diff --git a/blog/.authors.yml b/blog/.authors.yml
index ca43e8c7..5ec14be5 100644
--- a/blog/.authors.yml
+++ b/blog/.authors.yml
@@ -40,13 +40,6 @@ authors:
name: fria
description: Team Member
avatar: https://github.com/friadev.png
- jordan:
- name: Jordan Warne
- description: Video Producer
- avatar: https://forum-cdn.privacyguides.net/user_avatar/discuss.privacyguides.net/jordan/288/7793_2.png
- mastodon:
- username: jw
- instance: social.lol
jonah:
name: Jonah Aragon
description: Project Director
@@ -56,13 +49,6 @@ authors:
instance: neat.computer
twitter: jonaharagon
bluesky: jonaharagon.com
- justin:
- name: Justin Ehrenhofer
- description: Guest Contributor
- avatar: https://github.com/SamsungGalaxyPlayer.png
- mastodon:
- username: sgp
- instance: neat.computer
kaitebay:
name: Kai Tebay
description: Former Team Member
diff --git a/blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp b/blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp
deleted file mode 100644
index d209772f..00000000
Binary files a/blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/cardiff-giant.jpg b/blog/assets/images/digital-provenance/cardiff-giant.jpg
deleted file mode 100644
index 130e5a4c..00000000
Binary files a/blog/assets/images/digital-provenance/cardiff-giant.jpg and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/cover.jpg b/blog/assets/images/digital-provenance/cover.jpg
deleted file mode 100644
index fbda7ad8..00000000
Binary files a/blog/assets/images/digital-provenance/cover.jpg and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/geese1.jpeg b/blog/assets/images/digital-provenance/geese1.jpeg
deleted file mode 100644
index 44e30b9e..00000000
Binary files a/blog/assets/images/digital-provenance/geese1.jpeg and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/geese2.jpeg b/blog/assets/images/digital-provenance/geese2.jpeg
deleted file mode 100644
index 52905968..00000000
Binary files a/blog/assets/images/digital-provenance/geese2.jpeg and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/geese3.jpeg b/blog/assets/images/digital-provenance/geese3.jpeg
deleted file mode 100644
index ecab07a3..00000000
Binary files a/blog/assets/images/digital-provenance/geese3.jpeg and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/geese4.jpeg b/blog/assets/images/digital-provenance/geese4.jpeg
deleted file mode 100644
index f10fd3eb..00000000
Binary files a/blog/assets/images/digital-provenance/geese4.jpeg and /dev/null differ
diff --git a/blog/assets/images/digital-provenance/manifest.svg b/blog/assets/images/digital-provenance/manifest.svg
deleted file mode 100644
index 8c2647c6..00000000
--- a/blog/assets/images/digital-provenance/manifest.svg
+++ /dev/null
@@ -1,40 +0,0 @@
-
\ No newline at end of file
diff --git a/blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp b/blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp
deleted file mode 100644
index 9ad0a550..00000000
Binary files a/blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-cover.webp b/blog/assets/images/in-praise-of-tor/tor-cover.webp
deleted file mode 100644
index 7fb0c678..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-cover.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-darkweb.webp b/blog/assets/images/in-praise-of-tor/tor-darkweb.webp
deleted file mode 100644
index 84ce4cac..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-darkweb.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-diagram.webp b/blog/assets/images/in-praise-of-tor/tor-diagram.webp
deleted file mode 100644
index c3c05719..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-diagram.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-privacyguides.webp b/blog/assets/images/in-praise-of-tor/tor-privacyguides.webp
deleted file mode 100644
index abe99c1a..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-privacyguides.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-safestsetting.webp b/blog/assets/images/in-praise-of-tor/tor-safestsetting.webp
deleted file mode 100644
index f15321c5..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-safestsetting.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-torbrowser.webp b/blog/assets/images/in-praise-of-tor/tor-torbrowser.webp
deleted file mode 100644
index c65be9e4..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-torbrowser.webp and /dev/null differ
diff --git a/blog/assets/images/in-praise-of-tor/tor-torcircuit.webp b/blog/assets/images/in-praise-of-tor/tor-torcircuit.webp
deleted file mode 100644
index ea132a17..00000000
Binary files a/blog/assets/images/in-praise-of-tor/tor-torcircuit.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-applelabel.webp b/blog/assets/images/keepassium-review/keepassium-applelabel.webp
deleted file mode 100644
index 665161a0..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-applelabel.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-appprotection.webp b/blog/assets/images/keepassium-review/keepassium-appprotection.webp
deleted file mode 100644
index 0915e922..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-appprotection.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-appstoremac.webp b/blog/assets/images/keepassium-review/keepassium-appstoremac.webp
deleted file mode 100644
index 483465bc..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-appstoremac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-attachmentmac.webp b/blog/assets/images/keepassium-review/keepassium-attachmentmac.webp
deleted file mode 100644
index eafcc1d7..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-attachmentmac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-autofill.webp b/blog/assets/images/keepassium-review/keepassium-autofill.webp
deleted file mode 100644
index 8e95c1aa..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-autofill.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-autofillmac.webp b/blog/assets/images/keepassium-review/keepassium-autofillmac.webp
deleted file mode 100644
index cf81e5ff..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-autofillmac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-backup.webp b/blog/assets/images/keepassium-review/keepassium-backup.webp
deleted file mode 100644
index b97d0a54..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-backup.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-cover.webp b/blog/assets/images/keepassium-review/keepassium-cover.webp
deleted file mode 100644
index 551bbcc4..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-cover.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-databaseoptions.webp b/blog/assets/images/keepassium-review/keepassium-databaseoptions.webp
deleted file mode 100644
index 6dc031b4..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-databaseoptions.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-dataprotection.webp b/blog/assets/images/keepassium-review/keepassium-dataprotection.webp
deleted file mode 100644
index 85002d8e..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-dataprotection.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-encryptionoptions.webp b/blog/assets/images/keepassium-review/keepassium-encryptionoptions.webp
deleted file mode 100644
index eff59153..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-encryptionoptions.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-entries.webp b/blog/assets/images/keepassium-review/keepassium-entries.webp
deleted file mode 100644
index 4949650c..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-entries.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-entrymac.webp b/blog/assets/images/keepassium-review/keepassium-entrymac.webp
deleted file mode 100644
index fb7a4d22..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-entrymac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-fileinfo.webp b/blog/assets/images/keepassium-review/keepassium-fileinfo.webp
deleted file mode 100644
index 58c59bce..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-fileinfo.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-fileinfomac.webp b/blog/assets/images/keepassium-review/keepassium-fileinfomac.webp
deleted file mode 100644
index cb2ffcf4..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-fileinfomac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-generator.webp b/blog/assets/images/keepassium-review/keepassium-generator.webp
deleted file mode 100644
index 352f7c3f..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-generator.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-generatormac.webp b/blog/assets/images/keepassium-review/keepassium-generatormac.webp
deleted file mode 100644
index dd3d48bb..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-generatormac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-groups.webp b/blog/assets/images/keepassium-review/keepassium-groups.webp
deleted file mode 100644
index b8f1b706..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-groups.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-largeindexedfont.webp b/blog/assets/images/keepassium-review/keepassium-largeindexedfont.webp
deleted file mode 100644
index bb0d4d30..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-largeindexedfont.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-loginappmac.webp b/blog/assets/images/keepassium-review/keepassium-loginappmac.webp
deleted file mode 100644
index f9d16ffc..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-loginappmac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-loginsafarimac.webp b/blog/assets/images/keepassium-review/keepassium-loginsafarimac.webp
deleted file mode 100644
index a8718e3e..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-loginsafarimac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-movedatabase.webp b/blog/assets/images/keepassium-review/keepassium-movedatabase.webp
deleted file mode 100644
index 718c0fe8..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-movedatabase.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-moveentry.webp b/blog/assets/images/keepassium-review/keepassium-moveentry.webp
deleted file mode 100644
index 037c864e..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-moveentry.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-newdatabase.webp b/blog/assets/images/keepassium-review/keepassium-newdatabase.webp
deleted file mode 100644
index b3ad2d18..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-newdatabase.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-newdatabasemac.webp b/blog/assets/images/keepassium-review/keepassium-newdatabasemac.webp
deleted file mode 100644
index 07530cc7..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-newdatabasemac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-newentry.webp b/blog/assets/images/keepassium-review/keepassium-newentry.webp
deleted file mode 100644
index 3acc52dc..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-newentry.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-offline.webp b/blog/assets/images/keepassium-review/keepassium-offline.webp
deleted file mode 100644
index 78674bfc..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-offline.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-otp.webp b/blog/assets/images/keepassium-review/keepassium-otp.webp
deleted file mode 100644
index 34630f8e..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-otp.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-otpentry.webp b/blog/assets/images/keepassium-review/keepassium-otpentry.webp
deleted file mode 100644
index 0d6e5c61..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-otpentry.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-pdfviewer.webp b/blog/assets/images/keepassium-review/keepassium-pdfviewer.webp
deleted file mode 100644
index f18b9259..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-pdfviewer.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-pricing.webp b/blog/assets/images/keepassium-review/keepassium-pricing.webp
deleted file mode 100644
index 102d9dfb..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-pricing.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-print.webp b/blog/assets/images/keepassium-review/keepassium-print.webp
deleted file mode 100644
index 61105322..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-print.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-startdatabase.webp b/blog/assets/images/keepassium-review/keepassium-startdatabase.webp
deleted file mode 100644
index 5ef3a0d0..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-startdatabase.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-startwelcome.webp b/blog/assets/images/keepassium-review/keepassium-startwelcome.webp
deleted file mode 100644
index d33f78e6..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-startwelcome.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-startwelcomemac.webp b/blog/assets/images/keepassium-review/keepassium-startwelcomemac.webp
deleted file mode 100644
index da2837f6..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-startwelcomemac.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium-textsize.webp b/blog/assets/images/keepassium-review/keepassium-textsize.webp
deleted file mode 100644
index 6fe62e1b..00000000
Binary files a/blog/assets/images/keepassium-review/keepassium-textsize.webp and /dev/null differ
diff --git a/blog/assets/images/keepassium-review/keepassium.svg b/blog/assets/images/keepassium-review/keepassium.svg
deleted file mode 100644
index 7d83b2cc..00000000
--- a/blog/assets/images/keepassium-review/keepassium.svg
+++ /dev/null
@@ -1,10 +0,0 @@
-
-
-
\ No newline at end of file
diff --git a/blog/assets/images/monero-server-using-truenas/01-datasets.webp b/blog/assets/images/monero-server-using-truenas/01-datasets.webp
deleted file mode 100644
index ab86b11b..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/01-datasets.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/02-edit-acl.webp b/blog/assets/images/monero-server-using-truenas/02-edit-acl.webp
deleted file mode 100644
index 7dfe0eb2..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/02-edit-acl.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/03-arti-shell.webp b/blog/assets/images/monero-server-using-truenas/03-arti-shell.webp
deleted file mode 100644
index 427d41ea..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/03-arti-shell.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/04-arti-shell.webp b/blog/assets/images/monero-server-using-truenas/04-arti-shell.webp
deleted file mode 100644
index 4be0d895..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/04-arti-shell.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/05-i2p-install.webp b/blog/assets/images/monero-server-using-truenas/05-i2p-install.webp
deleted file mode 100644
index a67ac21a..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/05-i2p-install.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/06-i2p-settings.webp b/blog/assets/images/monero-server-using-truenas/06-i2p-settings.webp
deleted file mode 100644
index 9014493d..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/06-i2p-settings.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/07-monero-shell.webp b/blog/assets/images/monero-server-using-truenas/07-monero-shell.webp
deleted file mode 100644
index 7b79c858..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/07-monero-shell.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/08-monero-shell.webp b/blog/assets/images/monero-server-using-truenas/08-monero-shell.webp
deleted file mode 100644
index 63c0abe4..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/08-monero-shell.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/09-monero-install.webp b/blog/assets/images/monero-server-using-truenas/09-monero-install.webp
deleted file mode 100644
index 8186ae2e..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/09-monero-install.webp and /dev/null differ
diff --git a/blog/assets/images/monero-server-using-truenas/cover.webp b/blog/assets/images/monero-server-using-truenas/cover.webp
deleted file mode 100644
index 54284050..00000000
Binary files a/blog/assets/images/monero-server-using-truenas/cover.webp and /dev/null differ
diff --git a/blog/assets/images/privacy-pass/blind-signatures.webp b/blog/assets/images/privacy-pass/blind-signatures.webp
deleted file mode 100644
index 99d6637a..00000000
Binary files a/blog/assets/images/privacy-pass/blind-signatures.webp and /dev/null differ
diff --git a/blog/assets/images/privacy-pass/cover.webp b/blog/assets/images/privacy-pass/cover.webp
deleted file mode 100644
index 75878427..00000000
Binary files a/blog/assets/images/privacy-pass/cover.webp and /dev/null differ
diff --git a/blog/assets/images/privacy-pass/google-vpn.webp b/blog/assets/images/privacy-pass/google-vpn.webp
deleted file mode 100644
index b8ffec62..00000000
Binary files a/blog/assets/images/privacy-pass/google-vpn.webp and /dev/null differ
diff --git a/blog/assets/images/privacy-pass/private-access-tokens.webp b/blog/assets/images/privacy-pass/private-access-tokens.webp
deleted file mode 100644
index bb7e1fbb..00000000
Binary files a/blog/assets/images/privacy-pass/private-access-tokens.webp and /dev/null differ
diff --git a/blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp b/blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp
deleted file mode 100644
index 533ebfec..00000000
Binary files a/blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp and /dev/null differ
diff --git a/blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp b/blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp
deleted file mode 100644
index c6b33fda..00000000
Binary files a/blog/assets/images/sam-altman-wants-your-eyeball/orb-cover.webp and /dev/null differ
diff --git a/blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp b/blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp
deleted file mode 100644
index c4a3e326..00000000
Binary files a/blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp and /dev/null differ
diff --git a/blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp b/blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp
deleted file mode 100644
index b5ff67e3..00000000
Binary files a/blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp and /dev/null differ
diff --git a/blog/assets/images/tor-security-slider-flaw/cover.png b/blog/assets/images/tor-security-slider-flaw/cover.png
deleted file mode 100644
index 8369eeef..00000000
Binary files a/blog/assets/images/tor-security-slider-flaw/cover.png and /dev/null differ
diff --git a/blog/assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png b/blog/assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png
deleted file mode 100644
index b2070ff5..00000000
Binary files a/blog/assets/images/tor-security-slider-flaw/safer-level-after-restart-jetstream2.png and /dev/null differ
diff --git a/blog/assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png b/blog/assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png
deleted file mode 100644
index ededca27..00000000
Binary files a/blog/assets/images/tor-security-slider-flaw/safer-level-before-restart-jetstream2.png and /dev/null differ
diff --git a/blog/assets/images/tor-security-slider-flaw/standard-level-jetstream2.png b/blog/assets/images/tor-security-slider-flaw/standard-level-jetstream2.png
deleted file mode 100644
index e5053c6c..00000000
Binary files a/blog/assets/images/tor-security-slider-flaw/standard-level-jetstream2.png and /dev/null differ
diff --git a/blog/assets/images/you-can-say-no/no-cover.webp b/blog/assets/images/you-can-say-no/no-cover.webp
deleted file mode 100644
index c1e2ef16..00000000
Binary files a/blog/assets/images/you-can-say-no/no-cover.webp and /dev/null differ
diff --git a/blog/assets/images/your-online-life-is-irl/irl-cover.webp b/blog/assets/images/your-online-life-is-irl/irl-cover.webp
deleted file mode 100644
index 757b35b6..00000000
Binary files a/blog/assets/images/your-online-life-is-irl/irl-cover.webp and /dev/null differ
diff --git a/blog/posts/age-verification-wants-your-face.md b/blog/posts/age-verification-wants-your-face.md
deleted file mode 100644
index 4d0bf6ae..00000000
--- a/blog/posts/age-verification-wants-your-face.md
+++ /dev/null
@@ -1,112 +0,0 @@
----
-date:
- created: 2025-05-06T21:45:00Z
-categories:
- - News
-authors:
- - em
-description: Age verification laws and propositions forcing platforms to restrict content accessed by children and teens have been multiplying in recent years. The problem is, implementing such measure necessarily requires identifying each user accessing this content, one way or another. This is bad news for your privacy.
-schema_type: AnalysisNewsArticle
-preview:
- cover: blog/assets/images/age-verification-wants-your-face/ageverification-cover.webp
----
-
-# Age Verification Wants Your Face, and Your Privacy
-
-
-
-Photo: Kyle Glenn / Unsplash
-
-Age verification laws and propositions forcing platforms to restrict content accessed by children and teens have been multiplying in recent years. The problem is, implementing such measures necessarily requires identifying each user accessing this content, one way or another. This is bad news for your privacy.
-
-For a few years now, several legislators in North America, Europe, and Australia have expressed concern about children and teens accessing certain types of content online. While there is no doubt some online content can be worrisome, implementing a technological solution for this is [extremely problematic](https://www.jonaharagon.com/posts/age-verification-is-incompatible-with-the-internet/).
-
-By mandating platforms to be legally responsible to verify a user's age, regulators effectively force them to identify each user requesting access to content deemed inappropriate under a certain age threshold.
-
-If these regulations continue to proliferate, this could lead to the end of pseudonymity online.
-
-## How can age be verified online
-
-Verifying age online is [difficult](https://www.woodhullfoundation.org/fact-checked/online-age-verification-is-not-the-same-as-flashing-your-id-at-a-liquor-store/). There isn't any magical solution to it, it's either recording how a user looks or scanning official documents.
-
-Conducting verification "on-device" offers only few additional protections considering this information still has to be checked and reported with an external service, somehow.
-
-Moreover, processes used to keep this data "on-device" are often opaque. Taking into account how valuable this information is, it becomes very difficult to trust any for-profit third-party services which such a sensitive task.
-
-Users' faces and official documents are two types of very sensitive information. Who becomes responsible to collect, process, store, and safeguard this data? With whom does this data get shared, and for which other purposes? And how accurate is this data anyway?
-
-### Facial scans
-
-Some platforms and third-party providers of the rapidly growing "[identity verification industry](https://www.businessresearchinsights.com/market-reports/digital-identity-verification-market-118180)" have started to use facial recognition and face scan systems in order to determine a user's age.
-
-The problem is, the systems are [horrible for everyone's privacy](https://www.liberties.eu/en/stories/facial-recognition-privacy-concerns/44518), extremely problematic to use due to [racist and gendered biases](https://www.aclu-mn.org/en/news/biased-technology-automated-discrimination-facial-recognition), [inaccurate](https://www.eff.org/deeplinks/2025/01/face-scans-estimate-our-age-creepy-af-and-harmful) to determine the correct age, and on top of all that, [can be cheated](https://www.theregister.com/2022/05/22/ai_in_brief/).
-
-### Official documents
-
-The second solution is to require users to provide an official piece of ID. Considering an official ID often contain a photo, full legal name, date of birth, home address, and government specific codes, this is even worse.
-
-All this sensitive data then gets collected by either the platform itself or a third-party provider with little oversight or incentive to protect this data at all. Leaks and breaches for this enormous data trove are just around the corner. Unfortunately, this isn't speculative, [data leaks have already occurred](https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/).
-
-The more copies of your official documents exist online, the greater the risk this data *will get exposed*, and the less value this document has to actually identify you when it's *truly* needed.
-
-And again, this sort of verification is easy to cheat. Any determined teenager will soon learn how to either create a fake ID, use someone else's ID, or go around this verification system in another way.
-
-Age verification laws will *without a doubt* support a flourishing criminal industry to provide fake or stolen IDs even more easily online.
-
-## Where age verification is (or will be) required
-
-In April this year, [Discord started to test age verification systems](https://www.theverge.com/news/650493/discord-age-verification-face-id-scan-experiment) using facial or ID scans, as a way to comply with [Australia](https://www.bbc.co.uk/news/articles/c89vjj0lxx9o)'s and [UK](https://www.theverge.com/2023/10/26/23922397/uk-online-safety-bill-law-passed-royal-assent-moderation-regulation)'s new laws.
-
-This measure only applies to access certain protected posts for users located in Australia and the United Kingdom and at this time, but don't be surprised if it soon gets implemented at the account level for users everywhere.
-
-In the [United States](https://action.freespeechcoalition.com/age-verification-resources/state-avs-laws/), many states have already passed some types of age verification laws, and several others have proposed such laws. In [Canada](https://www.eff.org/deeplinks/2024/09/canadas-leaders-must-reject-overbroad-age-verification-bill) and [Europe](https://digital-strategy.ec.europa.eu/en/funding/call-tenders-development-consultancy-and-support-age-verification-solution), legislators have also been pushing for similar regulations to block content online subject to age verification.
-
-There is no doubt the more countries pass similar prohibitive laws, the more other countries will soon follow.
-
-Some hope however, this month a US federal judge ruled an age verification [law in Arkansas unconstitutional](https://thehill.com/homenews/state-watch/5228836-judge-blocks-social-media-age-verification-law-in-arkansas/).
-
-## Who decides what is sensitive content
-
-When talking about age verification, most assume this only applies to obvious pornographic content. However, many of these laws have [much wider reach](https://www.eff.org/deeplinks/2025/01/impact-age-verification-measures-goes-beyond-porn-sites).
-
-For example, the Australian law prohibits access to social media altogether for anyone under the age of 16. This means that, once the law comes into full effect after its transitional period, anyone who uses social media in Australia will have to prove they are older than this age. It is likely that all Australian users will have to provide some form of identifying data to continue using their social media accounts. **This is a privacy nightmare.**
-
-When laws target specific content, definition of what is appropriate and what isn't is often too broad. Moreover, this definition is subject to change from one administration to another.
-
-There are also wide differences from one country to another. For example, some countries sadly consider simple discussions of gender identity or sexual orientation to be sensitive content. What is deemed inappropriate to children in one culture might not be the same in another.
-
-Automating this sort of censorship leads to a lot of misfiring. There has already been numerous instances of [breastfeeding photos mislabelled](https://www.cbc.ca/news/world/facebook-clarifies-breastfeeding-pics-ok-updates-rules-1.2997124) for nudity. Important educational material for sex education could get censored and inaccessible to children, who critically need access to it *before* adulthood.
-
-Who will decide which content should be censored and which shouldn't? Will countries hosting the big tech platforms end up having a greater decision power in the matter? Will platforms simply decide to apply the strongest level of restriction worldwide?
-
-## Age verification isn't effective
-
-Even if we could somehow find a global consensus that is perfectly ethical and never misfires on which content children shouldn't access, it will likely fail.
-
-Children, and teenagers especially, are and have always been incredibly effective at going around such limitation to feed their curious minds.
-
-First, there are technical tools such as VPNs and proxies of all sort to go around location-based restrictions. Then, there's the classic fake ID, and its modern evolution: deepfake face. There will also be without a doubt a growing market of pre-verified "adult" accounts up for sale online.
-
-Perhaps age verification measures will work for a couple of months, until products to evade it get the word out, then they'll become useless. Only leaving the ashes of your social media legal consenting adult pseudonymity in its path.
-
-## Why it's bad news for everyone's privacy
-
-Age verification will require all platforms and/or third-party identification service providers to collect an enormous trove of sensitive data on everyone.
-
-This goes against all principles of data minimization, generally a vital part of data protection regulations.
-
-Daily occurrences of data breach incidents have taught us we cannot trust these services to safeguard our data. Data breaches for this sensitive information are only a matter of time.
-
-The concentration of such valuable data will likely be monetized and resold either by the platforms themselves, by the for-profit third-party "age assurance" providers they use, or eventually by the criminals who stole it from them.
-
-This data trove will include face scans of children with their location (trying to pass as adults), and faces and official documents from every adult in the world using social media, if this kind of regulation gets implemented at large.
-
-**The privacy and safety implications of this are absolutely disastrous**.
-
-## Age verification is not the solution
-
-Sadly, age verification legislation will not help safeguard children from harmful content online, but it will effectively remove protection for anyone needing pseudonymity online to [stay safe](privacy-means-safety.md). Moreover, it will put everyone at a much greater risk of victimization by identify theft, impersonation, stalking, and worse.
-
-Despite the perhaps well-intended legislators, technological solutions aren't always adequate to solve every problem we have. Here again, education and content moderation are likely much better ways to deal with this sort of issues.
-
-In the meantime, don't be surprised if you cross a teenager on the street suddenly pointing their phone to scan *your* adult face, or a young relative looking in your wallet. They probably won't be looking for your money, but most likely for your adult ID.
diff --git a/blog/posts/digital-provenance.md b/blog/posts/digital-provenance.md
deleted file mode 100644
index a10a7a9a..00000000
--- a/blog/posts/digital-provenance.md
+++ /dev/null
@@ -1,238 +0,0 @@
----
-date:
- created: 2025-05-19T20:15:00Z
-categories:
- - Opinion
-authors:
- - fria
-tags:
- - AI
- - Content Credentials
----
-# The Power of Digital Provenance in the Age of AI
-
-
-
-Photo: Kseniya Lapteva / Pexels | Logo: Content Credentials
-
-With the popularity of generative AI, it's becoming more and more difficult to [distinguish](https://uwaterloo.ca/news/media/can-you-tell-ai-generated-people-real-ones) reality from fiction. Can this problem be solved using cryptography? What are the privacy implications of the currently proposed systems?
-
-## The Problem
-
-Can you tell which of these images are AI generated?
-
-
-
-
-
-
-
-
-
-
-
-
-
-...Have a guess?
-
----
-
-Actually, they're all real. But the fact that you may have believed some of them were AI generated poses a problem: How can we tell where an image came from, if it was AI generated, and whether it was edited?
-
-## Provenance
-
-[Provenance](https://youtu.be/K56EhgfCDjs) is the history of ownership of an object, typically used when referring to antiques or art. Knowing the history of a piece of art can affect the value a lot, but you need a way to prove it's an original piece by the artist instead of a reproduction, or was owned by a famous person.
-
-Provenance can take many [forms](https://artbusiness.com/provwarn.html), from an original receipt or documentation from the artist themselves to stickers from a gallery attached to it. Typically, you want a signed [certificate](https://www.artcertificate.co.uk/?id_article=2267) from an expert on the artist in order to verify its authenticity.
-
-## Hoaxes
-
-It's important for historical preservation as well to know that an object is really from a certain time period. There's no shortage of [historical hoaxes](https://www.history.com/articles/7-historical-hoaxes). These can distort our view of history and make us all a bit dumber.
-
-### Cardiff Giant
-
-One of the most famous hoaxes was that of the [Cardiff Giant](https://www.history.com/articles/the-cardiff-giant-fools-the-nation-145-years-ago).
-
-An atheist named George Hull got into an argument with a preacher. Hull was frustrated with the preacher's literal interpretation of the bible, particularly his belief that giants were real.
-
-Hull devised a plan to trick the religious and make some money at the same time. He would have a statue of a giant man constructed and pass it off as a petrified human.
-
-After securing the materials needed, specifically a soft material called gypsum, he convinced a marble dealer to help him with his scheme. A pair of sculptors carved out the visage of a giant 10-foot man, with Hull posing as a model. They even poured sulfuric acid over it to give it an aged look.
-
-He settled on burying the giant in Cardiff, New York, where he cut a deal with a distant relative and farmer named William "Stub" Newell.
-
-On October 16, 1869, Newell hired an unsuspecting pair of workers to dig a well on his property. After they inevitably uncovered the giant, it wasn't long before the whole town was in a frenzy.
-
-
-
-Photo: Wikimedia Commons (Public Domain)
-
-Speculation that the sculpture was an ancient, petrified man quickly began to spread. Eventually, a syndicate of businessmen offered Newell $30,000 (worth $[705,438.97](https://www.in2013dollars.com/us/inflation/1869?amount=30000) in today's money) for a three-fourths stake, and he took them up on that offer.
-
-P.T. Barnum even tried to buy the sculpture, and after being turned down, he had a replica built and displayed it in a Manhattan museum. Several other copies were made afterward, and soon, there were petrified giants being exhibited all over the country.
-
-In a way that seems familiar to us now, you couldn't even be sure you were looking at the *real* hoax. Misinformation can so easily mutate and spread when left unchecked.
-
-A famed Yale paleontologist named Othniel Charles Marsh declared it "of very recent origin, and a most decided humbug." Unfortunately, as is so often the case, Hull had already cashed in on the fervor by the time experts had properly debunked his hoax.
-
-### AI Hoaxes
-
-Many modern hoaxes tend to make use of social media and focus on getting views and clicks over selling a physical object.
-
-[Miniminuteman](https://youtu.be/Pc2psN0PFTk) is a great YouTube channel covering misinformation on the internet, specifically about archaeology. Misinformation can spread quickly, especially now with the rise of generative AI that can make convincing fake images and videos.
-
-[Here](https://www.mediamatters.org/media/4016186/embed/embed) you can see an example of AI being used to make a fake Joe Rogan podcast clip. Now, whether or not you view Joe Rogan as a reliable source of information is another topic, but as one of the [most popular podcasts](https://podcastcharts.byspotify.com), his reach could be leveraged to spread dangerous misinformation like that a meteor is going to hit earth and kill everyone.
-
-The effort required is low, and the return is high. With TikTok's [Creator Rewards Program](https://www.tiktok.com/creator-academy/en/article/creator-rewards-program), content that's at least 60 seconds long and has high engagement will be rewarded. That means longer videos with alarming content like conspiracy theory videos will do very well since they will have lots of comments from people either fooled by the content posting about how scared they are or people debunking the claims. The insidious thing is the creators get rewarded either way.
-
-[Several](https://youtu.be/E4I6K8OEyho?si=wbWAUcLsjOA7yDnO) [history](https://youtu.be/cqrHmjGD1ds?si=k60RTO9MH177ASTS) [channels](https://youtu.be/HG1324unhcA?si=MuwglKd52FQ7iKU3) on YouTube have expressed their concerns about misinformation being spread about history through AI generated images and videos and how they can distort our view of the past. There's even the possibility that these AI generated images could end up polluting the historical record.
-
-## Content Authenticity Initiative
-
-In 2019, [Adobe announced](https://contentauthenticity.org/blog/test) that it was partnering with the New York Times and Twitter on a project to develop an industry standard for digital content attribution called the Content Authenticity Initiative.
-
-Twitter has since dropped out of the partnership.
-
-## Project Origin
-
-At the same time, [Project Origin](https://www.originproject.info) was designing their system for content transparency. This started as a partnership between Microsoft and the BBC.
-
-## C2PA
-
-The Coalition for Content Provenance and Authenticity, or [C2PA](https://c2pa.org), combines the efforts of Project Origin and the Content Authenticity Initiative. Together, they created the [C2PA standard](https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html) used to add verifiable provenance data to files, which they dub "Content Credentials."
-
-## Content Credentials
-
-[Content Credentials](https://contentcredentials.org) are the implementation of digital provenance by the C2PA, the culmination of years of research and development by major tech companies, from camera manufacturers to photo editing software and AI companies to social media sites.
-
-The way Content Credentials work draws on concepts both familiar and alien. The standard is designed to be flexible and cover the myriad ways media is used online.
-
-It's important to note that Content Credentials aren't attempting to determine "truth"; that's a much more complex and philosophical topic. Rather, they're trying to show where an image came from, edits made to it, its constituent parts, etc. so that you can decide for yourself if you trust the source. It's trying to show you that an image came from the BBC, rather than whether you should trust the BBC.
-
-### Manifest
-
-Content Credentials are contained in what's called the **manifest**. The manifest consists of the claim, claim signature, and assertions.
-
-
-
-Illustration: [C2PA](https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html)
-
-The manifest is created by hardware or software called a "claim generator."
-
-Files can have multiple manifests, and the set of manifests comprise its provenance data.
-
-#### Assertions
-
-An assertion is labelled data such as the type of camera used, actions performed on the image such as color corrections, a thumbnail image, or other types of data.
-
-#### Claim
-
-The claim gathers together all the assertions and then hashes and cryptographically signs them. The claim is the part that backs up the assertions with cryptography; without it, there wouldn't be a way to verify the authenticity of the data.
-
-### Signatures
-
-The foundation is based around cryptographic signatures, similar to how you'd cryptographically sign software or text with a PGP signature.
-
-The parts of a file that are cryptographically verified are called "hard bindings." This allows programs to detect tampering.
-
-#### Certificate Authorities
-
-There are certificate authorities similar to how HTTPS works, which allow only signatures from trusted sources. Non-trusted signatures will give a warning in whatever C2PA-enabled software you're using.
-
-Content Credentials allow for each application to provide its own *trust lists*: lists of certificate authorities trusted by the application.
-
-The C2PA gives a few examples to illustrate. A news organization might rely on a non-profit organization that verifies the authenticity of sources through real-world due diligence. An insurance company might operate its own internal CA to verify only its own employees handled the images.
-
-### Ingredients
-
-However, what's interesting is Content Credentials can cover multiple assets being [combined](https://contentcredentials.org/verify?source=https%3A%2F%2Fcontentcredentials.org%2F_app%2Fimmutable%2Fassets%2Fhome2.91ab8f2d.jpg) and still be able to verify each element of the image. Each element is called an "ingredient." When the ingredients come together, the result is called a "composed asset," with "asset" referring to a digital media file or data stream.
-
-### Chain of Provenance
-
-It also supports a chain of provenance, showing all steps in the life cycle of the file that change its contents such as edits. These are referred to as "actions."
-
-The specification supports a list of pre-defined actions such as edits, changing the color, translating to a different language, etc. It's really quite flexible, but the flexibility of information that can be provided allows for more opportunities for errors and means you need to trust the entity providing the information more.
-
-An issue I noticed is when making edits using software that doesn't support Content Credentials, they will be corrupted and can't be read by verification programs. This poses a problem for the "unbroken chain of provenance" that the standard promises.
-
-These verification programs tend to offer a way to check against a database of images with Content Credentials, so you can find an image with unbroken provenance data. They use "soft bindings" or a type of fingerprinting of the image in order to find similar images in the database.
-
-I think this problem will be less and less of an issue when more software supports the standard. It will need to be so ubiquitous that image viewing programs don't trust images without provenance data, similar to how browsers don't trust websites without HTTPS. But for now with its very limited availability, that's not the case.
-
-### Privacy
-
-Since Content Credentials are all about attaching extra data to images, concerns about privacy are reasonable.
-
-However, it's important to remember that metadata has always existed in relation to digital files. Just like the metadata we've always had, Content Credentials are optional.
-
-Of course, it'll be up to programs we use to mediate what data is included. In order for the system to work as intended, certain things like "this photo was edited in Adobe Photoshop" will need to be automatically applied. Clear lines between personal data such as names, location, etc. need to be kept up to the user to add.
-
-Privacy was one of the stated goals when the C2PA was designing Content Credentials, and I think they've done a good job giving users control over their information.
-
-## Support
-
-There are several online verification tools you can use to try out Content Credentials. [ContentCredentials.org](https://contentcredentials.org) offers a [verification tool](https://contentcredentials.org/verify) that lets you upload a media file and check its Content Credentials. They have some example images on their site you can try, or you can upload images from elsewhere and see where Content Credentials are supported, for example you can upload any image generated in ChatGPT.
-
-Content Credentials also offers an official [command line tool](https://github.com/contentauth/c2pa-rs/releases?q=c2patool), so you can view exactly what data is being stored in the image. They provide some samples as well that you can play around with. To view the content credentials, just run
-
-```sh
-c2patool sample/C.jpg
-```
-
-for any image you want to inspect, replacing sample/C.jpg with a path to your image.
-
-### BBC
-
-The BBC is doing a limited trial run of Content Credentials with [BBC Verify](https://www.bbc.com/news/bbcverify). Not all media in these articles have Content Credentials attached. [This article](https://www.bbc.com/news/world-latin-america-68462851) has Content Credentials for the video at the bottom. They also ask for feedback, so feel free to provide some. I'd like to see more Content Credentials show up in news reporting, so please add your voice.
-
-### OpenAI
-
-OpenAI has embraced Content Credentials, with images generated using ChatGPT identifying themselves using Content Credentials. Try [generating an image](https://chatgpt.com) and upload it to the verification tool. You should see it identify the origin as OpenAI.
-
-### TikTok
-
-[TikTok](https://newsroom.tiktok.com/en-us/partnering-with-our-industry-to-advance-ai-transparency-and-literacy) became the first video sharing platform to support Content Credentials. For now, it's limited to being able to read Content Credentials from certain AI platforms. They say in the future they'll start labeling all content from TikTok with Content Credentials, but it seems they haven't enabled that yet, as if you download a video from TikTok, the C2PA verify tool will say it doesn't have any Content Credentials.
-
-### Leica
-
-Leica's [M11-P camera](https://leica-camera.com/en-US/photography/cameras/m/m11-p-black) is the first camera in the world to support Content Credentials. That's a huge step toward adoption; camera manufacturers need to support Content Credentials if they're going to be included from the creation of the image.
-
-### Nikon
-
-Nikon is planning to release a firmware update for their [Z6III](https://www.nikon.co.uk/en_GB/learn-and-explore/magazine/gear/nikon-z6iii-firmware-update-to-feature-content-verification) camera that will support Content Credentials.
-
-### Adobe
-
-Much of Adobe's [software](https://helpx.adobe.com/creative-cloud/help/content-credentials.html) supports Content Credentials, including Photoshop, Lightroom, and Adobe Camera Raw as well as Adobe's Firefly AI.
-
-### Qualcomm
-
-With the Snapdragon 8 Gen 3 chipset, Qualcomm is embedding Content Credential capabilities into the Trusted Execution Environment, allowing for Content Credentials to be added right as the photo is produced.
-
-## Limitations
-
-### Lack of Support
-
-Content Credentials will need widespread support at every level, from hardware OEMs to photo editing software vendors and AI generators to sites that host and display images. The rollout of Content Credentials will be slow, although more and more companies are starting to support them.
-
-There are still major players missing support like Apple and Android, which is a big problem considering how many images are taken, edited, and shared on smartphones. Once photos taken from your phone can be imbued with Content Credentials in the default camera app, we'll see much wider adoption I think.
-
-### Easy to Remove
-
-In my testing, any edits from a program that doesn't support Content Credentials will render them unreadable after that point. This problem won't be as bad if and when support for Content Credentials becomes widespread, since you can just decide not to trust images without them, sort of like not trusting a website without HTTPS. Platforms could even display a warning.
