diff --git a/blog/assets/images/choosing-the-right-messenger/cover.png b/blog/assets/images/choosing-the-right-messenger/cover.png
deleted file mode 100644
index 0137cb73..00000000
Binary files a/blog/assets/images/choosing-the-right-messenger/cover.png and /dev/null differ
diff --git a/blog/assets/images/choosing-the-right-messenger/cover.webp b/blog/assets/images/choosing-the-right-messenger/cover.webp
new file mode 100644
index 00000000..604cc670
Binary files /dev/null and b/blog/assets/images/choosing-the-right-messenger/cover.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-calendar.webp b/blog/assets/images/cryptpad-review/cryptpad-calendar.webp
new file mode 100644
index 00000000..77c7ad97
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-calendar.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-code.webp b/blog/assets/images/cryptpad-review/cryptpad-code.webp
new file mode 100644
index 00000000..62c406dc
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-code.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-cover.webp b/blog/assets/images/cryptpad-review/cryptpad-cover.webp
new file mode 100644
index 00000000..386819d6
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-cover.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-creatingfile.webp b/blog/assets/images/cryptpad-review/cryptpad-creatingfile.webp
new file mode 100644
index 00000000..a3bba746
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-creatingfile.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-deletingfiles.webp b/blog/assets/images/cryptpad-review/cryptpad-deletingfiles.webp
new file mode 100644
index 00000000..3d589d50
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-deletingfiles.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-diagram.webp b/blog/assets/images/cryptpad-review/cryptpad-diagram.webp
new file mode 100644
index 00000000..642b7879
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-diagram.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-document.webp b/blog/assets/images/cryptpad-review/cryptpad-document.webp
new file mode 100644
index 00000000..055b33ea
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-document.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-filetypes.webp b/blog/assets/images/cryptpad-review/cryptpad-filetypes.webp
new file mode 100644
index 00000000..489ba677
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-filetypes.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-form.webp b/blog/assets/images/cryptpad-review/cryptpad-form.webp
new file mode 100644
index 00000000..61af3b6a
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-form.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-kanban.webp b/blog/assets/images/cryptpad-review/cryptpad-kanban.webp
new file mode 100644
index 00000000..b32bf8eb
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-kanban.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-login.webp b/blog/assets/images/cryptpad-review/cryptpad-login.webp
new file mode 100644
index 00000000..10137f0a
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-login.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-markdown.webp b/blog/assets/images/cryptpad-review/cryptpad-markdown.webp
new file mode 100644
index 00000000..a02be715
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-markdown.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-presentation.webp b/blog/assets/images/cryptpad-review/cryptpad-presentation.webp
new file mode 100644
index 00000000..67ece6b1
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-presentation.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-profile.webp b/blog/assets/images/cryptpad-review/cryptpad-profile.webp
new file mode 100644
index 00000000..bf5ecb69
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-profile.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-richtext.webp b/blog/assets/images/cryptpad-review/cryptpad-richtext.webp
new file mode 100644
index 00000000..c3ba96c3
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-richtext.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-sheet.webp b/blog/assets/images/cryptpad-review/cryptpad-sheet.webp
new file mode 100644
index 00000000..5ffd7c5d
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-sheet.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-trackingchanges.webp b/blog/assets/images/cryptpad-review/cryptpad-trackingchanges.webp
new file mode 100644
index 00000000..4b003d48
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-trackingchanges.webp differ
diff --git a/blog/assets/images/cryptpad-review/cryptpad-whiteboard.webp b/blog/assets/images/cryptpad-review/cryptpad-whiteboard.webp
new file mode 100644
index 00000000..f3e1df74
Binary files /dev/null and b/blog/assets/images/cryptpad-review/cryptpad-whiteboard.webp differ
diff --git a/blog/assets/images/delisting-startpage/cover.png b/blog/assets/images/delisting-startpage/cover.png
deleted file mode 100644
index a66a2bcf..00000000
Binary files a/blog/assets/images/delisting-startpage/cover.png and /dev/null differ
diff --git a/blog/assets/images/delisting-startpage/cover.webp b/blog/assets/images/delisting-startpage/cover.webp
new file mode 100644
index 00000000..971e6ddb
Binary files /dev/null and b/blog/assets/images/delisting-startpage/cover.webp differ
diff --git a/blog/assets/images/delisting-wire/cover.avif b/blog/assets/images/delisting-wire/cover.avif
new file mode 100644
index 00000000..b6f6e8fe
Binary files /dev/null and b/blog/assets/images/delisting-wire/cover.avif differ
diff --git a/blog/assets/images/delisting-wire/cover.png b/blog/assets/images/delisting-wire/cover.png
deleted file mode 100644
index 13071e17..00000000
Binary files a/blog/assets/images/delisting-wire/cover.png and /dev/null differ
diff --git a/blog/assets/images/firefox-privacy/cover.png b/blog/assets/images/firefox-privacy/cover.png
deleted file mode 100644
index 2c0c8523..00000000
Binary files a/blog/assets/images/firefox-privacy/cover.png and /dev/null differ
diff --git a/blog/assets/images/firefox-privacy/cover.webp b/blog/assets/images/firefox-privacy/cover.webp
new file mode 100644
index 00000000..5c8547df
Binary files /dev/null and b/blog/assets/images/firefox-privacy/cover.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.png
deleted file mode 100644
index 9c9e9476..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.webp
new file mode 100644
index 00000000..c535c190
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-1.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.png
deleted file mode 100644
index d524a3aa..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.webp
new file mode 100644
index 00000000..f13f81ff
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-10.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.png
deleted file mode 100644
index 47fad009..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.webp
new file mode 100644
index 00000000..c1143e41
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-11.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.png
deleted file mode 100644
index 0293ff01..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.webp
new file mode 100644
index 00000000..1e1d2c9f
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-12.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.png
deleted file mode 100644
index 4df66129..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.webp
new file mode 100644
index 00000000..06a331ec
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-13.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.png
deleted file mode 100644
index a90e7cac..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.webp
new file mode 100644
index 00000000..4570fdba
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-14.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.png
deleted file mode 100644
index 5813d84f..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.webp
new file mode 100644
index 00000000..9ce6a2d2
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-15.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.png
deleted file mode 100644
index d7d86d61..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.webp
new file mode 100644
index 00000000..27d2afae
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-2.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.png
deleted file mode 100644
index 532121ce..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.webp
new file mode 100644
index 00000000..f07e3400
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-3.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.png
deleted file mode 100644
index c5c122c0..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.webp
new file mode 100644
index 00000000..9d4b4d7e
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-4.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.png
deleted file mode 100644
index ec694bd3..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.webp
new file mode 100644
index 00000000..a3ad6cab
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-5.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.png
deleted file mode 100644
index dc7d1023..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.webp
new file mode 100644
index 00000000..0436189a
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-6.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.png
deleted file mode 100644
index 107863bc..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.webp
new file mode 100644
index 00000000..a9b43dfd
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-7.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.png b/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.png
deleted file mode 100644
index c51606af..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.webp b/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.webp
new file mode 100644
index 00000000..827c913e
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-installation-mac-9.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.png b/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.png
deleted file mode 100644
index 23bcd982..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.webp b/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.webp
new file mode 100644
index 00000000..d063c01f
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-usage-keepassxc.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.png b/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.png
deleted file mode 100644
index 52244dd7..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.webp b/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.webp
new file mode 100644
index 00000000..19191348
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-usage-onionshare.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.png b/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.png
deleted file mode 100644
index d6ca48b4..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp b/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp
new file mode 100644
index 00000000..42ca870b
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-usage-persistentstorage.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.png b/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.png
deleted file mode 100644
index 5c560f8f..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp b/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp
new file mode 100644
index 00000000..1944defc
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-usage-privacyguides-onion.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.png b/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.png
deleted file mode 100644
index 4f6527a0..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp b/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp
new file mode 100644
index 00000000..dc6b7bee
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-usage-torconnection-successful.webp differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.png b/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.png
deleted file mode 100644
index cdf2fb36..00000000
Binary files a/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.png and /dev/null differ
diff --git a/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.webp b/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.webp
new file mode 100644
index 00000000..daeb8fb1
Binary files /dev/null and b/blog/assets/images/installing-and-using-tails/tails-usage-torconnection.webp differ
diff --git a/blog/assets/images/macos-ventura-privacy-security-updates/cover.png b/blog/assets/images/macos-ventura-privacy-security-updates/cover.png
deleted file mode 100644
index 129be555..00000000
Binary files a/blog/assets/images/macos-ventura-privacy-security-updates/cover.png and /dev/null differ
