products and services are the key to that future.
+
Security. We believe services cannot provide privacy at all without being secure. Strong encryption is the only way to prevent malicious actors from snooping in on our communications.
+
Freedom. The right to express your opinion online without interference or surveillance is the only way we can grow as a society, and privacy-respecting tools should foster that growth.
+
+
We reserve the right or deny all sponsors from receiving the benefits detailed below if we believe that your organization or product is not aligned with our key values. Therefore, if you are interested in sponsoring our project, please first email sponsors@privacytools.io so we may discuss further.
+
As a sponsor of {{ site.name }}, your company will be widely recognized in a variety of ways, some of which we've detailed below.
+
General Information
+
This website receives well over 250,000 pageviews on a monthly basis and is highly ranked for privacy-related keywords. In addition to the benefits below your contribution will be featured on our OpenCollective page and we will thank you via social media for your contribution.
+
Please note that this page is updated manually, and while we're generally on top of things, please don't hesitate to reach out to sponsors@privacytools.io if you think we've missed something :)
+
Backers - $10–$24
+
+
Your name added to the list of sponsors on this page.
+
+
Highlighted Backers - $25–$99
+
+
Your name in bold at the top of our general sponsors list.
+
+
Advocates - $100–$249
+
+
Your square logo, name, and link above the general sponsors list.
+
+
Organizations - $250+
+
+
Your medium-sized logo as a prominent link on our homepage and at the very top of our sponsors page.
+
+
We will not provide...
+
We pride ourselves on our integrity and commitment to spreading unbiased and fact-based information regarding privacy and privacy-respecting tools. All tools we recommend throughout our website are subject to strict criteria as judged by our team and the community across our various platforms. Your sponsorship will not grant your organization any special consideration when choosing our recommendations throughout the website, a process which we make clear via our transparent ledger on OpenCollective and our public discussions on GitHub. Your sponsorship benefits are limited to those outlined above.
+
Tax and Financial Information
+
Your contribution to {{ site.name }} will be handled by the Open Collective Foundation 501(c)(3). For US companies and taxpayers, this means your contribution is likely tax deductible, but you should consult with your accountant regarding your specific circumstances. As a non-profit, your sponsorship contribution will not be used for private profit and will only be used to cover expenses incurred by the project. All of our transactions (donations and expenses) are published transparently on OpenCollective. For the benefit of our readership, anonymous contributions will not be eligible for the sponsorship opportunities outlined above.
+
More Information
+
If you are interested and have further questions, you are welcome to reach out to us directly at sponsors@privacytools.io.