-
-But for now, removing Content Credentials won't be noticed.
-
-### Reliant on Certificate Authorities
-
-The system shares a flaw with HTTPS in that you need to rely on trusted Certificate Authorities to verify the validity of the information, except that Content Credentials are trying to verify a lot more information than just who originally made the image.
-
-Since anyone can add their own Content Credentials to an image, a warning is displayed similar to a certificate warning in your browser that the Content Credentials come from an untrusted entity.
-
-### Complexity
-
-One of the issues I ran into while researching was just how complex the standard is, since it needs to cover so many use cases and situations. This is pure speculation, but I can imagine the sheer complexity makes it unattractive for platforms to implement and maintain, which could be contributing to the very slow and partial rollout we're seeing on the platforms of even founding members of the project like the BBC.
-
-I think this will be less of an issue as it rolls out however, as platforms will likely be able to use each other's implementations, or at least reference them when implementing it on their platform.
-
-The standard is still in early stages and there's plenty of room to shape it and improve it in the future, so make your voice heard about how you want to see it implemented. I think with more awareness about Content Credentials, platforms will feel more pressure to support them, so if you want to see this feature on your favorite platform, speak up and gather support.
diff --git a/blog/posts/importance-of-privacy-for-the-queer-community.md b/blog/posts/importance-of-privacy-for-the-queer-community.md
deleted file mode 100644
index 5b7850ae..00000000
--- a/blog/posts/importance-of-privacy-for-the-queer-community.md
+++ /dev/null
@@ -1,353 +0,0 @@
----
-date:
- created: 2025-06-03T17:00:00Z
-categories:
- - News
-tags:
- - Pride Month
-authors:
- - em
-description: Data privacy is important for everyone. But for some marginalized populations, data privacy is indispensable for social connection, access to information, and physical safety. For Pride month this year, we will discuss topics at the intersection of data privacy and experiences specific to the LGBTQ+ community.
-schema_type: AnalysisNewsArticle
-preview:
- cover: blog/assets/images/importance-of-privacy-for-the-queer-community/pride-cover.webp
----
-# The Importance of Data Privacy For The Queer Community
-
-
-
-Illustration: Em / Privacy Guides | Photo: Chris Robert / Unsplash
-
-Data privacy is important for everyone. But for some marginalized populations, data privacy is indispensable for social connection, access to information, and physical safety. For [Pride month](../tags.md#tag:pride-month) this year, we will discuss topics at the intersection of data privacy and experiences specific to the LGBTQ+ community.
-
-While it's difficult to get a complete estimate on this, due to fear of discrimination and other factors, a 2021 [survey](https://www.ipsos.com/sites/default/files/ct/news/documents/2021-06/LGBT%20Pride%202021%20Global%20Survey%20Report_3.pdf) conducted by Ipsos in 27 countries revealed that only 80% of the population surveyed identified as heterosexual. Additionally, about 1% of adults identified as a gender different from the one they were assigned at birth. This percentage is even higher for Gen Z and Millennials.
-
-In the United States alone, it's [estimated](https://www.lgbttech.org/_files/ugd/d77b01_0e1e02c938e94ae3aad4ce21312bdde4.pdf) there are 20 million adults who are part of the LGBTQ+ community. That's a lot of people!
-
-Despite the progress of the past decades, the queer population still faces many challenges to being free and safe from discrimination.
-
-Discrimination online, at work, at school, at the national or even the familial level, can put LGBTQ+ individuals in dangerous situations, where data privacy may be the only shield available for protection.
-
-In this context, it's essential for the queer community to be well-informed on the tools and practices that can help mitigate the risks, so that information, services, and support can still be accessed safely.
-
-## Higher risk when data gets exposed
-
-Unfortunately, LGBTQ+ people are still at a higher risk when their personal data gets exposed.
-
-First, for people living in environments hostile to their sexual orientation or gender identity, keeping personal information private can literally mean life or death. Tragically, even today many countries still criminalize homosexuality and gender identities different from cisgender. When this personal information gets exposed, people might lose support from their family, lose their job, get arrested, or even be [executed](https://en.wikipedia.org/wiki/Capital_punishment_for_homosexuality) in some countries.
-
-People in these very vulnerable situations have to be *extremely* careful about protecting their data in order to stay safe, online and offline.
-
-Moreover, organizations collecting data that could put anyone at risk of getting accidentally or maliciously outed should feel a *strong responsibility* to protect this data fiercely, and be held legally accountable when they fail.
-
-### Being outed against one's will
-
-For a queer person, deciding when, how, and to whom to reveal their sexuality or gender identity is a very important and intimate moment. It *must* be a personal choice, and only on the person's own terms.
-
-Even in countries where queer identities and sexualities are legal and accepted, [being outed against one's will can have devastating consequences](https://www.pridecorner.org/post/how-to-support-someone-who-has-been-outed-against-their-will).
-
-If someone lives with family members who do not accept who they are, getting outed against their will could mean losing their home and familial support. In other situations, perhaps their family is supportive, but their employer isn't, or maybe some of their friends or co-workers are hostile. They might want to keep this information from them in order to avoid conflicts at work, or avoid losing friendships. Further, there is of course the risk for discrimination, online harassment, and worse.
-
-No matter the situation, coming out as queer should always be an individual and intentional choice.
-
-It is an act of violence to out someone against their consent, even when performed by the intermediary of an algorithm or a neglectful data leak.
-
-Each time there is a data breach that includes information about gender identity, sexuality, browsing history, location history, installed applications, or legal names, this data leak risks outing people against their will.
-
-For all these reasons, it is vital that information be safeguarded so that a queer person is empowered to choose when, how, and to whom to come out on their own terms.
-
-In today's political climate, this is unfortunately even truer for trans people, who are at a greater risk of getting outed against their will when data about their gender, sex, or legal name leaks. Sadly, there are still too many online forms and software that needlessly collect gender data when it's completely unnecessary. Similarly, requiring full *legal* name is completely irrelevant in many situations where it is currently asked.
-
-Developers must take responsibility and design software and forms considering these risks. As data scientist and civic technologist Soren Spicknall explains brilliantly, gender data [should never be collected](https://medium.com/@SorenSpicknall/protecting-queer-communities-through-data-4707ae0cb562) unless *absolutely* necessary and *absolutely* protected, which in most instances it really isn't:
-
-> "Is the danger to your LGBT+ users worth the ability to roughly guess whether somebody is buying a purse for themselves or as a gift, or to assume you know what kind of movie they want to watch?"
-
-Algorithms shouldn't be able to target sexuality and gender identity as markers for advertising purposes. Unfortunately, there have already been reported incidents where [people were outed against their will by Facebook](https://www.dailydot.com/irl/facebook-ads-lgbtq/) spitting around rainbow ads everywhere, because of Facebook secretly tying someone's browsing activity back to their profile.
-
-Facebook (and most other commercial platforms) uses cookies and other tracking technologies to follow users online and [build an advertising profile](https://www.makeuseof.com/tag/facebook-tracking-stop/) based on their online activity, even outside of Facebook. Then, it shows ads on Facebook related to that activity, no matter if this information was shared or not on the platform.
-
-This kind of non-consensual outing can have devastating consequences, and should be forbidden by law. Everyone should be able to come out when and how they see fit, and not be aggressively outed by some Facebook or Google ad algorithm, or by some negligent data leak.
-
-### Online harassment and extortion
-
-The risk of having data about one's sexuality or gender identity revealed against one's will can be very dangerous for some people.
-
-With online harassment on the rise, this intimate information can be weaponized by bigots and extortionists to cause severe harm. Unfortunately, this isn't a rare occurrence, even in countries where the LGBTQ+ community is well accepted. Regrettably, some platforms have even started to [roll back previous protections against hate speech](https://apnews.com/article/social-media-lgbtq-tiktok-x-facebook-instagram-glaad-f790bda1bc3f169ef28ca3f441ea8447) and harassment. This will have a severely detrimental impact on the safety of the queer community online.
-
-This year, the LGBTQ advocacy organization GLAAD produced a [Social Media Safety Index](https://glaad.org/smsi/2025/platform-scorecard/) rating six major platforms: TikTok, Facebook, Instagram, YouTube, Threads, and X. X (formerly Twitter) received the worst safety score of them all.
-
-### Seeking health information
-
-People questioning their gender identity or sexuality might seek information online about the health procedures or treatments they need.
-
-This sensitive search history can reveal a lot of personal details that should never be exposed against one's will. Sadly, browsing the internet without any tracking is a task that becomes harder every year, and many people aren't aware of the protections they can use against this tracking.
-
-People can suffer from severe harm when sensitive data related to their gender-affirming care or sexual health is exposed, ranging from non-consensual outing to imprisonment. Discrimination related to this type of health information is still rampant in every country in the world.
-
-### Seeking community online
-
-Seeking the support of online communities is common for queer people who can more easily feel isolated. This is especially true for youth living in hostile or rural environments, where smaller population density often means less supportive local resources and venues.
-
-For people in these situations, finding community online can be essential to survival.
-
-Despite all its flaws, the internet still offers a wonderful way to connect with others regardless of physical distances, and this is doubly true for the queer community.
-
-The need for social connection and support from peers is a fundamental human need. No matter how dangerous this can be, not sharing information online is simply not a viable option for many queer people.
-
-## Privacy-invasive practices that are exponentially worse for queer people
-
-### Real-name policies
-
-Many privacy-invasive practices and policies are significantly more dangerous for LGBTQ+ people. For example, [the "real-name" policies](https://en.wikipedia.org/wiki/Real-name_system) on Facebook and other platforms are absolutely horrendous for transgender people.
-
-If a trans person uses an older account, or has not changed their name on official documentation, a real-name policy could either out them against their will, force them to keep their [deadname](https://en.wikipedia.org/wiki/Deadnaming) online, or even lock them out of their account if official ID is requested for account recovery and doesn't match the name they used for the account.
-
-For many people around the world, the use of pseudonyms or chosen names online means safety, and this is even truer for trans people and other queer people.
-
-### Single-account policies
-
-Thankfully, most platforms aren't using such policies yet. But unfortunately, it does seem there could be a push to implement single-account policies in the near future.
-
-With the multiplication of age verification laws and the proliferation of unregulated AI systems, there has been some talk of using unique identifiers to prevent the creation of multiple accounts. This is **a horrible idea for everyone**, and should never be allowed, but it's even worse for LGBTQ+ people.
-
-Creating multiple accounts for different purposes, for example to separate work life from personal life, is a great privacy practice for anyone.
-
-Multiple accounts on a same platform, or "alt accounts", are regularly used by queer people in order to be their full selves online, when they aren't fully out in their public or personal life, or just because they prefer to keep their queer identity and activities separated.
-
-Sadly, if single-account policies begin to be implemented on platforms, this great privacy protection could soon disappear.
-
-### Facial recognition
-
-Facial recognition is an especially problematic technology for transgender people. Many times, these algorithms will not only create a faceprint from the data, but will also try to infer gender from it.
-
-These systems are deeply flawed and have discrimination biases built-in. They can't even reliably identify the correct gender of cisgender people. Because of the way these algorithms were developed, the use of this technology is [worse for transgender people](https://www.theswaddle.com/how-facial-recognition-ai-reinforces-discrimination-against-trans-people), and [exponentially worse](https://sciencepolicy.hsites.harvard.edu/blog/racial-discrimination-face-recognition-technology) for transgender people of color.
-
-Tragically, privacy legislation is lagging behind at protecting us by regulating this biased, invasive, and inaccurate technology that is spreading faster and further every year.
-
-### Public photos during events
-
-These days, it's pretty much impossible to attend many events without having our photo intrusively taken by a stranger and posted on Instagram without our consent.
-
-This is a generally bad behavior that we should all work on improving culturally. Posting photos of strangers online without their consent can be much more harmful for queer people.
-
-For example, taking photos at a Pride event and posting it online can out people against their will. While it's perhaps fair to assume most people *performing* in a Pride parade or on a stage might implicitly be comfortable with it, this isn't necessarily the case for people in the *audience*.
-
-This non-consensual practice, coupled with the corporate social media tendency to use facial recognition to tag everyone's faces, can cause harm in all sorts of ways.
-
-We should all [develop more respectful practices](the-privacy-of-others.md) when taking photos at events, and be mindful not to post anything online which could identify anyone in the audience who did not give their explicit consent.
-
-### Background checks and algorithmic biases
-
-Even for people who are publicly out and live in regions that are supportive, discrimination and biases are still there. Despite new legislations and a more progressive culture, data remnants of previous oppressive times can still have a severe negative impact on someone's life. Too few efforts are made by institutions to correct records properly after legislation has passed.
-
-This is especially problematic with opaque systems where embedded discrimination might not be obvious. Algorithmic decision-making is a growing danger for this, considering there is often no way to trace back the reasons a decision was made, and no accountability for whomever fed biased data to the black-box algorithm, whether negligently or maliciously.
-
-There are also older systems of decision-making, such as background checks. Last year, a 78-year-old woman from West Sussex [learned](https://www.bbc.co.uk/news/articles/c3v5pwnpnvko) that she had a criminal record for 56 years for being a lesbian in the military (at a time when it was illegal). Completely unaware of this outdated data trail, this woman spent her whole life with this discriminatory tag attached to her records. This likely cost her countless opportunities throughout the decades, without her ever knowing the cause.
-
-Unfortunately, this kind of incident is likely to multiply by millions with the increased use of algorithmic decision-making using closed systems, often impossible to audit.
-
-### Dating apps data
-
-Last but not least, data collected by dating apps is an especially sensitive issue for the queer population.
-
-Regrettably, there have already been numerous data breaches showing this risk is very real. Intimate photos have been leaked, location data has been leaked, health data has been leaked, and even private messages have been [leaked](https://www.pride.com/think-your-privacy-is-safe-on-the-gay-dating-apps-this-data-leak-could-change-your-mind).
-
-The harm caused by these leaks and breaches have consequences ranging from accidental outing, to loss of employment, extortion by criminals, imprisonment, and even *death*.
-
-In countries where homosexuality is criminalized, cruel state authorities and homophobic bigots are [weaponizing dating apps to entrap](https://www.article19.org/resources/apps-traps-dating-apps-must-protect-communities-middle-east-north-africa/) LGBTQ+ people to attack or arrest them. Weighing the need for support, love, and affection, with the very real risk of physical aggression is a dreadful challenge many queer people face.
-
-## Things to keep in mind to stay safe
-
-Despite the increased risks the queer community is exposed to, staying offline and disconnected from the world isn't a viable option.
-
-Indeed, disconnection and isolation can be a *worse* risk for many LGBTQ+ people, especially younger people. Tragically, queer youth are more than four times as likely to attempt suicide. Disconnecting from the internet communities that accept them isn't an option, and would pose dangers of its own.
-
-Thankfully, there are many tools and practices that can be adopted to improve privacy online, and reduce the risk of sensitive data getting exposed. Here are a few ideas that might help yourself or your loved ones to stay safer online:
-
-### Using better social media
-
-Social media usage leaves *a lot* of digital footprints online, and some platforms are worse than others for this. Staying mindful about which platform to choose, and how to use it, can greatly improve one's experience and security.
-
-Favoring alternative social media platforms that do not have a commercial incentive to monetize data can really help.
-
-For example, platforms that are developed and managed by a community of volunteers, rather than a for-profit corporation, tend to keep their users' benefits and safety in mind much more.
-
-If you are ready to make a change, [Mastodon](https://joinmastodon.org/) is a non-profit platform that [we recommend](https://www.privacyguides.org/en/social-networks/#mastodon).
-
-Mastodon is a social media platform that somewhat resembles Twitter prior to its rebranding. It is composed of multiple servers you can choose from, which makes it easier to move your account if you aren't satisfied with the moderation on one particular server.
-
-To get started, you can choose the server administrated by the team who develops the Mastodon software ([mastodon.social](https://mastodon.social/about)), or you can choose a smaller server run by volunteers (you can also self-host, but that's a longer story).
-
-Don't let this choice intimidate you too much though, these servers connect with each other, and you can always move later on. Just pick one you like. Some servers will have a focus on a region, a topic, a hobby, and there are even servers focused on LGBTQ+ communities, such as [tech.lgbt](https://tech.lgbt/about), [lgbtqia.space](https://lgbtqia.space/about), and [more](https://joinmastodon.org/servers).
-
-All the servers listed on the Mastodon website have [committed](https://joinmastodon.org/covenant) to hold active moderation against racism, sexism, homophobia, and transphobia.
-
-Additionally, Mastodon connects with other social media platforms that are also part of the larger [Fediverse](https://fediverse.info/) network.
-
-If you prefer something similar to Instagram, you can replace it with [Pixelfed](https://pixelfed.org/). For something similar to Facebook, look for [Friendica](https://friendi.ca/). For something more like TikTok, try [Loops](https://loops.video/). For a replacement to YouTube, check videos on [PeerTube](https://joinpeertube.org/), and [more](https://fediverse.info/explore/projects)!
-
-These alternative platforms often benefit from stronger moderation and better respect for their users' data. Because they aren't for-profit corporations, they have no interest in collecting your data, tracking you, or imposing invasive "real-name" policies. Additionally, they run **no ads**!
-
-#### Secure any social media you use
-
-No matter what social media platform(s) you choose to use, the first step should always be to make sure you go through all the settings to secure your account ([enable multifactor authentication](https://www.privacyguides.org/en/basics/multi-factor-authentication/)!), and adjust the available privacy options to your needs and preferences (consider [locking](https://www.privacyguides.org/en/social-networks/#public-profile) your account if you wish to restrict visibility to your followers).
-
-This is true for Mastodon as well, but you should make adjusting all the privacy and security options an *absolute priority* for *any* corporate social media, especially [if you stay on Facebook](https://www.digitaltrends.com/social-media/how-to-opt-out-of-targeted-ads-on-facebook/).
-
-Additionally, keep in mind that many platforms, including X, Facebook, and Reddit, will now use all your posted content to train their AI systems, making this information and embedded biases likely impossible to delete in the future.
-
-Developing an awareness of what data is shared, who can access it, how it is secured, and how it is used is very important for staying safe online.
-
-### Securing data when communicating
-
-Outside of social media platforms, many tools are available to help you secure your intimate and private communications.
-
-While chatting on dating apps may be the first step to meeting new people, moving early to end-to-end encrypted channels is likely a good idea for data security and privacy.
-
-That being said, also take into account that because your communications there will be fully end-to-end encrypted (only visible by its intended sender and recipient), there will be no moderation with it. Make sure you trust a person enough before moving the discussion to an end-to-end encrypted, more personal channel.
-
-#### Instant messaging communication
-
-[Signal](https://www.privacyguides.org/en/real-time-communication/#signal) is a wonderful end-to-end encrypted and free-to-use instant messaging app. Signal will collect your phone number to create the account, but nothing else.
-
-When using Signal, you should [enable the username feature](https://support.signal.org/hc/en-us/articles/6712070553754-Phone-Number-Privacy-and-Usernames). That way, you can (and should) share your *username* only, instead of sharing your phone number to connect with others.
-
-Additionally, you should [enable the disappearing messages](https://support.signal.org/hc/en-us/articles/360007320771-Set-and-manage-disappearing-messages) feature from Signal, to help clean up the data you no longer need as time goes, and reduce the risk of leaks.
-
-
-
Only send sensitive information to people you genuinely trust!
-
-Keep in mind that even when using end-to-end encrypted apps and a disappearing message features, this will not prevent a malicious person from downloading this data on their device or taking a screenshot of it.
-
-Be especially careful when sending very sensitive information, such as intimate photos for example. No matter how secure the application is, you should only send sensitive information and pictures to people you know and sincerely trust.
-
-
-
-#### Email communication
-
-For email communication, migrating to an end-to-end encrypted alternative can make a big difference for your privacy.
-
-For example, services like Gmail (Google) and Hotmail (Microsoft) could access the content of all your communications, and often use this information in various ways to build advertising profiles. Because email content isn't end-to-end encrypted, this data could get requested by authorities as well, and handed to them in plain text (unencrypted).
-
-For secure and more private end-to-end encrypted email services, we recommend [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) or [Tuta](https://www.privacyguides.org/en/email/#tuta). These services will not make you anonymous when you email someone (email address, IP address, and subject line, could still identify you), but the content of your communication will be encrypted end-to-end (if used with a compatible service), and only visible to its intended recipient(s).
-
-
-
Encrypted email service limitations
-
-Stay aware that if you email someone who is not using the same end-to-end encrypted email service as you, and you aren't using any additional measures to encrypt the message, this email will likely be accessible to the service you sent it to.
-
-For example, if you send an email from a Proton Mail address, to someone using a Gmail address, without asking the recipient to use your encryption key or use any additional services, then the email you sent will be stored on Google's servers, and could get accessed by Google.
-
-If you send a Proton Mail email to another Proton Mail user, the *content* of the message will be fully end-to-end encrypted and Proton could not access it.
-
-The same is true for any other email providers. Make sure to verify compatibility fully before sending any sensitive information that way.
-
-
-
-### Securing data when traveling
-
-When traveling, keep in mind that different countries or regions might have different laws related to LGBTQ+ people.
-
-Your marriage might not be recognized in the location you are visiting. Your new legal name might also not get the same recognition, sadly. The first step to take when planning a trip should always be to gather information on the legal and cultural differences between your own region and the one you are visiting.
-
-If you are visiting a country hostile to your sexuality or gender identity, make sure to take the proper precautions to secure your data *before* you cross the border.
-
-This could mean leaving your phone at home and only bringing a burner phone with you. It could also mean bringing additional (or different) types of official ID that are less likely to get you in trouble, and more likely to get accepted by the authorities of your visiting country.
-
-Be extremely careful when connecting to Wi-Fi services from a foreign country. If you were to connect to a service or website that is illegal there, and could accidentally out yourself as queer, you could get in trouble with few recourses. Using a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) can help mitigate some of this risk.
-
-### Securing data when protesting
-
-For this month of Pride, you might feel the need to join a protest more than a parade.
-
-If you decide to join the action, make sure to secure your data properly to stay safe. Prepare your devices adequately to be ready and resist surveillance targeted at protesters. Consult our [Protesters' Guide to Smartphone Security](activists-guide-securing-your-smartphone.md), and make sure you understand well the level of risk of this particular protest. **Different protests in different regions require different levels of data protection.**
-
-If you are organizing actions, try to stay away from corporate platforms who will willingly and quickly share your data with authorities (even private messages). If you must use corporate platforms, then make sure to limit the personal data you share there, and ensure attendees have alternative ways to contact you that do not require them to create an account, to register, or to use their legal name.
-
-Having an independent website, or using a Fediverse-connected platform that will be accessible to everyone even without an account, are better ways to organize.
-
-For example, if you create a Mastodon account for your organization, people will not need to create a Mastodon account to read your posts and event announcements. All your posts will be accessible just like any independent website would be (if you leave your posts' visibility public).
-
-Setting up an end-to-end encrypted email address and using an [alias email address](https://www.privacyguides.org/en/email-aliasing/) are also good ways to stay accessible without requiring attendees to use a Facebook account.
-
-Additionally, there are federated platforms, such as [Mobilizon](https://mobilizon.org/), that can be a great non-commercial way to organize in a safer and more accessible space.
-
-Data shared on federated platforms isn't necessarily end-to-end encrypted, and could also get shared with authorities if requested. But by using non-commercial platforms, this data will not be compiled and attached to an account the same way this would happen on a for-profit corporate platform such as Facebook. Using alternative not-for-profit platforms isn't perfect nor anonymous, but it's still a great improvement from the corporate default.
-
-### Protections for extreme situations
-
-Finally, if you are living in an extreme situation where being yourself is dangerous to your physical safety, caution must be a priority.
-
-There isn't a single solution that can protect all your data at once, and anyone telling you there is one is lying to sell you something. Remain skeptical of such claims.
-
-However, there are a *multitude* of practices and tools that can help *reduce* your data trails, and improve your privacy greatly. The tools and practices you need to adopt will depend on the [threat model](https://www.privacyguides.org/en/basics/threat-modeling/) specific to your situation.
-
-Take the time to evaluate well which data could put you in danger, and focus on protecting this first.
-
-If you are in a situation where someone hostile to you has access to your device, for example because you are living with an unsupportive family and need to browse the internet on a family device, Tails may be a tool that can help you. If you can use this computer unobserved, by [using the live system Tails](installing-and-using-tails.md) installed on a USB stick, you can keep your browsing activity hidden from this device. Your Internet Service Provider (ISP) could still know you have been visiting a special network, however. Make sure to read our tutorial thoroughly if you decide to use Tails.
-
-If the information stored on your computer isn't a risk to you, but visiting LGBTQ+ websites from your country could be dangerous, perhaps [using Tor](in-praise-of-tor.md) with a Bridge or through a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) could be another solution to allow you to access this information in a safer way.
-
-It's impossible to cover every specific situation, but know that there are [many solutions](https://www.privacyguides.org/en/tools/) to reduce the risks greatly, and improve data protection to allow you to **stay connected, stay yourself, and stay safe** 💛
-
-
-
Caution: This isn't an exhaustive list!
-
-This is only a short introduction to some practices and tools that *can* improve your privacy online. Not one solution will be enough to be anonymous online.
-
-It's important to stay aware of what data will still be shared and which will be better protected, but nothing will make you 100% anonymous.
-
-For more information on how to improve further your data protection online, you can consult our various guides. If you are just starting in your privacy-improving journey, be patient. Adopt one small improvement at the time, then add another one. Each additional step you take will slowly but surely reduce your data trails, and improve your privacy overtime.
-
-
-
-## Improving data privacy is vital for everyone, but critical for the queer community
-
-Every situation is different and requires different protections. While data privacy is important for everyone, it's also essential to acknowledge that marginalized populations are often at a heightened risk when their data gets exposed.
-
-Protection *cannot* be only an individual responsibility. **Protecting vulnerable and marginalized populations is a societal responsibility that concerns everyone.**
-
-We *all* have a **duty of care** to protect the data of others. Whether it's from the photos we take at public events, or the discussions we have about others on Facebook or X-Twitter's direct messages, *everyone* must improve their practices on this.
-
-Moreover, anyone in a position to improve how data is collected from users *must* be held accountable, and must feel morally liable on the decisions taken that could endanger anyone, but especially marginalized groups like the queer community.
-
-In an ideal world, laws and cultures would protect everyone and particularly the most vulnerable *by default*.
-
-But until we get there, we have to empowered ourselves to bring change and stop predatory data collection, prevent negligent data security, and educate everyone on the tools we can use to help ourselves and the most vulnerable to stay safe.
-
-## Additional resources
-
-### Helplines
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): A confidential emotional, mental health support helpline for people who identify as Trans, Agender, Gender Fluid or Non-Binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support over the phone.
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 phone number 988.
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### Supportive organizations
-
-- [Egale (Canada, International)](https://egale.ca/asylum/): Resources for LGBTQ+ asylum and immigration requests from outside and inside Canada.
-
-- [SOS Homophobie (France)](https://www.sos-homophobie.org/international-content): Non-profit, volunteer-run organization committed to combatting hate-motivated violence and discrimination against LGBTI people.
-
-- [The Trevor Project (US)](https://www.thetrevorproject.org/): Suicide prevention and crisis intervention non-profit organization for LGBTQ+ young people.
-
-- [Trans Rescue (International)](https://transrescue.org/): Organization assisting trans and queer individuals in relocating from dangerous areas to safer places.
-
-- [Twenty10 (Australia)](https://twenty10.org.au/): Sydney-based organization providing a broad range of free support programs to the LGBTIQA+ community.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.
-
-
-
Stay aware of your data trail
-
-If the traces of this article in your browsing history could put you at risk, visit [our guide](clearing-browsing-data.md) to properly delete this data from your device.
-
-
diff --git a/blog/posts/in-praise-of-tor.md b/blog/posts/in-praise-of-tor.md
deleted file mode 100644
index b7a47078..00000000
--- a/blog/posts/in-praise-of-tor.md
+++ /dev/null
@@ -1,420 +0,0 @@
----
-date:
- created: 2025-04-30T20:30:00Z
- updated: 2025-05-06T18:00:00Z
-categories:
- - Explainers
-tags:
- - Tor
-authors:
- - em
-description: You might have heard of Tor in the news a few times, yet never dared to try it yourself. Despite being around for decades, Tor is still a tool too few people know about. Today, Tor is easy to use for anyone. It not only helps journalists and activists, but anybody who seeks greater privacy online or access to information regardless of location. But what is Tor exactly? How can Tor help you? And why is it such an important tool?
-schema_type: OpinionNewsArticle
-preview:
- cover: blog/assets/images/in-praise-of-tor/tor-cover.webp
----
-
-# In Praise of Tor: Why You Should Support and Use Tor
-
-
-
-Illustration: Em / Privacy Guides | Logo and icons: The Tor Project
-
-You might have heard of Tor in the news a few times, yet never dared to try it yourself. Despite being around for decades, Tor is still a tool too few people know about.
-
-Today, Tor is easy to use for anyone. It helps not only journalists and activists, but anybody who seeks greater privacy online or access to information regardless of location. But what is Tor exactly? How can Tor help you? And why is it such an important tool?
-
-## :simple-torbrowser: What is Tor
-
-Tor is an overlay network that was specifically designed to protect the privacy of its users. The Tor Network uses multiple layers of encryption and relays in order to protect a person's location and other potential identifiers, such as an IP address.
-
-Its name comes from the acronym for **The Onion Router**, a [routing system](https://en.wikipedia.org/wiki/Onion_routing) using multiple layers that can get peeled off at each step, like an onion 🧅
-
-This special network can be easily accessed by anyone, for free, through the Tor Browser. The Tor Browser is as easy to use as any other browser you are familiar with already.
-
-Both the tools for the Tor Network and the Tor Browser are maintained by a nonprofit organization called the Tor Project.
-
-### The Tor Network
-
-The [Tor Network](https://en.wikipedia.org/wiki/Tor_(network)) was deployed in 2002, although its core principle was developed in the mid 1990s. It was first created at the United States Naval Research Laboratory in order to protect intelligence communication online.
-
-In 2004, the laboratory released the project's code under a free and open source license, and the Electronic Frontier Foundation (EFF) began funding its development. A few years later, the onion routing project officially became the Tor Project.
-
-Today, Tor is one of the [largest](https://metrics.torproject.org/) anonymity networks, with thousands of relays and millions of users worldwide.
-
-#### How does it work
-
-The Tor Network is run by a community of volunteers who operate the relays required for the network to function.
-
-Each time someone uses the Tor Network, the communication passes through at least 3 relays: A Guard Relay, a Middle Relay, and an Exit Relay. Each relay has a different function to protect the communication.
-
-**The Guard Relay** knows where the communication is from (IP address), but doesn't know where it's going (which website is visited, for example). This relay only knows that you want to access the Tor Network. Its task is to send your encrypted communication to a Middle Relay, but it cannot read it.
-
-**The Middle Relay** doesn't really know anything. It doesn't know who you are nor where you are going. It only knows a Guard Relay wants to send encrypted data to an Exit Relay. The Middle Relay transfers this communication from one relay to another, and it cannot read it either.
-
-**The Exit Relay** has no idea who you are. It only knows someone, somewhere, wants to access this website (or other content). The Exit Relay will get the information from the website, then send it back to the Middle Relay, so that you can receive it from the Guard Relay. If you only visit pages using HTTPS, the Exit Relay can know someone is visiting this website, but cannot know what they are doing on it. Visiting *non-onion* websites using HTTPS instead of just HTTP is **[very important](https://support.torproject.org/https/https-1/)** for security and privacy.
-
-
-
Onion service websites
-
-Onion service websites are special websites that can only be accessed using the Tor Network.
-
-They are easy to recognize because they use the .onion domain at the end, and are often composed of a long string of seemingly random characters. Onion websites offer protections equivalent to HTTPS.
-
-You can see this represented by the [onion padlock icon](https://support.torproject.org/onionservices/onionservices-5/) in the Tor Browser.
-
-
-
-#### How Tor works using a letter and envelopes analogy
-
-Tor works a bit as if you put a letter (request) into an envelope with someone's address. Then, you put this envelope in another envelope addressed to someone else, with instructions. Finally, you put this second envelope in yet another one.
-
-Each envelope protects the content of the other, and can only be opened one at the time by each recipient. In this analogy, each recipient (relay) has a key that can only open the envelope addressed to them, and not the others.
-
-
-Illustration: Em / Privacy Guides
-
-#### What is a Tor Circuit
-
-The network of randomly selected relays to complete a request on the Tor Network is called a Tor Circuit. This circuit changes each time a new connection is established.
-
-From the Tor Browser, you can see each relay that was selected for a circuit, and even change it manually. To generate a new circuit, click on the "Tor Circuit" button on the upper-left of the browser, then on "New Tor circuit for this site" at the bottom.
-
-
-
-### The Tor Browser
-
-The [Tor Browser](https://www.torproject.org/download/) was created in 2008 to facilitate access to the Tor Network. It is a modified version of Mozilla's Firefox browser, and can be installed on Linux, macOS, Windows, and Android systems.
-
-The Tor Browser start configuration is private by default. No additional extensions are required to make it more secure or more private. Actually, it's even discouraged to install any additional extensions, as this would weaken its [fingerprinting resistance](https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/).
-
-
-
Highest security settings
-
-Even if the Tor Browser is configured to be private by default, if you are in an especially sensitive situation, for example if you are using Tor as a whistleblower or a dissident activist, you might want to adjust the Tor Browser security level to "Safest".
-
-For this, click on the shield icon on the upper-right, then on the "Settings" button in blue, and select "Safest" instead of the default "Standard".
-
-**Important:** Each time you change the security level, you **must** make sure to restart the browser to ensure all changes have taken effect. Otherwise, [some changes](tor-security-slider-flaw.md) might not have been applied yet.
-
-
-
-
-
-The default search engine is the privacy-focused [DuckDuckGo](https://www.privacyguides.org/en/search-engines/#duckduckgo). You will not even find Google in the options for the default search engine. More browsers should follow this good practice.
-
-The first page opening with the Tor Browser will give the option to Connect to Tor. From there, you can click on "Connect" to start browsing through Tor, or on "Configure Connection" if you need additional settings. For example, if you need to set up a [Bridge](https://bridges.torproject.org/) because Tor is blocked from your country.
-
-
-
Only connect to Tor if it is safe for you
-
-Be careful when using Tor from a country where Tor might be blocked or perceived as suspicious. Similarly, be careful if you connect from a location where revealing you have been using Tor [could](#depending-on-where-you-are-using-tor-is-likely-safe) be dangerous to you.
-
-
-
-
-
-Once connected to the Tor Network, you will be directed to the DuckDuckGo welcome page, and you can search or type any URLs in the address bar, like you would with any other browser.
-
-If you know an organization has an onion site (a website that is only accessible through Tor), you can type this onion address directly in the address bar.
-
-If you don't know if an organization has an onion site, you might find it from its regular URL. For example, if you visit privacyguides.org from the Tor Browser, you will notice a purple button on the right informing you that an onion version of this website is available, click on it to get redirected to it.
-
-
-
-
-
Mullvad Browser and the Tor Project
-
-If you are familiar with the Mullvad Browser, know that the Mullvad Browser was developed by the Tor Project team!
-
-The Mullvad Browser was born of a [collaboration](https://blog.torproject.org/releasing-mullvad-browser/) between Mullvad VPN and the Tor Project, to build a browser that offers similar privacy features to the Tor Browser, but while using it through a VPN instead of through the Tor Network (both offering different benefits).
-
-The Mullvad Browser can also be used without a VPN, and will still provide better privacy protections than most other browsers. It cannot be used to access the Tor Network, however.
-
-
-
-### The Tor Project
-
-The [Tor Project](https://www.torproject.org/) is the US-based nonprofit organization maintaining the software and community for the Tor Network, and developing and maintaining the Tor Browser. It's also a privacy advocacy organization, with a mission to advance human rights and freedoms around the world through the free technology it creates.
-
-The nonprofit was founded in 2006 and gets its funding from [various sources](https://www.torproject.org/about/supporters/) including government grants, independent contributors, and individual [donations](https://donate.torproject.org/).
-
-## :octicons-lock-16: What Tor can do
-
-### Improve Privacy
-
-Tor is not magical, but it's by far one of the best privacy tool we have. Using Tor will not make you perfectly anonymous online, but it will greatly reduce the traces your leave online.
-
-Here are a few benefits Tor can provide for your privacy:
-
-- Tor can prevent the websites you are visiting from collecting your IP address (and your IP address can indeed lead to identifying *you*).
-
-- Tor can prevent your Internet Service Provider (ISP), Virtual Private Network (VPN) provider, or authorities requesting information from them to collect a list of the websites you have visited. They will know however that you have been using Tor.
-
-- The Tor Browser isolates each website you visit. This prevents ads and trackers from following you around, potentially popping up later in your [Facebook ads and accidentally outing you](https://www.intomore.com/culture/you/facebook-ads-outed-me/).
-
-- The Tor Browser is fingerprinting resistant. This reduces the ways you can be tracked and identified online, even without your IP address.
-
-- When keeping the default settings, the Tor Browser only uses private windows and will not keep any traces of your browsing history. It will also delete all cookies and site data when closing.
-
-### Circumvent censorship
-
-Because of how the Tor Network redirects traffic, it's a perfect tool to resist censorship. Using Tor can give access to websites or services that aren't accessible from a country blocking them.
-
-Even from a region where Tor itself is actively blocked, the network can still be accessed using [pluggable transports](https://tb-manual.torproject.org/circumvention/).
-
-Using this type of measures to circumvent government censorship will make Tor accessible even from countries with heavily censored internet, such as [China](https://support.torproject.org/censorship/connecting-from-china/), [Russia](https://blog.torproject.org/call-for-webtunnel-bridges/), [Iran](https://forum.torproject.org/t/iran-circumventing-censorship-with-tor/4590), and many others.
-
-
-
If you can't download the Tor Browser from your country
-
-If you cannot download the Tor Browser because of your country's censorship, and **if it is safe for you to do**, you can try downloading the browser from a proxy website such as the [EFF website](https://tor.eff.org/), the [Calyx Institute website](https://tor.calyxinstitute.org/).
-
-You can even directly email **** and send the name of your operating system (Linux, macOS, Windows) to get a direct link to download the Tor Browser.
-
-
-
-If you want to help people around the world access the internet freely, you can volunteer to run a [Tor Snowflake](https://snowflake.torproject.org/) proxy. For more tech-savvy volunteers, you can also help by running a [Tor Bridge](https://community.torproject.org/relay/setup/bridge/), or even a [WebTunnel Bridge](https://community.torproject.org/relay/setup/webtunnel/).