diff --git a/blog/assets/images/macos-ventura-privacy-security-updates/cover.webp b/blog/assets/images/macos-ventura-privacy-security-updates/cover.webp
new file mode 100644
index 00000000..8dfe66dd
Binary files /dev/null and b/blog/assets/images/macos-ventura-privacy-security-updates/cover.webp differ
diff --git a/blog/assets/images/metadata-removal/preview-ios.png b/blog/assets/images/metadata-removal/preview-ios.png
deleted file mode 100644
index 45f9d241..00000000
Binary files a/blog/assets/images/metadata-removal/preview-ios.png and /dev/null differ
diff --git a/blog/assets/images/metadata-removal/preview-ios.webp b/blog/assets/images/metadata-removal/preview-ios.webp
new file mode 100644
index 00000000..c9ff99ff
Binary files /dev/null and b/blog/assets/images/metadata-removal/preview-ios.webp differ
diff --git a/blog/assets/images/metadata-removal/preview-macos.png b/blog/assets/images/metadata-removal/preview-macos.png
deleted file mode 100644
index d53ea33a..00000000
Binary files a/blog/assets/images/metadata-removal/preview-macos.png and /dev/null differ
diff --git a/blog/assets/images/metadata-removal/preview-macos.webp b/blog/assets/images/metadata-removal/preview-macos.webp
new file mode 100644
index 00000000..fb635c5d
Binary files /dev/null and b/blog/assets/images/metadata-removal/preview-macos.webp differ
diff --git a/blog/assets/images/metadata-removal/shortcut-ios.png b/blog/assets/images/metadata-removal/shortcut-ios.png
deleted file mode 100644
index 42640f75..00000000
Binary files a/blog/assets/images/metadata-removal/shortcut-ios.png and /dev/null differ
diff --git a/blog/assets/images/metadata-removal/shortcut-ios.webp b/blog/assets/images/metadata-removal/shortcut-ios.webp
new file mode 100644
index 00000000..7eabe37c
Binary files /dev/null and b/blog/assets/images/metadata-removal/shortcut-ios.webp differ
diff --git a/blog/assets/images/metadata-removal/shortcut-macos.png b/blog/assets/images/metadata-removal/shortcut-macos.png
deleted file mode 100644
index 6e1d679c..00000000
Binary files a/blog/assets/images/metadata-removal/shortcut-macos.png and /dev/null differ
diff --git a/blog/assets/images/metadata-removal/shortcut-macos.webp b/blog/assets/images/metadata-removal/shortcut-macos.webp
new file mode 100644
index 00000000..7a32a48d
Binary files /dev/null and b/blog/assets/images/metadata-removal/shortcut-macos.webp differ
diff --git a/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.jpeg b/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.jpeg
deleted file mode 100644
index db1830c4..00000000
Binary files a/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.jpeg and /dev/null differ
diff --git a/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp b/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp
new file mode 100644
index 00000000..820d56dd
Binary files /dev/null and b/blog/assets/images/mozilla-disappoints-us-yet-again-2/cover.webp differ
diff --git a/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.jpeg b/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.jpeg
deleted file mode 100644
index 69e8d5e0..00000000
Binary files a/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.webp b/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.webp
new file mode 100644
index 00000000..0e908d4e
Binary files /dev/null and b/blog/assets/images/onion-browser-review/21A92967-2E47-4317-AB2E-C0F732673C3E_1_102_o.webp differ
diff --git a/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.jpeg b/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.jpeg
deleted file mode 100644
index accd4e92..00000000
Binary files a/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp b/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp
new file mode 100644
index 00000000..2a72b9c7
Binary files /dev/null and b/blog/assets/images/onion-browser-review/2774018C-C4DD-419C-9D77-9BE8E5A51A19_1_102_o.webp differ
diff --git a/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.jpeg b/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.jpeg
deleted file mode 100644
index 7b38fb3e..00000000
Binary files a/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp b/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp
new file mode 100644
index 00000000..06864d1d
Binary files /dev/null and b/blog/assets/images/onion-browser-review/51B33FA1-D9B4-4EF4-82C6-259568C845EC_1_102_o.webp differ
diff --git a/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.jpeg b/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.jpeg
deleted file mode 100644
index cdfa89e5..00000000
Binary files a/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp b/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp
new file mode 100644
index 00000000..8ceca8af
Binary files /dev/null and b/blog/assets/images/onion-browser-review/757A93D0-CCCB-4743-8AF2-17B001EC774A_1_102_o.webp differ
diff --git a/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.jpeg b/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.jpeg
deleted file mode 100644
index 664885e1..00000000
Binary files a/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp b/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp
new file mode 100644
index 00000000..c58e55ea
Binary files /dev/null and b/blog/assets/images/onion-browser-review/87651D0E-EFE0-4C0F-98E7-9898EBA74334_1_102_o.webp differ
diff --git a/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.jpeg b/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.jpeg
deleted file mode 100644
index 12faf910..00000000
Binary files a/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp b/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp
new file mode 100644
index 00000000..97e5a83b
Binary files /dev/null and b/blog/assets/images/onion-browser-review/8A3E82E7-128E-4B3B-B8BB-276063226D41_1_102_o.webp differ
diff --git a/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.jpeg b/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.jpeg
deleted file mode 100644
index 4aa896d2..00000000
Binary files a/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.jpeg and /dev/null differ
diff --git a/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp b/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp
new file mode 100644
index 00000000..67549266
Binary files /dev/null and b/blog/assets/images/onion-browser-review/C3252F74-C6C1-4616-B3CD-17EA1183BE0C_1_102_o.webp differ
diff --git a/blog/assets/images/proton-wallet-review/1.png b/blog/assets/images/proton-wallet-review/1.png
deleted file mode 100644
index c2e24563..00000000
Binary files a/blog/assets/images/proton-wallet-review/1.png and /dev/null differ
diff --git a/blog/assets/images/proton-wallet-review/1.webp b/blog/assets/images/proton-wallet-review/1.webp
new file mode 100644
index 00000000..0ba9e8d4
Binary files /dev/null and b/blog/assets/images/proton-wallet-review/1.webp differ
diff --git a/blog/assets/images/proton-wallet-review/2.png b/blog/assets/images/proton-wallet-review/2.png
deleted file mode 100644
index 0016a354..00000000
Binary files a/blog/assets/images/proton-wallet-review/2.png and /dev/null differ
diff --git a/blog/assets/images/proton-wallet-review/2.webp b/blog/assets/images/proton-wallet-review/2.webp
new file mode 100644
index 00000000..d8e88d13
Binary files /dev/null and b/blog/assets/images/proton-wallet-review/2.webp differ
diff --git a/blog/assets/images/proton-wallet-review/3.png b/blog/assets/images/proton-wallet-review/3.png
deleted file mode 100644
index 980f05ea..00000000
Binary files a/blog/assets/images/proton-wallet-review/3.png and /dev/null differ
diff --git a/blog/assets/images/proton-wallet-review/3.webp b/blog/assets/images/proton-wallet-review/3.webp
new file mode 100644
index 00000000..f9d3da67
Binary files /dev/null and b/blog/assets/images/proton-wallet-review/3.webp differ
diff --git a/blog/assets/images/proton-wallet-review/4.png b/blog/assets/images/proton-wallet-review/4.png
deleted file mode 100644
index 238e3f76..00000000
Binary files a/blog/assets/images/proton-wallet-review/4.png and /dev/null differ
diff --git a/blog/assets/images/proton-wallet-review/4.webp b/blog/assets/images/proton-wallet-review/4.webp
new file mode 100644
index 00000000..73de1056
Binary files /dev/null and b/blog/assets/images/proton-wallet-review/4.webp differ
diff --git a/blog/assets/images/pwa-vs-iwa/iwa-diagram.png b/blog/assets/images/pwa-vs-iwa/iwa-diagram.png
deleted file mode 100644
index a8d4b8c9..00000000
Binary files a/blog/assets/images/pwa-vs-iwa/iwa-diagram.png and /dev/null differ
diff --git a/blog/assets/images/pwa-vs-iwa/iwa-diagram.webp b/blog/assets/images/pwa-vs-iwa/iwa-diagram.webp
new file mode 100644
index 00000000..4309a3ea
Binary files /dev/null and b/blog/assets/images/pwa-vs-iwa/iwa-diagram.webp differ
diff --git a/blog/assets/images/relisting-startpage/cover.png b/blog/assets/images/relisting-startpage/cover.png
deleted file mode 100644
index d4037ec6..00000000
Binary files a/blog/assets/images/relisting-startpage/cover.png and /dev/null differ
diff --git a/blog/assets/images/relisting-startpage/cover.webp b/blog/assets/images/relisting-startpage/cover.webp
new file mode 100644
index 00000000..6b93f4f4
Binary files /dev/null and b/blog/assets/images/relisting-startpage/cover.webp differ
diff --git a/blog/assets/images/restrict-act/cover.png b/blog/assets/images/restrict-act/cover.png
deleted file mode 100644
index 11787359..00000000
Binary files a/blog/assets/images/restrict-act/cover.png and /dev/null differ
diff --git a/blog/assets/images/restrict-act/cover.webp b/blog/assets/images/restrict-act/cover.webp
new file mode 100644
index 00000000..717dfce1
Binary files /dev/null and b/blog/assets/images/restrict-act/cover.webp differ
diff --git a/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.png b/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.png
deleted file mode 100644
index 243a54fa..00000000
Binary files a/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.png and /dev/null differ
diff --git a/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp b/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp
new file mode 100644
index 00000000..c7b03998
Binary files /dev/null and b/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/cover.webp differ
diff --git a/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.png b/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.png
deleted file mode 100644
index d6816d4c..00000000
Binary files a/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.png and /dev/null differ
diff --git a/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp b/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp
new file mode 100644
index 00000000..cf87a73b
Binary files /dev/null and b/blog/assets/images/the-trouble-with-vpn-and-privacy-review-sites/image1.webp differ
diff --git a/blog/assets/images/threads-launch-twitter/cover.jpg b/blog/assets/images/threads-launch-twitter/cover.jpg
deleted file mode 100644
index 1a8a012d..00000000
Binary files a/blog/assets/images/threads-launch-twitter/cover.jpg and /dev/null differ
diff --git a/blog/assets/images/threads-launch-twitter/cover.webp b/blog/assets/images/threads-launch-twitter/cover.webp
new file mode 100644
index 00000000..eb6d8dec
Binary files /dev/null and b/blog/assets/images/threads-launch-twitter/cover.webp differ
diff --git a/blog/assets/images/twitter-elon-takeover/cover.png b/blog/assets/images/twitter-elon-takeover/cover.png
deleted file mode 100644
index c7e5830f..00000000
Binary files a/blog/assets/images/twitter-elon-takeover/cover.png and /dev/null differ
diff --git a/blog/assets/images/twitter-elon-takeover/cover.webp b/blog/assets/images/twitter-elon-takeover/cover.webp
new file mode 100644
index 00000000..e30e305b
Binary files /dev/null and b/blog/assets/images/twitter-elon-takeover/cover.webp differ
diff --git a/blog/author/dngray.md b/blog/author/dngray.md
index 88504813..624fcabb 100644
--- a/blog/author/dngray.md
+++ b/blog/author/dngray.md
@@ -1 +1,8 @@
# Daniel Gray
+
+{ align=right }
+
+**Daniel** is a founding team member of Privacy Guides and part of its [executive committee](https://www.privacyguides.org/en/about/#executive-committee).
+
+[:simple-mastodon: @dngray@mastodon.social](https://mastodon.social/@dngray "@dngray@mastodon.social"){ .md-button rel=me }
+[:simple-bluesky: dngray.bsky.social](https://bsky.app/profile/dngray.bsky.social "@dngray.bsky.social"){ .md-button rel=me }
diff --git a/blog/author/freddy.md b/blog/author/freddy.md
index fe0fbcb6..42b77d89 100644
--- a/blog/author/freddy.md
+++ b/blog/author/freddy.md
@@ -2,6 +2,7 @@
{ align=right }
-[**Freddy**](https://freddy.lol) is a founding member of Privacy Guides and the editor of its blog. He writes in American English reluctantly.
+[**Freddy**](https://freddy.lol) is a founding team member of Privacy Guides and part of its [executive committee](https://www.privacyguides.org/en/about/#executive-committee). He writes in American English reluctantly.