-
-## :octicons-heart-16: Why Tor is so important
-
-### Tor is vital for human rights and democracy
-
-Tor is an essential tool for journalists, activists, whistleblowers, dissidents, and people in vulnerable situations everywhere. It is one of the best tool we have to increase privacy online, and to resist censorship from oppressive regimes.
-
-Thanks to Tor, activists have a safe way to continue fighting for human rights.
-
-Some of the most respected human rights organizations use Tor to offer safe access to their services and information. This includes organizations such as [Amnesty International](https://www.amnesty.org/en/latest/news/2023/12/global-amnesty-international-website-launches-on-tor-network-to-help-universal-access/), [Electronic Frontier Foundation](https://www.eff.org/deeplinks/2023/04/eff-now-has-tor-onions), Freedom of The Press Foundation, and of course the Tor Project.
-
-Without Tor, journalists would lose invaluable sources of information provided by courageous whistleblowers reporting in the public interest.
-
-Without Tor, brave citizens fighting against authoritarian governments would be at much greater risk when organizing and bringing vital information to the public's attention.
-
-Without Tor, victims of domestic violence and LGBTQ+ people living in hostile environments could be in much greater danger when researching life-saving information online.
-
-Without Tor, people living in oppressive regimes would not have access to the crucial information they need to fight for freedom, democracy, and peace.
-
-
-
Add an onion service for your organization's website
-
-If you would like to add this service for your website to help more people access it safely, you can [read more](https://blog.torproject.org/more-onions-porfavor/) about onion services on the Tor Project Blog. As of 2021, you can even [get](https://blog.torproject.org/tls-certificate-for-onion-site/) domain-validated certificates for your onion site using HARICA, an operator founded by a nonprofit civil society from Greece.
-
-
-
-### Tor is for everyone to use
-
-Tor is a tool that can help so many people. But Tor isn't *only* for people in highly sensitive situations like whistleblowers and journalists, Tor is for everyone!
-
-Of course, people in more dangerous situations will *need* Tor to stay safe, but everyone can benefit from Tor's privacy protections in their daily lives. I personally use Tor when I am forced to visit Google Map. Not because it's dangerous to me, but just because I greatly dislike the idea of Google tracking my location activities.
-
-Tor can also help fighting surveillance capitalism!
-
-Moreover, you can considerably help people in dangerous situations by using Tor for trivial reasons like I do.
-
-By using Tor for banal activities, when you aren't in any danger worse than a nasty ad-attack, you help to normalize the use of Tor and add more noise to the traffic. The more people do this, the more using Tor becomes just something people do when they care about privacy online, and nothing more.
-
-### Who uses Tor?
-
-- Anyone who cares about privacy!
-- Journalists who need to conduct research and protect their sources.
-- Whistleblowers using special websites to communication information to newspapers anonymously.
-- Democracy activists fighting against authoritarian governments who require anonymity online to stay safe from persecution.
-- People living under oppressive regimes who need to circumvent their country's censorship to access information freely.
-- Victims of domestic violence who need to research safe shelters and supportive resources without raising suspicion from their aggressor.
-- LGBTQ+ people living in hostile environments who need to access information online and stay connected with their community.
-- Generous people who want to [help and support](https://blog.torproject.org/support-tor-project-share-your-story/) all the above 💜
-
-The Tor community has gathered this [wonderful collection of anonymous user stories](https://community.torproject.org/outreach/stories/) from people describing why they use Tor.
-
-### Tor is critical public infrastructure
-
-To keep Tor strong for everyone, it's essential to support and grow the network of volunteer-operated relays forming the Tor Network.
-
-Thousands of journalists and activists rely on the Tor Network every day to stay safe and to continue their important work.
-
-Furthermore, **countless privacy-oriented projects depend on the Tor Network**.
-
-To name only a few, the messaging applications [Briar](https://briarproject.org/), [Cwtch](https://docs.cwtch.im/), and [SimpleX](https://simplex.chat/) all use Tor to harden some of their privacy-preserving features.
-
-For whistleblowers to stay safe, both [SecureDrop](https://securedrop.org/) and [Hush Line](https://hushline.app/) use the Tor Network. Many [newsrooms around the world](https://securedrop.org/directory/) host onion services to protect sources, such as The Guardian in the UK, CBC in Canada, ProPublica in the US, and many more.
-
-There's also all the applications protecting people with the highest needs such as [Tails](https://tails.net/), [OnionShare](https://onionshare.org/), and [more](https://github.com/Polycarbohydrate/awesome-tor).
-
-**Losing the Tor Network would mean losing all the applications and features relying on it.**
-
-This would be disastrous for the privacy community, journalists, activists, dissidents, victims of domestic violence, LGBTQ+ population, and so many worldwide.
-
-From a human rights perspective, **we simply cannot afford to lose Tor**.
-
-## :octicons-question-16: Things to consider when using Tor
-
-### Tor compared to VPN protections
-
-When using a VPN, your ISP will not know which websites you visit online (or other activities). Your ISP will see that you are connecting to a VPN, but will not know what you do from there. Your VPN however *could* know which websites you visit. Using a VPN is a transfer of trust from your ISP. When using a VPN, you should always trust your VPN provider more than your ISP.
-
-The websites you visit will see the IP address of your VPN provider instead of yours. This can help protect your identity and location, but they will know this connection uses a VPN.
-
-VPNs can offer great benefits for your privacy. However, if your VPN provider was compelled by law to provide the logs of the websites you visited (or will visit), it is *technically* possible to do for them.
-
-When using the Tor Network correctly, no one knows which websites *you visited*, or other services you accessed. Your ISP or VPN provider will only know you have accessed Tor, but will not know which websites you have visited from there. Even if compelled by law, they could only share that you have accessed Tor, at this specific time.
-
-The websites you have visited also won't know who you are (unless you tell them). They will only know someone accessed their websites through Tor, at this specific time.
-
-The relays used for a Tor Circuit cannot alone re-recreate the link between your IP address and the websites you visit either. This offers much stronger protection for your privacy than a VPN does.
-
-### Who knows you are using Tor
-
-When using the Tor Network, your ISP and the Guard Relay will both know you (the IP address you are using) are using Tor.
-
-To prevent this, you [could](https://www.privacyguides.org/en/advanced/tor-overview/#safely-connecting-to-tor) use Tor from a [trustworthy VPN](https://www.privacyguides.org/en/vpn/).
-
-If you do so, your VPN provider will know you are using Tor, but your ISP will not. Your ISP will only see you are accessing your VPN, and the Tor Guard Relay will see your VPN's IP address instead of yours.
-
-### HTTPS for non-onion websites
-
-The Exit Relay from the Tor Circuit will see someone is accessing this website (or other service).
-
-If you were to use Tor to visit a non-onion website that isn't protected with HTTPS, and log in with your credentials, this Exit Relay *could* technically read this information. Using HTTPS with non-onion websites is *very* important when using Tor. Onion sites offer protections that are equivalent to HTTPS.
-
-### Be careful with files when using Tor
-
-While it's safe to visit secured websites through Tor, be careful when downloading files or opening documents.
-
-Depending on what kind of files it is, there are a number of problems that could arise. For example, it's a [bad idea](https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea) to download torrent files over Tor. Additionally, Tor will not protect you from downloading malware or exposing metadata with shared files.
-
-If you need to share files through Tor with a *trusted* contact, [OnionShare](https://www.privacyguides.org/en/file-sharing/#onionshare) is a good option.
-
-## :octicons-stop-16: Addressing misconceptions
-
-There has been misconceptions floating around about Tor. Most of them repeat similar misinformation attributed to many other privacy tools: Why using this if you have nothing to hide? But this argument is incredibly flawed and comes from a naive understanding of privacy rights and needs.
-
-Most people use privacy tools for protection, and everyone needs protection. Moreover, [privacy is a fundamental right](https://www.privacyguides.org/videos/2025/04/17/is-privacy-dead/) intrinsically connected to democracy and civil liberties.
-
-### The dark web, the deep web, and the surface web
-
-Some misconceptions have spread from confusion on what the *deep* web and the *dark* web are. Because yes, Tor is part of the dark web.
-
-While using the term "dark web" might make for great sensationalist news title, the dark web isn't anything to fear.
-
-It's not "dark" as in "dark intent" or the "dark side of the Force". It's really just dark as in "it's so dark on this road, I can't read the addresses around".
-
-This dark web needs special software, configuration, or authorization to access it. For example, **the Tor Browser is the streetlight you need to navigate on the Onion roads**.
-
-If you use Tor to visit the Privacy Guides onion site, you will be using the dark web. It's a website (or website version) that can only be accessed using a specialized tool. That's it!
-
-The dark web is part of the deep web, which is simply all the online information that isn't indexed by any standard web search engines. Aren't you happy your bank account is on the deep web?
-
-
-Illustration: Em / Privacy Guides | Inspired by: [Ranjithsiji](https://commons.wikimedia.org/wiki/File:Iceberg_of_Webs.svg)
-
-### Criminals use envelopes, doors, and clothing too
-
-Some fear that Tor is used by criminals. While that might be true some criminals use Tor, a lot of people who aren't criminals at all also use Tor.
-
-This kind of argument really leads nowhere. Criminals also use Google, Facebook, and Twitter (a lot actually). Criminals use envelopes to hide their ransom letters, closed doors to hide their crimes, and clothing to conceal weapons! Are we going to forbid clothing because some (all?) criminals use clothing to hide their weapons?
-
-**We shouldn't ban clothing, and we shouldn't ban Tor either.** There are other better ways to catch criminals than removing a tool millions use to stay safe online.
-
-### Tor receives government funding
-
-Yes, Tor does receive government funding, and that's a good thing. A lot of nonprofit organizations receive government funding as a stable ([usually](https://www.privacyguides.org/articles/2025/02/03/the-future-of-privacy/#the-tools-you-use-might-depend-on-government-funding)) source of income. Our governments *should* be contributing financially to the tools we all use to improve our security and privacy for free, moreover if they are using it themselves.
-
-While any organization should thrive to diversify its sources of income to reduce its dependency on large contributors, it's not always easy to do.
-
-If you feel uneasy about a privacy tool you use receiving government funding, the best thing you can do to fight this is to [donate](https://donate.torproject.org/) directly to reduce its dependence to it.
-
-### Depending on where you are, using Tor is likely safe
-
-If you are not living under an oppressive regime with heavy censorship, it's likely that using Tor is safe for you, and will not put you on "a list". Even if it was putting you on "a list", it likely is a list full of great people working to defend human rights and privacy rights online.
-
-That being said, **if you are living in a region where using Tor is dangerous**, and could put you on a list of anti-regime dissidents, you *should absolutely* be careful and take special measures to hide your usage of Tor.
-
-Additionally, **if you are in a vulnerable situation** where an aggressor has access to your device or ISP information, and could hurt you if they knew you have used Tor, you should use a Tor Bridge and only [access Tor through Tails](https://www.privacyguides.org/articles/2025/01/29/installing-and-using-tails/).
-
-### Tor is fantastic for your privacy, but is not magical
-
-Tor is a great tool to improve your privacy online and make it much harder to identify you, your location, and the content you access online. However, it will not make you magically anonymous.
-
-If you use Tor with files containing metadata about you, this metadata can still identify you.
-
-If you use Tor to log in your Facebook account, then of course Facebook still knows it's you, and now also knows you are using Tor.
-
-If you use Tor to create a new account, but use an email address, phone number, username, or profile picture you used elsewhere when not connected through Tor, then your Tor activity can get linked to your previous activity.
-
-If you use Tor to reveal information so specific that only you, or only someone at your company, or only someone in this small government department could know, then of course authorities can identify you this way.
-
-You should also consider correlation in time when using Tor. If your activity is so specific that it can be narrowed down to only a few people, and your ISP or VPN knows you have accessed Tor at this specific time (and shares this information with authorities), a correlation in time could be enough to de-anonymize you.
-
-### Misconceptions are very detrimental to Tor, and other privacy tools
-
-We need to be extremely careful when spreading information that could be inaccurate or hasn't been verified when talking about Tor (or any other privacy tools).
-
-Misinformation can create mistaken fears and stop people from using a tool they would greatly benefit from.
-
-If someone is so scared of Tor because of some rumor they heard, that they continue their activism from the surface web instead, they could needlessly put themselves at risk.
-
-Furthermore, unjustified bad reputations can severely hurt funding for tools like Tor. This leads to less resources to continue developing the browser, the network, and to advocate for privacy everywhere.
-
-We all have a responsibility to verify which information we share with others, make sure we stop misinformation at its root, and correct harmful misconceptions everywhere we hear them.
-
-## :material-hand-heart-outline: Tor needs our support
-
-**Tor is at risk, and needs our help.** Despite its strength and history, Tor isn't safe from the same attacks oppressive regimes and misinformed legislators direct at encryption and many other privacy-enhancing technologies.
-
-Moreover, due to its US government funding, Tor has already been on the destruction path of the recent hectic government cuts. Thankfully, the US Agency for Global Media finally [rescinded the grant termination](https://www.theregister.com/2025/03/25/otf_tor_lets_encrypt_funding_lawsuit/?td=rt-3a) it had announced on March 15th to the Open Technology Fund, which the Tor Project benefits from. Sadly, considering the unpredictability of the current US administration, this doesn't mean the Tor Project is safe from cuts later on.
-
-As much as the Tor Network relies on generous volunteers to run it, the nonprofit Tor Project relies on grants and donations to survive.
-
-The good news is, we can help with both!
-
-The more individuals donate to the Tor Project, the less it depends on government funding, and the more stable its donation income becomes.
-
-Similarly, the more people volunteer to run a Tor relay, the more stable and reliable the Tor Network becomes.
-
-Tor is a privacy tool so many people, organizations, and applications need to stay safe and secure. It is **our collective responsibility to contribute what we can** to keep Tor strong and thriving for all of us.
-
-### How to support Tor
-
-There are many ways to help Tor survive and thrive! You can help by:
-
-- [Donating to the Tor Project (includes really neat merch!)](https://donate.torproject.org/)
-
-- [Spreading the word about Tor](https://community.torproject.org/outreach/)
-
-- [Joining the Tor community](https://community.torproject.org/)
-
-- [Making your website accessible as an onion service](https://community.torproject.org/onion-services/setup/)
-
-- [Asking your university to run a Tor relay](https://toruniversity.eff.org/)
-
-- [Running a Tor relay yourself](https://community.torproject.org/relay/)
-
-- [Running a Snowflake proxy to help fight censorship](https://community.torproject.org/relay/setup/snowflake/)
-
-- Using Tor for anything from important to trivial
-
-- Sharing this article 💜
-
-## :octicons-bookmark-16: Onion sites you can visit using the Tor Browser
-
-- [Privacy Guides website](http://www.xoe4vn5uwdztif6goazfbmogh6wh5jc4up35bqdflu6bkdc5cas5vjqd.onion/en/) 💛
-- [Privacy Guides forum](http://discuss.6xotdxvg7pexnean3xu6b7ivs7g52zcwsdbnz4mdm4byivc3yfv65aid.onion/)
-- [Amnesty International](https://www.amnestyl337aduwuvpf57irfl54ggtnuera45ygcxzuftwxjvvmpuzqd.onion)
-- [Electronic Frontier Foundation](https://www.iykpqm7jiradoeezzkhj7c4b33g4hbgfwelht2evxxeicbpjy44c7ead.onion/)
-- [Freedom of the Press Foundation](http://fpfjxcrmw437h6z2xl3w4czl55kvkmxpapg37bbopsafdu7q454byxid.onion/)
-- [Secure Drop directory (for whistleblowers)](http://sdolvtfhatvsysc6l34d65ymdwxcujausv7k5jk4cy5ttzhjoi6fzvyd.onion/directory/)
-- [ProPublica](http://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion/)
-- [Internet Archive](https://archivep75mbjunhxc6x4j5mwjmomyxb573v42baldlqu56ruil2oiad.onion/)
-- [OnionShare (file sharing)](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/)
-- [Proton Mail](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/)
-- [Tor Project](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion)
-
-***
-
-For more in-depth information about Tor, you can consult our [Tor Overview](https://www.privacyguides.org/en/advanced/tor-overview/).
-
-Unless credited otherwise, all screenshots from: Privacy Guides
-
----
-
-**Update (5/6):** This article was updated to note [the importance of restarting Tor Browser](tor-security-slider-flaw.md) when changing security level settings.
diff --git a/blog/posts/keepassium-review.md b/blog/posts/keepassium-review.md
deleted file mode 100644
index 4c8cdcdc..00000000
--- a/blog/posts/keepassium-review.md
+++ /dev/null
@@ -1,696 +0,0 @@
----
-title: "KeePassium Review: A Flexible Password Manager for iOS and macOS"
-template: review-article.html
-schema_type: ReviewNewsArticle
-date:
- created: 2025-05-13T16:30:00Z
-categories:
- - Reviews
-authors:
- - em
-description: "If you need a password manager for iOS or macOS that gives you full control over your data, KeePassium is a fantastic option. KeePassium offers some synchronization features, but keeps your password database offline by default. You choose who to trust to store your passwords, and you can change it whenever you want."
-preview:
- logo: blog/assets/images/keepassium-review/keepassium.svg
-review:
- type: SoftwareApplication
- category: SecurityApplication
- subcategory: Password Manager
- name: KeePassium
- price: 0
- website: https://keepassium.com/
- rating: 4.5
- pros:
- - Open source.
- - Free basic plan.
- - Data portability.
- - Offline-only option.
- - No account or personal data required.
- - Easy to use, beautiful, and customizable.
- - Excellent documentation.
- cons:
- - AutoFill might not work for some websites and browsers.
- - Some important features only available on paid plans.
- - No app for Linux, Android, or Windows.
----
-
-
-
-Illustration: Em / Privacy Guides | Photo: PicJumbo / Pexels
-
-If you have been looking for a password manager giving you full control over your data, KeePassium is a fantastic option. The application available for iOS and macOS keeps your password database offline by default. KeePassium still offers synchronization and backup options, but allows you to choose which storage provider to trust with your database, and change it whenever you want.
-
-{align=right itemprop="image"}
-
-[KeePassium](https://keepassium.com/) is a commercial open-source application made by KeePassium Labs, based in Luxembourg.
-
-Because it's open-source, anyone can inspect and download its [code](https://github.com/keepassium/KeePassium) if they wish. Anyone could even [build](https://github.com/keepassium/KeePassium?tab=readme-ov-file#is-it-free) the entire application by themselves, and use the advanced features completely for free.
-
-However, if you do not want to bother with code, you can use either the basic plan for free, or pay for a premium plan to access advanced features and to support the project.
-
-KeePassium is a [KeePass](https://keepass.info/)-compatible project. If you are already familiar with any software from the [KeePass ecosystem](https://github.com/lgg/awesome-keepass), you will feel right at home with KeePassium.
-
-KeePassium's strength resides in how it integrates KeePass' security and features into a well-rounded and well-designed application, that is very instinctive to use, while not compromising on flexibility and customizability.
-
-
-
The KeePassium application
-
-For this review, the words "KeePassium" and "application" refer to both the KeePassium iOS and macOS applications simultaneously, unless otherwise specified. The mobile application was tested first and will be more prominent in the examples and screenshots.
-
-
-
-## :material-apple: Platforms and Compatibility
-
-KeePassium is written in Apple's Swift programming language and is available for Apple devices.
-
-### Mobile
-
-- For iPhone and iPad, KeePassium works on iOS 17.0 or later.
-
-### Desktop
-
-- For Mac computers, KeePassium works on macOS 14.0 (Sonoma) or later.
-- KeePassium is compatible with both Apple Silicon and Intel hardware.
-- The desktop application is new and was [released](https://keepassium.com/blog/2024/12/keepassium-2.0/) on December 17th, 2024.
-
-### Apple Vision
-
-- For Apple Vision, KeePassium works on visionOS 1.0 or later.
-
-### Languages
-
-The KeePassium application is available in the following languages: English, Arabic, Czech, Dutch, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, Simplified Chinese, Slovak, Spanish, Swedish, Thai, Traditional Chinese, Turkish, and Ukrainian.
-
-### Cross-compatibility
-
-One great strength of any applications derivative of KeePass is compatibility with other KeePass applications. This is due to implementing of the same `.kdbx` file format for password databases, and often sharing similar features as well.
-
-If you use KeePassium to store your passwords, you will be able to easily transfer your password database to other KeePass-compatible applications, and vice versa. This offers powerful portability for your password database.
-
-
-
File formats and encryption
-
-KeePassium supports the KDB, KDBX3, and KDBX4 file formats, and implements AES, ChaCha20, Twofish, and Argon2 for encryption algorithms.
-
-Even if compatibility with older database formats is available, it is recommended to use the more recent and [more secure](https://keepass.info/help/kb/kdbx_4.html) KDBX4 format. This latest format will be the default when you create a new database in KeePassium.
-
-
-
-This cross-compatibility is so versatile that you could, for example, use KeePassium on mobile but sync it with [KeePassXC](installing-keepassxc-and-yubikey.md) on desktop.
-
-Similarly, if you have a Mac computer but an Android phone, you could use KeePassium on desktop but KeePassDX on mobile, and so on and so forth. You can consult KeePassium's documentation for a list of all [compatible apps](https://support.keepassium.com/kb/compatible-apps/).
-
-
-
Testing compatibility
-
-If you plan on using KeePassium with cloud storage and synchronization between devices, make sure to test your settings well before adding all your passwords to it.
-
-
-
-Depending on your usage and settings, glitches in synchronization *could* corrupt your database file. This has more chances to happen if you use a cloud storage that isn't fully supported, or a KeePass-compatible application that isn't listed in KeePassium's documentation.
-
-Ideally, if you use synchronization, create a dummy database at first to test that synchronization works properly with your specific cloud configuration and between all the devices you use.
-
-It's also advisable to enable the backup feature and even keep a backup copy of your database file in a different directory. That way, if your main synced file were to get corrupted or lost somehow, you could always rely on this secondary backup.
-
-This is important because there is no remote database management done by KeePassium. **You are fully in control of your own data, but you are also fully responsible to protect it.**
-
-## :material-wallet-bifold-outline: Pricing
-
-KeePassium can be used completely for free!
-
-That being said, if you need advanced features, you might want to [pay](https://keepassium.com/pricing/) for a [Premium](https://keepassium.com/articles/why-upgrade-to-premium/) plan (monthly or yearly), or a Pro or Business plan. Fortunately, the monthly Premium plan is very affordable, allowing users to test the Premium features one month at the time before committing to a longer subscription.
-
-Alternatively, if you do not need any advanced features but would like to support the project, you could use the free plan and [donate](https://keepassium.com/donate/) a fix amount to KeePassium.
-
-#### Rent-to-own
-
-Something interesting about KeePassium Premium's plan is that it offers a "[rent-to-own](https://support.keepassium.com/kb/license-rent-own/)" license. This means that if you pay for a KeePassium subscription for 12 months or more, you will always "own" the features you've paid for, even if you stop paying.
-
-For example, if you pay for Premium for only one year then stop, you will keep access to all the Premium features that were available while you paid for Premium, but will not have access to new features added after your stopped paying. This is an excellent model that more applications should adopt.
-
-
-
-## :octicons-shield-check-16: Security and Trust
-
-Security and trust are without a doubt the most important characteristics of a good password manager.
-
-While functionality and features are also important, there is no point in having a pretty application that doesn't safeguard your passwords properly. It would defeat the whole purpose of the password manager.
-
-KeePassium does not neglect security for convenience, and has done its homework to earn its users' trust. The database format it uses, its transparency with open source, and its independent security audit, are all factors contributing to build trust in KeePassium.
-
-### Trusted database format
-
-The application is using an encrypted database file format developed by [KeePass](https://en.wikipedia.org/wiki/KeePass), an open-source project with a good reputation in the security and privacy community. KeePass' code and formats are trusted by many other KeePass-compatible projects, including KeePassXC, KeeWeb, OneKeePass, ModernKeePass, MacPass, Keepass2Android, and [more](https://github.com/lgg/awesome-keepass).
-
-Even if the KeePassium application is relatively recent with its first [launch](https://keepassium.com/blog/2019/07/introducing-keepassium-for-ios/) in 2019, the formats it uses to secure password databases had many eyes on since the initial KeePass release in 2003. The fact that so many people have inspected, used, tested, and improved the security foundation of this file format through the years contributes to KeePassium's security as well.
-
-### Open-source code
-
-KeePassium was [created](https://keepassium.com/articles/who-created-keepassium/) by [Dr. Andrei Popleteev](https://popleteev.com/), who founded KeePassium Labs, and continues as its director to develop and maintain the app with a small team of [contributors](https://github.com/keepassium/KeePassium/graphs/contributors). Like KeePass, KeePassium's code is open-source under a [GNU General Public License](https://github.com/keepassium/KeePassium/blob/master/LICENSE.txt).
-
-Open-source code isn't magical, but it helps to build trust by providing full transparency. Because all of KeePassium's code is publicly accessible, anyone could inspect it. This can help to detect and reporting potential vulnerabilities early on, and quickly verifying any claims made. Of course, at least *some* independent qualified people have to inspect the code in order to make this meaningful at all. But this is true for any open-source projects.
-
-#### A note on KeePassium's open-source commercial model
-
-More precisely, KeePassium is a *commercial* open-source application. This means its code is fully open and available to inspect, download, and use (within its license's limits). However, users can also purchase paid plans to access advanced features, without having to build and manage the code themselves.
-
-Paid plans provide a source of revenue to KeePassium, which helps to maintain the application adequately to keep it compatible and secure, providing support to customers, and adding new features down the line.
-
-This commercial model can actually add stability to a project, making it more likely to survive long term. This is reassuring considering all the other KeePass-compatible projects that have stopped getting maintained and are unfortunately no longer usable.
-
-Furthermore, there is some [conflict](https://www.engadget.com/2011-01-09-the-gpl-the-app-store-and-you.html) between certain open-source licenses and publication on Apple's App Store. Because it isn't possible to download an iOS app outside of Apple's App Store (unless you adventure in the perilous waters of [jailbreaking](https://en.wikipedia.org/wiki/IOS_jailbreaking)), KeePassium and all other iOS apps are confined to operate within the App Store's requirements.
-
-Also for this reason, the KeePassium projects cannot accept external contributions to its code, but can still [accept contributions](https://github.com/keepassium/KeePassium?tab=readme-ov-file#how-to-contribute) for bug reports, feature suggestions, and translations.
-
-### Independent security audit (iOS)
-
-Perhaps one of the most compelling argument for trusting KeePassium is the [independent security audit](https://support.keepassium.com/kb/security-audits/) the iOS application went through last year.
-
-The Berlin-based cybersecurity firm [Cure53](https://en.wikipedia.org/wiki/Cure53) conducted a full evaluation and professional pentest of the mobile application in November 2024.
-
-The review included an audit of the source code, application, network communications, and the implemented cryptography. The few vulnerabilities found were all fixed following reception of the report.
-
-It's important to note that only KeePassium for iOS was audited, and not KeePassium for macOS, which was released after the audit. However, many aspects of KeePassium for iOS that were included in the audit are likely to be similar for KeePassium for macOS.
-
-Interestingly, Cure53 has [audited](https://cure53.de/) many other well-known security and privacy-focused or open-source applications such as Proton Pass, 1Password, Bitwarden, Obsidian, Mullvad VPN, Onion Browser, Threema, Briar, SecureDrop, Mastodon, and much [more](https://github.com/cure53/Publications).
-
-### Recommended by other applications
-
-Finally, if you already trust KeePassXC for your desktop password manager, know that KeePassium is one of the apps [suggested](https://keepassxc.org/docs/) by KeePassXC to use on iOS.
-
-## :octicons-lock-16: Privacy and Encryption
-
-Data privacy and encryption are fundamental aspects of any password managers. Because pretty much all data stored in a password manager is highly sensitive data, all data should be protected by strong end-to-end encryption.
-
-### Data collection
-
-On this point, KeePassium delivers. First, a quick look at Apple's privacy label indicates that "the developer does not collect any data from this app". This is a good start, and this description is true for both the iOS and macOS applications.
-
-
-
-Second, in its current version, KeePassium's [Privacy Policy](https://keepassium.com/privacy/app/) is excellent. This is never a guarantee of course, but the app's [security audit](#independent-security-audit-ios) shows the Privacy Policy statements are likely founded.
-
-KeePassium separates its privacy policies for the application and the website. This is an excellent practice way too rarely adopted by companies. This approach provides much more clarity for what data is collected from where, and is a positive sign that an organization understands well data privacy legal requirements.
-
-The Privacy Policy for the app is detailed and thorough, which are essential qualities to any respectable privacy policies.
-
-It starts by stating clearly that KeePassium does not send any personal data to KeePassium Labs, the company developing the app. Then, it lists all instances where data *could* be collected through the purchase or use of KeePassium, and gives clear instructions on how to opt out for each. This is the kind of privacy policy that shows an organization genuinely values and understands data privacy. I highly encourage you to have a look at it from the link above.
-
-Worth noting as well, KeePassium's Privacy Policy for its *website* states it [does not use any cookies](https://keepassium.com/privacy/website/#our-use-of-cookies-and-tracking). This is certainly refreshing to read.
-
-### Encryption
-
-Although the application is compatible with older formats, KeePassium by default will use the newer KDBX4 file format to encrypt password databases.
-
-This is important because the KDBX4 format offers [significant security improvements](https://keepass.info/help/kb/kdbx_4.html) over the previous KDBX3 format. If you import an older database in KeePassium, it is recommended to upgrade it to KDBX4 and use a different main password for the upgraded database if you keep a backup of the previous one.
-
-
-
Upgrade from KDB to KDBX
-
-If you need to upgrade an older database file to the newest file format to benefit from better security and KeePassium's full functionality, you can follow KeePassium's [instructions](https://support.keepassium.com/kb/convert-kdb-kdbx/).
-
-
-
-To secure the database, and all the content included in it, KeePassium uses AES256, ChaCha20, Twofish, HMAC, and Argon2 (for KDBX4 only). Because the [KeePass database file format](https://keepass.info/help/kb/kdbx.html) (and so KeePassium's as well) encrypts the whole database, this means that not only passwords are encrypted but also usernames, website URLs, notes, attachments, etc.
-
-
-
Encrypting all data, not just passwords
-
-Encrypting all user data contained in a password manager entry is *extremely* important, because encrypting passwords only just isn't enough.
-
-In August 2022, the password manager [LastPass suffered a security breach](https://blog.lastpass.com/posts/notice-of-recent-security-incident) where users' password vaults (databases) were stolen from LastPass' servers.
-
-This is bad enough even with end-to-end encrypted data (because vaults with a weak main password could get cracked), but even worse than this, some important data like website URLs were *not encrypted at all*, so this information was [stolen in plain text](https://www.pwndefend.com/2022/12/24/lastpass-breach-the-danger-of-metadata/).
-
-This is the perfect example of why **encrypting all data *and* metadata** input by the user is *crucial* for data privacy and security.
-
-Additionally, the LastPass' breach is a great argument in favor of keeping one's password database *offline,* whenever possible. Something that KeePassium makes possible even by default.
-
-
-
-#### Encryption algorithms used by KeePassium
-
-[AES256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard): The Advanced Encryption Standard (AES) is a trusted and commonly used block cipher symmetric-key algorithm. It was established in 2001 by NIST, the American National Institute of Standards and Technology. The number following the acronym describes the key size in bits (128, 192, or 256 bits).
-
-[Twofish](https://en.wikipedia.org/wiki/Twofish): Twofish is another block cipher symmetric-key algorithm, which KeePassium can use to secure databases, in 256-bit key size as well. Famous cryptographer Bruce Schneier was part of the team who designed Twofish.
-
-[ChaCha20](https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant) (KDBX4 only): The ChaCha20 algorithm is a variant of Salsa20, both stream ciphers that encrypt and decrypt data in continuous stream instead of blocks. The number refers to the number of rounds in its structure.
-
-[HMAC](https://en.wikipedia.org/wiki/HMAC) (Key Derivative Function): Hash-based Message Authentication Code (HMAC) is a robust hash function. In KeePass-compatible apps, it is used to [verify](https://keepass.info/help/kb/kdbx.html#hbs) the integrity and authenticity of the database before decryption.
-
-[Argon2](https://en.wikipedia.org/wiki/Argon2) (Key Derivative Function, for KDBX4 only): Argon2 is a memory-hard function that offers better resistance against GPU cracking attacks compared to AES-KDF. Argon2 was the winner of the Password Hashing Competition in 2015.
-
-[AES-KDF](https://keepass.info/help/kb/kdbx_4.html#intro) (Key Derivative Function, for KDBX3 only): AES-KDF is a key derivative function based on AES. This method was previously used for the KDBX3 database format, but has since been replaced by Argon2 for KDBX4. This is partly because AES-KDF is not memory-hard, which makes it easier to crack for an attacker using modern technologies.
-
-{width="400"}
-
-## :octicons-apps-16: Usage and Features
-
-Once solid security and privacy protections have been confirmed, the second important part of a good password manager is how easy it is to use and the features it offers.
-
-In this regard, KeePassium excels again. Not only does KeePassium offer the features users familiar with KeePass-compatible applications will recognize, but importantly, it implements these features with a polished user interface and obvious consideration for accessibility and user experience.
-
-### Starting with KeePassium on iOS
-
-Installing the app from the App Store is a smooth process. Once installed, make sure to go in Apple's "Settings" > "KeePassium" > "Siri & Search" and disable the Siri options you are not using. Apple very annoyingly puts them all on by default for each new app installed.
-
-Additionally, you can follow KeePassium's [instructions](https://keepassium.com/privacy/app/) from its Privacy Policy to opt out of other Apple settings related to KeePassium.
-
-After installing the app, KeePassium will guide you step-by-step to set up an application PIN (you can also enable application lock with biometrics), and import or create a new database.
-
-If you are not familiar with it already, it's a good idea to read each popup from the welcome screen.
-
-
-
-
-
-
-
-
-
-
-
Secure the application properly
-
-When prompted to select a Passcode to lock the application (which is different from the main password to secure your database), you will have the option to switch from the numeric keypad to a full alphanumeric keyboard. This is recommended to set up a stronger Passcode to protect the application, where your database(s) might be kept unlocked if you choose this option.
-
-
-
-If you create a new database to store your passwords, make sure to choose a [strong main password](https://www.privacyguides.org/en/basics/passwords-overview/#passwords) (or "Master Key") that is *unique*, *complex*, and *long*.
-
-KeePassium will guide you to determine if your main password is sufficiently strong. However, the app cannot know if you have used this password before, so you should make sure that you haven't and this main password is unique.
-
-
-
Be careful to remember your main password!
-
-This is the only password that cannot be stored in your password manager, so it's important to secure it properly and also ensure you can **remember it well**.
-
-Due to the nature of end-to-end encryption, there is no way for KeePassium to recover a lost password. Not remembering your main password could mean **getting locked out of your password database permanently**.
-
-
-
-After creating a new database, you will be prompted to unlock it with your new main password ("Master Key").
-
-{width="400"}
-
-After you have either created or imported a database, you are ready to explore KeePassium's features.
-
-### Starting with KeePassium on macOS
-
-To download KeePassium on macOS, you will need to go through Apple's App Store. Alternatively, you could also [build](https://github.com/keepassium/KeePassium) the application from the source code, but that is an entirely different process.
-
-
-
-Installing the application is a breeze, and the macOS app shares the same welcome sections and features the iOS version has, with a slightly different format.
-
-
-
-The application will guide you to either create or import a database, then you will recognize the same features described below for the iOS version.
-
-
-
-### Accessibility
-
-There are a few great accessibility features with KeePassium. First, KeePassium fully works with Apple's VoiceOver. To enable it on iPhone, you can go in the iOS "Settings" > "Accessibility" > "VoiceOver" and enable "VoiceOver".
-
-Second, from the KeePassium app you can tap on the "Settings" gear button on the lower-right to access the "Appearance" menu. From there, you will see a sliding option to adjust the entry's text size. This will change the size of the text in all entries' sections. You also have the option to change the font type from there.
-
-Additionally, when tapping on a Password in an entry section, you can quickly tap on the magnified "a" button (while the blue "Copied" overlay appears) to display the password in large font, with each character separated in an indexed table.
-
-
-
-
-
-
-
-
-
-### Security features
-
-In the "Access Control" category of "Settings", there are some important options to customize the app's security features:
-
-#### App Protection
-
-This section gives options to secure the application itself. It includes using the device's biometric lock instead of the app's Passcode, changing the app's Passcode, and choosing when the app gets locked.
-
-#### Data Protection
-
-This section gives options to enable or disable if the database(s)' main password(s) is remembered locally in the device's secure keychain, or if it must be re-entered each time to unlock a database. It also allows you to choose when (if remembered) the database will lock itself again, how long to keep data (including copied passwords) in the device's clipboard, and other security preferences.
-
-A fun (and useful) feature you will find there is that you can decide what happens when the device is "shaken". This can be an important security feature for people in sensitive situations.
-
-
-
-
-
-
-
-
-
-#### Protection against weak passwords
-
-When first creating a database, KeePassium will indicate if the main password chosen is too weak and display a warning.
-
-This is an important security feature because **a database is only as protected as the strength of its main password**. It goes without saying the main password for a database should always be *unique* (has never been used elsewhere), *complex* (uses a variety of character types), and *long* (is long enough to not be vulnerable to brute-force attacks).
-
-Passwords chosen for each entry will also display an indicator of strength under each field.
-
-#### YubiKey support (Premium)
-
-For users with Premium plans, KeePassium offers [support for YubiKey](https://www.yubico.com/works-with-yubikey/catalog/keepassium/) to add extra protection to a database using the challenge-response implementation.
-
-The same feature is available on KeePassXC on desktop. For more details on this, you can check our [tutorial for KeePassXC](installing-keepassxc-and-yubikey.md), or our tutorial on [how to set up and back up a YubiKey](yubikey-reset-and-backup.md)'s challenge-response.
-
-#### Passwords audit (Premium)
-
-KeePassium offers to audit database's passwords for potential leaks. This feature works by comparing an obfuscated version of a password with the [Have I Been Pwned](https://haveibeenpwned.com/) service. The password is never shared externally during this process. This is helpful information to get an early warning and change a compromised password before the exposed account is attacked.
-
-### Groups and Smart Groups
-
-Before starting to add entries to a new database, it's a good idea to explore the Groups and Smart Groups features. Groups are directories that can be created inside a database to separate categories of passwords.
-
-Smart Groups are simply Groups created from a search query. If you imported a database already full of passwords, you might not feel like sorting them manually. Smart Groups will help to create Groups using queries to [categorize](https://support.keepassium.com/docs/smart-groups/) entries automatically. This can be very convenient to organize larger databases.
-
-When creating a new database, KeePassium will suggest some Groups, which you can be used as provided, changed, or deleted. To add a new Group or Smart Group, tap on the 3-dot button on the upper-right from inside a database and select "New Group" or "New Smart Group".
-
-{width="400"}
-
-
-
Separate databases vs Groups
-
-Using separate databases for different categories of passwords, for example one database for personal passwords, work-related passwords, and family-shared passwords is a good idea because it takes advantage of compartmentalization to add extra security and privacy.
-
-Each database will have its own main password, and if one database were to get compromised, the others might still be protected. KeePassium's free plan only allow to use *one* database at the time, however.
-
-Groups mainly serve to organize passwords and do not provide any additional security, privacy, or portability like separate databases do. For free plan users, Groups can still be a great feature to separate passwords when it isn't a security issue to encrypt them all together using a same main password.
-
-
-
-### Entry options
-
-Once inside a database, users can add a new entry there or first create/enter a Group directory. To create a new entry, tap on the 3-dot menu on the upper-right, then select "New Entry".
-
-Each New Entry section will include a field for the entry's name, choice of icon (or option to download the service's favicon), "User Name", "Password", "URL", "Tags", "Notes", and option to "Set up one-time password (OTP)".
-
-Tapping the plus-sign button at the top will create a new custom text field for an entry. Enabling the "Protected Field" option on the lower-right will hide this field as if it was a password field. That being said, all fields from an entry will be fully encrypted with the database.
-
-
-
-
-
-
-
-
-
-An entry section from macOS:
-
-
-
-Finally, to edit, move, copy or delete an entry on iOS, a long press over its name from the directory will show these options. Swiping left on a password entry will also show the edit and delete options.
-
-{width="400"}
-
-### Password generator
-
-Conveniently, KeePassium includes a password generator. This is a common feature for password managers, and KeePassium implements this feature very well.
-
-The generator can be used from either the die-shaped button on the right of every password field, the tool-shaped button menu on the lower-left from inside a database selecting "Random Generator", or the die-shaped button on the lower-left from the "Databases" section. The latter is a nice touch if you ever need to generate a random string while your database is locked.
-
-Each time you open the Random Generator, it will automatically generate new random strings for all 3 modes: Basic, Expert, and Passphrase.
-
-
-
-
-
-
-
-
-
-The Random Generator can also be customized. To customize each mode, tap on the gears-shaped button on the upper-right of the generator and change the mode to adjust the parameters for each. The app will remember the parameters every time it is used.
-
-The customization for Passphrase does not include the options for "MIXED" case at this time, however, considering this option was just added to KeePassXC last month, maybe it will be added to KeePassium as well in the near future.
-
-
-
-### One-Time Password (OTP)
-
-KeePassium offers the option to store one-time password codes with each entry. This can be a convenient way to manage second-factor of authentication, and keep these codes stored locally only.
-
-However, this can also introduce additional risks. If a database file was to get compromised at some point, it would also compromise all the OTP codes within it, making this second-factor protection useless against an attack of the whole database.
-
-If this isn't a risk you are concerned with, then KeePassium's OTP can be a useful feature.
-
-OTP codes are easy to set up and can be entered manually or using a QR code. Once set up, the code will be displayed as a field in the entry. Tap on it to copy it.
-
-
-
-
-
-
-
-
-
-### AutoFill
-
-Depending on your usage, AutoFill can be an important feature for a password manager. AutoFill will allow KeePassium to recognize a login page and automatically fill all in the login credentials.
-
-To ensure AutoFill works smoothly, it's important to enter the correct website URL for each entry, specifically the page's URL where the credentials will be required.
-
-Ultimately, it's possible some websites will just not work with KeePassium's AutoFill. Some [issues](https://github.com/keepassium/KeePassium/issues/405) have been experienced while testing the app for this review. If you experience the same issue with a website, you can simply copy-paste the credentials manually in each corresponding field.
-
-
-
AutoFill issues for some websites
-
-A possible cause of AutoFill issues can be an incorrect entry URL that isn't the proper "Caller ID". To troubleshoot this, you can consult KeePassium's helpful [instructions](https://support.keepassium.com/kb/autofill-matching/) here.
-
-
-
-#### AutoFill for iOS
-
-When set up correctly on iOS, a "Passwords" button should appear above the keyboard for websites where credentials have been stored in your database. If it doesn't, this could mean AutoFill was not set up properly from the [iOS Settings](https://support.keepassium.com/kb/autofill-setup-ios/).
-
-{width="400"}
-
-#### AutoFill for macOS
-
-There isn't a browser extension available for KeePassium on macOS. The desktop AutoFill feature integrates with the system as a [credential provider](https://www.reddit.com/r/KeePassium/comments/1isvjjd/comment/mdsbwwc/). Browser implementation depends on how each browser integrates this function. The desktop AutoFill feature does work flawlessly with Safari.
-
-To set up AutoFill for KeePassium, you will have to enable it from the [macOS Settings](https://support.keepassium.com/kb/autofill-setup-macos/). KeePassium will guide you through the process with clear instructions to follow:
-
-
-
-Once enabled, every website with a corresponding URL in your database will display a small key icon on the right of the credential fields.
-
-
-
-Despite lacking a browser extension, integration with Safari and the macOS ecosystem works smoothly, and it will work with applications that aren't browsers as well.
-
-
-
-### Backups
-
-Backing up your database is essential with any KeePass-compatible app. Because there is no remote backup automatically stored by the application, you become responsible for protecting this data properly.
-
-KeePassium offers many options to help users back up their databases.
-
-#### Enable backup copies
-
-The option to back up local copies automatically will be enabled by default. You can disable it if you prefer (ideally not), or enable the option to "Show Backup Files" in "Settings" > "Database Backup". You can also adjust for how long you wish to keep the local backups (the default value is 2 months).
-
-#### Exclude from iCloud/iTunes
-
-There is an important feature to exclude your database file and KeePassium's backups of your database from your device's iCloud or iTunes backups. If you do not trust Apple with your encrypted database, you should enable this everywhere (excluding from iCloud/iTunes is disabled by default).
-
-If your database is stored locally (you might not see the option otherwise): From the "Databases" page, tap on the 3-dot button right to your database name (not the *circled* 3-dot button at the top, the one below). Then tap on "File Info" and *enable* the option "Exclude From iCloud/iTunes Backup" to make sure your database file stays outside your device's iCloud or iTunes backups.
-
-Secondly, to also exclude the backups created by KeePassium, inside a database tap on the "Settings" gear button on the lower-right, then "Database Backup", and *enable* "Exclude Backup Files from System Backup".
-
-
-
-
-
-
-
-
-
-You will find the same option on macOS:
-
-
-
-#### Auto-delete backup files
-
-You can choose the backup files to get deleted automatically after a certain period of time. For this, go to "Settings" then the "Database Backup" again, and scroll down to "Keep Backup Files". Select a retention period that is secure for your threat model. You can also tap on "Delete ALL Backup Files" below to delete all backups at any time.
-
-#### Manual backups
-
-Finally, you can simply back up your database `.kdbx` file manually. For this you have the options to transfer the file from KeePassium via cable, cloud storage, local network, AirDrop, email, or even Signal's [Note to Self](https://support.signal.org/hc/en-us/articles/360043272451-Note-to-Self)!
-
-To [transfer](https://support.keepassium.com/kb/database-transfer/) your database file entirely offline to another Apple device, connect your device together via USB cable and follow these [instructions](https://support.apple.com/en-gb/guide/mac-help/mchl4bd77d3a/mac).
-
-If you stored your database locally on iPhone, you will find the file in Apple's "Files" > "On My iPhone" > "KeePassium". From there, you can long press the file to see options to move or share it.
-
-{width="400"}
-
-#### Restore database from backup
-
-If you encounter any errors while managing your database, you can always restore it from a backup. Keeping multiple backup versions is a good idea to ensure you always have a functional file. Glitches and bugs are more likely to happen if you handle your database in unusual ways, with other software that may not have been tested for this usage yet.
-
-Restoring a database in KeePassium is a very straightforward operation. In the "Databases" section, tap on the 3-dot button on the upper-right, then select "Show Backup Files", if it isn't already on. Follow KeePassium's [instructions to restore](https://support.keepassium.com/kb/restore-backup/) a previous version.
-
-### Synchronization and direct connection
-
-While you can use KeePassium entirely offline, the app also offers options to synchronize your database with other KeePassium installations or other KeePass-compatible applications.
-
-There are two ways to do this. You can either simply store your database file in a cloud service of your choice and let KeePassium access this file, or you can use KeePassium's direct connection with certain cloud providers.
-
-You can see these two options from the app in "Settings" > "Network Access". From there, you have the option to select "Stay Offline", for maximum privacy, or "Allow Network Access", for maximum functionality.
-
-Whether you choose simple file synchronization or a direct connection, you can consult [this list](https://support.keepassium.com/kb/sync/) of cloud storage providers that have been tested by the KeePassium team and users to determine if your provider is supported.
-
-#### Stay offline, and synchronize through a cloud provider (recommended)
-
-This is KeePassium's [recommended method](https://keepassium.com/articles/cloud-sync-sandboxing/) to synchronize your database file(s) while maximizing privacy and minimizing external accesses. By default, KeePassium will remain offline, but you can store your database file with a cloud provider of your choice.
-
-This way, your cloud provider will manage the network communication, and KeePassium will only take care of decrypting your database. Because of system-enforced sandboxing, KeePassium will not have access to anything else on your cloud storage, only the database file(s) your have granted it access to.
-
-For example, you can store your database file on a cloud storage of your choice, then open it from KeePassium for iOS and also from KeePassXC on desktop. Both applications will access and manage the same file, therefore synchronizing your database.
-
-Be careful however when modifying your database. If synchronization isn't handled properly, this could cause errors that could corrupt your file. This is why it's important to test your setting first, and a good practice to keep a backup in a secure secondary location.
-
-{width="400"}
-
-
-Synchronization through Proton Drive
-
-Proton Drive isn't part of the recommended and tested list of cloud providers for KeePassium. However, it was briefly tested during this review.
-
-Between KeePassium iOS and KeePassXC on desktop, some synchronization was possible through Proton Drive, but with mixed results.
-
-To make it work, first the Proton Drive app needed to stay unprotected by a PIN or biometrics, which isn't ideal if you have other sensitive files on this drive. There was also some delay to sync the database between mobile and desktop, and a few bugs occurred while testing.
-
-That being said, synchronization was *possible* through Proton Drive between KeePassium for iOS and KeePassXC on desktop, but maybe not recommended. If you choose this setup for yourself, it is *strongly* recommended to conduct adequate testing first using a dummy database, and once set up with your actual database, to keep a secondary backup in a separate location.
-
-Testing couldn't make synchronization work between KeePassium iOS and KeePassium macOS through Proton Drive. Issues seem to come from conflict resolutions on the Proton Drive side. Of course, because Proton Drive isn't even listed by KeePassium as a supported storage, this was simply conducted as an experiment and not an expectation.
-
-Because many of our readers might use Proton Drive as a cloud provider, just be aware it probably isn't a usable synchronization solution at this time.
-
-Using Proton Drive to simply back up a password database file manually without synchronization is still a viable option, however.
-
-
-
-#### Allow network access, to connect directly from KeePassium
-
-In 2022, KeePassium added direct connection options for certain cloud storage providers as a workaround solution for providers that were not integrating well with the system. This should however be a secondary choice only, as it will have some downsides for your data privacy.
-
-You can find this option from the "Data Encryption" welcome window at the start where you can either create a database, import a database, or "Connect to Server".
-
-Although KeePassium will only use what is necessary for this functionality, it [will access](https://keepassium.com/privacy/app/#direct-connections) more data than with the "Stay Offline" synchronization option. The data used for this functionality will however remain between your device and the cloud provider.
-
-#### Supported cloud storage providers
-
-KeePassium offers full support for iCloud Drive, Box, Dropbox, Google Drive, OneDrive, Resilio Sync, Nextcloud, SFTP / WebDAV, and limited support for Mega and Cryptomator.
-
-You might be able to make it work with cloud providers that aren't listed here. However, if you decide to use a provider that isn't fully supported, make sure to properly test your setup with a dummy database first.
-
-### Additional features
-
-This review focused testing on the most commonly used features that are accessible from a free plan. Nonetheless, KeePassium offers many more features, and additional ones for paid plans. Here's a summary of some other interesting features that have not been covered yet:
-
-#### Passkeys
-
-Since December 2024, KeePassium added [support](https://keepassium.com/blog/2024/12/keepassium-2.0/#passkey-support) for passkeys with its 2.0 release.
-
-#### Family sharing (Premium)
-
-You can use Apple's Family Sharing feature to [share](https://support.keepassium.com/kb/family-sharing/) your KeePassium paid license with your family members.
-
-#### Multiple databases (Premium)
-
-With a paid plan, it's possible to create or import multiple databases with KeePassium. This can be very convenient if you use a separate database for work and for your personal life, for example.
-
-#### Printing database
-
-KeePassium has a quick option to print an entire database in plain text, in an easy-to-read format. If this is secure for you, it can be a convenient way to keep a backup paper copy of all your passwords in case of emergency (or for inheritance purposes).
-
-To do this, while inside your database tap on the tool-shaped button on the lower-left, then select "Print". Of course make sure to secure this printed data *very well*, as it could be your weakest link.
-
-
-
Important security warning!
-
-Depending on your printer's settings, you should be *very careful* when using the print function. This data will be sent in plain text to your printer, and even perhaps through a network (depending on your printer's settings).
-
-This **can represent a very high security risk**, depending on your printer setup and situation. The file with your plain text passwords could also remain stored in the printer's queue!
-
-The print function can be [disabled](https://support.keepassium.com/docs/mdm-appconfig/#allowDatabasePrint) for users with a Business license.
-
-
-
-
-
-#### Read-only database
-
-You can protect a database from accidental changes by enabling this option. This will prevent any entries from being added, removed, or modified.
-
-It can be very useful if you have installed the app for someone who isn't comfortable with technology and want to make sure they cannot inadvertently delete an entry, for example.
-
-To enable it from KeePassium on iOS, go to the "Databases" section, long press on your database file, select "Database Settings", then enable "Read Only" at the top.
-
-#### File storage (attachments)
-
-You can use your database to store files!
-
-It's probably best to stay reasonable with this because files will quickly make your database very heavy. This could significantly slow down the encryption and decryption processes.
-
-That being said, it's a great way to store more sensitive files securely. The files will be encrypted with your database.
-
-You can either add files to an entry already created, or create a new entry named "Files" (or anything else you wish) to store all of your files together.
-
-To add a file, select the paperclip-icon tab at the top of an entry, then tap the plus-sign button at the bottom. Your files (attachments) will be accessible from any other KeePass-compatible application, like KeePassXC for example.
-
-
-
-Interestingly, KeePassium even uses a quite decent PDF viewer on iOS:
-
-{width="400"}
-
-## :material-thumb-up-outline: Nice to have
-
-- You can see what was added, changed, or fixed for each KeePassium version from "Settings" in the "What's New" section.
-
-- You can change the KeePassium and database icons from "Settings" > "Appearance" > in "App Icon" and "Database Icons".
-
-- KeePassium has [excellent documentation](https://support.keepassium.com/)! This is handy to learn about features or to troubleshoot if you encounter any errors.
-
-- You can see the full credits for the app from "Settings" in the "About KeePassium" section.
-
-
-
Check the credits!
-
-KeePassium not only credits its direct contributors but also lists credits for each graphics, code, and encryption algorithms used. You will find the same list of credits on KeePassium's GitHub [page](https://github.com/keepassium/KeePassium?tab=readme-ov-file#author-and-credits). This is a wonderful idea that more software should get inspired by.
-
-
-
-## :material-thumb-down-outline: Downsides
-
-Even if KeePassium is a great secure application that is easy and pleasant to use, there are still a few downsides that should be mentioned:
-
-- People with older versions of iOS or macOS will unfortunately not be able to use the application at all.
-
-- KeePassium only works in the Apple ecosystem, and there are no versions for other systems at this time.
-
-- If you are using a cloud provider that doesn't work smoothly with KeePassium and you need synchronization, you will unfortunately need to synchronize your database manually or change your cloud storage provider.
-
-- AutoFill on iOS might not work for every account. This can be an inconvenience depending on your usage and which of your accounts (if any) are impacted.
-
-- AutoFill on macOS might not work with your favorite browser (if it isn't Safari).
-
-## :octicons-key-16: Conclusion
-
-Overall, KeePassium is a privacy-focused, offline-first application, that has clearly prioritized user experience and user interface, while not neglecting security and privacy.
-
-When used with the basic and supported settings, it works fairly smoothly and allows enough customization to adapt to a variety of user needs and situations.
-
-The fact that KeePassium allows full compatibility with most other KeePass-compatible applications is an immense benefit compared to proprietary password managers.
-
-If you already keep your database in the KeePass file format, there are no downsides in trying KeePassium. If you aren't using this database format yet, this is a great opportunity to start and free yourself from locked-in systems that secure your precious passwords with obscurity rather than with openness.
-
-Unless credited otherwise, all screenshots from: Privacy Guides
diff --git a/blog/posts/monero-server-using-truenas.md b/blog/posts/monero-server-using-truenas.md
deleted file mode 100644
index 6a0e4555..00000000
--- a/blog/posts/monero-server-using-truenas.md
+++ /dev/null
@@ -1,362 +0,0 @@
----
-date:
- created: 2025-06-12T18:15:00Z
-categories:
- - Tutorials
-tags:
- - Self-Hosting
- - Cryptocurrency
- - TrueNAS
-authors:
- - justin
-description: In this guide, we will walk you through setting up a very powerful Monero server on TrueNAS.
-schema_type: AnalysisNewsArticle
-preview:
- cover: blog/assets/images/monero-server-using-truenas/cover.webp
----
-# Creating a Tricked-Out Monero Server with TrueNAS
-
-
-
-Illustration: Jonah Aragon / Privacy Guides
-
-In this guide, we will walk you through setting up a very powerful [Monero](https://www.privacyguides.org/en/cryptocurrency/#monero) server on TrueNAS. By completing these steps, you will be able to connect to your own self-hosted Monero node with the official Monero wallet and Cake Wallet, and you will be able to connect to your own self-hosted Monero LWS server with Edge Wallet and MyMonero.
-
-
-
Guest Contributor
-
-Please welcome Justin Ehrenhofer as a first-time guest contributor! Justin is the president of MAGIC Grants, a nonprofit which supports public cryptocurrency infrastructure and promotes privacy, and operates as Privacy Guides' [fiscal host](privacy-guides-partners-with-magic-grants-501-c-3.md). Privacy Guides does not publish guest posts in exchange for compensation, and this tutorial was independently reviewed by our editorial team prior to publication.
-
-
-
-This guide assumes that you are using TrueNAS for the first time. TrueNAS is an open-source operating system that is meant to function primarily as a NAS, and it supports running arbitrary Docker apps. [MAGIC Grants](https://magicgrants.org) spent the last few months making dedicated apps on the TrueNAS store to make this setup process simpler than starting from scratch.
-
-## Advantages of Running Your Own Node
-
-Monero is a cryptocurrency with strong privacy properties by default, and it is the only cryptocurrency currently [recommended](https://www.privacyguides.org/en/cryptocurrency/) by Privacy Guides.
-
-Despite Monero's privacy protections, your wallet needs to communicate with the rest of the Monero network. There are two main options:
-
-1. Connecting to someone else's node; or
-2. Connecting to your own node.
-
-By connecting to your own node, you do not need to reveal when you are using your wallet and what transactions you send to the node operator.
-
-By following this guide, your transaction broadcasts will be protected with the Tor and/or I2P [networks](https://www.privacyguides.org/en/alternative-networks/).
-
-In short, if you *can* run your own node, you *should* run your own node.
-
-## Hardware/Software Recommendations
-
-* A spare machine (e.g., an old desktop computer) with:
- * One or more SSDs with >100 GB of free space
- * 4+ CPU cores
- * 4GB+ of RAM
- * TrueNAS already installed
-* A domain name (optional, for encrypted clearnet connections)
-
-It's possible to undercut these recommendations, but please don't do that to yourself.
-
-## What We Will Set Up
-
-All of these applications are optional. You can set up nearly any combination of these. For example, you can skip just the I2P app if you don't plan to use I2P.
-
-| Software | Description | Purpose |
-| -------- | -------- | -------- |
-| Arti | A [Tor](https://www.privacyguides.org/en/advanced/tor-overview) client written in Rust. | Connect to Tor nodes, broadcast transactions over Tor, and connect to TrueNAS apps over Tor. |
-| Java I2P | The officially distributed app to connect to the [I2P network](https://www.privacyguides.org/en/alternative-networks/#i2p-the-invisible-internet-project). | Connect to I2P nodes, broadcast transactions over I2P, and connect to TrueNAS apps over I2P. |
-| Monero Node | The officially distributed app for communicating with the Monero network. | The app provides the necessary information to send and receive Monero transactions. Most wallets (including the official Monero wallets and Cake Wallet) connect to Monero nodes. |
-| Monero-LWS | A "**L**ight**w**eight **S**erver" that allows "lightweight" wallets to send and receive Monero transactions. | Lightweight Monero wallet apps (including Edge Wallet and MyMonero) can connect to this server so that the wallet itself does not need to scan/sync Monero history; the server handles this scanning/syncing. |
-
-## Configure TrueNAS Storage
-
-We will configure storage for the Monero blockchain, and we will use default storage settings for other purposes. If you are an advanced user, you can configure the storage yourself.
-
-### Create a Monero Pool
-
-In TrueNAS, a pool is a collection of hard drives for a specific use-case. For simplicity, we will configure the entirety of a single SSD for Monero's use.
-
-1. Click **Storage**.
-2. Click **Create Pool**.
-3. Type `monero-pool` for the name. Leave encryption disabled (this will only store public blockchain data). Click **Next**.
-4. Choose the layout that you will be using. We will pick **Stripe** in this guide.
-5. Select the entire storage space for the SSD. Click **Next**.
-6. Skip all the remaining options for metadata, log, cache, spare, and dedup. Keep clicking **Next**.
-7. Finish creating the pool by clicking **Create Pool**.
-
-### Create a Monero Dataset
-
-A dataset is effectively a folder inside a pool. We will make one folder for the Monero blockchain data:
-
-1. Click **Datasets**.
-2. Click on the `monero-pool` pool.
-3. Click **Add Dataset**.
-4. Set the name to `monero-blockchain`
-5. Set the dataset preset to **Apps**.
-6. Click **Save**.
-
-
-
-Next, we will assign the ownership of that folder to the `apps` user:
-
-1. While the `monero-blockchain` dataset is selected, click **Edit** under Permissions.
-2. At the top, change the **Owner** and **Owner Group** from `root` to `apps`.
-3. Check the boxes for **Apply Owner** and **Apply Group**.
-4. Check **Apply permissions recursively**.
-5. Click **Save Access Control List**.
-
-
-
-## Configure Arti (Tor)
-
-
-
Experimental software
-
-Arti is experimental software. At the time of writing, Arti should not be used for privacy-critical applications. Connecting to your own Monero node is "low risk" in most circumstances. However, if you have very sensitive requirements you should not use Arti until it has been tested further by the community. By using Arti today, you are helping to make Arti better!
-
-
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Arti`. Click on the **Arti** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Hidden Services**, click **Add**. For each of the functions below that you want to support, create a new hidden service:
- 1. Monero Node (for incoming P2P connections)
- 1. Name: `monerodp2p`
- 2. App Port: `18084`
- 3. Hidden Service Port: `18084`
- 2. Monero Node (for incoming RPC (wallet) connections)
- 1. Name: `monerodrpc`
- 2. App Port: `18089`
- 3. Hidden Service Port: `18089`
- 3. Monero LWS
- 1. Name: `monerolws`
- 2. App Port: `18090`
- 3. Hidden Service Port: `18090`
-6. Leave the other settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, click on the shell icon under Workloads and to the right of `arti – Running` (not `config` or `perms`).
-
-
-
-In the shell, type the command `arti hss --nickname monerodp2p onion-address`. This will return a string that ends in `.onion`. In notepad, Excel, or another app, save the `.onion` address and the service it is associated with (`monerodp2p`). You might need to copy from the shell with ++ctrl+ins++.
-
-
-
-Do this again for the following two commands as well:
-
-```console
-arti hss --nickname monerodrpc onion-address
-arti hss --nickname monerolws onion-address
-```
-
-You should have three saved and unique `.onion` addresses.
-
-## Configure I2P
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `I2P`. Click on the **I2P** app.
-4. Click **Install**. This will pull up a form.
-5. Change the **Port Bind Mode** for **I2P HTTP Proxy Port** to `None`.
-6. Change the **Port Bind Mode** for **I2P HTTPS Proxy Port** to `None`.
-7. To the right of **Additional Ports**, click **Add**.
-8. In the newly exposed fields, set the Port Number as `4447`.
-9. In the same newly exposed fields, set the Container Port as `4447`.
-10. Leave the other settings as default. Click **Install**.
-
-
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, open a browser and direct it to the I2P configuration wizard. This is available at `:7657`, for example `192.168.1.100:7657`.
-
-Complete the initial I2P wizard using the default settings.
-
-### Create I2P SOCKS Proxy
-
-1. Click **Local Tunnels**.
-2. Click on the I2P HTTP Proxy.
-3. Uncheck **Automatically start tunnel when router starts**.
-4. Click **Save**.
-5. To the right of the I2P HTTP Proxy, click **Stop**.
-6. Click on the I2P HTTPS Proxy.
-7. Uncheck **Automatically start tunnel when router starts**.
-8. Click **Save**.
-9. To the right of the I2P HTTP Proxy, click **Stop**.
-10. At the bottom and to the right of **New client tunnel:**, change the type in the dropdown from `Standard` to `SOCKS 4/4a/5` and click **Create**.
- 1. Set the name as `monerod`.
- 2. Check **Automatically start tunnel when router starts**.
- 3. Set the Access Point **Port** to `4447`.
- 4. Set **Reachable by** to `0.0.0.0`.
- 5. Click **Save**.
-
-### Create I2P Hidden Services
-
-There is an optional step below to reduce the hidden service tunnel length from the default of 3 to 1. This will substantially increase the reliability of the server at the cost of anonymity.
-
-However, the server's connection to the I2P network for connecting to Monero wallets and the rest of the Monero network is typically not sensitive, unless you want to completely conceal that you are running a Monero node. Thus, most users will prefer the higher performance of the shorter tunnel length.
-
-We do not recommend shortening the tunnel lengths for the I2P SOCKS Proxy (in the previous section above) on the other hand, since transaction broadcasts tend to be sensitive.
-
-1. Under **I2P Hidden Services** and to the right of **New hidden service:**, change the type in the dropdown from `HTTP` to `Standard` and click **Create**.
- 1. Set the name as `monerodp2p`.
- 2. Check **Automatically start tunnel when router starts**.
- 3. Set the target host as the server's hostname, for example `192.168.1.100`.
- 4. Set the target port as `18085`.
- 5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
- 6. Click **Save**.
-2. Create another `Standard` hidden service.
- 1. Set the name as `monerodrpc`.
- 2. Check **Automatically start tunnel when router starts**.
- 3. Set the target host as the server's hostname, for example `192.168.1.100`.
- 4. Set the target port as `18089`.
- 5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
- 6. Click **Save**.
-3. Create another `Standard` hidden service.
- 1. Set the name as `monerolws`.
- 2. Check **Automatically start tunnel when router starts**.
- 3. Set the target host as the server's hostname, for example `192.168.1.100`.
- 4. Set the target port as `18090`.
- 5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
- 6. Click **Save**.
-
-You will see the three I2P Hidden Services that you configured. Under each, you will see a `.b32.i2p` address after **Destination:**. You will need to use the destination `.b32.i2p` addresses in later steps (just like the `.onion` addresses), so keep them handy.
-
-
-
-## Configure Monero Node
-
-### Initial Setup
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero Node`. Click on the **Monero Node** app.
-4. Click **Install**. This will pull up a form.
-5. *Optional:* Uncheck **Prune the blockchain**. This will use significantly more storage.
-6. Under **Storage Configuration** and **Blockchain storage location**, change the **Type** from `ixVolume` to `Host Path`.
-7. Under **Host Path**, use the folder picker to select the `monero-blockchain` dataset. This should usually be `/mnt/monero-pool/monero-blockchain`.
-8. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the node sync faster.
-9. Leave the other settings as default. Click **Install**.
-
-#### Why not configure Tor and I2P settings to begin with?
-
-Some users may be sensitive to a privacy risk where your Tor and I2P addresses could be matched with your public IPV4 address while it is syncing. By waiting to configure these settings until after your node is already fully synced, we minimize this risk.
-
-### Check on the Sync Status
-
-It will take a day or more for most systems to fully sync the Monero blockchain from scratch.
-
-To check the status, go to the app page and click on the `monerod` app. Under Workloads and to the right of `monerod – Running`, click on the shell icon.
-
-
-
-Type `monerod status` and press enter.
-
-If the status reports `Height: ####/#### (100.0%) on mainnet`, then your node is fully synced. You can proceed to the next step.
-
-
-
-### Add Tor and I2P
-
-After your Monero node is fully synced, click on the `monerod` app and then click **Edit**. This will bring up the same form that you configured when installing the app.
-
-1. Check **Enable Tor connections**.
-2. Set the **Tor IP** as your hostname, for example `192.168.1.100`.
-3. Set the **Tor port** as `9150`.
-4. Check **Enable inbound Tor connections**.
-5. Set the **Inbound onion address** as the `.onion` address for `monerodp2p` that you observed earlier.
-6. Check **Enable inbound I2P connections**.
-7. Set the **I2P IP** as your hostname, for example `192.168.1.100`.
-8. Set the **I2P Port** as `4447`.
-9. Check **Enable inbound I2P connections**.
-10. Set the **Inbound I2P base32 address** as the `.b32.i2p` address for `monerodp2p` that you observed earlier.
-11. If you wish to enable Monero LWS, under **ZMQ RPC Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-12. If you wish to enable Monero LWS, under **ZMQ Pub Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-13. Under **Tor inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-14. Under **I2P inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-15. Click **Update**.
-
-
-
-## Configure Monero LWS
-
-For security reasons, the Monero LWS app only accepts requests from allowlisted Monero addresses. Requests from other users will be rejected.
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero LWS`. Click on the **Monero LWS** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Accounts**, you can add sets of allowlisted Monero wallets that will be supported by this server. Click **Add** to add a wallet. For each wallet, include the `Address`, `View Key`, and `Restore Height`. If a restore height is not provided, it will scan the entire blockchain (which is thorough but inefficient).
-6. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the server scan multiple wallets faster.
-7. After you have added all the wallets, click **Install**.
-
-You can add new Monero wallets in the future by adding them to the list of accounts.
-
-## Configure Secure Clearnet Connections
-
-It is insecure to connect your wallet to your server over an unencrypted connection.
-
-If you only configure your wallet to connect to your server over its I2P or Tor addresses, then you're all set. The connection is already encrypted.
-
-There are different ways to connect to your node over an encrypted clearnet connection, each with their pros and cons:
-
-| Method | Pros | Cons |
-| --- | --- | --- |
-| Tor | No additional configuration necessary. Private. Secure. Reliable. | Slow for non-LWS wallets. |
-| I2P | No additional configuration necessary. Private. Secure. | Slow. Unreliable. |
-| Nginx Proxy Manager | High degree of user control. Secure. Reliable. Fast. | Requires a domain. Requires configuration. |
-| Cloudflare Tunnels | Secure. Reliable. Fast. Easy to set up. Extra security settings. | Requires a domain. Decrypted traffic is shared with Cloudflare. |
-
-### Nginx Proxy Manager (Recommended)
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Nginx Proxy Manager`. Click on the **Nginx Proxy Manager** app.
-4. Click **Install**. This will pull up a form.
-5. Leave the settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Nginx Proxy Manager app shows the status as **Running**, open a browser to `:30020`, for example `192.168.1.100:30020`.
-
-#### Configure Your Domain and Router
-
-You will need to create A and (optionally) AAAA records with your DNS provider that point to your public IPV4 and IPV6 IP addresses, respectively. You will then need to forward the ports in your router to your TrueNAS hostname. These steps are out of scope for this guide.
-
-#### Add Proxy Hosts to Nginx Proxy Manager
-
-From the Nginx Proxy Manager browser interface, click **Hosts**, **Proxy Hosts**, then **Add Proxy Host**. We recommend creating proxy hosts as follows:
-
-| Domain Name | Scheme | Forward Hostname / IP | Forward Port |
-| --- | --- | --- | --- |
-| `monerod-rpc.` | `http` | `` | `18089` |
-| `monero-lws.` | `http` | `` | `18090` |
-
-For each entry, enable **Block common exploits**. Configure the SSL settings with **Request a new SSL Certificate**, **Force SSL** enabled, and **HTTP/2 Support** enabled.
-
-Optionally assign an access list.
-
-You should now be able to access these services using your domain!
-
-## A Note About Clearnet Networking
-
-Making clearnet connections without encryption (without SSL/TLS) is insecure. This guide uses the Nginx Proxy Manager app to configure these secure connections, but you can alternatively use another approach such as Cloudflare Tunnels, Tailscale, or WireGuard.
-
-## What About Bitcoin?
-
-Bitcoin is not recommended by Privacy Guides due to its very weak privacy properties by default. Nevertheless, MAGIC Grants has made several Bitcoin oriented applications in the TrueNAS store that you may benefit from if you need to use Bitcoin.
-
-## Test Connections
-
-We will test connections to our node over Tor using [Cake Wallet](https://cakewallet.com), [Edge Wallet](https://edge.app), and [Orbot](https://orbot.app). Make sure you have these apps installed and already have Monero wallets set up.
-
-Use **Full Device VPN** mode with Orbot for this guide.
-
-### Test with Cake Wallet
-
-Cake Wallet will connect to your Monero node. Follow [these steps](https://docs.cakewallet.com/features/advanced/tor-with-orbot/#switch-back-to-cake-wallet) to change the Monero node that Cake Wallet uses. Provide your `monerodrpc` onion address for the Monero Node app as the node address, `18089` as the port, no username, no password, and **Use SSL** unchecked.
-
-You should see a green dot next to this newly added node, and you should notice that your wallet is able to sync. Syncing performance to a Monero node over Tor is slow.
-
-### Test with Edge Wallet
-
-Edge Wallet will connect to your Monero-LWS server. In Edge Wallet, click on the upper right hamburger menu, then **Settings**, then **Asset Settings**, then **Monero**. Select **Custom Light Wallet Server** and provide your `monerolws` onion address with the port. For example, `http://monerolws.onion:18090`, replacing `monerolws.onion` with your correct onion address.
-
-Back in the main wallet overview, you should see that your Monero wallet is fully synced.
diff --git a/blog/posts/privacy-guides-hires-three-staff-members.md b/blog/posts/privacy-guides-hires-three-staff-members.md
index acb9cd95..ea14399d 100644
--- a/blog/posts/privacy-guides-hires-three-staff-members.md
+++ b/blog/posts/privacy-guides-hires-three-staff-members.md
@@ -17,7 +17,7 @@ At Privacy Guides, we are always looking for ways to be more effective at our mi
## Em – Journalist
-{ align=right }
+{ align=right }
We’re excited to welcome Em (she/her), our new journalist, who will play an important role in taking our [articles](https://www.privacyguides.org/articles/) to the next level. She will be focusing on creating in-depth, interesting posts that explore the most important topics in the world of online privacy, security, and digital rights. Em will also conduct interviews with experts in the industry, analyze reports and studies, and produce investigative news stories to keep our readers informed.
diff --git a/blog/posts/privacy-means-safety.md b/blog/posts/privacy-means-safety.md
index c0eaf7a1..8b142afd 100644
--- a/blog/posts/privacy-means-safety.md
+++ b/blog/posts/privacy-means-safety.md
@@ -155,7 +155,7 @@ The 26-year-old American who incorrectly identified the Australian girl and shar
### Targeted research, attack, and spyware
-For targeted attacks, aggressors will often use simple techniques to find a victim's data from what is already leaked online or openly shared on social media. For more sophisticated attacks, perpetrators might use criminal methods such as impersonation for [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). When attackers have more resources, such as state-backed attackers, more sophisticated processes might be used, like device infection with [NSO Group's spyware](https://citizenlab.ca/tag/nso-group).
+For targeted attacks, aggressors will often use simple techniques to find a victim's data from what is already leaked online, or openly shared on social media. For more sophisticated attacks, perpetrators might use criminal methods such as impersonation for [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). When attackers have more resources, such as a state-backed attackers, more sophisticated processes might be used, like device infection with [NSO Group's spyware](https://citizenlab.ca/tag/nso-group/).
### Maliciously stolen or negligently leaked
diff --git a/blog/posts/privacy-pass.md b/blog/posts/privacy-pass.md
deleted file mode 100644
index d4639197..00000000
--- a/blog/posts/privacy-pass.md
+++ /dev/null
@@ -1,245 +0,0 @@
----
-date:
- created: 2025-04-21T17:30:00Z
-categories:
- - Explainers
-authors:
- - fria
-tags:
- - Privacy Pass
-license: BY-SA
-schema_type: BackgroundNewsArticle
-description: |
- Privacy Pass is a new way to privately authenticate with a service. Let's look at how it could change the way we use services.
----
-# Privacy Pass: The New Protocol for Private Authentication
-
-
-
-Background Image: Thomas Ensley / Unsplash
-
-Services that require authentication can correlate your activity on that service with your account, and that account is normally linked with payment information that could potentially link back to your real identity. With the Privacy Pass protocol, it doesn't have to be that way.
-
-## History
-
-The story of Privacy Pass begins with a [paper](https://dl.acm.org/doi/pdf/10.1145/4372.4373) by David Chaum from 1985 (he actually has an earlier paper from [1982](https://chaum.com/wp-content/uploads/2022/02/chaum_dissertation.pdf), but I'll be referencing this one), in which he laments the ever-increasing data collection by companies and government agencies.