[:simple-mastodon: @freddy@social.lol](https://social.lol/@freddy "@freddy@social.lol"){ .md-button rel=me }
+[:simple-bluesky: @freddy.lol](https://bsky.app/profile/freddy.lol "@freddy.lol"){ .md-button rel=me }
diff --git a/blog/posts/choosing-the-right-messenger.md b/blog/posts/choosing-the-right-messenger.md
index b41f2869..80f5dd10 100644
--- a/blog/posts/choosing-the-right-messenger.md
+++ b/blog/posts/choosing-the-right-messenger.md
@@ -16,7 +16,7 @@ schema_type: AnalysisNewsArticle
---
# Choosing the Right Messenger
-
+
Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash
diff --git a/blog/posts/cryptpad-review.md b/blog/posts/cryptpad-review.md
new file mode 100644
index 00000000..fcc0ae10
--- /dev/null
+++ b/blog/posts/cryptpad-review.md
@@ -0,0 +1,388 @@
+---
+title: "CryptPad Review: Replacing Google Docs"
+template: review-article.html
+schema_type: ReviewNewsArticle
+date:
+ created: 2025-02-07T19:00:00
+categories:
+ - Reviews
+authors:
+ - em
+description: "If you have been looking for a privacy-respectful replacement to Google Docs, now is the time to switch to the end-to-end encrypted office suite CryptPad."
+preview:
+ logo: theme/assets/img/document-collaboration/cryptpad.svg
+review:
+ type: WebApplication
+ category: BusinessApplication
+ subcategory: Office Suite
+ name: CryptPad
+ price: 0
+ website: https://cryptpad.org/
+ rating: 4.5
+ pros:
+ - End-to-end encryption.
+ - No account required.
+ - No personal information required to create an account.
+ - Cloud-hosted and self-hosted options.
+ - Actively maintained and open source.
+ cons:
+ - Can be slow.
+ - No local offline application.
+---
+
+
+Illustration: Jordan Warne / Privacy Guides | Photo: Christin Hume / Unsplash
+
+If you have been thinking about migrating to a privacy-focused replacement to Google Docs, **now is the time**. Google products, as convenient and popular as they might be, are *atrocious* for data privacy (not to mention [ethics](https://www.theverge.com/google/607012/google-dei-hiring-goals-internal-memo)).
+
+Google's own Privacy Policy [clearly explains](https://policies.google.com/privacy#infocollect):
+
+> We also collect the content you create, upload, or receive from others when using our services. This includes things like email you write and receive, photos and videos you save, docs and spreadsheets you create, and comments you make on YouTube videos.
+
+Firstly, no matter what Google claims to do (or not do) with your data now, there isn't much preventing Google from using it for a different purpose later on. Secondly, there isn't much preventing Google from doing what it pleases regardless of laws or their promises, and asking for forgiveness later, as demonstrated by the many [lawsuits](https://www.reuters.com/legal/google-reaches-93-million-privacy-settlement-with-california-2023-09-14/) Google has already been subjected to. [We cannot trust Google](https://arstechnica.com/tech-policy/2025/01/google-loses-in-court-faces-trial-for-collecting-data-on-users-who-opted-out/) with *any* sensitive or personal information.
+
+But you shouldn't trust anyone else either.
+
+**The real solution to this is end-to-end encryption.** This is what CryptPad offers.
+
+## Why use CryptPad instead?
+
+{ align=right itemprop="image" }
+
+[CryptPad](https://cryptpad.org/) is an open-source collaborative office suite that offers everything that Google Docs offers, but better. And most importantly, in private.
+
+It was built from the ground up respecting the principles of [Privacy by Design](https://en.wikipedia.org/wiki/Privacy_by_design). All content kept in CryptPad is secured using solid end-to-end encryption, meaning that only the intended recipients can access the content. CryptPad itself cannot read, scan, or utilize your content in any way.
+
+[:octicons-home-16: Website](https://cryptpad.org/){ .md-button }
+[:octicons-eye-16:](https://cryptpad.fr/pad/#/2/pad/view/GcNjAWmK6YDB3EO2IipRZ0fUe89j43Ryqeb4fjkjehE/){ .card-link title="Privacy Policy" }
+
+CryptPad is developed by a team from the French software company [XWiki](https://www.xwiki.com). Because [CryptPad is open-source](https://github.com/cryptpad), anyone can add contributions to it, inspect its code, or submit feature recommendations.
+
+There are many reasons that CryptPad is a great tool and a perfect replacement to Google Docs. Let's dig into its pros and cons, why you should use it, why you can trust it, and how you can keep it secure.
+
+## What makes CryptPad trustworthy
+
+Why trust CryptPad more than Google? First, the end-to-end encryption that CryptPad utilizes uses [strong and modern algorithms](#privacy-and-encryption). When encryption like this is well implemented, it means the content of your data can never be accessed by CryptPad themselves. In contrast, services like Google hold the decryption keys to your data at all times, placing it at risk of being misused or compromised in a data breach. With CryptPad, if their servers experienced a data breach and your encrypted content was stolen, your content would still be protected as long as you've used a unique, complex, and long password and protected it well.
+
+Second, because its code is open, what CryptPad promises can be verified. Making source code open doesn't magically make it secure, but CryptPad is a project that had many eyes on in GitHub, has been around for over 10 years, and is actively maintained by a team experienced with open-source software.
+
+Additionally, CryptPad's flagship instance is hosted in France. This isn't magical either, but because European Union countries are all subjected to the GDPR most have adopted stronger data privacy practices by default. While these other factors are not technical guarantees, they all serve to increase the level of trust we feel comfortable giving CryptPad.
+
+Finally, if you do not trust CryptPad at all, the good news is you don't have to. You can [download the code for yourself](https://github.com/cryptpad/cryptpad) and create your own CryptPad instance only controlled by you.
+
+## Starting with CryptPad
+
+Using CryptPad is very easy. CryptPad can be self-hosted if you prefer, but if this is not something you want to think about you can simply use CryptPad's [flagship instance](https://cryptpad.fr/) hosted in France. You can even start using it without an account. If you prefer to have an account to keep all your documents together you can create one for free, or you can have a look at CryptPad's [paid plans](https://cryptpad.org/pricing/) for users with greater needs.
+
+### Without an account
+
+Without an account, you can go to [https://cryptpad.fr/](https://cryptpad.fr/) and just click on a type of "New document" to start right away. Your username will be "Guest" and you will automatically be attributed a cute emoji for your Guest profile.
+
+You can create a new document, modify it, copy the URL link, then close the web page. To return to it, simply paste the same URL in a browser. To share this document, simply share the URL with someone else.
+
+
+
File security warning
+
+Anyone with the link will be able to see your file. Additionally, if this link includes "Edit" access, anyone with this link will be able to edit the file. Consider this when using this method.
+
+
+
+Whether you create an account or not, the only information that could identify you when using CryptPad on a trustworthy instance (server) is your IP address and your browser and device information. Depending on your threat model, to mitigate this you might want to use a trustworthy [VPN service](https://www.privacyguides.org/en/vpn/) and/or the [Tor network](https://www.privacyguides.org/en/tor/), coupled with a [browser](https://www.privacyguides.org/en/desktop-browsers/) hardened to reduce [fingerprinting](https://coveryourtracks.eff.org/).
+
+
+
If you are at risk of targeted attacks
+
+If you would be at risk if your CryptPad usage was discovered later, and you do not want to leave any traces on your local computer that you have visited a CryptPad instance, you might want to use [Tails](https://www.privacyguides.org/articles/2025/01/29/installing-and-using-tails/).
+
+
+
+### Creating an account
+
+You will see that *Privacy by Design* starts at the account creation level with CryptPad. You do not even have to provide an email address to start. All that you need to create an account is a cool username and a [secure and unique password](https://www.privacyguides.org/en/basics/passwords-overview/) (like all passwords should be).
+
+
+
+Unless credited otherwise, all screenshots from: Privacy Guides
+
+
+
Password security
+
+Make sure you note your unique, long, and complex password and username in a safe place. Due to the nature of end-to-end encryption, if you lose your username or password, there will be **no account recovery possible** and all your files will be lost.
+
+
+
+### Basic security
+
+Once you've created an account, the first thing you should do is secure it with a [second factor of authentication](https://www.privacyguides.org/en/basics/multi-factor-authentication/). To do this, click on your username on the upper-right, then select "Settings" > "Security & Privacy" and follow the instructions for "Two-Factor Authentication".
+
+On the same "Settings" page, depending on your [threat model](https://www.privacyguides.org/en/basics/threat-modeling/), you might also want to enable "Safe Links", disable "Feedback" (disabled by default), and disable "Cache". Disabling the cache can hinder performance though, so if your local device isn't at risk it may be unnecessary.
+
+### Destroying data
+
+Another option that CryptPad offers on the "Settings" page is a quick way to "Destroy all owned documents" at once. This can be a lifesaver feature for people at particularly high risk. Take good note of where this feature is in the menu.
+
+You can also delete files individually. To do this, once you have created a document you can click on the "Access" button on the top menu, and you will see an option to "Destroy this document or folder permanently". After you've clicked on "Destroy" once, you will see the button change to "Are you sure?" and you'll have to click it again to confirm. This is a well-designed safeguard because this action is irrevocable. Test it with an empty document just to see how it works first.
+
+
+
+### Backing up data
+
+There are several options to back up and export your data. From a document page, you can click on the "File" button on the upper-left, then select "Export". To back up all your documents at once, you can click on your username on the upper-right, then select "Settings" > "CryptDrive" > "Backup". This will create a zip file containing all your documents in plain text (unencrypted). Be careful where you store this file if it contains sensitive information.
+
+### Additional settings
+
+Another setting you should pay attention to is your Display name. You can change it in the "Account" section. This will be shown to your contacts in CryptPad if you add any.
+
+Additionally, you can change the theme to either Light or Dark in "Appearance", you can change the color associated with your account and file modifications in "Cursor", you can adjust the code editor indentation spaces in "Code", and you can make many other adjustments following your preferences.
+
+## CryptPad's instances & hosting
+
+CryptPad offers a flagship instance at [CryptPad.fr](https://cryptpad.fr/) that makes it easy to start using it quickly. Depending on your preference and circumstances, you might choose a different instance or even choose to host an instance yourself.
+
+### Different instances
+
+For a list of third-party instances that have passed a series of checks from CryptPad to ensure they are up-to-date and use recommended settings, you can visit this page: [https://cryptpad.org/instances/](https://cryptpad.org/instances/)
+
+
+
When using third-party instances
+
+Always consider your threat model when selecting an instance. Although the content of your files will be end-to-end encrypted, the instance's owner could have access to some metadata about you, such as your IP address or other activities. Additionally, an instance administrator could technically modify the CryptPad software they run to introduce malicious code. You should trust the instance you use as much as the code.