-
-It's funny that all the way back in 1985 he talks about the same issues we deal with today: persistent identifiers tied to our real identity for transactions, government IDs, etc.
-
-Chaum proposes three solutions to the state of affairs he describes.
-
-### Pseudorandom Identifiers
-
-Instead of persistent identifiers like we now have with our government IDs, credit cards, etc., Chaum suggests randomly generated identifiers. For example, you could have a one-time unique identifier for each transaction at a shop.
-
-For ongoing relationships such as a bank, you can use a single pseudorandom identifier for that organization that you use continuously.
-
-### Card Computers
-
-One of the more quaint ideas in the paper is the idea of a small "card computer" on which you would perform transactions. Chaum's theoretical device resembles "a credit-card-sized calculator, and [includes] a character display, keyboard, and a limited distance communication capability (like that of a television remote control)".
-
-Nowadays, we carry around credit-card sized computers like it's nothing. The secret "card number" he describes would probably be your device PIN or even biometric authentication, which are already used to authenticate transactions.
-
-We still haven't *quite* reached Chaum's vision yet in some areas. His idea is for these "card computers" to fully replace ATMs and checkout terminals in stores. Essentially, he wants all transactions to be online transactions, with something like Apple Pay or Google Pay on your device mediating the transaction and using your device PIN to prevent fraudulent transactions.
-Making all transactions online transactions is an interesting idea. I think most people can share in the frustration of dealing with checkout terminals, especially the self-checkout ones with cameras pointed at your face.
-
-We're still falling short in a major area though.
-
-> card computers could be purchased or constructed just like any other personal computer, and would have no secrets from or structures unmodifiable by their owners.
-
-Current smartphones are non-upgradeable by their owners and can't be built from scratch like a desktop computer can. They also contain lots of black-box proprietary code. Even a Google Pixel, the gold standard of Android smartphone freedom that allows you to install your own operating system securely, still suffers from the same pitfalls.
-
-### Cryptography
-
-How do we ensure the pseudonyms can't be linked together? We already use cryptography to protect our communications. Chaum presents ways to similarly protect unlinkability using cryptography:
-
-> Simple mathematical proofs show that, with appropriate use of the systems, even conspiracy of all organizations and tapping of all communication lines cannot yield enough information to link the pseudonyms-regardless of how clever the approach is or how much computation is expended.
-
-## Blind Signatures
-
-Digital signatures normally are used to ensure that something like a piece of software or a message comes from the original sender and hasn't been tampered with. You want to know who the signer is for this system to work.
-
-But what if the signer and the one sending a request are different? Say you have a membership to a hypothetical *PrivacyGuides+ subscription service*, and you want to authenticate with it, but don't want to identify yourself. That's where blind signatures come in.
-
-### How it Works
-
-You can imagine blind signatures like an envelope that's been wrapped in [carbon paper](https://en.wikipedia.org/wiki/Carbon_paper) with a window showing your pseudonym for that account, whether it be an account number, username, etc. They never see anything but the account identifier, or whatever they need to verify that you're a valid customer.
-The organization then signs it, indicating you're a valid customer, and you're allowed to access the service.
-
-Later, when you're presented with a request to authenticate as an active subscriber of PrivacyGuides+, you unwrap the envelope and discard it along with the carbon paper. You rewrap it in a new envelope with a window showing the signature and a different pseudonym, and the requester can then be sure that you're allowed to access PrivacyGuides+.
-
-
-
-Illustration: [David Chaum](https://dl.acm.org/doi/pdf/10.1145/4372.4373)
-
-This system relies on the same strong cryptography that tried and true systems use, with the difference being the unlinkability between the credential issuer and the credential receiver.
-
-## Problems
-
-Services that don't require an account or payment to use are great; you can use them with Tor, clear your browser history, whatever you need to do to keep your activity private.
-
-But logging into an account completely invalidates all of that. Every time you log in or authenticate with a service, you have to identify yourself as the same person, linking all your previous activity together. Increasingly, we're asked to provide personal information in order to be able to use certain websites or services.
-
-### Linkability
-
-As long as you're logged into an account with a service, all your previous and current activity can be linked together, along with any data you provided such as an email address, payment information, etc.
-
-### Data Collection
-
-A lot of websites and services want to — [or are forced to](https://en.wikipedia.org/wiki/Social_media_age_verification_laws_in_the_United_States) — filter out users below a certain age.
-
-We're starting to see a rise in extremely privacy-invasive age verification systems such as submitting a government ID when you want to access a website or invasive facial scans.
-
-### Blocking VPN and Tor Users
-
-Bots are a rampant problem for online services, leading them to sometimes block non-residential IP addresses such as those used for commercial VPNs and Tor.
-
-### CAPTCHAs
-
-When VPN and Tor users aren't blocked, they often have to deal with annoying [CAPTCHAs](http://www.captcha.net) that take up your precious time and use invasive [fingerprinting](https://developers.google.com/recaptcha/docs/v3).
-
-CAPTCHAs aren't even particularly good at detecting bots. With advances in AI, [bots can solve CAPTCHAs better than humans can](https://arxiv.org/pdf/2307.12108).
-
-## Privacy Pass
-
-Several blind signature-based solutions are in various states, some being implemented but not widely used, some being proposed browser APIs, and some being IETF standards.
-
-The landscape is very confusing right now, so I'll try to elucidate what I've found.
-
-[Privacy Pass](https://privacypass.github.io) started out as an attempt at a privacy-preserving way to bypass CAPTCHAs.
-
-It started out and is still an extension that can be installed on the [Chrome](https://chromewebstore.google.com/detail/silk-privacy-pass-client/ajhmfdgkijocedmfjonnpjfojldioehi) or [Firefox](https://addons.mozilla.org/en-US/firefox/addon/privacy-pass/) extension store, but it's since expanded to become an [IETF standard](https://datatracker.ietf.org/wg/privacypass/about/).
-
-The Privacy Pass protocol has massively outgrown its original purpose. It's been updated to support multiple different schemes and purposes.
-
-There are three main roles that need to be played for the authentication mechanism to work. These can be filled by all the same party, by three separate parties, or any combination in between. You'll have increased privacy the more separation there is between each role, so ideally they should all be filled by different parties.
-
-### Origin
-
-The origin is the original website or service that's requesting a token for redemption. The client presents a valid token, or it must request more tokens.
-
-### Attester
-
-The attester is responsible for verifying something about the client. There are several ways it can achieve this, and it can use multiple at the same time if desired.
-
-#### CAPTCHA
-
-The attester can make the client solve a CAPTCHA to prove that it's not a bot. Not the most elegant solution but solving one CAPTCHA instead of multiple is preferable.
-
-#### Client State
-
-The attester can verify something about the client's state like the geographic location, whether the client has a valid account, or the number of issuance protocol invocations.
-
-#### Trusted Device
-
-If your client is running on hardware that's capable of producing device-level attestation, like a device with a secure element, then it can use that to verify that the device is trusted.
-
-For example, in Apple's Private Access Token implementation, they use certificates stored in the Secure Enclave and verify that your Apple account is in good standing.
-
-### Issuer
-
-The issuer is responsible for issuing tokens in response to requests from clients.
-
-The client presents tokens to the Origin once they're provided by the issuer.
-
-
-
-Illustration: [Cloudflare](https://blog.cloudflare.com/eliminating-captchas-on-iphones-and-macs-using-new-standard/)
-
-The tokens need to identify which issuers are trusted.
-
-They can also be interactive or non-interactive. Interactive means that you need a fresh token based on the challenge, whereas a non-interactive token can be stored for later use.
-
-Tokens can also be constrained to one specific Origin, or they can be used across Origins.
-
-### Private State Tokens
-
-[Private State Tokens](https://developers.google.com/privacy-sandbox/protections/private-state-tokens) (PSTs) are a [proposed browser API](https://github.com/WICG/trust-token-api) by Google as part of their [Privacy Sandbox](https://developers.google.com/privacy-sandbox). They're based on the Privacy Pass protocol.
-
-The main benefit of PSTs is that they provide a secure place for websites to store their tokens so that you don't need a separate extension for every service.
-
-A browser-level API, I imagine, would significantly reduce the development burden of browser-based services looking to implement Privacy Pass, but it would leave non-browser apps like VPNs high and dry.
-
-### Private Access Tokens
-
-[Private Access Tokens](https://blog.cloudflare.com/eliminating-captchas-on-iphones-and-macs-using-new-standard/) are based on Privacy Pass as well, but they don't seem to be specifically bound to the browser.
-
-It's unclear to me what really makes Private Access Tokens different from Privacy Pass itself, other than that Private Access Tokens seem to call for separation of the Attester and Issuer while Privacy Pass allows the origin, attester, and issuer to be the same. Delegating each role to a different party adds extra privacy.
-
-The origin website only knows your URL and IP from the initial connection.
-
-The attester only knows the data needed to verify you as a valid user.
-
-The issuer knows the site you visited, but doesn't know any of your device information that the attester used to verify you.
-
-### Kagi
-
-There are scant services actively using Privacy Pass to authenticate users, but a recent and very exciting example is [Kagi](https://blog.kagi.com/kagi-privacy-pass).
-
-With their implementation, you can now install their extension for [Firefox](https://addons.mozilla.org/en-US/firefox/addon/kagi-privacy-pass/) and [Chrome](https://chromewebstore.google.com/detail/kagi-search/cdglnehniifkbagbbombnjghhcihifij). Safari isn't supported at the moment, but their [Orion](https://chromewebstore.google.com/detail/kagi-search/cdglnehniifkbagbbombnjghhcihifij) browser supports it and is WebKit-based.
-
-The need for an extension and lack of support for some platforms highlights the need for widespread support for Privacy Pass in browsers and platforms. It's not reasonable to expect every single platform to implement Privacy Pass themselves and users likely don't want to install a separate extension for every platform either.
-
-That said, I applaud Kagi for their efforts. They went above and beyond to protect their users' privacy. A few notes for future improvements, though.
-
-#### No Account Requirement
-
-Currently, Kagi requires an account in order to use it. Although they allow you to put in a fake email address on account creation since they don't [check it](https://kagifeedback.org/d/3813-enable-anonymous-registration-no-email/16), it's still a persistent identifier that could be eliminated.
-
-Their announcement blog post states that the ability to use Kagi fully without an account is a possibility for the future with an invitation to request the feature on their [forum](https://kagifeedback.org/d/6163-kagi-privacy-pass), so feel free to add your voice. A fully accountless search engine that doesn't rely on ads would be great to see.
-
-#### Separation of Origin, Attester, Issuer
-
-Kagi uses the [Shared Origin, Attester, Issuer](https://www.ietf.org/archive/id/draft-ietf-privacypass-architecture-03.html?_fsi=jKxFixnl#section-4.1) model for their implementation, which leaves the possibility of data being correlated between each step of the process, such as device fingerprinting or IP address being used to correlate a user who is issued tokens with when they redeem them.
-
-Kagi's onion service helps to mitigate this issue, but I think it would be a significant privacy improvement to separate all three entities.
-
-#### Remove Requirement for an Extension
-
-Having to install an extension is annoying as an end user and surely incurs some development cost in both the initial development and upkeep over time. I'm not sure how it would be possible to get rid of the extension as it seems like there's no good way to do so at the moment, but I'm hopeful that the Private State Token API could be used for that in the future if it ever gets fully standardized as a browser API.
-
-## Future Possibilities
-
-Overall, Privacy Pass is an exciting standard that is already improving the privacy of users on a wide scale.
-
-### Easier Adoption
-
-However, for widespread adoption of anonymous authentication for all online services, there needs to be an easier way for developers to implement it. I see Private State Tokens and Private Access Tokens as paths toward that goal, but they have their own limitations.
-
-Private State Tokens seem to be restricted to browsers, which is mostly fine since so many online services are accessed through the browser. It does put services like VPNs that operate outside the browser in a tight spot though.
-
-Private Access Tokens seem like a possible solution for device-wide Privacy Pass authentication, but the only place I've seen them implemented is in Apple's operating systems to identify users as real iOS or macOS users. I'd like to see wider adoption for more use cases than just that. It's unclear what the vision for Private Access Tokens is for the moment.
-
-### Carriers
-
-One of the biggest and most privacy-invasive services is mobile carriers. They take lots of personal information when you sign up, and then you have permanent identifiers, both IMSI identifying you as a subscriber and IMEI identifying your device, tied to that information while you use it. Because of how the cell network works, they also can tie that information to your physical location and all the traffic you send through their network.
-
-[Cape](https://www.cape.co/research) is a privacy-focused carrier that says they're "studying the use of blinded tokens and zero-knowledge proofs to disaggregate subscriber information." This would have a massive impact on user privacy, possibly allowing a KYC'd mobile subscriber to use their carrier at least semi-anonymously (it's unclear how IMSI and IMEI fit into this scheme, as well as location information).
-
-### VPNs
-
-Commercial VPNs typically require some kind of account identifier, even if it's just a randomized number.
-
-Apple's iCloud Private Relay uses RSA blind signatures to anonymously authenticate users to each of the two hops.
-
-Google's former [VPN](https://www.gstatic.com/vpn/google_vpn_white_paper.pdf) service also used blind signatures to protect users.
-
-
-
-Image: [Google](https://www.gstatic.com/vpn/google_vpn_white_paper.pdf)
-
-Hopefully we can see more VPN companies start to use Privacy Pass to authenticate users, I think it would be a massive improvement to user privacy.
-
-### Digital Cash
-
-Part of Chaum's vision was anonymous digital transactions using blind signatures, which he made a reality with his company [DigiCash](https://chaum.com/wp-content/uploads/2022/01/05-27-94-World_s-first-electronic-cash-payment-over-computer-networks.pdf).
-
-For whatever reason, *eCash*, as it was called, never caught on and the company filed for bankruptcy in 1998. We're left with the terrible current system where you need to input your credit card and personal information in order to make a transaction, which is easily traceable back to you. Not to mention the security implications, [credit card fraud](https://www.security.org/digital-safety/credit-card-fraud-report/) is rampant today.
-
-The dream isn't dead, however. Chaum's [eCash 2.0](https://chaum.com/ecash-2-0/) is quantum-resistant and has been built and tested in the Bank for International Settlements' [Project Tourbillon](https://www.bis.org/about/bisih/topics/cbdc/tourbillon.htm).
-
-### Digital ID
-
-Laws are being passed forcing 18+ websites and even [app stores](https://thehill.com/policy/technology/5179865-utah-app-store-age-verification-law/) to collect verify the ID of users. This is a massive slap in the face to the privacy and security of everyone. Data breaches and tracking are inevitable under the current system.
-
-Blind signatures could provide a private and secure way to verify age or other information without having to submit your entire ID or submit invasive face scans.
diff --git a/blog/posts/private-european-alternatives.md b/blog/posts/private-european-alternatives.md
index 3a88efd7..fb0b2648 100644
--- a/blog/posts/private-european-alternatives.md
+++ b/blog/posts/private-european-alternatives.md
@@ -226,7 +226,7 @@ Element is based in the United Kingdom, which is of course no longer in the Euro
-{ align=right }
+{ align=right }
**Element** is the flagship client for the [Matrix](https://matrix.org/docs/chat_basics/matrix-for-im) protocol, an [open standard](https://spec.matrix.org/latest) for secure decentralized real-time communication.
diff --git a/blog/posts/queer-dating-apps-beware-who-you-trust.md b/blog/posts/queer-dating-apps-beware-who-you-trust.md
deleted file mode 100644
index b0ab7d13..00000000
--- a/blog/posts/queer-dating-apps-beware-who-you-trust.md
+++ /dev/null
@@ -1,572 +0,0 @@
----
-date:
- created: 2025-06-24T21:00:00Z
-categories:
- - News
-tags:
- - Pride Month
-authors:
- - em
-description: At the intersection of data privacy and LGBTQ+ experiences, it's inevitable to talk about queer dating apps. Unfortunately, most are horrible for data privacy.
-schema_type: AnalysisNewsArticle
-preview:
- cover: blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp
----
-
-# Queer Dating Apps: Beware Who You Trust With Your Intimate Data
-
-
-
-Illustration: Em / Privacy Guides | Photo: Surasak Ch / Unsplash
-
-When discussing the intersection of data privacy and LGBTQ+ experiences, it's inevitable to also talk about queer dating apps. Due to a smaller percentage of the population and a number of factors complicating in-person dating, people part of the queer community are more likely to seek online platforms to meet lovers and friends. Unfortunately, using queer dating apps can be very dangerous for privacy, and even for safety.
-
-Dating apps are generally horrible for everyone's privacy, but the queer population is at an even higher risk of harm due to discrimination, and even [criminalization in certain regions](https://www.humandignitytrust.org/lgbt-the-law/map-of-criminalisation/).
-
-Despite the risks, LGBTQ+ people still need to fulfill their social and romantic needs like anyone else.
-
-This isn't an easy task outside the online realm either. Discrimination can be much worse in physical environments that aren't specifically catering to the queer community. In some regions, this can even mean a greater risk of physical aggression.
-
-LGBTQ+ people aren't necessarily safe to date in the same ways cisgender heterosexual people are, increasing the need for safe spaces.
-
-Another important factor is that a smaller percentage of the population necessarily creates a smaller dating pool. Even if someone were to avoid entirely online services, if they aren't located in a town large enough to host LGBTQ+ venues and events, or if they live in an environment where revealing their queer identity could be unsafe to them, online spaces might be their only viable option to [find connections](stay-safe-but-stay-connected.md).
-
-Sadly, this isn't ideal. In today's world, it seems very few services (if any) are considering the importance of data privacy for dating apps seriously enough.
-
-For this reason, it is crucial to acknowledge the dangers, and learn about ways to minimize the risks, and to stay safe while looking for romantic or sexual partners online.
-
-## Dating apps are horrible for data privacy
-
-Unfortunately, whether it's dating apps catering to everyone or to a narrower segment of the population, they are pretty much *all horrible for data privacy*.
-
-Some apps might be worse than others, but at this time, there are no good, largely used, *and* privacy-respectful dating apps.
-
-Due to the nature of dating apps, a major problem is that any dating app will unavoidably collect at least some of very sensitive personal data. This can include photos, intimate photos, sexual preferences, intimate conversations, detailed physical descriptions, and likely much more.
-
-Because of this, a good privacy-respectful dating app would need to implement considerably stronger protections for this data, and obviously not share it with any third party. Regrettably, this isn't what is happening *at all*.
-
-### They collect very sensitive information, legally and illegally
-
-Necessarily, most dating apps will collect *at minimum* a nickname, email, photo, and descriptions of your personality and physical appearance. But, the majority of apps do not stop there.
-
-Most dating apps also collect your location, IP address, and phone number (a strong quasi-static identifier that can be linked to your other accounts and legal identity).
-
-Then, you might upload additional sensitive information, such as a detailed physical description, detailed personality description, health condition, religion, political views, sexual preferences, and even intimate photos in private chats. All this information is collected and stored by the dating app, and maybe even shared with third parties.
-
-According to a [report from Mozilla](https://www.mozillafoundation.org/en/privacynotincluded/articles/data-hungry-dating-apps-are-worse-than-ever-for-your-privacy/), about 25% of apps also collect metadata on uploaded content. This means that if you do not [remove metadata](https://www.privacyguides.org/en/data-redaction/) from your photos and videos (or other file types) before uploading them, the dating app could collect it. This can include very precise information on where and when a photo or video was taken, for example.
-
-Additionally, dating apps can collect a scandalous amount of information from your social media accounts if you use them to sign up with the app. Already in 2017 (this is likely much worse 8 years later into surveillance capitalism), The Guardian journalist Judith Duportail [reported](https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold) on her experience with Tinder after requesting a copy of her account data. Tinder had kept 800 pages of information on her, including Facebook likes, number of Facebook friends, Instagram photo links, ages of men she was interested in, and so on. From her experience she wrote:
-
-> What will happen if this treasure trove of data gets hacked, is made public or simply bought by another company? I can almost feel the shame I would experience.
-
-She is not alone in this. Every dating-app user is at risk of having their intimate data exposed if their account or the app's servers gets hacked, or if the company otherwise leaks or shares their data.
-
-Tragically, data breaches and companies acquisitions aren't rare occurrences. It's more a matter of "when" than "if".
-
-#### Identity verification
-
-Moreover, many apps now require to "verify identity" by requesting users to submit a video selfie, official ID, or other means of verification.
-
-This practice is intrusive at best, and straight out *dangerous* at worst. Any verification practice requiring a piece of official ID or a facial scan has the potential of endangering this data, and increases the risk of a data leak exposing your intimate dating information while being strongly linked to your legal identity.
-
-No dating app should be requiring such sensitive information. Fighting bots and fake accounts isn't worth the risk this represents to users.
-
-#### Biometric data
-
-Even for users who might be careful to choose more privacy-respectful apps, or feel protected by stronger local legislation, trust can be broken.
-
-In 2024, Bumble and Badoo settled a [class action lawsuit](https://www.the-sun.com/money/12327292/bumble-settlement-badoo-payment/) for allegedly infringing the privacy rights of users residing in Illinois US, by violating the [Biometric Information Privacy Act](https://en.wikipedia.org/wiki/Biometric_Information_Privacy_Act) (BIPA). The complainants alleged the apps, both owned by Bumble Inc, were capturing and storing users' facial scan biometrics it extracted from profile's content without the users' consent.
-
-While users located in Illinois were entitled to financial compensation from the [settlement](https://topclassactions.com/lawsuit-settlements/closed-settlements/40m-bumble-badoo-bipa-class-action-settlement/), others located in regions with weaker local regulation didn't receive any compensation for this violation of their consent.
-
-#### Artificial intelligence features
-
-Finally, most dating services have now [integrated AI features in their platforms](https://www.platformer.news/grindr-ai-boyfriend-wingman-monetization-paid-taps/). This is dreadful for privacy.
-
-The problem with current AI features is that most will not just generate data but will also *collect* data. Once data is integrated into a model, it's incredibly difficult (if not impossible) to delete it later.
-
-Grindr's terms of service include a section specifying that, when using the platform, [you grant an irrevocable right to Grindr](https://www.grindr.com/terms-of-service) to "exploit Your User Content" to train "AI Technologies". **Your content is up for AI-grabs on Grindr.**
-
-Horrifyingly, most other dating apps aren't better.
-
-While other apps might be careful not to directly name "AI" or "training" in their terms of service, risking scaring users away, OkCupid, Hinge, and Plenty of Fish (all part of the Texas-based dating service conglomerate Match Group), describe a similar clause in their terms of service that could potentially include AI technologies training on users' content (if not already).
-
-For example, OkCupid specifies in clause 7 of their [Terms & Conditions](https://okcupid-app.zendesk.com/hc/en-us/articles/23941864418203-Terms-Conditions) (emphasis added for clarity):
-
-> By creating an account, **you grant to OkCupid a worldwide, perpetual, transferable**, sub-licensable, royalty-free **right and license to** host, store, use, copy, display, reproduce, adapt, edit, publish, translate, modify, reformat, **incorporate into other works, advertise, distribute and otherwise make available to the general public Your Content**, including any information you authorize us to access from Facebook or other third- party sources (if applicable), in whole or in part, and **in any way and in any format or medium currently known or developed in the future.** OkCupid's license to Your Content shall be non-exclusive, except that OkCupid's license shall be exclusive with respect to derivative works created through use of our Services. For example, **OkCupid would have an exclusive license to screenshots of our Services that include Your Content.**
-
-Of course "any medium developed in the future" could include AI technologies, and/or anything else.
-
-OkCupid has already integrated AI features in users' dating experience using OpenAI's ChatGPT for its services. Michael Kaye, OkCupid's head of communications, excitedly [told Mashable](https://mashable.com/article/okcupid-chatgpt-questions) that "daters who think ChatGPT is a lifesaver get almost 40 percent more Matches on OkCupid than those who think it's too big brother".
-
-Well, perhaps users who accurately think "it's too big brother" have simply already left the app...
-
-### They can expose legal identities
-
-Besides the data privacy dangers created by integrating AI features in dating apps, [identity and age verification is another growing problem](age-verification-wants-your-face.md).
-
-Unfortunately, it seems dating apps are more concerned with fighting fake accounts than protecting users' data, and are willing to sacrifice the latter for the former.
-
-Of course, this security measure is only theatrical. Criminals will easily go around identity verification systems, while the inevitable data breaches will endanger and harm all trustworthy users at once.
-
-#### Identity verification endangers the most vulnerable
-
-Each time a dating application asks for a video selfie or an official piece of ID to prove identity or age, this data risks getting leaked and stolen later.
-
-Moreover, requiring official IDs and face scans severely harm the most vulnerable users who need [protective practices to stay safe online](stay-safe-but-stay-connected.md/#practices-and-tools-that-help-in-various-contexts), for example by using a pseudonym. This is true for victims of domestic violence, victims of online stalking, as well as for the LGBTQ+ community.
-
-Exposed legal identities, particularly in conjunction with dating data, can lead to identity theft, online harassment, doxxing, non-consensual outing, extortion, loss of employment, arrest, and even sexual and physical violence.
-
-Pseudonymity can save lives online. Fighting pseudonymity isn't fighting crime, it's [fighting against the safety](https://journals.sagepub.com/doi/full/10.1177/17416590221111827) of the most vulnerable in our society.
-
-#### Biometric data and dystopian third party
-
-Continuing this horrifying trend, Match Group has announced this spring they are partnering with the [dystopian World App](sam-altman-wants-your-eyeball.md) to start testing age verification for Tinder in Japan. The World App generates unique identifiers based on biometric iris scan.
-
-If having to scan your official ID to continue using Tinder is *bad*, having to scan your eyeball from a questionable third party app is even *worse*.
-
-This practice will start for Tinder in Japan, but it's likely the verification process could be expanded to all users of Match Group apps in the near future. Soon, the only way to avoid having to share biometric data with the World App to continue using your favorite dating app could be to leave the app entirely.
-
-#### Payment information
-
-Finally, payment information can also create a link between your dating account and your legal identity.
-
-If you provide a credit card under your legal name to use a dating app, then this profile is inevitably linked to your legal identity.
-
-It's possible that some application *might* use third-party software to manage payments, and that this data *might* not leak associated with your dating profile. However, this depends on which payment services the dating app works with, and what the company's security practices are.
-
-### They sell users' data to data brokers
-
-Sadly, not only most dating apps collect *way too much data* they don't secure properly, but they also willingly share this data with data brokers.
-
-If you are not familiar with the [data broker industry](https://www.eff.org/deeplinks/2021/07/data-brokers-are-problem), data brokers are usually private for-profit companies that specialize in collecting personal information on everyone, using and scraping public records, social media accounts, various websites, other online sources, and any applications willing to work with them.
-
-They then make this information [available to anyone](https://gizmodo.com/alleged-minnesota-shooter-used-data-brokers-to-find-lawmakers-addresses-2000616975) for sale. They do not care about your consent nor your safety, at all.
-
-**Data brokers are the archenemy of privacy rights.**
-
-And yes, dating apps share your dating data with them. California's Privacy Protection Agency even uses dating apps in its [example](https://cppa.ca.gov/data_broker_registry/) for the Data Broker Registry it keeps:
-
-> For example, if a person signs up for a dating app, a data broker may buy all recent sign ups of that dating app from the app developer and sell the information to a gym that is looking to target potential new customers.
-
-The chosen example of a data broker selling dating app data to a gym is quite mild. As explained in the next section, [what actually happens](#hateful-groups-tracking-users) with this data if often much more grim.
-
-One type of data often [bought by data brokers](https://www.eff.org/issues/location-data-brokers) is location data. Location data can easily be used to precisely identify a user, a user's home address, a user's work address, a user's favorite venues, and a user's connections with others. **Many dating apps share location data.**
-
-In 2022, The Markup [published](https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker) the results of an investigation from a 2018-2019 sample dataset they obtained from the data broker X-Mode. The dataset compiled location data collected from 107 different apps, including the dating app Bro "for bi, gay, and open-minded men".
-
-While conducting research on apps from the Google app store in 2020, the Yale Privacy Lab uncovered several other queer dating apps selling data to X-Mode. At that time, the dating apps Wapo, Wapa, MEET MARKET, and FEM were all sharing users' location data with the same data broker.
-
-Replying to journalists, Bro App's founder confirmed that the company no longer shares users' location with X-Mode.
-
-But what other data and which other data brokers dating apps might be working with? How many other dating apps similarly share location data?
-
-Seven years after this dataset was examined, and in a world where data is being collected from users exponentially more, how many dating apps have simply normalized this practice entirely?
-
-This isn't a new problem, and this [isn't just about location data](https://www.vice.com/en/article/shady-data-brokers-are-selling-online-dating-profiles-by-the-millions/). But this problem is getting increasingly worse, and users must be properly informed on how their intimate data is used and shared.
-
-With the advancements in computer performance over the years, collecting and storing data is cheaper than ever. Corporations and governments alike are eager to access this data for advertising and surveillance purposes. The same is true for special interest and criminal groups of all kinds.
-
-**The data broker industry is thriving on exploiting our data without consent**, even in our most intimate activities.
-
-### They monetize data for advertising
-
-Data brokers and ad-tech companies are working together in similar ways to extract values from every data point they can find about you online. They feed each other in some sort of twisted exploitative synergy.
-
-Dating apps are working with them as well.
-
-In 2021, [Grindr was fined](https://www.bbc.com/news/technology-59651703) €6.5m by the Norwegian Data Protection Authority for sharing users' data without prior explicit consent. The data shared with advertisers included age, gender, advertising ID, IP address, GPS location, and the fact that someone used Grindr. This makes the data even more sensitive, potentially revealing a user's sexual orientation (which is a special category under the [GDPR Article 9](https://gdpr-info.eu/art-9-gdpr/)).
-
-Last year, Grindr was sued for allegations of [sharing users' HIV status](https://www.bbc.com/news/articles/cj7mxnvz42no) with advertisers, in violation of UK's data privacy laws. Two years before, Grindr was [reprimanded](https://ico.org.uk/media2/migrated/4023128/grindr-reprimand.pdf) by the UK's Information Commissioner's Office (ICO) for its data protection (mal)practices.
-
-In 2020, the CPO Magazine [reported](https://www.cpomagazine.com/data-privacy/many-of-the-major-dating-apps-are-leaking-personal-data-to-advertisers/) about tests conducted by the Norwegian Consumer Council that found some of the most popular dating apps sharing sensitive personal information with advertisers. Tinder, Grindr (again), and OkCupid were all found to share age, gender, device information, IP address, and GPS location with advertising and analytics platforms owned by Google, Facebook, Twitter (X), Amazon, and more.
-
-Worse, it was also found that some of these apps sometime shared users' data related to their sexual orientation and dating interests. OkCupid even shared users data related to drug use and political views.
-
-The same year, Tinder announced a partnership with the app Noonlight to implement a "panic button" feature to connect users with help in case of emergency. This seems great at first, but the problem is, it is yet another app that hasn't done its privacy homework properly to protect users. Gizmodo [found](https://gizmodo.com/tinders-new-panic-button-is-sharing-your-data-with-ad-t-1841184919) the partnering app was sharing users' data with major ad-tech businesses *every minute*, including with Facebook and Google.
-
-Even your safety is being monetized and shared with Facebook.
-
-### They don't safeguard data properly
-
-In addition to collecting and monetizing a *large* amount of very sensitive data on every user, many dating apps have the unfortunate tendency to not take securing this data seriously enough.
-
-Data breaches and leaks of all sorts are rampant with dating apps. Assume all data you upload there might become public, sooner than later. If you are not out publicly, be aware **a dating app data breach could out you against your will**.
-
-Here are a few examples of past incidents:
-
-- 2025: [Grindr, Tinder data breach](https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/?guccounter=1)
-
-- 2025: [Translove, Pink, Brish data leak](https://cybernews.com/security/ios-dating-apps-leak-private-photos/)
-
-- 2025: [Gay Daddy data leak](https://cybernews.com/security/gay-daddy-ios-app-exposes-users/)
-
-- 2025: [Raw data leak](https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information/)
-
-- 2025: [Headero data leak](https://beyondmachines.net/event_details/headero-dating-app-leaks-data-exposing-4-million-user-records-5-n-4-z-a/gD2P6Ple2L)
-
-- 2023: [Coffee Meets Bagel data breach](https://www.bleepingcomputer.com/news/security/coffee-meets-bagel-says-recent-outage-caused-by-destructive-cyberattack/)
-
-- 2023: [419 Dating, Meet You, Speed Dating App For American data leak](https://ciso.economictimes.indiatimes.com/news/data-breaches/dating-app-that-claims-50-million-users-suffer-data-breach/101910331)
-
-- 2021: [MeetMindful data breach](https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/)
-
-- 2019: [Coffee Meets Bagel data breach](https://www.independent.co.uk/tech/coffee-meets-bagel-dating-app-hack-a8781176.html)
-
-- 2019: [Heyyo data leak](https://www.zdnet.com/article/heyyo-dating-app-leaked-users-personal-data-photos-location-data-more/)
-
-- 2019: [MobiFriends data breach](https://www.infosecurity-magazine.com/news/data-breach-exposes-four-million/)
-
-These are only a few examples, and from all the examples of data exposure out there, it's important to remember these are likely only *a fraction* of the data breaches truly happening. The small fraction that actually gets detected and reported.
-
-While nothing is ever 100% secure, **application developers must do much more** to protect users data adequately.
-
-The constant news about data breaches and leaks is demonstrating how better security and better privacy is urgently needed, especially for such sensitive information.
-
-### They can make deleting data difficult
-
-One excellent practice every dating app should adopt is data minimization. Applications should only require users to *provide the absolute minimum* information necessary to run the service.
-
-Then, as soon as this data is no longer required, data should be *thoroughly and permanently deleted*. For example, data should be *thoroughly deleted* when a user deletes it on their end, officially requests to have their data or their account deleted, or when an account becomes inactive after a certain period of time.
-
-This practices greatly reduces the risk of data breaches and leaks, and releases the company from this legal responsibility. **You cannot endanger the data you do not have.**
-
-Every organization and software developer *should* follow the [wise advice](https://www.schneier.com/blog/archives/2016/03/data_is_a_toxic.html) from renown cryptographer Bruce Schneier, and treat data like it's a toxic asset.
-
-#### Data retention practices
-
-It's difficult to know for sure for how long certain dating apps retain data behind the scene. Many lack transparency about their data retention practices.
-
-Data retention periods should always be the shortest possible to provide the service. Sadly, many businesses might be tempted to retain it for much longer, especially in the age of AI-training datasets.
-
-#### Data deletion practices
-
-Additionally, not all dating apps have adopted proper data deletion practices.
-
-The ideal practice is to empower users to be able to delete the data they wish to delete from within their account (e.g. being able to delete one message or one conversation). But also, companies should provide an option to request a *complete* and *permanent* account and data deletion from within the account, *without requiring additional information* from a user, and without requiring to email the company.
-
-Many applications have implemented data deletion processes similar to the model described above to manage user's requests, but not all of them (yet).
-
-Of course, organizations *must* also follow through, and *properly* delete this data in the *backend* as well as in the frontend.
-
-This has important legal implications, because even for organizations lacking transparency and honesty, users could soon find out the truth in the next data breach. If the data was not fully deleted after a deletion request was made, this could have *severe* legal and financial consequences.
-
-#### Investigating an app's data deletion process *before* creating an account
-
-Unfortunately, some dating apps seem to have neglected this important process in their relationship with users.
-
-Some applications and services are requiring *more* data to submit a data deletion request than what was even required to create the account in the first place. **This is bad.**
-
-Despite being rated the best (or perhaps the "least bad") on [Mozilla's Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/), the queer dating app Lex seems to require users to fill a *Google Form* that mandates providing first and last name, date of birth, email, phone number, and even a *home address*. One of the form seems to imply an official piece of ID might also be required. This is *extremely* intrusive.
-
-Moreover, this practice would be directly sharing this personal information *with Google,* outing that this person (with this legal name, and at this home address) is queer and uses or used Lex.
-
-Google Forms aren't a private way to share sensitive data. This isn't a great data privacy practice, to say the least.
-
-It's also [unclear](https://help.lex.lgbt/article/69-how-can-i-delete-my-data) if Lex respond to data deletion requests from users located outside the protection of the GDPR (Europe) or the CCPA (California US) at all. Despite a number of regions worldwide benefiting from privacy laws granting rights similar to the [GDPR's Article 17](https://gdpr-info.eu/art-17-gdpr/).
-
-Even if you have been careful to provide only minimal information when creating your account, it seems a simple data deletion request once you are done using the app would require you to share all this *extremely sensitive and identifying information* with Lex (and Google!).
-
-At the time of this article's publication, Lex's current [privacy policy](https://help.lex.lgbt/article/51-privacy-policy) links to these two forms required from users to fill for [GDPR's Right to Erasure requests](https://docs.google.com/forms/d/e/1FAIpQLSdhK2fkBounO1PeN75s7OU0Ey1tmMpGEQYd9lD8EQWAH8DPKA/viewform) and [CCPA's Right to Delete requests](https://docs.google.com/forms/d/e/1FAIpQLScz7bDrVbjvB4uSiWjJky0JeePyv4Q-g3Cejz6pCCHiXlUEVw/viewform).
-
-It goes without saying that you shouldn't email a copy of your passport to anyone, and you should never have to provide *more* information than the app already has on you to get your data deleted. This is especially true if all the data mentioned above gets shared with a third-party advertising company like Google, through the use of Google Forms.
-
-Privacy Guides has reached out to Lex for clarification on its data deletion practices, but has not received any response at the time of this publication.
-
-Before creating an account with a dating app (or any other app for that matter), it's important to find information on what will be the process to delete your data and account once you are done with the app.
-
-That way, you can choose to only use applications that will thoroughly respect your privacy rights, and your rights to delete your own data.
-
-## Queer dating apps can be targeted
-
-At this time, almost all popular dating apps are *horrible* for data privacy. But queer dating apps (or queer people using any dating app) are especially vulnerable targets for malicious actors.
-
-Unfortunately, hateful groups, criminals, and even governments have been weaponizing dating apps to harass, exploit, arrest, or even attack queer people.
-
-Dating app companies are partly responsible for facilitating this harm by selling users' data to data brokers and advertisers, and by repeatedly missing opportunities for improvements to secure their users' data.
-
-Additionally, each time there is a new dating app data leak, whether from negligence, incompetence, greed, or malice, this leak risks [outing people against their will](importance-of-privacy-for-the-queer-community.md/#being-outed-against-ones-will). This alone can have devastating consequences, from feeling violated to getting arrested, or even killed.