+
+
+
+### Self-hosting
+
+To learn how to host your own CryptPad instance, you should consult [CryptPad's documentation](https://docs.cryptpad.org/en/admin_guide/index.html#admin-guide).
+
+## User Experience
+
+The user experience will likely feel pretty familiar to people who are already using Google Docs, Microsoft Office, OnlyOffice, or other similar office suites.
+
+### User interface
+
+For document creation, CryptPad's user interface is rather straightforward. However, there are a few details in the interface that might be confusing at first. For example, clicking on your username (or Display name) on the upper-right will show an important dropdown menu, so you should remember to look there as it is not always obvious. This is the menu where you will find options for your "Profile", "Calendar", "Contacts", "Settings", "Log out", and more.
+
+Once inside a document, click on the "File" button on the upper-left to see the file's "History", "Export", or "Print" features, and more.
+
+To destroy a document, you will need to click on the "Access" button at the top of a document page.
+
+### Export and import documents
+
+You can export or import documents to CryptPad in HTML format, but keep in mind there might be some formatting issues with certain document types.
+
+## Document Options
+
+Each time you create a new document, no matter which type, you will have the following options: to make it an "Owned document", which means having full control over it (you need to be the owner of a document to delete it); to pick a "Destruction date", to **make the document self-destroy** after a certain number of months, days, or even hours; and to "**Add a password"** to password-lock the document.
+
+### Self-destruction
+
+For any sensitive document, it's a great idea to enable the auto-destruction feature, even if it's far in the future. This adds an additional layer of security in case you lose your password, forget about an important file that shouldn't be lingering around, or for any other sensitive situations.
+
+### Password lock
+
+Because sharing the link to a document without a password makes it accessible to anyone with this link, you should add a password to any sensitive document and share this password on a secure channel only. Make sure you select a password that is different from your account password and is also unique from other passwords you use. Ideally, always prefer a *passphrase*.
+
+
+
+### Access control
+
+For any document you can control how it is accessed by clicking on the "Access" button at the top. There, you can change the document's password, delete the document, see the list of accesses and ownership.
+
+When you share a document by clicking on the "Share" button at the top, you can select different types of access rights, such as "View", "Edit", and "View once and self-destruct". The latter can be a particularly useful feature for people in highly sensitive situations.
+
+## Applications Available
+
+CryptPad offers a wide variety of applications, or document types, making CryptPad a complete office suite. To create a new file from your *CryptDrive* page, click on the large "+ New" button. You will see a popup menu where you can select: "Folder", "Shared folder", Upload files", "Upload folder", "New Link", "Sheet", "Document", "Presentation", "Rich text", "Kanban", "Code", "Form", "Whiteboard", "Markdown slides", and "Diagram".
+
+That's a lot of choice!
+
+
+
+
+
New from this week!
+
+==*Document* and *Presentation* applications have just been unlocked to all users on CryptPad.fr this week!==
+
+This is fantastic for collaborative work because the new *Document* type allows tracking changes within a document. These two new types of document are still in testing phase however, so make sure to back up your data regularly. Improvements will likely be added slowly in the coming weeks, until the final release planned for the end of March 2025.
+
+
+
+Here are screenshots of each application included in CryptPad to give you a better idea of what possibilities are in there:
+
+### Sheet
+
+The usual classic spreadsheet for all your calculation needs. If you are familiar with Google Docs' spreadsheet, you will likely find this one easy to use:
+
+
+
+### Document
+
+The classic text document with advanced formatting features:
+
+
+
+#### Tracking changes
+
+If you want to enable change tracking in this application, click on the "Collaboration" tab, then click on the "Track Changes" button, and select your preferred tracking option:
+
+
+
+### Presentation
+
+Another classic application to help you create slideshows:
+
+
+
+### Rich text
+
+A basic text document type for simpler text files:
+
+
+
+### Kanban
+
+A useful kanban organization tool to plan your projects:
+
+
+
+### Code
+
+A light code editor with previewing feature. This is especially useful for HTML files:
+
+
+
+### Form
+
+A form tool to create and share surveys, without sharing your survey data with unwanted third-parties:
+
+
+
+### Whiteboard
+
+A fun whiteboard tool if you feel creative, need to draw to explain, need to write and collaborate on complex math equations, and much more:
+
+
+
+### Markdown slides
+
+A simple application to quickly create and preview slides in Markdown format:
+
+
+
+### Diagram
+
+A flexible tool to create diagrams, for all your visual explanatory needs:
+
+
+
+### Calendar
+
+And finally, this isn't a document type per se, but you might be happy to hear CryptPad also integrates a Calendar application. This can be a fantastic tool to organize with your team and events. You can access it by clicking on your username on the upper-right, then selecting "Calendar":
+
+
+
+## Privacy and Encryption
+
+Everything in CryptPad is designed to minimize data collection. It's also designed to minimize the data visible to the instance's operators as much as feasible. This is great for privacy and significantly improves data security. If the data isn't accessible to even the instance's operators, then it also isn't accessible to thieves or abusive authorities.
+
+### What encryption does CryptPad use?
+
+With CryptPad, all your data is encrypted on your device before it is sent to the remote server. You never have to worry about data being readable in-transit or at-rest on the server. Only authorized users, senders and intended recipients, can access the decrypted data.
+
+To lock your account, CryptPad creates cryptographic keys derived from your username and password together. This means CryptPad servers never even see your username or password. In fact, a normal CryptPad server cannot even know if you are using the software with an account or not. Additionally, this makes it so that multiple people could use the same username, as long as they register with a different password.
+
+To secure documents, CryptPad uses [symmetric encryption](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) with a [secret key unique to each document](https://blog.cryptpad.org/2024/03/14/Most-Secure-CryptPad-Usage/). This ensures your document is unreadable to anyone who doesn't have the corresponding key.
+
+Keep in mind however than when you share a link to a document, this link contains the symmetric key to encrypt and decrypt the document, and to verify and issue the signatures. This access is irrevocable. Which means that if you want to stop someone who received the link to a document from accessing it later on, you will need to make a copy of this document and destroy the original you have shared.
+
+### Your public key
+
+If you want to access your own CryptPad public key, you can click on your username on the upper-right, then select "Profile" and click on "View my profile". There you can click on "Copy public key" and this will copy your key to your device's clipboard.
+
+
+
+### Encryption algorithms
+
+CryptPad uses a variety of reputable algorithms for its encryption needs. Here's a summary of what type of encryption CryptPad implements:
+
+- For login authentication: The [scrypt](https://en.wikipedia.org/wiki/Scrypt) key derivation function (KDF).
+- For symmetric encryption: The [XSalsa20](https://en.wikipedia.org/wiki/Salsa20)-[Poly1305](https://en.wikipedia.org/wiki/Poly1305) algorithms.
+- For public-key encryption: The [x25519](https://en.wikipedia.org/wiki/Curve25519)-[XSalsa20](https://en.wikipedia.org/wiki/Salsa20)-[Poly1305](https://en.wikipedia.org/wiki/Poly1305) algorithms.
+- For signatures: The [Ed25519](https://en.wikipedia.org/wiki/EdDSA#Ed25519) signature scheme.
+- For hashes: The [SHA-512](https://en.wikipedia.org/wiki/SHA-2) algorithm.
+- For all other cryptographic operations: The [TweetNaCl.js](https://tweetnacl.js.org/#/) library.
+
+You can read more details about how CryptPad implements encryption in [CryptPad's whitepaper](https://blog.cryptpad.org/2023/02/02/Whitepaper/).
+
+You can read more on a comparison of cryptography libraries CryptPad uses in [CryptPad's Blueprints](https://blueprints.cryptpad.org/review/libraries/).
+
+### Post-quantum encryption
+
+Like many other applications using encryption, CryptPad is preparing for the [post-quantum age](https://en.wikipedia.org/wiki/Post-quantum_cryptography) evaluating how quantum-resistant its current algorithms are, and following closely recommendations for standards improvement.
+
+This is all very new as the [National Institute of Standards and Technology](https://www.nist.gov/) (NIST) just selected newly proposed post-quantum resistant algorithms [last summer](https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards) to establish new encryption standards and recommendations.
+
+Preparing now to harden encryption standards against future quantum computers possibly capable of breaking currently used cryptographic algorithms is very important. CryptPad is already preparing for this and [plans to transition](https://blueprints.cryptpad.org/review/agility/) towards NIST's post-quantum new standards.
+
+### Perfect forward secrecy
+
+CryptPad is also [planning](https://xwiki.com/en/Blog/CryptPad-overview-2024/) on implementing [perfect forward secrecy](https://www.geeksforgeeks.org/perfect-forward-secrecy/) for its next generation. This will be a great improvement to secure communication within CryptPad, because it makes each session key unique. This means that if a session key was to be compromised, this would not affect any other sessions, significantly reducing the scope and damage of an attack.
+
+### Keeping CryptPad secure
+
+Like any privacy-focused product, CryptPad isn't magical. While CryptPad offers some of the very best protections for your privacy, you still have to take certain measures to secure your CryptPad data properly. CryptPad cannot control this part.
+
+Here's a few things you should remember to keep your CryptPad data secure and private:
+
+**Trustworthy server:** It's important to select a CryptPad instance that is trustworthy. Keep in mind that the instance operators could have access to your IP address or could theoretically maliciously modify the CryptPad's code they use to make it insecure.
+
+**Safe device:** Your device also needs to be safe and secure. There isn't much that *any* external service can do to protect your data if your device is compromised.
+
+**IP address:** Don't forget that whenever you connect to a server, website, or any service online, you are sharing your IP address, which can be used to identify and locate you, more or less accurately. If this is a threat to you, consider using a trustworthy VPN or the Tor network to protect your IP address.
+
+**HTTPS:** Make sure the CryptPad instance's address you use starts with "https".
+
+**Document links:** Because CryptPad includes the keys to decrypt your document in the links you use and share, anyone who can access your browsing history could potentially read your decrypted document. This is also true for anything in your browser or device that can access your browser's history (extensions, synced accounts, screen-sharing, Windows Recall, etc). To mitigate this, you should [enable](https://docs.cryptpad.org/en/user_guide/user_account.html#security-privacy) the option "Safe links" in "Settings" > "Security & Privacy".
+
+**Password:** It's important to safeguard your password properly and *choose a password that is unique, complex, and long*. No matter how good the encryption is, if someone guesses your password, it's game over.
+
+**Multi-factor authentication:** As soon as you create an account, you should enable a second factor of authentication. This will help protect your data against account takeover, in case your password were to be guessed or leaked. This is true for any account you have.
+
+**Document accesses:** Be careful to reduce the document's access to the minimum access required for functionality. For example, if you share a document link publicly, make sure it's a read-only link that doesn't allow anyone to edit it.
+
+**File history:** By default, files keep history of document changes and who viewed or modified a document. You can see this in "File" > "History". If you need to erase this history for safety but keep the document, you can go to "File" > "Make a copy", then go back to the original document with the history you need to erase, click on "Access", then "Destroy", then click again on "Are you sure?". This will permanently destroy your original document. Be careful, there is no recovery after this.
+
+**Static keys:** CryptPad uses static keys to encrypt your documents. This means that once you have shared a document, and therefore its static keys, you cannot revoke this access. By default, anyone you have shared a link to your document with will retain this access indefinitely. If you wish to revoke access, you can make a copy of the document then destroy the original. This will also erase the document's history.
+
+To learn more about CryptPad's recommendations on the most secure way to use CryptPad, you can read [this article](https://blog.cryptpad.org/2024/03/14/Most-Secure-CryptPad-Usage/).
+
+## Downsides
+
+There are a few downsides in using CryptPad as your office suite.
+
+First, due to the nature of end-to-end encryption, it is slower. Naturally, each file needing to get decrypted before each use can slow down your workflow. The CryptPad instance you have chosen to use, your internet connection's speed, and your device's speed are all factors that can contribute in making this operation slower or faster. But remember, you are trading speed for security and privacy.
+
+Second, there is no mobile or desktop app available at this time. CryptPad only runs in the browser (for now). Depending on your type of usage, this can be inconvenient. Additionally, this means there is no way to access your data locally unless you create a copy of it in plain text on your device. Other end-to-end document applications such as [Standard Notes](https://standardnotes.com/) or [Anytype](https://anytype.io/) allow users to access documents offline, but they do not offer collaborative and office suite features like CryptPad does.
+
+## Conclusion
+
+Finally, if you are looking for a replacement to Google Docs, switching to CryptPad is an obvious choice.
+
+With solid end-to-end encryption for all your document content and minimal data collection at all steps of the registration process, CryptPad is an excellent option for your data privacy *and* your data security.
+
+If data privacy is important to you, **there is no reason to keep your sensitive information in the Google ecosystem**, especially with everything that we know about it now.
+
+Switching to CryptPad, you will benefit from the same type of applications (and more), still be able to share links with external parties without requiring them to create an account, and store information remotely in a secure way.
+
+But *in addition* to Google Docs, you will benefit from strong end-to-end encryption on everything you wish to keep private, true document destruction for everything that you want gone, and a complete office suite that only you and your team can access, away from intrusive Google scans or even CryptPad's knowledge.
+
+If you need a remote collaborative office suite that is secure and respects your privacy, there is no reason not to switch to CryptPad.
+
+## Support CryptPad
+
+If you wish to support this free and open-source project, you can help CryptPad by:
+
+- [Following CryptPad on Mastodon](https://fosstodon.org/@cryptpad)
+- [Donating on Open Collective](https://opencollective.com/cryptpad/contribute/)
+- [Contributing on GitHub](https://github.com/cryptpad)
+- [Watching CryptPad's videos on PeerTube](https://peertube.xwiki.com/c/cryptpad_channel/videos)
diff --git a/blog/posts/delisting-startpage.md b/blog/posts/delisting-startpage.md
index 3907c186..b874da46 100644
--- a/blog/posts/delisting-startpage.md
+++ b/blog/posts/delisting-startpage.md
@@ -15,7 +15,7 @@ schema_type: NewsArticle
---
# Delisting Startpage From Privacy Guides
-
+
Illustration: Privacy Guides | Photo: Unsplash
diff --git a/blog/posts/delisting-wire.md b/blog/posts/delisting-wire.md
index e0d25452..10f658bb 100644
--- a/blog/posts/delisting-wire.md
+++ b/blog/posts/delisting-wire.md
@@ -15,7 +15,7 @@ schema_type: NewsArticle
---
# Delisting Wire From Privacy Guides
-
+
Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash
diff --git a/blog/posts/firefox-privacy-2021-update.md b/blog/posts/firefox-privacy-2021-update.md
index 07dfc67a..c1f95e1f 100644
--- a/blog/posts/firefox-privacy-2021-update.md
+++ b/blog/posts/firefox-privacy-2021-update.md
@@ -15,7 +15,7 @@ schema_type: AnalysisNewsArticle
---
# Firefox Privacy: 2021 Update
-
+
Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash
diff --git a/blog/posts/firefox-privacy.md b/blog/posts/firefox-privacy.md
index a5b78208..52ff887a 100644
--- a/blog/posts/firefox-privacy.md
+++ b/blog/posts/firefox-privacy.md
@@ -15,7 +15,7 @@ schema_type: AnalysisNewsArticle
---
# Firefox Privacy: Tips and Tricks for Better Browsing
-
+
Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash
diff --git a/blog/posts/installing-and-using-tails.md b/blog/posts/installing-and-using-tails.md
index 75b7b20c..7e2c5945 100644
--- a/blog/posts/installing-and-using-tails.md
+++ b/blog/posts/installing-and-using-tails.md
@@ -146,7 +146,7 @@ Be very careful if you decide to use mobile phone connectivity, however. The dat
Delete your traces afterward
-Depending on your situation, you might want to delete the traces of this installation after. See a To-Do list for this on [Step 9](#step-9-delete-the-installation-traces).
+Depending on your situation, you might want to delete the traces of this installation after. See [a to-do list](#final-notes) for this at the end of this article.
@@ -164,7 +164,7 @@ If you encounter any issues during the installation or running processes, you ca
Visit this website and select your installation computer's operating system: [https://tails.net/install/](https://tails.net/install/)
-
+
Scroll down to the "**Download Tails**" section and click on the green download button. Make sure to save the installation file in a folder where you can find it back easily and not forget to **delete it afterwards**.
@@ -182,7 +182,7 @@ The download link is not shared directly here because you should always make sur
-
+
### Step 2: Verify the file you just downloaded
@@ -195,11 +195,11 @@ This step is important to ensure the file you just downloaded has not been tampe
-
+
Once the verification is completed (this might take a few minutes), you should see a green checkmark with "**Verification successful!**" followed by the file name. If you do not see this, delete the file and repeat [Step 1](#step-1-download-tails) and [Step 2](#step-2-verify-the-file-you-just-downloaded).
-
+
### Step 3: Download and install balenaEtcher
@@ -216,11 +216,11 @@ You can download *balenaEtcher* from this link: [https://tails.net/etcher/balena
Open the folder where you downloaded the *balenaEtcher* installation file (keep it open to delete this file after the installation is completed), and double-click on the "**balenaEtcher.dmg**" file. Drag the "**balenaEtcher.app**" icon over the "**Applications**" folder icon when prompted from the window below:
-
+
Once the file is copied to you "**Applications**" folder, go on your computer's desktop and right-click on the "**balenaEtcher**" icon. Select '**Eject "balenaEtcher"**'
-
+
### Step 4: Install Tails on your USB stick using balenaEtcher
@@ -228,23 +228,23 @@ Once the file is copied to you "**Applications**" folder, go on your computer's
Depending on your macOS version, your Mac might open a popup window saying '**Verifying "balenaEtcher.app"...**'. This is normal, let it complete its verification. Next, you will likely see another popup window with '**"balenaEtcher.app” is an app downloaded from the Internet. Are you sure you want to open it?**'. Click "**Open**".
-
+
4.2. Open *balenaEtcher* and click on the settings gear button on the upper-right. Disable the option "**Anonymously report errors and usage statistics to balena.io**", then click "**OK**".
-
+
4.3. Eject and unplug any other external USB stick(s) or external USB drive(s) that might be plugged into your computer if possible, and plug in the USB stick you wish to erase and install Tails on.
4.4. Once it is plugged in, return to *balenaEtcher* and click on the "**Flash from file**" blue button on the left. You will be prompted to select a file. Select the Tails "**.img**" file you have downloaded and verified earlier.
-
+
4.5. Click on the "**Select target**" blue button in the middle, and select your USB stick.
-
+
Caution! Select the correct USB stick!
@@ -253,19 +253,19 @@ Make sure you are not selecting a USB stick or drive different from the one you
-
+
4.6. Once you have verified that all the information is correct, click on the "**Flash!**" blue button on the right.
-
+
You will see a *balenaEtcher* popup window saying: "**balenaEtcher needs privileged access in order to flash disks. Type your password to allow this.**". Type your computer's password and click "**Ok**".
-
+
Depending on the version of macOS you use, you might see another popup window saying '**"balenaEtcher.app" would like to access files on a removable volume.**'. Click "**OK**" and wait for the installation to start.
-
+
While Tails is getting installed, you should see a window that looks like this with "**Flashing...**". The operation might take a few minutes. Do not interrupt this process!
@@ -423,7 +423,7 @@ If you decide to setup Persistent Storage:
2. After setting up Persistent Storage, you will see a window like this with additional options:
-
+
### Connecting to the internet
@@ -436,25 +436,25 @@ If using Tor is dangerous for you, read more about the other options before deci
-
+
If the connection is successful, you should see this window and you will be ready to browse the internet anonymously:
-
+
-
+
### Sharing files with others
There is a lot of great applications already installed on Tails to help you! You will find them listed in the "**Applications**" drop-menu on the upper-left top bar. One of these applications is [OnionShare](https://onionshare.org/), which you can use to share files with others anonymously.
-
+
### Storing passwords
If you are using the Persistent Storage with Tails, and need to store passwords, you can use the pre-installed [KeePassXC](https://keepassxc.org/) application. This application will store your passwords encrypted, locally-only, and protected by a main password (ideally, a **passphrase**). Be careful however if you store important passwords in there. Remember that if a bug occurs or if you forget your Persistent Storage's password, you could lose access to all of it.
-
+
### Shutting down Tails
diff --git a/blog/posts/integrating-metadata-removal.md b/blog/posts/integrating-metadata-removal.md
index 4cd96340..7b8ceed1 100644
--- a/blog/posts/integrating-metadata-removal.md
+++ b/blog/posts/integrating-metadata-removal.md
@@ -27,7 +27,7 @@ This guide uses the [Shortcuts](https://support.apple.com/guide/shortcuts-mac/in
Shortcuts is quite intuitive to work with, so if you don't like the behavior demoed here then experiment with your own solution. For example, you could set the shortcut to take a clipboard input instead. The sky's the limit.