-
-In Morocco, where being gay is still illegal, a social media influencer [asked](https://www.levantx.com/series-source/violence-in-lockdown-sofia-talouni-and-gay-male-outings-in-morocco-under-covid) people in 2020 to join dating apps to out gay men around them. This resulted in a violent online harassment campaign with many gay men being outed against their will, chased from their homes, shunned by their family, and horrifyingly even led to some suicides.
-
-Regrettably, even in countries where being queer is legal and generally accepted, [targeted harassment](privacy-means-safety.md/#trans-and-queer-activists) and attacks can happen.
-
-For people who aren't out publicly, data revealed about their dating life could potentially out them immediately. But even for people who are out publicly, making details about their dating life public could trigger online hate, targeted harassment, and endanger them in many ways.
-
-Queer dating apps have an even greater responsibility to protect their users' data.
-
-Data related to one's sexual orientation is categorized as especially sensitive information by many privacy laws, generally requiring additional protections. For example, GDPR's [Article 9](https://gdpr-info.eu/art-9-gdpr/) specifies special conditions for handling data related to a "person's sex life or sexual orientation".
-
-Companies and software developers must take this responsibility much more seriously.
-
-### Hateful groups tracking users
-
-In 2023, the Washington Post [revealed](https://www.pcmag.com/news/a-catholic-group-spent-millions-on-dating-app-data-to-out-gay-priests) that an American Catholic group based in Colorado had bought data brokers datasets from queer dating apps.
-
-The religious group spent millions of dollars to access data from Grindr, Scruff, Growlr, Jack'd, and OkCupid in an attempt to out gay and bisexual priests. The group used these datasets to cross-reference locations with church residences. This level of hate and insidious spying seems quite ungodly.
-
-Tragically, dating apps selling users' data to brokers and advertisers makes this type of targeting by hateful groups easily accessible to anyone willing to pay.
-
-### Governments and authorities prosecuting users
-
-In countries where homosexuality and transgender people are criminalized, even governments are guilty of these cruel practices.
-
-In 2017, Human Rights Watch [reported](https://www.hrw.org/news/2017/05/01/south-koreas-military-sodomy-law-should-go) allegations of the South Korean army cracking down on gay service members using published screenshots from dating app chats. Although homosexuality isn't illegal for civilians in South Korea, same-sex intercourse is illegal in the military. This oppressive rule is aggravated by the fact that South Korean men are [obligated to enroll](https://en.wikipedia.org/wiki/LGBTQ_rights_in_South_Korea) for a mandatory period of service under the conscript system.
-
-In 2018, organization Article 19 [completed](https://www.article19.org/resources/apps-arrests-abuse-egypt-lebanon-iran/) an investigation on the risk of dating apps usage by the LGBTQ+ community in Egypt, Lebanon, and Iran. The report demonstrates how authorities in Egypt used the geolocation feature of dating apps to entrap and arrest gay and transgender users.
-
-In 2022, Article 19 supported another report [focusing](https://www.article19.org/wp-content/uploads/2022/03/Digital-Crime-Scenes-Report-3.pdf) on the persecution of queer people in Egypt, Lebanon, and Tunisia. The report explains how authorities in these regions used dating apps to set up trap meetings with users, and to collect digital "evidences" to charge queer users.
-
-In 2025, Human Rights Watch [published](https://www.hrw.org/news/2025/05/26/uganda-anti-lgbt-law-unleashed-abuse-0) a report documenting the actions of authorities in Uganda following the 2023 enactment of the Anti-Homosexuality Act. In addition to spreading misinformation and hatred against LGBTQ+ people, leading to harassment and attacks, authorities have started to use dating apps to extort, entrap, and arrest queer people.
-
-Sadly, if LGBTQ+ rights continue to regress like we have observed in the past months, this sort of government-sanctioned persecution might even become normalized in the UK and the US as well.
-
-### Criminals blackmailing and attacking users
-
-Along with hateful groups and authoritarian regimes, criminals are also targeting the queer community on dating apps. This type of crime is exponentially worse for users located in regions where being queer is criminalized, but it is still a danger for anyone worldwide.
-
-Criminals have been [targeting](https://www.bleepingcomputer.com/news/security/lgbtq-plus-community-warned-of-extortionists-abusing-dating-apps/) users on queer dating apps for extortion scams. According to a report from the US Federal Trade Commission, criminals pose as potential dates sending explicit photos, then request users to reciprocate. If they get a reply, they blackmail the victim under threat of revealing this information. This type of extortion can have devastating consequences.
-
-Dating apps are worsening this problem when requesting users to provide legal identification such as facial scans, official IDs, or home addresses. If this information leaks in the future, criminals will have an even easier time to extort and attack their victims, regardless of if they're still on the app or not.
-
-## Reducing the risks when using dating apps
-
-Despite how bad dating apps are for your privacy (and maybe also your safety), your social, sexual, and romantic needs are important to consider as well.
-
-The best alternative for your data privacy is probably to favor in-person meetups and venues, whenever possible.
-
-However, if this isn't accessible to you, and you decide using a dating app is worth the risks, here are a few things to keep in mind that can help to improve your privacy and to reduce the dangers when using a dating app.
-
-### Investigating before creating an account
-
-Before creating an account on a dating app (or any other apps), it's a good idea to take a look at its privacy policy (or privacy notice) and terms of service.
-
-#### Researching privacy policy and terms of service
-
-Most people *hate* doing this, but it can really help to discern which apps are better than others.
-
-You don't have to read it all, but make sure to at least check the sections on what data they collect, with whom they share it, and how they use it.
-
-Important pro-tip: Using your browser, search the page for an "@" sign to verify if the privacy policy includes a contact email address. It *should* have one. Sometimes, it will be a link to a contact page instead. If you cannot find any way to contact anyone at this organization by email, be suspicious.
-
-If you decide to use this dating app, keep a local copy of its privacy policy and terms of service using the "Save to PDF" function from your browser. This *can* help legally by keeping a proof in time of what were the terms when you signed up (of course, they might change later, but that's a start).
-
-#### Investigating usage of AI systems
-
-Look in the privacy policy and terms of service for any mention of AI systems. Sometimes, it's not named directly and might be called something else like "automated system" or other expressions.
-
-Be especially vigilant to check if the company **might use your content data to train these systems**. Make sure you have a way to at least opt out, or deactivate of any such training. AI systems training on your data is *atrocious* for your privacy.
-
-#### Confirming data deletion processes and retention periods
-
-Again usually through the app's policies, look at what the process will be when you'll want to get your data and account with this app fully deleted.
-
-This is important because deleting your data once you are done using the app will greatly improve your data privacy and security, by protecting it from potential data breaches and undisclosed usage in the future (if the deletion is done thoroughly).
-
-Additionally, deleting your data and account once you no longer need it minimizes the risk of an abandoned-account takeover by a criminal.
-
-When you abandon an account without closing it and deleting its data properly, criminals might break in and start using your account and data without your knowledge. The longer the account sits there, the greater the risk.
-
-Make sure the app describes a clear process you can manage yourself *from within* the account to fully delete your data and account, and that **it doesn't require more information** to delete your account than you had to provide to create it in the first place.
-
-#### Evaluating reputation from history of data breaches
-
-Finally, conduct a short research on the history of security practices for this dating app.
-
-Look for trustworthy third-party reviews and information about the app. Always assume information and promises from the company itself are biased.
-
-Check the news for reports of data breaches and leaks. Checks what security researchers and privacy professionals have to say about this app. Make sure to find trustworthy sources, and remain vigilant about AI-generated articles and review articles that are advertising in disguise.
-
-### Choosing a dating app
-
-As stated at length in this article, there aren't any *good* dating apps for your privacy, sadly. There are only "slightly less horrible" dating apps.
-
-For more details on each, you can take a look at Mozilla's [Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/) for dating apps. Check the details for each app you are interested in, not just the rating. However, keep in mind that even Lex, the first app listed there, doesn't seem to have great practices in regard to [data deletion](#investigating-an-apps-data-deletion-process-before-creating-an-account), and you might be unable to delete your account data fully if you decide to use this app. This might also be the case for some other apps listed there.
-
-Alternatively, there are a few free dating apps that might offer a different approach with open source code. Applications that are open-source have the benefit of full transparency to examine its code, and potentially detecting any undisclosed data collection.
-
-That being said, open-source applications aren't magically secure, and don't necessarily grant better privacy either. But code transparency helps to audit the application, and to detect any false claim related to privacy and security. The German dating app Alovoa is an example of this. You can take a look at its [code](https://github.com/Alovoa/Alovoa/) on GitHub.
-
-However, the downside of any dating app that isn't massively popular is it will have fewer users, possibly making finding matches more difficult.
-
-Nevertheless, using a niche dating app that fits better your values *could* potentially increase the chances of finding a match that also fit better your values.
-
-Specifically to data privacy however, privacy-conscious people looking for a date online might have to wait for a truly privacy-respectful app to be developed, and to get more popular in the future.
-
-### Minimizing the data shared
-
-When using any dating app, you should always be careful with the information you share, not just for data privacy, but also for your physical safety.
-
-Using a dating app still means talking with a lot of strangers online, and these strangers might have different intentions and goals than yours.
-
-Of course, to find genuine matches, you also do need to share at least some information about yourself, and you shouldn't lie to potential partners.
-
-The idea isn't to use fake information, the idea is simply to *minimize* the information you share, to increase your data privacy with the app, and your safety when interacting with strangers.
-
-Once you have developed a certain level of trust with a dating app match, then you can [move to safer channels](stay-safe-but-stay-connected.md/#private-messaging-one-on-one-and-group-chats) to share more with them (if you wish) in a more secure and more private environment. You could share your Signal username with them to chat in an end-to-end encrypted environment, for example.
-
-
-
Warning: Only share when you fully trust!
-
-Remember that there will be no content moderation in this end-to-end encrypted environment, because it is *truly private*. You should **never share any intimate details with someone you do not trust fully**, even on Signal (or any other end-to-end encrypted apps).
-
-
-
-#### Sign up credentials
-
-When signing up for a dating app, **never use a social media account**. Many applications now gives the option to sign up or sign in using your Google, Facebook, or Instagram account.
-
-While this might seem convenient at first, it allows the applications to exchange data, and this is *incredibly bad for your privacy*.
-
-Instead, always sign up for a dating service using new credential information that you have not used anywhere else before (new username, new email, new password). This will reduce the risk of your other accounts being linked with your dating app data, and vice versa.
-
-#### Email address
-
-To use a unique email address, you might want to create a proxy address known as an alias.
-
-Email aliasing is a great technique to improve your privacy online. It allows you to register for services using a unique email address for each. You can also use these unique email addresses to give to your dating prospects to communicate with them. For email aliasing, SimpleLogin is a great service that we [recommend](https://www.privacyguides.org/en/email-aliasing/).
-
-#### Phone number
-
-Using a unique phone number is much more complicated, unfortunately.
-
-From some countries, you might be able to find a trustworthy phone number proxy service, but those aren't always accepted to sign up for new accounts.
-
-Generally, it's much harder to use proxy for a phone number, and account requiring phone numbers to sign up aren't the best for privacy.
-
-A phone number is an identifier that most people rarely change, and that is strongly attached to your legal identity. If this data leaks in the future, your dating data could be linked to your legal identity, and to your other accounts in all sorts of ways.
-
-Additionally, using a phone number or a verification code sent to your phone through SMS to log in makes your account vulnerable to [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). Avoid apps that are requiring a phone number to sign up if you can.
-
-If you absolutely cannot avoid it, then consider getting a secondary phone number on a spare phone that you only use for dating.
-
-#### IP address
-
-Your IP address is an identifier attached to the internet service you use, and can reveal your location (more or less accurately). Additionally, an IP address can potentially reveal your legal identity, and be linked to your other internet activities.
-
-Any online services and websites you use and visit will know your IP address, including dating apps.
-
-To protect from this, you would need to use a [trustworthy Virtual Private Network (VPN)](https://www.privacyguides.org/en/vpn/) provider. However, know that using a VPN is only a transfer of trust, from your Internet Service Provider (ISP) to your VPN provider.
-
-If using a queer dating app could be dangerous in your country, keep in mind that your VPN provider would know you have visited one. You would need additional protections to go around this, such as using a service like [Tor](https://www.privacyguides.org/en/advanced/tor-overview/) (which might not be possible with some services).
-
-Moreover, some dating services might not allow connection from a VPN server at all, or could trigger additional security checks and requirements to log in.
-
-#### Mobile app permissions
-
-After installing a dating app on a mobile device, make sure to go through your phone's settings to disable all the permissions you can.
-
-Keep it at the absolute *minimum* required for you to use the app. **Don't give permissions for the app to access your contacts or photos.**
-
-If enabled by default, disable accesses. Also disable accesses to your location, if you do not use this feature with the app. Ideally, enter your broad location instead (e.g. city only), and never allow precise geolocation from your phone.
-
-#### Privacy settings and opting out
-
-Before adding any information to your dating profile, go through the app's settings to select the strongest options available to protect your privacy.
-
-Sometimes, apps make it hard to find where to opt out data sharing and AI training, but *be persistent* and look everywhere you can. This is worth the effort!
-
-#### Account security
-
-Securing your account is also important to protect your privacy. If you do not use a [strong and unique password](https://www.privacyguides.org/en/basics/passwords-overview/), a criminal could easily snoop in or even takeover your account.
-
-In addition to choosing a long, complex, and unique password, make sure to enable multifactor authentication. Ideally, use an [authenticator app](https://www.privacyguides.org/en/multi-factor-authentication/) or [security key](https://www.privacyguides.org/en/security-keys/) for this.
-
-If the only option you have is to enable multifactor authentication with a phone number, *and you have already signed up for the app using a phone number*, then this is better than nothing. If you have *not* signed up with the app using a phone number, then it might be better to not use this at all. It's preferable to not give your phone number to the app, if you can avoid it.
-
-#### Name, nickname, and full name
-
-Be careful with the name you choose to publish. Avoid sharing your last name with anyone until you have met them, trust them, and are discussing on safer channels with them.
-
-Perhaps only use a nickname on the app, your fist name only, or a shortened version of your name if you can. **Do not lie, but avoid providing your complete legal identity from the app.**
-
-#### Photos and videos
-
-For photos, try to keep an awareness of whom will be able to see them. Some apps make your main profile picture visible to the entire internet!
-
-If this is true for the app you use, perhaps choose a photo hiding your features a little as your main photo. Then, add more detailed photos inside your profile, if photos have more restricted visibility there.
-
-No matter which photos you upload in a dating app, **do not ever use the same photos you have used on social media!**
-
-This could allow *anyone* to cross-reference your dating profile with your social media accounts using this photo (or other accounts and websites where you used the same photo). Depending on your situation, this can be incredibly dangerous.
-
-Ideally, only upload photos on the dating app that are new, or that you have only used with dating services.
-
-Additionally, be extremely careful about which *other* information is visible in the photos you share.
-
-Remain mindful of anything that could identify your home or work location, such as street signs, bus stops, street addresses, city landscapes, etc. Pay special attention to reflections in glasses, windows, mirrors, and other reflective surfaces.
-
-#### Photo metadata
-
-Furthermore, make sure to **[remove the metadata](https://www.privacyguides.org/en/data-redaction/)** from the photos and videos you want to upload, *before* you uploaded them in the dating app.
-
-Photo metadata can reveal a lot about you. This includes device models as well as the precise date, time, and geolocation where a photo was taken, or a video was filmed. Any metadata attached to images and videos uploaded to the app, is likely to be collected by the app.
-
-#### Intimate photos
-
-Finally, if you trust a match enough to start sharing more intimate pictures, consider the dating app might not be the safest space for this.
-
-Dating apps do not use end-to-end encryption, and *all* the data you upload there can be accessed by the company, and could be stolen in a data breach. Some dating apps were already [called out](https://www.techradar.com/pro/security/major-dating-app-data-breach-may-have-exposed-1-5-million-private-user-images-online) for this earlier this year.
-
-Moreover, keep in mind that criminals are regularly hunting for victims on dating apps, requesting intimate pictures for [nefarious purposes](https://www.bbc.co.uk/news/articles/cyvjy0871dqo). Students and younger people are a growing target for extortion, [sextortion](https://www.tandfonline.com/doi/full/10.1080/01639625.2024.2317904), and even [sex trafficking](https://www.investigatewest.org/investigatewest-reports/a-washington-teen-was-trafficked-by-a-man-she-met-on-tinder-she-says-two-years-later-shes-still-waiting-for-justice-17706687) on dating apps.
-
-*Always* keep in mind this risk when sharing intimate photos and videos with someone, *even on end-to-end encrypted platforms*.
-
-#### Private conversations
-
-When chatting in private with matches, remember that this conversation might not be as private as it feels.
-
-As explained above, the company can technically still **read and collect all of your private conversations**, and this data could also leak in a data breach.
-
-Additionally, nothing prevents anyone you are talking with from taking screenshots and publishing this information online. Unfortunately, this despicable practice isn't that uncommon.
-
-Make sure you trust the person you are chatting with enough before sharing any details that strongly identifies you, your location, or your work location. Consider moving to safer encrypted channels when the conversation becomes more personal.
-
-
-
A note on anonymity
-
-Keep in mind that all these measures will *not* make you completely anonymous on a dating app.
-
-It will only *reduce* the data you expose to the company and its advertisers, to potential data breaches and leaks, as well as to criminal and governmental non-consensual accesses.
-
-Achieving total anonymity online is very difficult. But following these privacy-enhancing practices will effectively help to reduce the risks, and keep you safer online.
-
-
-
-## Let's hope for better dating apps in the future
-
-It's disheartening to discuss a topic such as dating apps when the reality is there **aren't any good alternatives** to propose.
-
-Dating *offline* is the best data privacy-preserving solution so far, but dating apps, moreover queer dating apps, exist for a reason: It's hard to find occasions to meet people to date in-person these days.
-
-Many opportunities for this have slowly disappeared from our society in the past years. Online dating does provide a solution to meet people looking to date as well.
-
-The even sadder truth is, technically, we *could* have great privacy-respectful dating apps.
-
-However, the for-profit business model of most applications (not just dating apps) has incentive everyone to share and monetize users' data in horribly intrusive and abusive ways. This isn't a problem limited to dating apps.
-
-Nonetheless, dating apps should be built with much greater protections for users' privacy. The unavoidable sensitive data they collect warrants exemplary security and privacy measures.
-
-Let's hope that one day we will see a trustworthy dating-app developer come with a *truly* privacy-respectful dating app. One that uses serious security measures, data minimization practices, proper data deletion processes, code transparency, honest and complete policies, fully end-to-end encrypted private chat, and that doesn't sell nor share users' data with anyone.
-
-Until then, stay safe out there. And keep in mind your privacy and safety when using queer dating apps.
-
-## Additional resources
-
-### Helplines
-
-If you are feeling isolated, depressed, or suicidal, do not hesitate to reach out for help. These helplines are here to listen:
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): Confidential support helpline for people who identify as trans, agender, gender-fluid or non-binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support (Phone number US: 877-565-8860 / Canada: 877-330-6366)
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 (Phone number: 988)
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.
diff --git a/blog/posts/sam-altman-wants-your-eyeball.md b/blog/posts/sam-altman-wants-your-eyeball.md
deleted file mode 100644
index 237ab720..00000000
--- a/blog/posts/sam-altman-wants-your-eyeball.md
+++ /dev/null
@@ -1,383 +0,0 @@
----
-date:
- created: 2025-05-10T15:00:00Z
- updated: 2025-05-10T15:45:00Z
-categories:
- - News
-authors:
- - em
-description: Last week, OpenAI's CEO Sam Altman announced in San Francisco that the World project he co-founded, formerly known as Worldcoin, is opening six stores across the United States, allowing users of the project's app to scan their eyeballs.
-schema_type: AnalysisNewsArticle
-preview:
- color: "#c0322f"
- text_color: "#ffffff"
- site_logo: privacy-guides-logo-notext-colorbg-white.svg
- icon: material/eye-circle
----
-
-
-# Sam Altman Wants Your Eyeball
-
-
-
-Photo: Flyd / Unsplash
-
-Last week, OpenAI's CEO Sam Altman announced in San Francisco that the World project he co-founded, formerly known as Worldcoin, is opening six stores across the United States, allowing users of the project's app to scan their eyeballs.
-
-Simply put, the premise is this: scan your eyeball, get a biometric tag, verify yourself, buy our apps (and cryptocurrency). The scary part is the for-profit company developing the project has now gathered millions in venture capital investment, powerful partners, and is ready to expand and impose its [Minority Report](https://en.wikipedia.org/wiki/Minority_Report_(film)) style technology everywhere. **Welcome to Dystopialand.**
-
-The World(coin) project is an initiative from the startup Tools for Humanity, co-founded by its CEO Alex Blania. Despite its friendly name, the for-profit corporation has been on the radar of many critics through the years already. From experts to journalists to privacy commissioners around the world, not everyone shares Blania's enthusiasm for his biometric-based technology.
-
-## What is the World App?
-
-The World project, recently rebranded from the Worldcoin project (possibly to convey better its expansionist ambitions) presented its plan for the World App to Americans this week. The project is now expanding well beyond the cryptocurrency it started from.
-
-The World App is an everything app, providing users with a *World ID*, that can be verified through the collection of biometric data in the form of an iris scan.
-
-The scan is then filtered and hashed to create a unique identifier that is stored as a so-called "proof of personhood" on the *World Network*, a blockchain-based protocol.
-
-The World App itself contains a collection of "Mini Apps", where users can manage their cryptocurrencies, chat together, play games, receive their paychecks even, and ultimately live their whole life within the closed "verified" ecosystem of the app.
-
-For a company constantly praising decentralization, it sure looks like they want to make sure they are the center of it all.
-
-To obtain this coveted verification code, users *must* be ready to share their precious eyeball data with the Orb.
-
-The Orb is a piece of hardware designed by Tools for Humanity to perform iris scans. It is available to access in the United States at one of the currently six locations in Austin, Atlanta, Los Angeles, Miami, Nashville and San Francisco (more to come soon), like some sort of biometrics collection ATM.
-
-The World project has for ambition to expand its reach across the United States to install 7,500 Orbs by the end of this year, so be prepared to see this dystopian technology everywhere soon.
-
-The San Francisco [presentation last week](https://www.theregister.com/2025/05/04/sam_altman_startup_world/) was clearly prepared to impress investors with its Apple announcement vibe. The promise of a quickly growing startup that everyone will soon want to work with, was repeated over and over in different flavors.
-
-Tools for Humanity bragged about many large partnerships that should make any privacy advocates shiver in dread: the Match Group dating apps conglomerate (Tinder, OkCupid, Hinge, Plenty of Fish), Stripe, and Visa are some of them.
-
-If they succeed in convincing enough people, many of us could soon have little choice but to unwillingly have to enroll.
-
-## World(coin) isn't new, you might have heard of its unethical practices already
-
-The project [claims](https://techcrunch.com/2025/04/30/sam-altmans-world-unveils-a-mobile-verification-device/) to have onboarded 26 million people already, including 12 million "users" who are verified (had their biometric data collected).
-
-These "users" are largely located in Latin America, Africa, and Asia. This is because the company started testing for its project there a few years ago, in regions where people often have fewer legal protections.
-
-In 2022, MIT Technology Review produced [an extensive investigation](https://www.technologyreview.com/2022/04/06/1048981/worldcoin-cryptocurrency-biometrics-web3/) on the startup's debut in an article titled: *Deception, exploited workers, and cash handouts: How Worldcoin recruited its first half a million test users.*
-
-The investigation revealed a collection of unethical practices to pressure the most vulnerable populations in signing up for Worldcoin, and **have their eyeball scanned in exchange for money** they desperately needed.
-
-Some participants had to provide much more personal information than the company says is required, such as emails, phone numbers, and even photos of official ID. Many people who gave their biometric data to Worldcoin were rushed and misinformed. Some who signed up didn't even have an email and had to create one. The "Orb operators" hired to perform the scans locally were often poorly trained, poorly informed, and unable to answer the questions asked by participants.
-
-So much so that [Kenya suspended the company's operations](https://techcrunch.com/2023/08/02/kenya-suspends-worldcoin-scans-over-security-privacy-and-financial-concerns/) in 2023 over concerns for privacy, security, and financial service practices.
-
-Some people who signed up never received the promised money. Some officials were bribed to give the impression to participants these operations were official and supported by the government.
-
-As Ruswandi, one of the persons targeted by this early campaign [remarked](https://www.technologyreview.com/2022/04/06/1048981/worldcoin-cryptocurrency-biometrics-web3/): "why did Worldcoin target lower-income communities in the first place, instead of crypto enthusiasts or communities?"
-
-Exploiting people in situations of poverty in order to test a biometric identification technology isn't a great way to start a project developed by a company called "Tools for Humanity".
-
-## Creating the problem, selling the solution
-
-Why develop such a technology in the first place?
-
-Sam Altman himself has [expressed concern](https://www.wired.com/story/sam-altman-orb-eyeball-scan-launch-us/) about the problem this alleged solution solves: the avalanche of fake accounts and pretend persons online caused by the new AI tools unleashed everywhere.
-
-The proposed use of a "proof of personhood" claims to solve this problem by allocating a unique identifier to each human, a personal code supposedly impossible to duplicate or cheat. Of course, this has [already been proven wrong](https://gizmodo.com/worldcoin-black-market-iris-data-identity-orb-1850454037).
-
-No one will miss the irony of the CEO of OpenAI, responsible for creating the largest share of this problem, expressing such concern **while continuing to feed the fire**.
-
-This is a classic case of creating a problem and selling the solution. Well, in this case it is more like ***selling* the problem and selling the solution**. As researcher and cryptocurrency critic [Molly White pointed out](https://www.citationneeded.news/worldcoin-a-solution-in-search-of/) in 2023:
-
-"That's right, the guy who's going to sell us all the solution to a worsening AI-powered bot infestation of the Internet and to AI-induced mass unemployment is the same guy who's making the AI in question."
-
-Sadly, this proposed solution also isn't really a solution, or at least it isn't a *good* solution. Indeed, this will **create a whole collection of new problems**, many much worse than a bot infestation.
-
-## The risks of sharing biometric data
-
-Biometric data is incredibly sensitive data, because it's irrevocably attached to a person. Whether it's from a face scan, palm scan, fingerprint, keystroke pattern, or iris scan, this data is part of our bodies and **cannot be changed like a password** if it gets compromised.
-
-For this reason, a growing number of legislations around the world now include special categories for such data collection, and require extra protections and supervision for it.
-
-There are many dangers in collecting and potentially endangering biometric data. First, if this data gets stolen, criminals can impersonate a victim much more convincingly, because they will have the "proof" to "verify" this is really you.
-
-While straight-up stealing your eyeball or face might still belong to science-fiction, the risk of getting the data produced *from* the scan stolen is very real.
-
-When the World project claims it is secure because biometric data isn't stored anywhere, even if that was true, the iris *code* derivative of this data is indeed stored and processed somewhere, and this can potentially be stolen.
-
-How hard will it be for a victim to recover an account from a biometric thief when everything is reinforcing the false narrative shared with investors that this technology can't be cheated?
-
-Then, there is the loss of pseudonymity protections online.
-
-If every social media account becomes tied to a unique biometric-based identifier, whether directly or indirectly, there is no pseudonymity anymore.
-
-Further, if only one account is allowed by "verified human", then no one can create separate accounts for their work life and personal life anymore. Creating separate accounts for separate purposes is an excellent privacy-preserving practice.
-
-Even if the identifier isn't tied to a legal name directly, accounts on different platforms using the same identifier could potentially get linked together. To be fair, it does seem Tools for Humanity worked to prevent different platforms from having access to the same code, but how well will this hold the test of time? Will platforms increasingly escalate privacy-invasive requests from this point, like they often do?
-
-**Pseudonymity saves lives.** It is an essential tool for the safety of the most vulnerable online. Killing pseudonymity by requiring unique biometric identification could endanger millions.
-
-This is a serious problem coming up with [age verification](age-verification-wants-your-face.md) processes as well, which World ID will soon also be a part of when [testing](https://www.engadget.com/cybersecurity/sam-altmans-eyeball-scanning-id-technology-debuts-in-the-us-130032856.html) its implementation for Tinder in Japan.
-
-Biometric data should never be used lightly. It should be reserved for the most extreme cases only.
-
-The regions who have adopted stronger regulations for biometric data collection are moving in the right direction. But will protective legislation be enough to resist the pressure from a for-profit VC-backed corporation with a valuation at billions?
-
-## Flipping the coin
-
-Tools for Humanity seems to be well aware of its creepiness factor, and of the criticisms brought by privacy commissioners around the world.
-
-Its recent Orb redesign from the previous cold (Black)mirror finish clearly tries hard to replace creepiness with cuteness.
-
-The company has also evidently invested a lot in presenting a pro-privacy image, likely in an attempt to reassure users (and investors).
-
-Unfortunately, many of these privacy-preserving claims are inaccurate. Some claims promoting "features" that might sound impressive to a neophyte's ear are actually just the baseline, and others sadly are misleading *at best*.
-
-While a few privacy-preserving efforts are indeed positive, most of the focus on privacy relates to marketing much more than any serious protections.
-
-## How privacy-preserving is it?
-
-Most people are still put off by the idea of having their eyeball scanned, and the company has evidently invested a lot in promoting a "privacy-preserving" image, possibly as an attempt to reassure unconvinced humans and [privacy commissioners](#privacy-legislators-arent-on-board) alike.
-
-But how much can we trust those claims?
-
-### Flawed assumption about what constitutes personal data
-
-The largest assumption about why this technology is "privacy-preserving" seems to come from the fact that the World App doesn't collect names, official IDs ([unless it does](https://www.toolsforhumanity.com/legal/privacy-notice#6-2-credentials-)), emails ([unless it does](https://www.toolsforhumanity.com/legal/privacy-notice#annex-i-%E2%80%93-legal-grounds/purposes-for-tools-for-humanity-data-processing-activities-)), phone numbers ([unless it does](https://www.toolsforhumanity.com/legal/privacy-notice#5-1-data-you-provide-to-us)), date of birth ([unless it does](https://world.org/blog/announcements/worldcoin-new-world-id-unverify-option-increases-personal-control-over-data)), or other identifiers.
-
-This assumption however neglects the fact that 1) even data that isn't attached to a legal name can be personal data, and 2) the iris code it produces from the iris scan *is* indeed personal data.
-
-While there are variations, most privacy regulations have similar definitions of what constitute personal data. The European General Data Protection Regulation (GDPR) [defines](https://gdpr-info.eu/art-4-gdpr/) it as "any information relating to an identified or identifiable natural person". An iris code derived from an iris scan of course fits this definition.
-
-Moreover, to create a World ID, the company also collects a face image. Together, the original iris scan and face photo are referred to as *Image Data*. For "privacy-preserving" purposes, Image Data of course never leaves the Orb device ([unless it does](https://world.org/legal/biometric-data-consent-form)).
-
-While it seems some effort has been made to protect the Image Data in some ways, the idea that derivative data from the scans isn't still sensitive personal information anymore is wrong.
-
-If there is a way for a person to scan their iris again and generate the same code, then this data relates to their identifiable person. This also means that *someone else* could scan their iris and generate the same code.
-
-As whistleblower [Edward Snowden rightfully pointed out](https://x.com/Snowden/status/1451990496537088000) in a 2021 tweet:
-
-“This looks like it produces a global (hash) database of people's iris scans (for 'fairness'), and waves away the implications by saying 'we deleted the scans!' Yeah, but you save the *hashes* produced by the scans. Hashes that match *future* scans. Don't catalogue eyeballs.”
-
-### Questionable reassurance about local data
-
-One of the biggest reassurances relates to the claim that sensitive biometric data (Image Data) is only stored locally. But this isn't completely accurate either, and there seems to be conflicting information about it from the company's own documentation.
-
-The World [white paper](https://whitepaper.world.org/#enrollment-process) specifies that:
-
-"The Orb verifies that it sees a human, runs local fraud prevention checks, and takes pictures of both irises. The iris images are converted on the Orb hardware into the iris code. Raw biometric data does not leave the device (unless explicitly approved by the user for training purposes)."
-
-However, according to the [Biometric Data Consent Form](https://world.org/legal/biometric-data-consent-form) users have to sign prior to data collection, if a user needs a fully verified World ID. Inevitably this sensitive biometric data will be sent to their phone, therefore leaving the Orb.
-
-After a user agrees to the form, they can keep the option for *Data Custody* disabled to have their biometric data deleted from the Orb "later", and have it uploaded to their phone (with all the risk that this entails).
-
-The other option users have is to enable Data Custody (if allowed in the user's country) and have this sensitive data sent to both their phone *and* to Tools for Humanity.
-
-This means the Orb inevitably sends this sensitive data to a mobile device. Then, this data is only as secure as the mobile device is. Which isn't so reassuring.
-
-The documentation does maintain this biometric data is sent as an "end-to-end encrypted data bundle", but this doesn't mean the data never leaves the Orb. It just means it leaves it while encrypted (which is really just the basics), and copies it to the user's device.
-
-Furthermore, future users are *strongly* incentivized to share their Image Data with Tools for Humanity, for algorithm improvement purposes. Pressure to opt in is even presented as a *convenience* option, because it would be cumbersome to have to come over for another scan after every update.
-
-As [stated](https://world.org/legal/biometric-data-consent-form) in the Biometric Data Consent Form:
-
-"This will likely help you avoid some inconvenience because, if we have your Image Data, then you will not need to return to an Orb to re-verify your digital identity when we update the software."
-
-The company continues to repeat they have a "privacy by default and by design approach". But **you can't keep your privacy-preserving cake and eat it, too**.
-
-### What does the white paper say
-
-In tech, a white paper is usually a research-based document produced by the developers that presents more technical details on an application, product, or process. It is especially valuable for products like the Orb and the World App, where security and privacy *should* be paramount, and therefore examined closer.
-
-Because it isn't an independent review, a white paper can also not be worth much more than a marketing pamphlet.
-
-To its credit, Tools for Humanity does [warn](https://whitepaper.world.org/#nature-of-the-whitepaper) in its white paper that this information is "intended for general informational purposes and community discussion only and do not constitute a prospectus, an offer document, an offer of securities, a solicitation for investment, or any offer to sell any product, item or asset (whether digital or otherwise)."
-
-Furthermore, the company makes sure to specify that "circumstances may change and that the Whitepaper or the Website may become outdated as a result; and the [World] Foundation is not under any obligation to update or correct this document in connection therewith."
-
-The document is also described as a "crypto-asset white paper".
-
-We have been warned.
-
-In its Privacy section, the white paper [states](https://whitepaper.world.org/#image-custody-opt-in) that "no data collected, including images taken by the Orb has or will ever be sold. Nor will it be used for any other intent than to improve World ID."
-
-However, its [Privacy Notice also states](https://world.org/legal/privacy-notice#8--when-we-share-your-data) that they may "share your personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company."
-
-If this happens, many regretful users might find themselves in [the same shoes as 23andMe users this year](https://www.techradar.com/health-fitness/23andme-is-bankrupt-and-about-to-sell-your-dna-heres-how-to-stop-that-from-happening), where the DNA collecting company started to look for buyers of its biometric data assets after filling for bankruptcy.
-
-Additionally, the Face Authentication section of the white paper [describes](https://whitepaper.world.org/#face-authentication) a process where encrypted facial biometrics collected from the Orb are used for authentication in the World App.
-
-Even if this data is stored on-device, it is still biometric data getting collected by the Orb then processed by the phone app. There is no question this is sensitive and personal biometric data, and it is indeed kept outside the Orb.
-
-Tools for Humanity lacks consistency in the various claims and statements found through its documentation and promotion material. It becomes difficult to know which version to trust, and if it is to be trusted at all.
-
-### No deletion on the blockchain
-
-Tools for Humanity's Privacy Policy declares that the company will delete all account data (when laws allow it) one month after it is closed (this is good). They also state they will delete entirely any inactive account after 2 years, and this is actually a great policy.
-
-But what happens to the World ID, transactions, and other data stored on the blockchain?
-
-While some thoughts have been put into deletion and some good mechanisms seem to have been implemented, unfortunately data stored on the blockchain might be "deletion-resistant".
-
-There's a possibility that **what happens on the blockchain stays on the blockchain, forever**.
-
-The policy [notes](https://www.toolsforhumanity.com/legal/privacy-notice#11--how-long-do-we-keep-your-data-) that:
-
-"Due to the public and immutable nature of blockchain technology, we cannot amend, erase, or control the disclosure of data that is stored on blockchains."
-
-So that is something to keep in mind if you value your right to delete.
-
-## Data security considerations
-
-Even if some thoughtful security features seem to have been implemented for the World App and its Orbs, nothing processing sensitive data at such a large scale should be left in the hands of a single for-profit, largely unregulated, organization.
-
-This would be like putting 8 billion eggs in a very fragile basket, held by someone paid to make the basket pretty and convince as many people as possible to put their precious single egg in it, with no incentive whatsoever to ensure the basket doesn't break. I would not want to put my egg in there, especially with how much it costs now.
-
-The idea of using one single *for-profit* app worldwide for "human verification", identity verification, age verification, money transactions, and storing official IDs (and so on and so forth) makes this application a *huge* target for criminals and hostile governments alike.
-
-It's good that the app had [security audits](https://github.com/trailofbits/publications/blob/master/reviews/2023-08-worldcoin-orb-securityreview.pdf), made some [code available](https://github.com/worldcoin) as open source, and reportedly [plans](https://whitepaper.world.org/#why-custom-hardware-is-needed) to open a bug bounty program.
-
-However, there are still problems that remain. For example, the phone in this case becomes a single point of failure. The easiest way to steal someone's identity and money (all at once) will be to steal their phone data (whether physically or remotely). Even without criminal intent, what happens when someone just loses their phone? Or accidentally drop it in the pool? Or step on it?
-
-With **everything relying on a single app and a single device**, risk is greatly amplified.
-
-Outside the user's responsibility, Orb operators and Orb stores are susceptible to various attacks. This will increase exponentially with the number of users of course, as the target becomes bigger. In fact, Orb operators have [already been hacked](https://techcrunch.com/2023/05/12/hackers-stole-passwords-of-worldcoin-orb-operators/).