-
+
### Prerequisites
@@ -74,7 +74,7 @@ Shortcuts is quite intuitive to work with, so if you don't like the behavior dem
done
```
-
+
!!! tip "Worth Mentioning"
The open-source [ImageOptim](https://imageoptim.com/mac) app integrates into Finder's *Services* context menu by default. While it is primarily an image optimization app, it also removes metadata.
@@ -95,7 +95,7 @@ Shortcuts is quite intuitive to work with, so if you don't like the behavior dem
The lack of *good* metadata removal apps on the App Store is what makes this solution worthwhile.
-
+
### Prerequisites
@@ -123,7 +123,7 @@ The lack of *good* metadata removal apps on the App Store is what makes this sol
10. Make sure that you uncheck **preserve metadata**
-
+
### Enabling & using the Shortcut
diff --git a/blog/posts/mozilla-disappoints-us-yet-again-2.md b/blog/posts/mozilla-disappoints-us-yet-again-2.md
index 2a98f5bc..9a95ee9c 100644
--- a/blog/posts/mozilla-disappoints-us-yet-again-2.md
+++ b/blog/posts/mozilla-disappoints-us-yet-again-2.md
@@ -14,7 +14,7 @@ schema_type: AnalysisNewsArticle
# "Privacy-Preserving" Attribution: Mozilla Disappoints Us Yet Again
-
+
Image: Unsplash
diff --git a/blog/posts/onion-browser-review.md b/blog/posts/onion-browser-review.md
index cf235265..5fc44c7e 100644
--- a/blog/posts/onion-browser-review.md
+++ b/blog/posts/onion-browser-review.md
@@ -1,6 +1,8 @@
---
title: "Onion Browser Review: Tor on iOS"
description: "Onion Browser is our recommended way of connecting to Tor on iOS, but it does have a number of drawbacks compared to the traditional Tor Browser on other platforms you should be aware of."
+template: review-article.html
+schema_type: ReviewNewsArticle
date:
created: 2024-09-18
categories:
@@ -55,7 +57,7 @@ Of course installing Onion Browser is as easy as any other app on iOS, Apple ID
When you open Onion Browser for the first time you're given the option to connect to Tor via [Orbot](https://www.privacyguides.org/en/tor/#orbot), or with a built-in Tor network proxy. Using the built-in option is the easiest, it connects very quickly and doesn't require a separate app. It also allows you to [use Tor alongside another VPN app](https://www.privacyguides.org/en/advanced/tor-overview/#safely-connecting-to-tor), which may be helpful in certain circumstances. The Orbot app acts as its own "VPN connection" in iOS preventing the possibility of combining it with another VPN, but it is more flexible and it extends Tor network protections to every app on your device.
- { width="200" }
+ { width="200" }
You're presented with a choice at startup
@@ -64,7 +66,7 @@ Using the dedicated Orbot app also provides more robust protections against IP a
I confirmed the built-in option works perfectly fine, in fact I occasionally had trouble connecting Orbot to Onion Browser, where it would re-prompt me to start Orbot even though it was already running until I restarted the Onion Browser app. The built-in proxy generally worked seamlessly. However, for most people using Onion Browser alongside Orbot probably still makes more sense. It's the official recommendation from Tor Project and the browser's developer themselves, so that's what I'll be sticking with for the rest of this review.
- { width="200" }
+ { width="200" }
You can check your connection at check.torproject.org, but you'll be warned you're not using Tor Browser
@@ -81,8 +83,8 @@ I ran into trouble with DuckDuckGo not being able to display results, however. S
- { width="200" }
- { width="200" }
+ { width="200" }
+ { width="200" }
DuckDuckGo wouldn't work until I used their HTML-only version
@@ -92,7 +94,7 @@ I ran into trouble with DuckDuckGo not being able to display results, however. S
There are three configurable security levels in Onion Browser: Bronze, Silver (the default), and Gold. These levels roughly correlate to the *Safe, Safer, Safest* [security levels](https://tb-manual.torproject.org/security-settings/) in regular Tor Browser.
- { width="200" }
+ { width="200" }
You can toggle security levels on a per-site basis with two taps
@@ -159,7 +161,7 @@ There is one more way to improve Onion Browser security, but we have to look out
Because Onion Browser is built on Apple's WebKit, these security improvements extend to Onion Browser as well. Most notably, external web fonts *are* blocked in Onion Browser with Lockdown Mode enabled, just as they are in Safari. These are disabled in desktop Tor Browser's Safest mode due to both privacy concerns, and security concerns related to the font rendering engine on your device, so having the option to disable them here on iOS is very useful for those looking to maximize their security.
- { width="200" }
+ { width="200" }
External fonts and JavaScript disabled with Gold + Lockdown Mode
diff --git a/blog/posts/proton-wallet-review.md b/blog/posts/proton-wallet-review.md
index d84eae21..6c168f63 100644
--- a/blog/posts/proton-wallet-review.md
+++ b/blog/posts/proton-wallet-review.md
@@ -58,17 +58,17 @@ Had Proton Wallet added support for Monero or a similarly private cryptocurrency
Proton Wallet *is* in beta, like many of Proton's products are when newly released, and available via the web, an Android app, and an iOS [TestFlight](https://testflight.apple.com/join/6OIcXtQN).
-
+
Creating your wallet is a simple process, after registering you'll be asked to choose a name for your wallet and a default currency. You can also optionally set a passphrase to secure your account. Note that this isn't merely a passphrase securing your account on Proton's servers beyond your usual account credentials, it's a [BIP39 extension word](https://en.bitcoin.it/wiki/Seed_phrase#Two-factor_seed_phrases), meaning that if you lose it your wallet will be completely unrecoverable, **even if** you back up your 12 word seed phrase.
-
+
The default currency here isn't the currency being *stored* in Proton Wallet. It is just used to show you the current conversion rate between Bitcoin and your local currency.
Once you're in, Proton Wallet is fairly straightforward. In fact, there's not much to explore beyond finding your wallet address and buying Bitcoin. Clicking the **Recieve** button brings up a panel which shows your address and allows you to generate a new one on the fly. When you generate a new address, all of your previous addresses will continue to work, but are no longer displayed anywhere.
-
+
Buying Bitcoin is simple as well. Proton is working with two providers, Banxa and Ramp, and if you're in the United States like I am both are available, so you can choose the one with the best exchange rate to go with. Before you purchase, Proton Wallet asks you for your current country, so that will determine which providers it's possible to use.
@@ -78,7 +78,7 @@ There's no private payment methods though, you're stuck with credit card, Google
The flagship feature of Proton Wallet is something they call **Bitcoin via Email**, which integrates with Proton Mail to allow you to send Bitcoin to any email address. Opening your wallet settings lets you enable Proton's *Receive Bitcoin via Email* feature, which allows other Proton Wallet users to send Bitcoin to your account with just your Proton Mail address.
-
+
If you have multiple addresses on your Proton account, such as aliases or addresses on a custom domain, only one address can be linked to your wallet. This can be a bit annoying for people who have given out different Proton addresses to others in the past, like if you gave out your @protonmail.com address to some people, before later migrating to @proton.me when that domain became available.
diff --git a/blog/posts/pwa-vs-iwa.md b/blog/posts/pwa-vs-iwa.md
index 28d0d5d5..9a9e52f5 100644
--- a/blog/posts/pwa-vs-iwa.md
+++ b/blog/posts/pwa-vs-iwa.md
@@ -30,7 +30,7 @@ Isolated Web Apps (IWAs) build on the work done on PWAs and [Web Packaging](http
Google [distinguishes](https://chromeos.dev/en/web/isolated-web-apps) between the drive by web, PWAs, and IWAs. The drive by web requires more conservative access to the system as the most accessible and is therefore least trusted. PWAs are a bit more trusted and can integrate a bit more deeply into the system as a result. IWAs are the most trusted and, as such, can have deeper access into the system and more powerful capabilities.
- 
+ 
source: chromeos.dev
diff --git a/blog/posts/relisting-startpage.md b/blog/posts/relisting-startpage.md
index 62af06a8..30cc6ce0 100644
--- a/blog/posts/relisting-startpage.md
+++ b/blog/posts/relisting-startpage.md
@@ -14,7 +14,7 @@ schema_type: NewsArticle
---
# Relisting Startpage.com
-
+
Illustration: Privacy Guides
diff --git a/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md b/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md
index 6776c27e..2b89f7ea 100644
--- a/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md
+++ b/blog/posts/the-trouble-with-vpn-and-privacy-review-sites.md
@@ -17,7 +17,7 @@ schema_type: AnalysisNewsArticle
---
# The Trouble With VPN and Privacy Review Sites
-
+
Illustration: Jonah Aragon / Privacy Guides | Photo: Unsplash
@@ -65,7 +65,7 @@ If these sites truly wanted to be helpful, they would consolidate all the releva
But that isn’t to say they should just throw all the providers in a big table and call it a day. Almost worse than the ranking scheme above is when sites provide out of context lists of providers, often just with pricing and a link. Sometimes they will link you to a full review (more on that in a bit), but for the most part these sites just expect you to follow their recommendations blindly.
-
+
These read like advertisements, because they usually are. Once again we see the usual suspects — NordVPN, ExpressVPN… — paraded as the gold standard in the VPN space, not out of any inherent value, but based on the value of their affiliate programs. To further this point, let’s take a look at how much each of the five providers above will pay you for a referral (on a one-month plan).
diff --git a/blog/posts/threads-launch-twitter.md b/blog/posts/threads-launch-twitter.md
index e4d13ec8..40390de1 100644
--- a/blog/posts/threads-launch-twitter.md
+++ b/blog/posts/threads-launch-twitter.md
@@ -17,6 +17,8 @@ schema_type: OpinionNewsArticle
---
# Threads Is the Perfect Twitter Alternative, Just Not for You
+
+
Silicon Valley could well be built on the principle of scrapping principles. Now Elon Musk, perhaps the ultimate tech bro, is shredding another well-regarded convention with an *original business strategy*.
Generally, in business, it is sensible to provide your customers with what they want. With Twitter, the meme-makers' favourite billionaire is doing the opposite. The cyber-trucker is trying his best to [cull](https://jottings.lol/2022/12/bravo-elon) his customer base. Instead of finding gaps in the market, Musk is helping to create them. Ever the [copycat](https://blog.privacyguides.org/2022/04/04/move-fast-and-break-things/), Mark Zuckerberg wants to give these innovative tactics a try. Enter the-company formerly-known-as-Facebook's rival to the birdsite: Threads.
diff --git a/docs/about.md b/docs/about.md
index 7d173fef..be270825 100644
--- a/docs/about.md
+++ b/docs/about.md
@@ -45,7 +45,7 @@ You may also email the entire team at . This is a shared
We will do our best to respond to all queries within 3 business days, but please understand we are unable to provide individualized advice to everyone who asks. If you have a question about privacy, you will receive a much more detailed and timely response from the Privacy Guides community by [asking on our forum](https://discuss.privacyguides.net/c/privacy/questions/8).
-You can also use OpenPGP to contact us via email, if you feel comfortable with your client's security settings. You can discover the PGP keys of our team members using WKD if your client supports it. If it doesn't, or you don't know what that means, you can also find the public key for any Privacy Guides email account by searching on [keys.openpgp.org](https://keys.openpgp.org/). We do not have PGP for the shared team inbox, only individual mailboxes which can be found in our team directory below.
+You can also use OpenPGP to contact us via email, if you feel comfortable with your client's security settings. You can discover the PGP keys of our team members using WKD if your client supports it. If it doesn't, or you don't know what that means, you can also find the public key for any Privacy Guides email account by searching on [keys.openpgp.org](https://keys.openpgp.org). We do not have PGP for the shared team inbox, only individual mailboxes which can be found in our team directory below.
If you need an alternative secure channel, please request one via any contact method including social media, and we will work with you to establish one. Please do not share any sensitive information with us before we have established an appropriately secure discussion channel.
diff --git a/docs/cloud.md b/docs/cloud.md
index 2ad73be9..b86aee7c 100644
--- a/docs/cloud.md
+++ b/docs/cloud.md
@@ -118,7 +118,7 @@ Peergos is primarily a web app, but you can self-host the server either as a loc
Running a local version of Peergos alongside a registered account on their paid, hosted service allows you to access your Peergos storage without any reliance on DNS or TLS certificate authorities, and keep a copy of your data backed up to their cloud. The user experience should be the same whether you run their desktop server or just use their hosted web interface.
-Peergos was [audited](https://cure53.de/pentest-report_peergos.pdf) by Cure53 in June 2019, and all found issues were subsequently fixed.
+Peergos was [audited](https://peergos.org/posts/security-audit-2024) in November 2024 by Radically Open Security and all issues were fixed. They were previously [audited](https://cure53.de/pentest-report_peergos.pdf) by Cure53 in June 2019, and all found issues were subsequently fixed.
An Android app is not available but it is [in the works](https://discuss.privacyguides.net/t/peergos-private-storage-sharing-social-media-and-application-platform/11825/25). The current workaround is to use the mobile [PWA](https://peergos.net) instead.
diff --git a/docs/cryptocurrency.md b/docs/cryptocurrency.md
index d8f344a5..72eef603 100644
--- a/docs/cryptocurrency.md
+++ b/docs/cryptocurrency.md
@@ -53,7 +53,7 @@ Ultimately, Monero is the strongest contender for a privacy-friendly cryptocurre
### Monero wallets
-For optimal privacy, make sure to use a self-custody wallet where the [view key](https://www.getmonero.org/resources/moneropedia/viewkey.html) stays on the device. This means that only you will have the ability to spend your funds and see incoming and outgoing transactions. If you use a custodial wallet, the provider can see **everything** you do; if you use a “lightweight” wallet where the provider retains your view key, the provider can see almost everything you do (but not spend your funds). Some self-custody wallets where the view key does not leave your device include:
+For optimal privacy, make sure to use a self-custody wallet where the [view key](https://getmonero.org/resources/moneropedia/viewkey.html) stays on the device. This means that only you will have the ability to spend your funds and see incoming and outgoing transactions. If you use a custodial wallet, the provider can see **everything** you do; if you use a “lightweight” wallet where the provider retains your view key, the provider can see almost everything you do (but not spend your funds). Some self-custody wallets where the view key does not leave your device include:
- [Official Monero client](https://getmonero.org/downloads) (Desktop)
- [Cake Wallet](https://cakewallet.com) (iOS, Android, Desktop)
@@ -63,13 +63,13 @@ For optimal privacy, make sure to use a self-custody wallet where the [view key]
### Monero nodes
-For maximum privacy (even with a self-custody wallet), you should run your own Monero node called the [Monero daemon](https://getmonero.org/downloads/#cli). Using another person’s node will expose some information to them, such as the IP address that you connect to it from, the timestamps that you sync your wallet, and the transactions that you send from your wallet (though no other details about those transactions). Alternatively, you can connect to someone else’s Monero node over Tor, [I2P](alternative-networks.md#i2p-the-invisible-internet-project), or a VPN.
+For maximum privacy (even with a self-custody wallet), you should run your own Monero node called the [Monero daemon](https://docs.getmonero.org/interacting/monerod-reference), which is included in the [CLI wallet](https://getmonero.org/downloads/#cli). Using another person’s node will expose some information to them, such as the IP address that you connect to it from, the timestamps that you sync your wallet, and the transactions that you send from your wallet (though no other details about those transactions). Alternatively, you can connect to someone else’s Monero node over [Tor](alternative-networks.md#tor), [I2P](alternative-networks.md#i2p-the-invisible-internet-project), or a [VPN](vpn.md).
### Buying Monero
[General tips for acquiring Monero](advanced/payments.md#acquisition){ .md-button }
-There are numerous centralized exchanges (CEX) as well as P2P marketplaces where you can buy and sell Monero. Some of them require identifying yourself (KYC) to comply with anti-money laundering regulations. However, due to Monero's privacy features, the only thing known to the seller is _that_ you bought Monero, but not how much you own or where you spend it (after it leaves the exchange). Some reputable places to buy Monero include:
+There are numerous centralized exchanges (CEX) as well as P2P marketplaces where you can buy and sell Monero. Some of them require identifying yourself (KYC) to comply with anti-money laundering regulations. However, due to Monero's privacy features, the only thing known to the seller is *that* you bought Monero, but not how much you own or where you spend it (after it leaves the exchange). Some reputable places to buy Monero include:
- [Kraken](https://kraken.com): A well-known CEX. Registration and KYC are mandatory. Card payments and bank transfers accepted. Make sure not to leave your newly purchased Monero on Kraken's platform after the purchase; withdraw them to a self-custody wallet. Monero is not available in all jurisdictions that Kraken operates in.[^1]
- [Cake Wallet](https://cakewallet.com): A self-custody cross-platform wallet for Monero and other cryptocurrencies. You can buy Monero directly in the app using card payments or bank transfers (through third-party providers such as [Guardarian](https://guardarian.com) or [DFX](https://dfx.swiss)).[^2] KYC is usually not required, but it depends on your country and the amount you are purchasing. In countries where directly purchasing Monero is not possible, you can also use a provider within Cake Wallet to first buy another cryptocurrency such as Bitcoin, Bitcoin Cash, or Litecoin and then exchange it to Monero in-app.
diff --git a/docs/data-broker-removals.md b/docs/data-broker-removals.md
index 0d4e8a19..7a9da60e 100644
--- a/docs/data-broker-removals.md
+++ b/docs/data-broker-removals.md
@@ -32,7 +32,6 @@ You should search for your information on these sites first, and submit an opt-o
- CheckPeople ([Search](https://checkpeople.com/do-not-sell-info), select *Remove Record* to opt-out)
- ClustrMaps ([Search](https://clustrmaps.com), [Opt-Out](https://clustrmaps.com/bl/opt-out))
- Dataveria ([Search](https://dataveria.com), [Opt-Out](https://dataveria.com/ng/control/privacy))
-- Glad I Know ([Search](https://gladiknow.com), [Opt-Out](https://gladiknow.com/opt-out))
- InfoTracer ([Search](https://infotracer.com), [Opt-Out](https://infotracer.com/optout))
- Intelius ([Search](https://intelius.com), [Opt-Out](https://suppression.peopleconnect.us/login))
- PeekYou ([Search](https://peekyou.com), [Opt-Out](https://peekyou.com/about/contact/optout))
@@ -77,7 +76,7 @@ If you don't use an automatic scanner to find results about you, consider settin
Some websites supported by EasyOptOuts are publicly searchable. In those cases EasyOptOuts will perform a search and only submit an opt-out request if your personal data is already found, to prevent sending your data in an opt-out request to sites that didn't have it already. However, they do support some sites which are not publicly searchable, and in those cases your data will be sent to them in an opt-out request regardless, in case you are in their private databases.
-Our testing indicates that EasyOptOuts provides the best value out of any data removal service we've tested, with a very affordable price and high effectiveness. We will publish a detailed review of EasyOptOuts on our blog in the near future and update this page when it is published. [Independent findings from Consumer Reports](https://discuss.privacyguides.net/t/consumer-reports-evaluating-people-search-site-removal-services/19948) also indicate that EasyOptOuts is one of the top performing data removal services.
+Our [testing](https://www.privacyguides.org/articles/2025/02/03/easyoptouts-review) indicates that EasyOptOuts provides the best value out of any data removal service we've tested, with a very affordable price and high effectiveness. Independent [findings from Consumer Reports](https://discuss.privacyguides.net/t/consumer-reports-evaluating-people-search-site-removal-services/19948) also indicate that EasyOptOuts is one of the top performing data removal services.
High priority sites not supported by EasyOptOuts
@@ -85,6 +84,7 @@ Our testing indicates that EasyOptOuts provides the best value out of any data r
EasyOptOuts does not cover the following sites we consider to be "high priority," so you should still manually opt-out of:
- Intelius ([Search](https://intelius.com), [Opt-Out](https://suppression.peopleconnect.us/login))
+- PeekYou ([Search](https://peekyou.com), [Opt-Out](https://peekyou.com/about/contact/optout))
@@ -128,4 +128,4 @@ Our picks for removal services are primarily based on independent professional t
- Must not be affiliated with the data broker industry or purchase advertising on people search sites.
- Must only use your personal data for the purposes of opting you out of data broker databases and people search sites.
-[^1]: If you *are* immediately threatened by stalkers or other threats, you should strongly consider an automated tool like [EasyOptOuts](#easyoptouts-paid), at least for the initial "purge." When things are more manageable in the future you can come back to the manual process. Of course, in a dangerous situation your first priority should always be to seek professional help from police or others before tackling it on your own.
+[^1]: If you *are* immediately threatened by stalkers or other threats, you should strongly consider an automated tool like [EasyOptOuts](#easyoptouts-paid), at least for the initial "purge." When things are more manageable in the future you can come back to the manual process. Of course, in a dangerous situation your first priority should always be to seek professional help [from police](https://onlineharassmentfieldmanual.pen.org/involving-law-enforcement) or others before tackling it on your own.
diff --git a/docs/desktop.md b/docs/desktop.md
index 74f56a74..89983ab1 100644
--- a/docs/desktop.md
+++ b/docs/desktop.md
@@ -96,7 +96,7 @@ A large portion of [Arch Linux’s packages](https://reproducible.archlinux.org)
[Fedora Atomic Desktops](https://fedoramagazine.org/introducing-fedora-atomic-desktops) come in a variety of flavors depending on the desktop environment you prefer. As with the recommendation to avoid X11 in our [criteria](#criteria) for Linux distributions, we recommend avoiding flavors that support only the legacy X11 window system.