-
-Then, there is the appeal of fake identities and money fraud for criminals. Already, there is a [black market](https://gizmodo.com/worldcoin-black-market-iris-data-identity-orb-1850454037) for iris data in China, where people buy iris data (or verified World ID according to World) from people in Cambodia, Kenya, and other countries for a few dollars only. The vulnerability allowing this was reportedly fixed, but it is doubtful this is the last one we hear about.
-
-The Orb itself is also an important potential attack surface. With Tools for Humanity's ambition to fill the world with Orbs everywhere, will Orbs become the next version of the sketchy ATM? Where you might wonder if this funny-looking Orb is trustworthy enough to pay your bar tab without risking emptying your crypto wallet?
-
-## Privacy legislators aren't on board
-
-Despite all its privacy promotion material, the World project has failed to convince privacy commissioners around the world of their supposedly good intentions. Perhaps in this case actions speak louder than words, and privacy commissioners aren't so gullible.
-
-With the expansion the project plans this year, we can expect even more experts will examine the company's claims and challenge its "privacy-preserving" assumptions.
-
-There are many reasons to remain skeptical about these promises of privacy. Indeed, numerous countries have already suspended, fined, or called for investigation on the company's (mal)practices.
-
-### The company was fined for personal data violation
-
-In 2024, the company was [fined](https://cointelegraph.com/news/south-korea-fines-worldcoin-personal-data-violations) 1.1 billion Korean won for violating South Korea's Personal Information Protection Act (PIPA). The Worldcoin Foundation was also imposed corrective orders and recommendations. Organizations that are truly "privacy-first" rarely reach this point.
-
-The Data Custody feature, which allows (and encourages) users to share their biometric data with Tools for Humanity is now unavailable in South Korea.
-
-### Brazil has banned Worldcoin in the country
-
-In January this year, the National Data Protection Authority (ANPD) [banned](https://decrypt.co/305639/brazilian-regulator-denies-worldcoin-appeal-ban) Worldcoin's operations in Brazil, after the company's appeal was rejected.
-
-The ban comes from regulation stating that consent to process biometric data must be "free, informed, and unequivocal", which cannot be the case with the World project paying users in cryptocurrency in exchange for their iris scans. Data deletion concerns were also raised by the regulator.
-
-The World project tried again to appeal the decision, in vain.
-
-### Kenya and Indonesia suspended its operations
-
-In 2023, Kenya, one of the first countries where Worldcoin was available, [suspended](https://techcrunch.com/2023/08/02/kenya-suspends-worldcoin-scans-over-security-privacy-and-financial-concerns/) Worldcoin's operations citing concerns over the "authenticity and legality" of its activities related to privacy, security, and financial services.
-
-The worse part is that months before, the Office of the Data Protection Commissioner (ODPC) of the country had ordered Tools for Humanity to stop collecting personal information from its citizens. The company simply [ignored the ODPC order](https://techcrunch.com/2023/08/15/worldcoin-in-kenya/) and continued to collect biometric data from Kenyans. It only stopped after Kenya's ministry of interior and administration gave the suspension order later on.
-
-This again is quite far from the behavior of a company who genuinely values privacy.
-
-More recently on May 4th, 2025, Indonesia also [suspended](https://en.antaranews.com/news/353861/indonesia-suspends-worldcoin-world-id-operations-over-public-concerns) the World project's operation in the country over concerns related to user privacy and security. The Ministry of Communication and Digital will be summoning the project's local operators to clarify the operations and determine potential violation of the Indonesia's electronic system regulation.
-
-### German regulator ordered GDPR compliance following investigation
-
-In December 2024, the German regulator, the Bavarian State Office for Data Protection Supervision (BayLDA), [issued an order](https://decrypt.co/298090/german-watchdog-cracks-down-on-worldcoin-over-biometric-data) to obligate providing deletion procedures that comply with the GDPR within one month. Additionally, the BayLDA ordered the complete deletion of certain data records that were previously collected without sufficient legal basis.
-
-Again, the World Foundation is fighting the order and will [appeal](https://cointelegraph.com/news/german-watchdog-order-worldcoin-delete-data) the decision. The company tries to argue the data collected was "anonymized", a common strategy to try evading GDPR compliance, which does not regulate anonymized data.
-
-### Data protection authorities around the world are investigating
-
-In 2023, France's data protection authority the CNIL [investigated](https://www.reuters.com/technology/worldcoin-paris-office-checked-by-french-data-watchdog-2023-08-31/) Worldcoin's activities in the country. The same year, UK's privacy watchdog started its own [inquiry](https://www.reuters.com/technology/uk-data-watchdog-make-enquiries-worldcoin-crypto-project-2023-07-25/) into the company's operations.
-
-In 2024, Hong Kong's Office of the Privacy Commissioner for Personal Data [raided](https://www.scmp.com/news/hong-kong/law-and-crime/article/3250480/hong-kong-eye-scan-cryptocurrency-scheme-probed-citys-privacy-watchdog) six Worldcoin offices citing personal information privacy and security concerns.
-
-There is no doubt more countries and regions will follow with similar investigations and bans as the World project expands to its ambition.
-
-### In the United States, the app is restricted in some states
-
-Even in the US where the company is headquartered, the app is [restricted](https://www.wired.com/story/sam-altman-orb-eyeball-scan-launch-us/) in some states. The announcement for its event this month carried a warning that the World is “not available for distribution via World App to people, companies or organizations who are residents of, or are located or incorporated in the State of New York or other restricted territories.”
-
-We can also expect the project will encounter roadblocks in states that have passed [regulations specific to the collection of biometric data](https://www.huschblackwell.com/2024-state-biometric-privacy-law-tracker). This includes states like Illinois, Texas, Washington, and Colorado.
-
-### Some regions have special regulations for biometric data
-
-Around the world the number of biometric-specific regulations is growing. Even without a regulation specific to this type of data, many privacy laws have started to include special categories and requirements to govern the collection and processing of sensitive biometric data. As companies are increasingly requesting such collection, legislations to protect users are essential.
-
-For example, the province of Quebec in Canada has recently implemented [strong protections for biometric data](https://www.cai.gouv.qc.ca/protection-renseignements-personnels/sujets-et-domaines-dinteret/biometrie?%2F) with its new privacy law, the Law 25. Consent isn't sufficient to collect biometric data, as the law requires organizations to explicitly justify the necessity for such collection in the first place. Importantly, any violation of Law 25 comes with fines as hefty as the GDPR's.
-
-More privacy laws should implement such protections quickly, as corporations collecting biometric information carelessly are multiplying fast.
-
-## Welcome to full dystopia
-
-The most concerning part of the World project's recent expansion isn't its cryptocurrency grift as much as stepping out of it.
-
-If cryptocurrency enthusiasts wish to share their personal data to get into a special cryptocurrency club, they might (although privacy regulations should still protect them). But using financial coercion to get new users by exploiting vulnerable communities living in poverty is **absolutely despicable**.
-
-Further, the fact that the World project has partnered with powerful players in the financial, gaming, and even dating sectors *should terrify everyone*.
-
-Beyond cryptocurrency, if platforms start to demand users everywhere to verify they are a human and verify they are an adult through the World ID system, then **everyone will soon be subjected to this**.
-
-The amount of money invested in the project means there will be an incredible pressure to spread it everywhere soon, and *monetize* it. There will be a *strong* incentive to monetize our data and to monetize our proof of humanity. This isn't trivial.
-
-The well-known dating app Tinder has already partnered with World ID to verify the age of users in Japan. If this experiment works well, and if users comply without objection, this could be soon mandatory for *all* dating apps.
-
-Let's not stop at dating apps. The World project has already announced last week they will also be working with Razer to verify humanity of online gamers. How far can this go in the age of age verification? Will every online games with mature content soon require a World ID to play?
-
-What about social media? Tools for Humanity's team have insisted the age of AI made us incapable of detecting if we are interacting with bots online. Therefore, they must valiantly come to our rescue to verify our humanity scanning our eyeballs (which bots tragically lack). What if this human verification is expanded to all our social media accounts? Certainly, regulators pushing for authoritarian age verification online would be delighted by such a product.
-
-Then, it comes for our money. The everything app of course offers payment and money management features. This is the app where you can keep your whole wallet, containing all your official IDs, your cryptocurrencies of all kind, and even connect with your less hyped regular bank accounts.
-
-Imagine a single app, owned by a single for-profit corporation, that collects and processes all the data from all your transactions online, all your communications online, that you absolutely have to continue using for your other social media accounts, your gaming life, and your dating life.
-
-There could soon be no way to escape the grasp of World's everything app. Actually, [some governments](https://www.theregister.com/2025/05/04/sam_altman_startup_world/) (Taiwan and Malaysia) have already started using it for official services, because why not.
-
-**The ways this could degenerate fast into full dystopia are infinite**, and very real.
-
-The company even plans to ship next year the Orb Mini, a pocket-size personal spy-device with which users will be able to scan their own eyeballs on the go!
-
-But why stop there? Why not scan other people's eyeballs as well? Maybe all government officials could carry one? Maybe every payment terminal could have one too?
-
-We will find out soon, in one or two years.
-
-Tools for Humanity also bragged about the numerous utilities its new technology could make possible. For example, for event tickets! Order a concert ticket with your "proof of personhood" then maybe confirm you are the owner by having your eyeballs scanned to assist to a Rage Against the Machine concert?
-
-The only fun part in this is the irony.
-
-Tools for Humanity with its expansionist dream is without a doubt hungry enough to eat the whole World™️.
-
-### A new world of wealth inequalities
-
-The company brings up a few times the mention of Universal Basic Income (UBI) in its documentation, it even mentions it briefly in its [white paper](https://whitepaper.world.org/#ubi).
-
-While puzzling, it appears Tools for Humanity might consider its cryptocurrency bribe to sign up and subsequent token giveaways as some form of UBI? Or perhaps this is only one of its other ambition to control all the financial systems in the entire world. Why UBI is even mentioned at all in this context is unclear.
-
-Regardless, it's worth mentioning a for-profit company giving cash back in exchange for biometric data isn't UBI at all, it's just a **creepy membership card points**, at best.
-
-While the World project works hard to present the idea this is a tool for the people, where everyone is equal, wealth will definitely [not be distributed evenly](https://whitepaper.world.org/#wld-token-allocation) in this new World order.
-
-Already, 11.1% of World's cryptocurrency tokens (WLD) have been distributed to the World's team, 13.6% to investors, and 0.3% are reserved for Tools for Humanity. This means these entities would share together 25% of the wealth, while 75% of the world's population (according the Tools for Humanity's ambition) would have to share 75% of what's left.
-
-In the new "human" world this corporation envisions, Tools for Humanity and its investors would own 1 quarter of the entire world's wealth. There is nothing equitable or communal in a system like this.
-
-It's important not to forget this everything app will do everything to pressure its users in eventually using Worldcoins, its ultimate goal.
-
-From Tinder's mandatory age verification to cryptocurrency financial ruin in one single move.
-
-## The normalization of surveillance
-
-Even if this process was perfectly secure and perfectly private (which it is definitely not), the problem remains the normalization of surveillance.
-
-This isn't limited to Tools for Humanity, although the way the company tries to advertise itself as a privacy-first organization makes it even more important to scrutinize.
-
-But anyone else with a similar approach to biometric data collection for verifying humanity or age or legal names should be on our radar. Moreover if it's a for-profit corporation with the power to impose this technology on us everywhere in the world.
-
-One company should never have such power.
-
-Further, biometric data should never be used for trivial purposes like "proof of personhood" or age verification. No amount of supposedly "privacy-preserving" features can change this.
-
-The premise itself is flawed from the start to respect privacy rights.
-
-While the problem of proving identity can still be an important one to solve in *some* context, the solution to this can never be monopolized by for-profit corporations.
-
-Regardless of Tools for Humanity's intentions and efforts to convince us to trust them, any similar technology is just another step towards a global system of mass surveillance, where ultimately privacy rights and human rights are lost.
-
-So, should you scan your eyeball to get a verified World ID?
-
-**No.**
-
-**No, you really shouldn't.**
diff --git a/blog/posts/selling-surveillance-as-convenience.md b/blog/posts/selling-surveillance-as-convenience.md
deleted file mode 100644
index 113fc227..00000000
--- a/blog/posts/selling-surveillance-as-convenience.md
+++ /dev/null
@@ -1,127 +0,0 @@
----
-date:
- created: 2025-06-07T17:35:00Z
-categories:
- - Opinion
-authors:
- - em
-description: Increasingly, surveillance is being normalized and integrated in our lives. Under the guise of convenience, applications and features are sold to us as being the new better way to do things. While some might be useful, this convenience is a Trojan horse. The cost of it is the continuous degradation of our privacy rights, with all that that entails.
-schema_type: OpinionNewsArticle
-preview:
- cover: blog/assets/images/selling-surveillance-as-convenience/surveillance-cover.webp
----
-
-# Selling Surveillance as Convenience
-
-
-Illustration: Em / Privacy Guides | Photo: Zeki Okur / Unsplash
-
-Increasingly, surveillance is being normalized and integrated in our lives. Under the guise of convenience, applications and features are sold to us as being the new better way to do things. While some might be useful, **this convenience is a Trojan horse**. The cost of it is the continuous degradation of our privacy rights, with all that that entails.
-
-As appalling as it is, the truth is the vast majority of software companies do not consider privacy rights and data minimization practices strongly enough, if at all. Most fail to implement the principles of [Privacy by Design](https://en.wikipedia.org/wiki/Privacy_by_design) that should guide development from the start.
-
-Whether this comes from ignorance, incompetence, greed, or malicious intent can be debated. It matters little, because the result is the same: Technologies collecting (and monetizing) a shameful amount of data from everyone.
-
-This horrifying trend ends up facilitating and normalizing surveillance in our daily lives. It is the opposite direction of where we should be going.
-
-**The more we accept this normalized surveillance, the harder it becomes to fight back.** It is critical that we firmly and loudly object to this banalized invasion of our privacy.
-
-There are countless examples of this growing issue, but for now let's focus on three of them: Airport face scans, parking apps, and AI assistants.
-
-## Face scans in airports (and elsewhere)
-
-Some airports and airlines around the world have started to [install face scanning stations](https://www.huffpost.com/entry/why-you-can-and-should-opt-out-of-tsa-facial-recognition-right-now-goog_l_680a673ae4b0b1be33560c93) to screen travelers. This is supposedly a quick and *convenient* way to verify your identity when passing through airport security lines.
-
-Facial scans and facial recognition data are biometric data. Biometric data is especially sensitive because once it's collected, there is no way for you to modify it later, ever.
-
-Imagine having a password stolen a thousand times, yet there is no way for you to change it. This is the security system that biometric data collectors are building. When their database eventually leaks, and someone steals it to impersonate you, you cannot simply get a new face like you would generate a new password.
-
-Moreover, facial data is the perfect tool to track you around without your consent. Systems using facial recognition are being installed in schools, sport stadiums, and other venues around the world.
-
-Everyone should be extremely worried about sharing any biometric data with others, and should never do so simply for "convenience".
-
-Sadly, many people do not know they might have a right to refuse.
-
-**Refusing to provide biometric data everywhere we can is crucial.**
-
-If people never refuse and simply accept surveillance without objection, we will soon lose any right we had to refuse. Without changes, this is the dystopia we are running towards.
-
-If everyone said no instead of complying for convenience, these intrusive technologies would stop being imposed on us. We have a duty to **say no** when we can.
-
-## Parking apps
-
-Parking applications might feel like a boring but necessary sacrifice. With the slow disappearance of parking meters and cash money, more parking facilities now require parking apps for registration and payment.
-
-The problem is, these applications collect lots of sensitive information. Necessarily, they collect parking location, parking duration, license plate number, phone number, email, payment information, and often even your full legal name. This information can be shared across multiple applications and organizations (partners) to track a car's location even beyond the parking facility.
-
-Despite how sensitive this data is, it's very likely most applications have not invested the time and effort to protect it properly. Inevitably, [data breaches](https://www.classaction.org/blog/parkmobile-data-breach-class-action-heres-what-you-need-to-know) have already occurred.
-
-Once this data is exposed, it can be challenging or impossible to change or delete it. People in vulnerable situations can be put in grave danger when such data becomes accessible to anyone looking for it.
-
-Even without criminal breaches, security researcher Inti De Ceukelaire [revealed](https://www.dailydot.com/debug/parking-apps-track-car-privacy-gdpr/) in 2022 that some parking apps could allow anybody to track a car around. This is due to poor security practices which allowed anyone to register and track any car's license plate, whether it's their car or not.
-
-Despite repeated [warnings](https://www.cbc.ca/news/canada/hamilton/hamilton-parking-app-privacy-concerns-1.5689209) from privacy experts, parking applications remain largely under-regulated.
-
-## AI assistants and note-takers
-
-Last but not least, AI assistant and note-taking applications have spawned in every corner of our lives for the past few years. Unfortunately, these **AI applications are an absolute nightmare for data privacy**.
-
-Very few AI systems of this type provide data without also *taking in* data.
-
-Most fresh AI startups simply utilize a subscription to OpenAI under the hood. This means it is likely any data you input into an AI assistant or note-taker will be shared back with OpenAI in the end. This includes any personal information you type and any photos you upload.
-
-Some applications offer options to opt out of input sharing, but given the track record of tech companies asking for forgiveness rather than permission, can this really be trusted?
-
-Additionally, regardless of the stated purpose for this data collection, nothing stops these companies from using it for another purpose down the road, or selling it to someone else.
-
-AI note-taking applications that seem to be all the rage in remote meetings these days are no exception.
-
-To provide a transcript then a summary, these applications [will record](https://www.zscaler.com/cxorevolutionaries/insights/privacy-security-concerns-ai-meeting-tools) the whole meeting, often including both audio and video. This data will be stored by the AI note-taking company, and maybe also shared with at least OpenAI, potentially with other third-parties as well.
-
-This is **incredibly intrusive**, not to say straight out *creepy*.
-
-Besides, it can even be *illegal*. If you use this kind of application with someone living in a region with a [two-party consent law](https://acclaws.com/can-you-record-a-conversation-legally/), recording without prior consent of all participants is criminal.
-
-Even without this, any personal information collected by an AI system is still **subject to the privacy regulation protecting its data subject**. Nobody should take lightly the legal and moral obligations they have when using or developing such invasive technology.
-
-Even if you don't care about sending *your own* personal data to these companies, **you are still responsible** for [the data of others](the-privacy-of-others.md) you input in these systems.
-
-For organizations, using AI doesn't remove any legal obligations to **[comply with privacy laws](https://iapp.org/news/a/how-privacy-and-data-protection-laws-apply-to-ai-guidance-from-global-dpas)**. You are still responsible for any personal data collected by your usage of AI systems, even when delegating the task to OpenAI or any other subcontractor.
-
-## How to opt out?
-
-There are multiple ways to opt out of surveillance disguised as convenience. The first thing of course is to avoid using any such technology whenever possible.
-
-Before taking a plane, spend some time researching if your citizenship and the region you are visiting grant you opt-out rights. If it does, print this documentation and be ready to politely ask for a traditional identify verification instead of a face scan.
-
-If you own a car, try to find a parking application that has been more thoughtful regarding security and privacy. Report any parking apps which infringe on your local privacy laws to your local Data Protection Authority or equivalent. If you go somewhere that could put you in danger if tracked — for example, because you are victim of domestic violence or stalking — consider renting a car with a different license plate, sharing a ride with a trusted friend, or parking at another location you can safely walk from.
-
-**Do NOT use any AI note-taker!** This technology might seem *convenient* at first, but it is completely unnecessary (and also unreliable). If you use this technology carelessly without providing proper privacy notice, you could run into serious legal risks. Additionally, you risk eroding the trust of everyone communicating with you when the *inevitable* data breach occurs.
-
-If someone invites you to a meeting using an AI note-taker, do not hesitate to refuse being recorded, and share your discomfort about this technology.
-
-If you must use an AI assistant, try to find one that can run *offline,* and does not upload your inputs back to the company's server. When this isn't possible, make sure at least to never share any personal information with these systems. Be especially vigilant not to share any data related to other people, and especially children. This could lead to severe legal consequences for you down the road.
-
-## Why it is crucial to oppose everywhere we can
-
-If we all do everything we can to opt out every time we can, it will become harder and harder to implement mass surveillance systems in our society.
-
-The response provided when privacy experts raise the alarm is often to minimize concerns saying "it's only optional, and people can opt out".
-
-But for **how long will we keep the right to opt out** if we never exercise this right? How many dark patterns and intimidation techniques are used to pressure people into saying yes, or to make sure they never know about their right to opt out?
-
-Furthermore, write to your representatives about your concerns related to privacy rights and the rise of surveillance systems in our society. Discuss this with your family and your friends. Post about it on social media. Share your experience of surveillance with the press.
-
-The more we are talking about this problem, the stronger the opposition becomes, and the more chances we have to **keep our privacy rights alive**.
-
-If we do not stand firm to defend our rights, even when it's inconvenient to do, we might soon lose them.
-
-## Additional resources
-
-- [Facial scan at airport (United States): Protect Your Face Data](https://www.ajl.org/campaigns/fly)
-
-- [Information on parking apps vulnerabilities: Not My Plate](https://notmyplate.com/)
-
-- [Information on AI note-takers](https://www.fisherphillips.com/en/news-insights/ai-notetaking-tools-should-you-use-them.html)
-
-- [How to remove/disable Microsoft's Windows Recall](https://www.microsoftrecall.com/)
diff --git a/blog/posts/signal-configuration-and-hardening.md b/blog/posts/signal-configuration-and-hardening.md
index f10da4d0..940348e9 100644
--- a/blog/posts/signal-configuration-and-hardening.md
+++ b/blog/posts/signal-configuration-and-hardening.md
@@ -1,7 +1,7 @@
---
date:
created: 2022-07-07T19:00:00Z
- updated: 2025-05-24T14:00:00Z
+ updated: 2024-08-23T19:00:00Z
authors:
- contributors
- matchboxbananasynergy
@@ -18,7 +18,7 @@ schema_type: AnalysisNewsArticle
---
# Signal Configuration and Hardening Guide
-[Signal](https://www.privacyguides.org/en/real-time-communication#signal) is a widely regarded instant messaging service that is not only easy to use but is also private and secure. Signal's strong end-to-end encryption implementation and metadata protections provide a level of assurance that only you and your intended recipients are able to read communications.
+[Signal](https://www.privacyguides.org/en/real-time-communication#signal) is a widely regarded instant messaging service that is not only easy to use but is also private and secure. Signal's strong E2EE implementation and metadata protections provide a level of assurance that only you and your intended recipients are able to read communications.
This guide details actions you can take to configure and harden Signal in accordance with your [threat model](https://www.privacyguides.org/en/basics/threat-modeling/).
@@ -26,7 +26,7 @@ This guide details actions you can take to configure and harden Signal in accord
### Signal PIN
-When you register for Signal with your phone number, you will be asked to set up a Signal PIN. This PIN can be used to recover your profile, settings, contacts, and blocked users in case you ever lose or switch devices.
+When you register for Signal with your phone number, you will be asked to set up a Signal PIN. This PIN can be used to recover your profile, settings, contacts and who you've blocked in case you ever lose or switch devices.
Additionally, your Signal PIN can also double as a registration lock that prevents others from registering with your number.
@@ -34,18 +34,18 @@ Additionally, your Signal PIN can also double as a registration lock that preven
The server will not enforce the registration lock after 7 days of inactivity. After that, someone will be able to reset the PIN at registration and register with your phone number. This will wipe the data stored in your Signal account, as it is encrypted by the PIN, but it won't prevent someone from registering with your number provided that they can receive a text on it.
-**Important update**: Since this blog post was published, there have been changes to the registration flow for Signal. You should read about this [here](signal-number-registration-update.md).
+**Important update**: since this blog post was published, there have been changes to the registration flow for Signal. You should read about this [here](signal-number-registration-update.md).
If you haven't set up a Signal PIN, or have previously opted out of setting one up, follow these steps on Android/iOS:
-- Select :material-dots-vertical: → **Settings** → **Account** → **Signal PIN**
+- Select :material-dots-vertical: > **Settings** > **Account** > **Signal PIN**
- Select **Create new PIN**
-Signal will prompt you to enter a PIN. We suggest using a strong, alphanumeric PIN that can be stored in a [password manager](https://www.privacyguides.org/en/passwords/).
+Signal will prompt you to enter a PIN. We suggest using a strong alphanumeric PIN that can be stored in a [password manager](https://www.privacyguides.org/en/passwords/).
Once you have done that, or if you already have set up a PIN, make sure that **Registration Lock** is also enabled.
-- Select :material-dots-vertical: → **Settings** → **Account** → **Signal PIN**
+- Select :material-dots-vertical: > **Settings** > **Account** > **Signal PIN**
- [x] Turn on **Registration Lock**
!!! Important
@@ -65,12 +65,12 @@ It is best practice to always compare safety numbers with your contacts. This ca
!!! Important
- In order for safety numbers to also verify that the intended recipient has access to the device you're verifying, you need a secondary communication channel where you can authenticate the person that is holding the device. For example, an in-person meeting or a video call.
+ In order for safety numbers to also verify that the intended recipient has access to the device you're verifying, you need a secondary communication channel where you can authenticate the person that is holding the device. For example, an in-person meeting or during a video call.
To view the safety number for a particular contact, you need to follow these steps within Signal:
- Go to a chat with a contact.
-- Select the chat header or :material-dots-vertical: → **View Safety Number**
+- Select the chat header or :material-dots-vertical: > **View Safety Number**
Once you've compared the safety numbers on both devices, you can mark that contact as **Verified**.
@@ -78,7 +78,7 @@ A checkmark will appear in the chat header by your contact's name when the safet
After doing that, any time the safety number changes, you'll be notified.
-If the safety number with one of your contacts changes, we recommend asking the contact what happened (if they switched to a new device or re-installed Signal, for example) and verifying the safety numbers again.
+If the safety number with one of your contacts changes, we recommend asking the contact what happened (if they switched to a new device or re-installed Signal, for example) and verify the safety numbers again.
For more demanding threat models, you should agree on a protocol with your contacts in advance on what to do in case the safety number ever changes.
@@ -92,7 +92,7 @@ It is good practice to set up disappearing messages in Signal's settings so that
On Android/iOS:
-- Select :material-dots-vertical: → **Settings** → **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
- Under **Disappearing messages**, select **Default timer for new chats**
- Select the desired amount of time and select **Save**
@@ -119,20 +119,22 @@ Your recipient doesn't make any requests unless they open the link on their end.
On Android/iOS:
-- Select :material-dots-vertical: → **Settings** → **Chats**
+- Select :material-dots-vertical: > **Settings** > **Chats**
- [ ] Turn off **Generate link previews**
### Screen Security
-Signal allows you to prevent a preview of the app being shown (i.e., in the app switcher) unless you explicitly open it. This option can be found in :material-dots-vertical: → **Settings** → **Privacy**.
+Signal allows you to prevent a preview of the app being shown (i.e., in the app switcher) unless you explicitly open it.
-=== "Android"
+On Android:
- - [x] Turn on **Screen Security**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
+- [x] Turn on **Screen Security**
-=== "iOS"
+On iOS:
- - [x] Turn on **Hide Screen in App Switcher**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
+- [x] Turn on **Hide Screen in App Switcher**
### Screen Lock
@@ -142,22 +144,26 @@ To mitigate this, you can leverage the Screen Lock option to require additional
On Android/iOS:
-- Select :material-dots-vertical: → **Settings** → **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
- [x] Turn on **Screen Lock**
### Notification Privacy
Even when your phone is locked, anyone who can lay eyes on the device can read messages and sender names from your lock screen.
-On Signal, you have the ability to hide message content and sender name, or just the message content itself. This option can be found in :material-dots-vertical: → **Settings** → **Notifications** → **Show**.
+On Signal, you have the ability to hide message content and sender name, or just the message content itself.
-=== "Android"
+On Android:
- - Select **No name or message** or **Name only**, respectively.
+- Select :material-dots-vertical: > **Settings** > **Notifications**
+- Select **Show**
+- Select **No name or message** or **Name only** respectively.
-=== "iOS"
+On iOS:
- - Select **No name or Content** or **Name Only**, respectively.
+- Select :material-dots-vertical: > **Settings** > **Notifications**
+- Select **Show**
+- Select **No name or Content** or **Name Only** respectively.
### Call Relaying
@@ -165,21 +171,14 @@ Signal allows you to relay all calls (including video calls) through the Signal
On Android/iOS:
-- Select :material-dots-vertical: → **Settings** → **Privacy** → **Advanced**
+- Select :material-dots-vertical: > **Settings** > **Privacy** > **Advanced**
- [x] Turn on **Always Relay Calls**
For incoming calls from people who are not in your Contacts app, the call will be relayed through the Signal server regardless of how you've set it up.
-### Bypass Internet Censorship
+### Proxy Support
-If Signal is blocked in your country, it has a built-in "Censorship Circumvention" feature that uses domain fronting to bypass restrictions.
-
-On Android/iOS:
-
-- Select :material-dots-vertical: → **Settings** → **Privacy** → **Advanced**
-- [x] Turn on **Censorship Circumvention**
-
-Additionally, Signal allows you to set up a proxy to bypass censorship.
+If Signal is blocked in your country, Signal allows you to set up a proxy to bypass it.
!!! Warning
@@ -187,13 +186,13 @@ Additionally, Signal allows you to set up a proxy to bypass censorship.
You can learn more about Signal's proxy support on their [website](https://support.signal.org/hc/en-us/articles/360056052052-Proxy-Support).
-### Disable Signal Call History (iOS only)
+### Disable Signal Call History (iOS)
Signal allows you to see your call history from your regular phone app. This allows your iOS device to sync your call history with iCloud, including whom you spoke to, when, and for how long.
If you use iCloud and you don’t want to share call history on Signal, confirm it’s turned off:
-- Select :material-dots-vertical: → **Settings** → **Privacy**
+- Select :material-dots-vertical: > **Settings** > **Privacy**
- [ ] Turn off **Show Calls in Recents**
## Signal Hardening
@@ -202,13 +201,13 @@ If you use iCloud and you don’t want to share call history on Signal, confirm
While it may be tempting to link your Signal account to your desktop device for convenience, keep in mind that this extends your trust to an additional and potentially less secure operating system.
-Avoid linking your Signal account to a desktop device to reduce your attack surface if your threat model calls for protecting against [:material-bug-outline: Passive Attacks](https://www.privacyguides.org/en/basics/common-threats/#security-and-privacy){ .pg-orange }.
+Avoid linking your Signal account to a desktop device to reduce your attack surface, if your threat model calls for protecting against [:material-bug-outline: Passive Attacks](https://www.privacyguides.org/en/basics/common-threats/#security-and-privacy){ .pg-orange }.
### Molly (Android)
-If you use [Molly](https://www.privacyguides.org/en/real-time-communication/#molly-android) on Android to access the Signal network, below is an overview of the many privacy- and security-enhancing features that you may want to explore. You can find a full list of Molly's [features](https://github.com/mollyim/mollyim-android#features) on the project's repository.
+If you use [Molly](https://www.privacyguides.org/en/real-time-communication/#molly-android) on Android to access the Signal network, there are many privacy and security-enhancing features that you may want to explore.
-#### Data Encryption at Rest
+#### Privacy and Security Features
Molly has implemented database encryption at rest, which means that you can encrypt the app's database with a passphrase to ensure that none of its data is accessible without it.
@@ -225,16 +224,14 @@ For the database encryption feature to be useful, two conditions must be met:
If both of the above conditions are met, the data within Molly is safe as long as the passphrase is not accessible to the attacker.
-#### RAM Wiper
-
To supplement the database encryption feature, Molly securely wipes your device's RAM once the database is locked to defend against forensic analysis.
While Molly is running, your data is kept in RAM. When any app closes, its data remains in RAM until another app takes the same physical memory pages. That can take seconds or days, depending on many factors. To prevent anyone from dumping the RAM to disk and extracting your data after Molly is locked, the app overrides all free RAM memory with random data when you lock the database.
-#### Calls and Contacts
-
-There is also the ability to configure a SOCKS proxy in Molly to route its traffic through the proxy or [Tor via Orbot](https://www.privacyguides.org/en/alternative-networks/#orbot). When enabled, all traffic is routed through the proxy and there are no known IP or DNS leaks. When using this feature, [call relaying](#call-relaying) will always be enabled, regardless of the setting.
+There is also the ability to configure a SOCKS proxy in Molly to route its traffic through the proxy or [Tor via Orbot](https://www.privacyguides.org/en/tor#orbot). When enabled, all traffic is routed through the proxy and there are no known IP or DNS leaks. When using this feature, [call relaying](#call-relaying) will always be enabled, regardless of the setting.
Signal adds everyone who you have communicated with to its database. Molly allows you to delete those contacts and stop sharing your profile with them.
-To supplement the feature above, as well as for additional security and to fight spam, Molly offers the ability to block unknown contacts whom you've never been in contact with or those who are not in your contact list without you having to manually block them.
+To supplement the feature above, as well as for additional security and to fight spam, Molly offers the ability to block unknown contacts that you've never been in contact with or those that are not in your contact list without you having to manually block them.
+
+You can find a full list of Molly's [features](https://github.com/mollyim/mollyim-android#features) on the project's repository.
diff --git a/blog/posts/stay-safe-but-stay-connected.md b/blog/posts/stay-safe-but-stay-connected.md
deleted file mode 100644
index 5ea98ed2..00000000
--- a/blog/posts/stay-safe-but-stay-connected.md
+++ /dev/null
@@ -1,357 +0,0 @@
----
-date:
- created: 2025-06-10T17:00:00Z
-categories:
- - News
-tags:
- - Pride Month
-authors:
- - em
-description: Balancing data protection and online connection can be difficult. Nevertheless, it's an essential skill to be able to stay safe online while staying connected.
-schema_type: AnalysisNewsArticle
-preview:
- cover: blog/assets/images/stay-safe-but-stay-connected/stay-connected-cover.webp
----
-
-# Stay Safe, but Stay Connected
-
-
-
-Photo: Jiroe Matia Rengel / Unsplash
-
-In data privacy, we often talk about the dangers of data collection and exposed data. It can get overwhelming to learn more about all the information that is collected on us, especially at the beginning. As a coping mechanism, some people react by downplaying concerns, disregarding dangers, and ignoring precautions altogether. Others react the opposite way: by isolating themselves, and no longer sharing anything with anyone. But neither is a viable solution.
-
-Staying isolated to avoid *all* data exposure risks other dangers. Dangers that might not seem related to data privacy directly, but are nevertheless worth mentioning here: Suicide and depression are very real dangers that we cannot ignore.
-
-Keeping our data safe shouldn't mean staying alone, and isolation is [especially dangerous for LGBTQ+ people](https://www.thetrevorproject.org/resources/article/facts-about-lgbtq-youth-suicide/).
-
-The better approach is to adopt a **segmental perspective on data privacy**.
-
-While not ignoring nor minimizing the risks, it's important to develop an awareness of which exposed data represents the biggest danger to us, which we have no control over, and which we can actually protect better.
-
-This is the balanced way out of this Orwellian nightmare.
-
-There are ways to stay together, to support each other, and to stay connected while also protecting our data and becoming an informed advocate for privacy rights.
-
-## How to stay connected while staying safe
-
-Numerous practices and tools can help to participate in online communities while also protecting one's data. There might be some sacrifices necessary of course, and each sacrifice should be weighted carefully for its benefit.
-
-It's important to remember that the best approach to data privacy isn't an [all-or-nothing mindset](privacy-is-not-dead.md). This only leads to either giving up entirely, or getting disconnected from our communities.
-
-The better mindset is to try to *improve* one's data privacy gradually, to *reduce* digital footprints where possible, and to continue to *advocate* for better legal and technical protections for the things we have no direct control over.
-
-Here are some steps you can take to stay connected, while improving your digital safety:
-
-## Practices and tools that help in various contexts
-
-There are a number of practices that can be applied in various contexts, and will help reduce or separate your digital traces. These practices are all good to keep in mind with any platforms, accounts, and information you share.
-
-If this is new to you, implementing *one* improvement at the time is a great way to avoid getting overwhelmed. Every small improvement will help, and add together over time.
-
-You do not have to do all of this, only pick what works well for you and what you can realistically implement in your life. Remember that this will not make you fully anonymous online, but *reducing* your digital footprints still gives a lot of benefits.
-
-### Pseudonymity
-
-Pseudonymity is the practice of using a fictitious name (a pseudonym) when creating accounts to detach, even slightly, one's online presentation from their full legal identity.
-
-There are different levels to this. It could mean sharing a first name but not a last name, using the name of a fictional character, or using an entirely made up name.
-
-Using a pseudonym and a profile picture that isn't a self-portrait can help significantly to reduce digital footprints and improve online safety. It can also help to detach different accounts from each other, for example by using a certain name for a work account and a pseudonym for a personal alt account.
-
-Remember that that this will not make you anonymous online, however. It will only help hide or separate your legal identity from your public-facing profile.
-
-If you want to use more serious pseudonymity online, you will also need to consider using different email addresses to sign up, different phone numbers if required, different photos of course, but also different IP addresses, and so on and so forth.
-
-### Virtual Private Network (VPN)
-
-Using a [trustworthy VPN](https://www.privacyguides.org/en/vpn/) can also help to reduce the data identifying you online, and improve your pseudonymity.
-
-Regardless of the name you choose for a profile, services (and sometimes other users even) can see your IP address. Your IP address can reveal your location more or less accurately, and can be used to identify the owner of the internet service account you use.
-
-If you do not protect this information, services and authorities have the capacity to link all your accounts and online activities together, regardless of the name and profile picture you use.
-
-You can mitigate this by using a *trustworthy* VPN (yes, trust is crucial here) that will act as a proxy for your IP address (and allow you to use different IP addresses for different accounts).
-
-Your VPN provider however will still know what your real IP address is, this is why trusting your VPN provider is so important. To protect from this, you could use another method, such as the [Tor Network](in-praise-of-tor.md).
-
-
-
VPN blocks and security checks
-
-Keep in mind that connecting to an account or website while using a VPN could trigger additional security checks, or even trigger blocks for certain websites and services.
-
-Sometimes, it's simply a CAPTCHA to solve, but it could also be an alert or additional check for a social media account you usually connect to without a VPN.
-
-In some situations, this can be resolved by selecting a different VPN server, choosing a server in the same region you are, or you might need to disable your VPN entirely to access some services.
-
-
-
-### Browser fingerprinting
-
-Limiting browser fingerprinting is important to reduce the data capable of identifying who you are from your browsing activity.