-These operating systems differ from Fedora Workstation as they replace the [DNF](https://docs.fedoraproject.org/en-US/quick-docs/dnf) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/latest/system-administrators-guide/package-management/rpm-ostree). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
+These operating systems differ from Fedora Workstation as they replace the [DNF](https://docs.fedoraproject.org/en-US/quick-docs/dnf) package manager with a much more advanced alternative called [`rpm-ostree`](https://coreos.github.io/rpm-ostree). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
After the update is complete, you will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that you can easily roll back if something breaks in the new deployment. There is also the option to pin more deployments as needed.
diff --git a/docs/email-aliasing.md b/docs/email-aliasing.md
index 08bc24db..a755b191 100644
--- a/docs/email-aliasing.md
+++ b/docs/email-aliasing.md
@@ -61,7 +61,9 @@ Using an aliasing service requires trusting both your email provider and your al
-The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
+The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
+
+You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
Notable free features:
@@ -103,7 +105,9 @@ If you cancel your subscription, you will still enjoy the features of your paid
SimpleLogin was [acquired by Proton AG](https://proton.me/news/proton-and-simplelogin-join-forces) as of April 8, 2022. If you use Proton Mail for your primary mailbox, SimpleLogin is a great choice. As both products are now owned by the same company you now only have to trust a single entity. We also expect that SimpleLogin will be more tightly integrated with Proton's offerings in the future. SimpleLogin continues to support forwarding to any email provider of your choosing. Securitum [audited](https://simplelogin.io/blog/security-audit) SimpleLogin in early 2022 and all issues [were addressed](https://simplelogin.io/audit2022/web.pdf).
-You can link your SimpleLogin account in the settings with your Proton account. If you have the Proton Unlimited plan or any multi-user Proton plan, you will have SimpleLogin Premium for free.
+You can link your SimpleLogin account in the settings with your Proton account. If you have Proton Pass Plus, Proton Unlimited, or any multi-user Proton plan, you will have SimpleLogin Premium for free.
+
+You can also purchase a voucher code for SimpleLogin Premium anonymously via their official reseller, [ProxyStore](https://simplelogin.io/faq).
Notable free features:
diff --git a/docs/encryption.md b/docs/encryption.md
index 0da24c55..e25dd5f4 100644
--- a/docs/encryption.md
+++ b/docs/encryption.md
@@ -46,6 +46,8 @@ The options listed here are available on multiple platforms and great for creati
Cryptomator uses AES-256 encryption to encrypt both files and filenames. Cryptomator cannot encrypt metadata such as access, modification, and creation timestamps, nor the number and size of files and folders.
+Cryptomator is free to use on all desktop platforms, as well as on iOS in "read only" mode. Cryptomator offers [paid](https://cryptomator.org/pricing) apps with full functionality on iOS and Android. The Android version can be purchased anonymously via [ProxyStore](https://cryptomator.org/coop/proxystore).
+
Some Cryptomator cryptographic libraries have been [audited](https://community.cryptomator.org/t/has-there-been-a-security-review-audit-of-cryptomator/44) by Cure53. The scope of the audited libraries includes: [cryptolib](https://github.com/cryptomator/cryptolib), [cryptofs](https://github.com/cryptomator/cryptofs), [siv-mode](https://github.com/cryptomator/siv-mode) and [cryptomator-objc-cryptor](https://github.com/cryptomator/cryptomator-objc-cryptor). The audit did not extend to [cryptolib-swift](https://github.com/cryptomator/cryptolib-swift), which is a library used by Cryptomator for iOS.
Cryptomator's documentation details its intended [security target](https://docs.cryptomator.org/en/latest/security/security-target), [security architecture](https://docs.cryptomator.org/en/latest/security/architecture), and [best practices](https://docs.cryptomator.org/en/latest/security/best-practices) for use in further detail.
diff --git a/docs/mobile-browsers.md b/docs/mobile-browsers.md
index a9074c52..172a388b 100644
--- a/docs/mobile-browsers.md
+++ b/docs/mobile-browsers.md
@@ -209,7 +209,7 @@ These options can be found in :material-menu:/:fontawesome-solid-ellipsis: → *
**Cromite** is a Chromium-based browser with built-in ad blocking, fingerprinting protections, and other [privacy and security enhancements](https://github.com/uazo/cromite/blob/master/docs/FEATURES.md). It is a fork of the discontinued **Bromite** browser.
-[:octicons-home-16: Homepage](https://www.cromite.org){ .md-button .md-button--primary }
+[:octicons-home-16: Homepage](https://cromite.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uazo/cromite/blob/master/docs/PRIVACY_POLICY.md){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://github.com/uazo/cromite?tab=readme-ov-file#docs){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/uazo/cromite){ .card-link title="Source Code" }
@@ -217,7 +217,7 @@ These options can be found in :material-menu:/:fontawesome-solid-ellipsis: → *
Downloads
-- [:simple-android: F-Droid](https://www.cromite.org/fdroid/repo/?fingerprint=49F37E74DEE483DCA2B991334FB5A0200787430D0B5F9A783DD5F13695E9517B)
+- [:simple-android: F-Droid](https://cromite.org/fdroid/repo/?fingerprint=49F37E74DEE483DCA2B991334FB5A0200787430D0B5F9A783DD5F13695E9517B)
- [:simple-github: GitHub](https://github.com/uazo/cromite/releases/latest)
diff --git a/docs/os/ios-overview.md b/docs/os/ios-overview.md
index fdc89ab0..51cfe72c 100644
--- a/docs/os/ios-overview.md
+++ b/docs/os/ios-overview.md
@@ -104,7 +104,7 @@ It is important to install **Software Updates** frequently to get the latest sec
- [x] Turn on **Install iOS Updates**
- [x] Turn on **Security Responses & System Files**
-**AirDrop** is commonly used to easily share files, but it represents a significant privacy risk. The AirDrop protocol constantly broadcasts your personal information to your surroundings, with [very weak](https://www.usenix.org/system/files/sec21-heinrich.pdf) security protections. Your identity can easily be discovered by attackers even with limited resources, and the Chinese government has [openly acknowledged](https://arstechnica.com/security/2024/01/hackers-can-id-unique-apple-airdrop-users-chinese-authorities-claim-to-do-just-that/) using such techniques to identify AirDrop users in public since 2022.
+**AirDrop** is commonly used to easily share files, but it represents a significant privacy risk. The AirDrop protocol constantly broadcasts your personal information to your surroundings, with [very weak](https://usenix.org/system/files/sec21-heinrich.pdf) security protections. Your identity can easily be discovered by attackers even with limited resources, and the Chinese government has [openly acknowledged](https://arstechnica.com/security/2024/01/hackers-can-id-unique-apple-airdrop-users-chinese-authorities-claim-to-do-just-that) using such techniques to identify AirDrop users in public since 2022.
- [x] Select **AirDrop** → **Receiving Off**
diff --git a/docs/vpn.md b/docs/vpn.md
index 904bd775..0b23ece7 100644
--- a/docs/vpn.md
+++ b/docs/vpn.md
@@ -154,7 +154,7 @@ We also think it's better for the security of the VPN provider's private keys if
#### :material-check:{ .pg-green } Independently Audited
-IVPN has undergone a [no-logging audit from Cure53](https://cure53.de/audit-report_ivpn.pdf) which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a [comprehensive pentest report Cure53](https://cure53.de/summary-report_ivpn_2019.pdf) in January 2020. IVPN has also said they plan to have [annual reports](https://ivpn.net/blog/independent-security-audit-concluded) in the future. A further review was conducted [in April 2022](https://ivpn.net/blog/ivpn-apps-security-audit-2022-concluded) and was produced by Cure53 [on their website](https://cure53.de/pentest-report_IVPN_2022.pdf).
+IVPN has had multiple [independent audits](https://ivpn.net/en/blog/tags/audit) since 2019 and has publicly announced their commitment to [annual security audits](https://ivpn.net/blog/ivpn-apps-security-audit-concluded).
#### :material-check:{ .pg-green } Open-Source Clients
@@ -229,15 +229,7 @@ We also think it's better for the security of the VPN provider's private keys if
#### :material-check:{ .pg-green } Independently Audited
-Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report [published at cure53.de](https://cure53.de/pentest-report_mullvad_v2.pdf). The security researchers concluded:
-
-> Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
-
-In 2020 a second audit [was announced](https://mullvad.net/blog/2020/6/25/results-available-audit-mullvad-app) and the [final audit report](https://cure53.de/pentest-report_mullvad_2020_v2.pdf) was made available on Cure53's website:
-
-> The results of this May-June 2020 project targeting the Mullvad complex are quite positive. [...] The overall application ecosystem used by Mullvad leaves a sound and structured impression. The overall structure of the application makes it easy to roll out patches and fixes in a structured manner. More than anything, the findings spotted by Cure53 showcase the importance of constantly auditing and re-assessing the current leak vectors, in order to always ensure privacy of the end-users. With that being said, Mullvad does a great job protecting the end-user from common PII leaks and privacy related risks.
-
-In 2021 an infrastructure audit [was announced](https://mullvad.net/en/blog/2021/1/20/no-pii-or-privacy-leaks-found-cure53s-infrastructure-audit) and the [final audit report](https://cure53.de/pentest-report_mullvad_2021_v1.pdf) was made available on Cure53's website. Another report was commissioned [in June 2022](https://mullvad.net/en/blog/2022/6/22/vpn-server-audit-found-no-information-leakage-or-logging-of-customer-data) and is available on [Assured's website](https://assured.se/publications/Assured_Mullvad_relay_server_audit_report_2022.pdf).
+Mullvad has had multiple [independent audits](https://mullvad.net/en/blog/tag/audits) and has publicly announced their endeavors to conduct [annual audits](https://mullvad.net/en/blog/no-pii-or-privacy-leaks-found-cure53s-infrastructure-audit) of their apps and infrastructure.
#### :material-check:{ .pg-green } Open-Source Clients
diff --git a/includes/contributors.md b/includes/contributors.md
index 916ce449..a89c4659 100644
--- a/includes/contributors.md
+++ b/includes/contributors.md
@@ -449,6 +449,7 @@