-
-Even when using a pseudonym, fictitious profile picture, and trustworthy VPN, your activity could still be linked back to you simply based on how unique your system and browser configurations are.
-
-Some [browsers](https://www.privacyguides.org/en/desktop-browsers/) offer increased protections against this type of tracking, such as Mullvad Browser and Tor Browser.
-
-### File metadata
-
-To protect your privacy online, it's important to remember to [delete metadata](https://www.privacyguides.org/en/data-redaction/) from the photos and files you share online. Even if you take care to not include identifying information in the photos, videos, and documents you share, you can still sometimes be easily re-identified from hidden file metadata alone.
-
-Photos, PDF, images, and files of all sorts usually contain hidden metadata about your device, location, and more. Removing metadata before sharing photos or files is an important consideration to improve your privacy and safety online, especially when sharing files and photos publicly.
-
-### Mobile applications
-
-Limiting the mobile apps you keep on your devices is important, not only to improve privacy but also for device security.
-
-Many mobile app developers use tracking technologies to collect information on users, sometimes well beyond their own app's usage. Additionally, each installed application increases the risk of potential vulnerabilities that could lower your system security.
-
-Whenever possible, choose to use a secure browser instead of the application to access a service (unless this is an application you trust more than your browser application). If you use an Apple device, check the App Privacy section in the App Store to know what data each of your installed apps collects.
-
-Delete all the apps you no longer need, as soon as you do not need them anymore.
-
-
-
Deleting the app does not delete the account
-
-Remember that just deleting an app from your device will not necessarily delete your account and data. Depending on the service, even after deleting the app, your account might still be accessible through a web browser.
-
-If you no longer need an account, it's important to first delete the data within it, then delete the account through the internal process, and, once this is completed, delete the application.
-
-Otherwise, your abandoned account could still sit there and risk getting taken over by someone else, or expose your data in other ways.
-
-
-
-### Photo sharing
-
-When sharing photos online, especially on social media, it's essential for both privacy and safety to develop an awareness of what the information within this photo can reveal about you.
-
-Even from a well-protected pseudonymous account, posting a photo from your home that reveals outside details could identify your location and identity. Sometimes, even details *inside* your home could pinpoint your location. Be particularly careful about reflections in glasses, mirrors, windows, and other reflective surfaces.
-
-And of course, never share photos of others online without *their* prior consent.
-
-## What to improve in each context
-
-### Social media: Improving, deleting, replacing
-
-While social media now occupies an immense role in our lives, it's unfortunately very difficult to protect one's privacy while using any corporate social media platforms.
-
-Large commercial platforms like Facebook, Instagram, Threads, YouTube, TikTok, and X (Twitter) are fundamentally advertising businesses, and their only goal is to make more money. They achieve this goal by collecting data points on users that they sell as a feature to advertisers.
-
-#### How to improve what you can
-
-If you decide staying on a corporate platform is important to you, then it is crucial to harden all the settings available to improve privacy as much as allowed. Keep in mind however that this isn't a guarantee, and some platforms have already been caught [again](https://www.aa.com.tr/en/economy/facebook-to-pay-5bn-fine-for-violating-users-privacy/1540472) and [again](https://bgr.com/tech/facebook-whatsapp-privacy-fine/) not respecting their users' preferences.
-
-Furthermore, to implement the protections discussed above, some commercial platforms are worse than others. For example, Facebook doesn't allow the use of pseudonyms anymore.
-
-Moderation is also a safety issue to consider. If you want to choose and compare corporate platforms, the non-profit GLAAD has developed a yearly [Social Media Safety Index & Platform Scorecard](https://glaad.org/smsi/social-media-safety-index-2025/) to evaluate six major social platforms for safety for the LGBTQ+ community.
-
-
-
AI training on social media platforms
-
-In addition to the privacy settings you should pay attention to, make sure to **turn off or opt out of any AI feature** you can on social media.
-
-Unfortunately, many platforms have started to use and sell users content to train AI algorithms. This is very concerning for data privacy, and could make a lot of information about you impossible to delete from these systems afterward.
-
-Again, remember however that there is no guarantee platforms will respect your preferences on this, and deleting and leaving corporate platforms might be the safest option.
-
-
-
-
-
Disclaimer for external resources
-
-Privacy Guides does not necessarily endorse these linked websites. Links are provided as suggestions of external guides to follow for this specific purpose. We do not necessarily approve the other recommendations or guides presented on these external resources.
-
-
-
-- [Improving privacy settings on X (formerly Twitter)](https://beconnected.esafety.gov.au/topic-library/social-media-apps/introduction-to-twitter/controlling-your-x-privacy-settings)
-- [Improving privacy settings on Facebook](https://www.consumerreports.org/electronics-computers/privacy/facebook-privacy-settings-a1775535782/)
-- [Improving privacy settings on Instagram](https://www.consumerreports.org/electronics-computers/privacy/instagram-privacy-settings-a3036233134/)
-- [Improving privacy settings on Threads](https://www.myprivacy.blog/threads-privacy-setup-a-2025-technical-guide-for-users-under-25/)
-- [Improving privacy settings on YouTube](https://www.groovypost.com/howto/manage-your-youtube-privacy-settings/)
-- [Improving privacy settings on TikTok](https://www.maketecheasier.com/tiktok-privacy-settings/)
-- [Improving privacy settings on Reddit](https://www.myprivacy.blog/reddit-privacy-guide-securing-your-presence-in-2025/)
-- [Improving privacy settings on LinkedIn](https://www.presencesecure.com/linkedin-privacy-settings-guide/)
-
-Additionally, with [the proliferation of age verification](age-verification-wants-your-face.md) regulations, more commercial platforms might soon not only require a legal name, but also require providing an official ID in order to continue using the platform, severely damaging online privacy for everyone.
-
-In light of this, it might be a better idea to leave these intrusive and data exploitative platforms altogether, while deletion is still an option.
-
-#### How to delete corporate social media accounts
-
-[Deleting the accounts](https://www.privacyguides.org/en/basics/account-deletion/) you no longer use is an essential habit to adopt in order to improve both privacy and security online.
-
-Unused accounts leave a data trail that can get exploited by platforms unchecked, for example with the recent addition of terms of service to allow [using all content for AI-training purposes](https://www.pcworld.com/article/2343263/facebook-wants-to-use-your-posts-for-ai-training-how-to-object.html). Moreover, keeping abandoned accounts increases significantly the risk of account takeover and data leak.
-
-A healthy privacy habit is to request account and data deletion as soon as an account is no longer needed, rather than leaving the account abandoned.
-
-
-
Remember before deleting!
-
-Before deleting any account, always make sure to:
-
-1. Deactivate any sign-in option you might have used this account with. For example, if you use the sign in with Google or Facebook option with other accounts, make sure to log in these accounts and select another way to connect that doesn't rely on the account you are about to delete.
-
-2. If you need to keep a copy of your own data, make sure to download and verify it before you delete the account.
-
-3. In some situations, it can help to delete information within the account first. Go through your profile and delete or modify what you can manually.
-
-4. If you want to stay in contact, inform the people you usually contact through this account of an alternative way to contact you.
-
-
-
-- [Deleting X (formerly Twitter) posts](https://cyd.social/download/)
-- [Deleting X (formerly Twitter) account](https://lifehacker.com/how-to-delete-your-x-account)
-- [Deleting Facebook](https://lifehacker.com/tech/how-to-delete-your-facebook-account)
-- [Deleting Instagram](https://lifehacker.com/tech/how-to-deactivate-or-delete-your-instagram)
-- [Deleting Threads](https://www.pcmag.com/how-to/how-to-delete-threads-without-getting-rid-of-your-instagram-account)
-- [Deleting YouTube (Google)](https://www.tech2geek.net/how-to-delete-your-youtube-account-2025-step-by-step-guide/)
-- [Deleting TikTok](https://www.techlifeunity.com/delete-tik-tok-account)
-- [Deleting Reddit](https://lifehacker.com/tech/how-to-delete-your-reddit-account)
-- [Deleting LinkedIn](https://www.maketecheasier.com/how-to-delete-linkedin-account/)
-
-#### Which better platforms to use to stay connected
-
-While any data publicly accessible online can technically be collected by anyone, using alternative platforms that aren't advertising businesses can still greatly improve your data privacy online.
-
-For example, platforms that are part of the Fediverse social network are predominantly non-profit, open-source software using a collection of connected servers generally run by volunteers.
-
-The incentive isn't to monetize users data at all, the goal is simply to support the community. This is a *crucial* difference.
-
-When moving to non-corporate platforms, you should also adopt all the good privacy practices listed above. The good news is you will not encounter resistance to do so there. These platforms will not endlessly exploit your data internally, like big tech social media does.
-
-Fediverse-connected platforms tend to value users privacy and security much more. Because **their goal isn't to make profit from your data**.
-
-You will still need to go through the settings to adjust and harden your privacy preferences, but you'll see already that almost no personal data is required to sign up, and there will be no advertising profile tracking you around (and no ads!).
-
-- [Replacing X and Threads with :material-arrow-right-bold: Mastodon](https://joinmastodon.org/)
-- [Replacing Facebook with :material-arrow-right-bold: Friendica](https://friendi.ca/)
-- [Replacing Instagram with :material-arrow-right-bold: Pixelfed](https://pixelfed.org/)
-- [Replacing YouTube with :material-arrow-right-bold: PeerTube](https://joinpeertube.org/)
-- [Replacing TikTok with :material-arrow-right-bold: Loops](https://joinloops.org/)
-- [Replacing Reddit with :material-arrow-right-bold: Lemmy](https://join-lemmy.org/)
-- [Replacing Meetup or Facebook Groups with :material-arrow-right-bold: Mobilizon](https://mobilizon.org/)
-
-### Private messaging: One-on-one and group chats
-
-Many of the dangers described for social media also exist for messaging services.
-
-When it comes to private messaging, you cannot trust any software that does not protect your communication with solid *end-to-end encryption*.
-
-End-to-end encryption is a protection that will prevent third parties (including the platform itself) from having access to your messages. When well implemented, only the intended sender(s) and recipient(s) will have access to the messages your send using end-to-end encryption.
-
-Popular messaging services and platforms such as [regular SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why/), Discord, Slack, and most social media direct messages unfortunately do not offer this protection, and are horrible for data privacy.
-
-Even messaging apps like WhatsApp, Facebook Messenger, Snapchat, and Telegram, that *can* be used with *some* end-to-end encryption, have other important data privacy problems that make them difficult to trust.
-
-#### Signal
-
-One of the best free end-to-end encrypted messenger you can use at this time for one-on-one and group conversations is [Signal](https://signal.org/).
-
-While Signal requires a phone number to sign up, it will not collect any other data from you. Once installed, [activating the usernames feature](https://support.signal.org/hc/en-us/articles/6712070553754-Phone-Number-Privacy-and-Usernames) and adjusting phone number privacy is important to prevent sharing your phone number with others. That way, you will be able to simply share your *username* to start communicating with anyone.
-
-Moreover, the [disappearing messages feature](https://support.signal.org/hc/en-us/articles/360007320771-Set-and-manage-disappearing-messages) will greatly help to reduce your data trail. Remember however that this will not prevent a malicious recipient from downloading or taking screenshots of the sensitive information you share with them. This is true for any service with disappearing messages. Only send sensitive information and photos to people you trust, even when using disappearing messages on encrypted platforms.
-
-#### Other end-to-end encrypted messengers
-
-While Signal might be the most popular and easier to use, there are many other instant messaging apps that offer solid end-to-end encryption features.
-
-Some will not even require a phone number to sign up. However, because they are less popular, it might be more difficult to find other users willing to use them with you to communicate.
-
-They also offer different features and experiences, that you might prefer, or not. If you prefer to use a different application, you can have a look at our other [recommended instant messaging](https://www.privacyguides.org/en/real-time-communication/) applications.
-
-#### Matrix with Element
-
-[Matrix](https://matrix.org/) is an open network for decentralized communication. This network uses a collection of connected servers, and can be accessed using different [client applications](https://matrix.org/ecosystem/clients/). Matrix clients will offer different experiences and features, and be available on different systems.
-
-Using Matrix with the open-source client [Element](https://element.io/) is a good alternative to Slack and Discord's chat rooms. The Matrix protocol allows chat rooms to use end-to-end encryption.
-
-
-
Not all rooms are end-to-end encrypted
-
-Remember that not every room uses end-to-end encryption on Matrix. You can verify this in Element, from the detailed room information panel, by the "Encrypted" or "Not encrypted" badge under a room's name.
-
-
-
-Again, because this open-source protocol is developed by a non-profit organization, the goal isn't to collect data on users. There is no incentive to monetize users' data, and because of this, choosing these better alternatives will greatly improve your data privacy compared to using commercial platforms.
-
-#### End-to-end encrypted emails
-
-For email communication, moving away from large providers such as Google and Microsoft can improve your communication's privacy immensely.
-
-Large providers of free email services tend to collect a lot of data on their users, sometimes including the content of their communications. Moving to a service that uses end-to-end encryption and better practices around metadata offers significant benefits.
-
-Proton Mail and Tuta are two services implementing end-to-end encryption to protect the content of users' messages. For more details and options, you can look at our recommended [email services providers](https://www.privacyguides.org/en/email/) page.
-
-Of course, when using any of these services, you will still have to take into account to whom you are sending the email. For end-to-end encryption to properly protect data both in transit and at rest, the sender needs to use a service *compatible* with the recipient.
-
-There are methods and third-party applications that can be used to encrypt and decrypt a message from a provider that does not offer end-to-end encryption, but this adds additional steps casual users might not feel comfortable getting into.
-
-That being said, if you use a Proton Mail address to email another Proton Mail user, by default all communication's content will be fully encrypted, and only accessible to you and the intended recipient. Similarly, if you use Tuta to email another Tuta user, communication will be fully end-to-end encrypted.
-
-Communications between different providers will likely require additional steps, however, or will not benefit from end-to-end encryption on the server where the message is sent. For example, when sending an email from a Proton Mail to a Gmail account, if no additional protections are used, the content of this message will still be accessible to Google on the recipient's side.
-
-All of this to say, be mindful when using email communication to exchange sensitive data, and make sure to verify inter-service compatibility to stay fully protected.
-
-Even considering this, using a Tuta or Proton Mail account to communicate even with people using unencrypted services still has the benefit that your communication will at least be stored fully encrypted on *your* side.
-
-### Online dating: Balancing authenticity and caution
-
-Unfortunately, it is still extremely difficult to protect sensitive data while using dating apps. Very few dating apps are careful about protecting user's data properly, and many breaches have already happened to confirm this.
-
-Moreover, using a dating app cannot be done completely anonymously. Inevitably, at least some photos or some personal information need to be shared. Pseudonymity on dating app can come at the cost of authenticity, which is very important when dating.
-
-While not sharing someone's last name and address is certainly a recommended and cautious measure, not sharing any photos or any personal information isn't really an option in this context.
-
-What can be done to improve privacy while not impacting authenticity and truthfulness when dating?
-
-Sharing only a first name is a good start. Remaining mindful of selecting photos that do not reveal someone's exact home location is also a good safety measure.
-
-Additionally, once a partner is trusted enough, moving to a more secure and more private end-to-end encrypted channel before sharing more intimate information or pictures can be a good idea.
-
-Some dating apps might soon require official IDs or other sensitive identifiers for age verification purposes. This can be a dangerous practice if there is a risk of data leak, which, well, there always is. Choosing applications that prioritize their users' privacy and safety, and moving away from the ones who don't, is fundamental.
-
-Before investing time in a dating app, make sure to review properly what personal information will be collected, how it can be deleted after (once you've found the love(s) of your life at last), and what data will remain or be requested for the deletion request.
-
-Make sure to browse trustworthy sources to check which apps have better privacy practices, and which ones have been exposed for their bad behaviors. Then, choose accordingly an application you trust enough to share your intimate details with.
-
-### In person: Groups and events
-
-Many people still use commercial platforms such as Facebook Groups, Eventbrite, and Meetup to organize events and groups.
-
-Regrettably, requiring attendees to provide information to a commercial platform collecting their data can put people at severe risk of harm, and completely exclude the most vulnerable.
-
-When organizing events and groups for your community, select platforms that will *not* collect your attendees' data instead.
-
-Sometimes, a good old static website to advertise an event is enough. Then, link to this page on social media to increase visibility. This method has worked for decades before, when people met in person even more.
-
-The need to collect RSVP from attendees is rarely justified. It negatively impacts data privacy, risks endangering attendees in vulnerable situations (such as victims of domestic violence and stalking), and is usually greatly misleading anyway.
-
-You will significantly improve your event's accessibility and safety by not requiring attendees leave a digital trace of where they will be physically.
-
-If you want a service more structured than a static website, **[Mobilizon](https://mobilizon.org/) is an excellent free and open replacement to commercial platforms for groups and events**.
-
-It was developed by the French non-profit Framasoft, and has no incentive to collect users' data. Accounts can be created from multiple [instances](https://instances.joinmobilizon.org/instances), and instances can even be self-hosted if group and event organizers wish more control over their data.
-
-Finally, do not neglect the power of a good old paper poster for your local events. Posting in the streets, local libraries, and on school billboards is still an excellent and efficient way to invite locals to join your event, without the need for any data collection.
-
-## Stay connected
-
-Reaching out for connection can be difficult at time, but it's essential.
-
-While using measures to protect your privacy and your safety, staying connected with your queer community is vital to find the support you need and to find a space where you can be yourself.
-
-Peer support is a fundamental need for anyone. While protecting our data is also important, using a balanced approach to stay connected *while* staying safe is not just important to survive, but also to live and to thrive.
-
-If you are feeling isolated, reach out for connections. You are not alone 💛
-
-## Resources to help
-
-If you are feeling isolated, depressed, or suicidal, do not hesitate to reach out for help. These helplines are here to listen:
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): Confidential support helpline for people who identify as trans, agender, gender-fluid or non-binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support (Phone number US: 877-565-8860 / Canada: 877-330-6366)
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 (Phone number: 988)
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
diff --git a/blog/posts/tor-security-slider-flaw.md b/blog/posts/tor-security-slider-flaw.md
deleted file mode 100644
index 5a7875d3..00000000
--- a/blog/posts/tor-security-slider-flaw.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-date:
- created: 2025-05-02T11:20:00Z
- updated: 2025-05-03T15:00:00Z
-categories:
- - News
-authors:
- - jonah
-tags:
- - PSA
- - Tor
-description: |
- PSA: The security level slider in Tor Browser (and Mullvad Browser) does not fully apply until restarting the browser. This presents a high risk to people who switch from Standard to Safer security during a browsing session in order to protect themselves from browser exploits.
-schema_type: ReportageNewsArticle
-preview:
- cover: blog/assets/images/tor-security-slider-flaw/cover.png
----
-# A Flaw With the Security Level Slider in Tor Browser
-
-
-
-Illustration: Jonah Aragon / Privacy Guides
-
-[Tor Browser](https://www.privacyguides.org/en/tor/#tor-browser) and [Mullvad Browser](https://www.privacyguides.org/en/desktop-browsers/#mullvad-browser) users should be aware of a flaw with the Security Level slider: Not all protections advertised by the browser are properly engaged until the browser is fully restarted.
-
-This flaw was anonymously reported to *Privacy Guides* by a member of our [community](https://discuss.privacyguides.net/), and I confirmed it via the latest Tor Browser 14.5.1 on macOS. Additionally, I confirmed this behavior in Mullvad Browser 14.5.1 on macOS.
-
-~~I was unable to find any documentation or open GitLab issues with Tor regarding the need to take additional steps before security settings are fully applied, and~~ Tor Browser documentation does not note that a restart is required, nor does it prompt users to restart the browser after security changes are made. (update: see below)
-
-This presents a high risk to people who switch from Standard to Safer security during a browsing session with the goal to protect themselves from browser exploits.
-
-## Demonstration
-
-The effect can be easily demonstrated in your own Tor Browser install by running a JavaScript benchmark such as [JetStream 2.2](https://browserbench.org/JetStream/). These benchmarks rely on a technology called Just-in-Time (JIT) compilation to improve performance, but JIT is linked to numerous security vulnerabilities in modern web browsers. The "Safer" security level normally disables JIT entirely to prevent these issues, however, you can see virtually no performance impact when switching to the Safer security level in Tor Browser and running the benchmark again:
-
-
- 
- JetStream 2.2 benchmark results in Standard mode
-
-
-
- 
- JetStream 2.2 benchmark results in Safer mode, without restarting Tor Browser
-
-
-While the performance is virtually identical between these two runs, *after* restarting Tor Browser and re-running the test, we see drastically lower performance results, in line with what we would expect with JIT properly disabled:
-
-
- 
- JetStream 2.2 benchmark results in Safer mode, after restarting Tor Browser
-
-
-As you can see, there is no visible indicator that anything is different between the last two runs, and there was no prompt to restart the browser after changing these settings. However, this clearly indicates that JavaScript technologies that are meant to be disabled in Safer mode can still be accessed by websites until the browser is restarted, potentially opening you up to browser exploits if you are unaware of the additional steps required to secure yourself.
-
-## Safest Mode
-
-We have not tested or verified the full extent of security features which require a browser restart. We tested whether JIT remained enabled after switching to Safer mode because it was the easiest feature to test. Safest mode disables JavaScript entirely, so the demonstration above will not demonstrate this problem exists when switching to Safest mode.
-
-However, it is possible that there are *other* features normally disabled by Safest mode which remain enabled until you restart your browser. Out of an abundance of caution, we recommend always restarting your browser after changing this setting, regardless of whether you are switching to Safer or Safest mode.
-
-## Conclusion
-
-The Tor Project advertises the security slider as a way to conveniently adjust the protections that the Tor Browser provides, but does not note additional steps necessary to ensure those settings actually go into effect.
-
-This is our public service announcement to make sure you **always completely restart Tor Browser after adjusting your security settings.** Relying on these indicators can create a false sense of security and potentially expose users relying on this security level slider to greater risk than they expect based on Tor Browser's UI and documentation.
-
-Hopefully, Tor Browser will prompt or force their users to restart the browser after adjusting these settings in a future update.
-
----
-
-**Update (5/3):** A few hours following the publication of this article, the Tor Project emailed us the following statement:
-
-> The Tor Project is aware of this issue, and it is being tracked and actively
-> addressed. Those interested can follow the discussion and progress here:
-> . In
-> addition to a restart prompt, we’re also exploring broader improvements to the
-> security level system, including aligning it more closely with Tor Browser's
-> updated threat model\[1] and possibly delegating even more of its back-end
-> to NoScript for additional flexibility. These improvements may be part of the
-> upcoming 15.0 release cycle.
->
-> \[1]:
diff --git a/blog/posts/you-can-say-no.md b/blog/posts/you-can-say-no.md
deleted file mode 100644
index eb6cc7ac..00000000
--- a/blog/posts/you-can-say-no.md
+++ /dev/null
@@ -1,149 +0,0 @@
----
-date:
- created: 2025-06-17T18:00:00Z
-categories:
- - Opinion
-authors:
- - em
-description: |
- Sometimes, it can feel like our data is collected completely outside of our control or consent. But we still have a powerful weapon to fight back: The power to say no.
-schema_type: Opinion
-preview:
- cover: blog/assets/images/you-can-say-no/no-cover.webp
----
-
-# You Can Say NO
-
-
-
-Photo: Gabby K / Pexels
-
-In the age of facial recognition and age verification, it might feel like our data is being harvested left and right, completely outside our control or consent. Yet, we still have a powerful weapon to fight back against surveillance: The power to say no.
-
-The power to say no is one we severely underutilize. Of course, there are circumstances where it can be difficult (impossible even!) to refuse. Saying no can come at a cost, but this isn't true everywhere, and (more importantly) that cost might be worth paying.
-
-There are many occasions where we could indeed refuse to comply with privacy-invasive requests, but miss the opportunity.
-
-However, it is vital as a community and as individuals that we exercise this right every time we possibly can, if we want to stand a fighting chance against the normalization of mass surveillance.
-
-## Why people surrender
-
-Many people agree to privacy-invasive requests despite feeling uncomfortable about it. They might not necessarily agree as much as *not refuse*, but the result is the same. There are many factors responsible for this:
-
-### Time pressure
-
-Sometimes, when a new request is rushed, people do not have sufficient time to evaluate the consequences of saying yes or no.
-
-It's hard to make an informed decision when we get suddenly asked by a polite cashier "can I have your postal code?", or some airport worker instructing us to "just stand in line here to have your photo taken". We might get caught off guard and simply not process what is really happening.
-
-When we do not have enough time or energy to properly evaluate the consequences of data collection, our default response should always be no. It's much easier to add data later on if needed, than to delete it.
-
-### Default pressure
-
-Other times, we might not even know we have a right to object.
-
-There are so many instances in privacy where data collection is presented to us as just the normal way to proceed, without informing us properly about our other options. Of course, this is often by design, because people might never accept such intrusive practices otherwise.
-
-For privacy consent, like for any other types of consent, it's important to remember that lack of an explicit and informed yes should equal to a no.
-
-When we do not have sufficient information about why this data is collected and how it will be processed, our default response should always be to ask if there is an option to opt out or refuse.
-
-### Peer pressure
-
-Then, there's the peer pressure when everyone else is doing it.
-
-Everyone else is on this platform, it must be okay. Everyone else has agreed to being recorded during this meeting, it must be okay. Everyone else is sharing a photo of their face, it must be okay. Everyone else is scanning their irises, it must be okay.
-
-Do not get duped by popularity. Sometimes, the most popular things people are doing are the worst things to do. Even if it can be really hard to resist peer pressure and to swim against the tide, it's important to make informed decisions free from the influence of trends.
-
-When we know a service, platform, or product doesn't respect our privacy rights, we should feel proud to take a stand and refuse to use it ourselves, even if everyone else uses it (for now).
-
-Whether it's because we have been pressured in time, pressured by peers, or simply because we did not know we could say no, it is crucial we take the time to reflect on this preventively, in order to be prepared to say no the next time we have a chance to.
-
-## There are consequences for saying no, but worse ones for saying yes
-
-Unquestionably, saying no isn't free from consequences.
-
-When refusing to provide an official ID to recover an account, we might lose that account. When refusing to provide biometric data to register, we might lose the opportunity to use this service. When refusing to participate in a privacy-invasive social media, we might lose friends who don't want to contact us using privacy-respectful platforms instead.
-
-But what are the consequences for saying yes?
-
-If we say yes all the time, even when we clearly have an option to object, to report, or to refuse to participate, we will soon lose our right to say no.
-
-If everyone acquiesces to privacy-invasive requests and practices, companies and governments might soon think there is no point in keeping an opt-out option available at all, since most people are subserviently complying without making a fuss.
-
-At the individual level, of course this means our data will be collected, processed, compiled, shared, and monetized in ways we know little about. Each time we say yes, it's a new data point in our tracking history to observe, judge, categorize, and manipulate us.
-
-At the collective level, it's nothing less than the loss of our human rights and democracies.
-
-Collectively, we have the power to tilt the balance in favor of privacy rights when we stand firm for it by refusing to consent to intrusive requests every time we can.
-
-By refusing, we clearly express our rejection of this invasion and demand our right to privacy be respected. This sends a clear message to corporations and governments alike that the population does care about privacy rights.
-
-If we value the right to privacy, it's our collective duty to protect it.
-
-## How to say no?
-
-How can we individually and collectively work to push for privacy rights by saying no everywhere we can?
-
-Here are a few examples of practices you can adopt in your daily life that collectively will help to fight for privacy:
-
-### Stop
-
-Stop using the privacy-invasive platforms and services that you can. Move away and opt for [better social media, products, and services](https://www.privacyguides.org/en/tools/) that do respect your privacy and do not monetize your data.
-
-This will take some time of course. Be patient. Pick one change at the time. Maybe this week [delete your Facebook account](https://www.privacyguides.org/en/social-networks/), and next month [migrate your emails](https://www.privacyguides.org/en/email/) away from Gmail.
-
-Each time you stop using services from software companies that build their wealth on monetizing your data, you are saying no and taking a stand for privacy rights.
-
-### Refuse
-
-Refuse all cookies! It can be a real pain to browse the web with all these cookie banners. Of course, companies are hoping for [decision fatigue](https://en.wikipedia.org/wiki/Decision_fatigue) to manipulate you in clicking "yes, yes, yes, agree, continue, whatever!" But each time you comply in despair, you let them win against what you really want.
-
-Websites are not obligated to have cookie banners if they do not use any privacy-invasive cookies. This annoyance doesn't come from legislation, it comes from the greed and stubbornness of corporations to harvest your data. There would be no cookie banners at all if they simply stopped tracking you and collecting your data.
-
-Sabotage their plans by taking the time to find the "Reject All" button through their disingenuous button labyrinth.
-
-Similarly, many privacy-invasive features maliciously try to present as "ethical" because you can "opt out". But what good is this protection if no one uses it? Put a spoke in their wheel, look for the hidden *opt-out* option, and refuse to participate every single time.
-
-Beyond the digital realm, there are many in-person situations where you might have a right to refuse data collection as well.
-
-For example, you may have the right to refuse face scans in airports and demand a "traditional" human verification instead. Look into your local regulation to find out more about this. If everyone refused to scan their face at the airport every time they can, this practice would soon die.
-
-When you say yes to this, you are unfortunately contributing to the normalization of this invasive practice.
-
-Finally, refuse to be recorded. Depending on your local regulation, it's likely there is a legal requirement to inform you when a meeting or interview will be recorded. It's also likely that you have a right to refuse. Exercise this right every time you can. Additionally, depending on your local regulation, report instances where you couldn't and should have been able to refuse.
-
-### Report
-
-Each time you witness a practice that violates privacy laws, report it to the data protection authority for your location.
-
-Stay aware of which privacy law(s) are applicable in your region, and which official entity is responsible for enforcing the law. Your privacy protections are related to your *own* location, regardless of where the organization is based.
-
-In Europe, this entity is often called a Data Protection Authority (DPA), but outside of Europe it's often called something else. It might be a Privacy Commissioner or a Supervisory Authority, for example (but not always either). Read the law (or summary of) for your region, it will include a description of whom this entity is and how to report non-compliance.
-
-Report every infraction you see when you have the time. Sometimes, it's really as simple as sending a short email to the enforcing entity. One single complaint can trigger a full investigation sometimes. This can make an enormous difference.
-
-If you can, reporting can also mean reporting to the media.
-
-When you experience an invasive practice or witness a serious data protection violation, report it to the media if you are comfortable sharing. Personal accounts of such experience are important for collective awareness. The more people know, the more people talk, the more we stand a chance to keep our privacy rights alive. Make noise!
-
-### Advocate
-
-Talk to your friends, family, co-workers, and acquaintances about their options to opt out data collection, and their right to refuse and to say no.
-
-Tell them about how important this is with the social media, software, and services they use. Tell them about the importance of looking for the rejection options on cookie banners, finding information on how to object to face scans at the airport, and refusing the use of AI note-takers during their medical consultations.
-
-Talk about this topic on social media! Share news about privacy-invasive practices. Inform people on how they can opt out, refuse, and say no in your specific region.
-
-## Saying no is a collective and individual responsibility
-
-**Refusal is a powerful way to protest.** But like any protest, it must gather in numbers to have an impact at the collective level. The larger the number of people opting out and saying no, the stronger the message sent.
-
-That being said, do not minimize the impact your individual actions have. **Every single action matters, even the smallest one.** Movements always start at the individual level. If nobody starts, then nobody follows.
-
-By saying no each time, by stopping, refusing, reporting, and advocating, you are starting a movement. When advocating for the right to refuse privacy-invasive practices, you are growing a movement. Each of these contributions matters.
-
-The consequences for not saying no would be leaving the next generations without any protections for their privacy. It would be disastrous for their individual rights, but also disastrous for democracy, freedom of speech, and so many rights we currently take for granted.
-
-We cannot let our society slip into authoritarian mass surveillance. For ourselves and for the next generations, we must fight by saying no, every time we possibly can.
diff --git a/blog/posts/your-online-life-is-irl.md b/blog/posts/your-online-life-is-irl.md
deleted file mode 100644
index a3e0fe55..00000000
--- a/blog/posts/your-online-life-is-irl.md
+++ /dev/null
@@ -1,67 +0,0 @@
----
-date:
- created: 2025-05-16T16:00:00Z
-categories:
- - Opinion
-authors:
- - em
-description: If you, like myself, have been inhabiting the internet for a few decades, you're probably familiar with the old adage IRL (In Real Life). The acronym was used a lot when the distinction between online life and offline life was much greater than it is now. In today's world, can we really keep referring to our digital life as being somehow disconnected from our real life?
-schema_type: OpinionNewsArticle
-preview:
- cover: blog/assets/images/your-online-life-is-irl/irl-cover.webp
----
-
-# Your Online Life Is IRL
-
-
-Leon Seibert / Unsplash
-
-If you, like myself, have been inhabiting the internet for a few decades, you're probably familiar with the old adage IRL: In Real Life.
-
-The acronym was used a lot when the distinction between online life and offline life was much greater than it is now. In today's world, can we really keep referring to our digital life as being somehow disconnected from our "real life"?
-
-While it's true that pseudo-anonymity online is still alive and well, most people don't hide their real identity online because it's much different from their personality offline, but generally simply as a protection.
-
-Even when using pseudonyms, online life is still part of *real life*.
-
-The proportion of time we spend on the connected world today is also far greater than it was before. We often chat with friends online, work online, communicate with our family online, play games online, assist to events online, go to school online, watch recipe videos online, and so on and so forth.
-
-## Our offline life is happening (and tracked) online too
-
-Another thing that has changed is how much data about what we do offline ends up getting collected and stored *online*.
-
-Maybe it's the places we visit during the day getting [tracked by our phones](https://www.pcmag.com/how-to/how-to-get-google-to-quit-tracking-you) and then stored by Google in our profile.
-
-Maybe it's our [smart speaker recording](https://www.lifewire.com/can-alexa-record-conversations-5205324) an intimate conversation and sending it to Amazon.
-
-Completely outside our control, maybe it's the street cameras, cellular towers, car license readers [tracking our movement](https://www.aclum.org/en/publications/what-you-need-know-about-automatic-license-plate-readers) outside as we go about our day.
-
-Or even more dystopian, maybe it's our [doctor using an AI note-taking app](https://theconversation.com/some-clinicians-are-using-ai-to-write-health-records-what-do-you-need-to-know-237762), sending a copy of our very personal in-person medical consultation to who knows which for-profit company.
-
-## Our digital lives and IRL lives are intertwined
-
-All this data collected on what we do *offline*, can sometimes [get aggregated](https://epic.org/issues/consumer-privacy/data-brokers/) together with the data collected on us *online*, even while using pseudo-anonymity.
-
-The social media account where we use a pseudonym and cat profile picture to stay anonymous can get aggregated from the same IP address we used to log in another account using our legal name.
-
-Our offline data and our online data often get connected and bundled up together. This is especially concerning with the growing practice of [social media monitoring](https://privacyinternational.org/long-read/5337/social-media-monitoring-uk-invisible-surveillance-tool-increasingly-deployed) used by governments and companies.
-
-## What we do online have offline consequences
-
-Taking this into account, there isn't a separation between our *online* life and *offline* life anymore.
-
-What we do online affects what we do offline, and vice versa. All of our life, online and offline, is *In Real Life* now.
-
-Our digital life and communications can affect our employment, our dating life, our family life, our housing situation, and even the capacity we have to visit a country [or not](https://globalnews.ca/news/11090232/french-scientist-denied-us-entry-critical-trump-text-messages/).
-
-## The data collected on us online should be cared for even more
-
-Because there isn't much separation anymore, we should treat all data collected about us online as sensitive data intrinsically attached to our person.
-
-An invasion of online privacy, of our online life, becomes the same as an invasion of our home, our body, our IRL life. Not only because this data can be used to find our IRL location, identify our person, and have important repercussions offline, but also because all data about us is an essential part of who we are.
-
-It's not just data points, it's a part of us.
-
-Considering how the world has evolved in the past decades, and shows no sign of slowing down its greedy appropriation of every single piece of information about us, **we should defend our online lives as fiercely as we would our offline lives**.
-
-We need to fight for a future anchored in human rights, and for this, we need to firmly enforce the principle that **digital rights are fundamental human rights**.
diff --git a/docs/about/donation-acceptance-policy.md b/docs/about/donation-acceptance-policy.md
index c3ec73d3..890a8cb0 100644
--- a/docs/about/donation-acceptance-policy.md
+++ b/docs/about/donation-acceptance-policy.md
@@ -45,7 +45,7 @@ Examples of gifts which are too restrictive include:
- Those which are too difficult for us to administer.
- Those that are for purposes outside our general mission.
-An example of an acceptable restriction could be a gift towards funding our [video](https://www.privacyguides.org/videos) production, or hosting our website and forum.
+An example of an acceptable restriction could be a gift towards funding our [video](https://www.privacyguides.org/videos/) production, or hosting our website and forum.
Final decisions on the restrictive nature of a gift and its acceptance or refusal will be made by our executive committee.
diff --git a/docs/advanced/communication-network-types.md b/docs/advanced/communication-network-types.md
index 1598b540..a7f488ea 100644
--- a/docs/advanced/communication-network-types.md
+++ b/docs/advanced/communication-network-types.md
@@ -7,7 +7,7 @@ description: An overview of several network architectures commonly used by insta
There are several network architectures commonly used to relay messages between people. These networks can provide different privacy guarantees, which is why it's worth considering your [threat model](../basics/threat-modeling.md) when deciding which app to use.
[Recommended Instant Messengers](../real-time-communication.md){ .md-button }
-[:material-movie-open-play-outline: Video: It's time to stop using SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why){ .md-button }
+[:material-movie-open-play-outline: Video: It's time to stop using SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why/){ .md-button }
## Centralized Networks
diff --git a/docs/advanced/tor-overview.md b/docs/advanced/tor-overview.md
index 0c58add5..474196f2 100644
--- a/docs/advanced/tor-overview.md
+++ b/docs/advanced/tor-overview.md
@@ -8,9 +8,9 @@ description: Tor is a free to use, decentralized network designed for using the
[**Tor**](../alternative-networks.md#tor) is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
-[:material-movie-open-play-outline: Video: Why You Need Tor](https://www.privacyguides.org/videos/2025/03/02/why-you-need-tor){ .md-button }
+[:material-movie-open-play-outline: Video: Why You Need Tor](https://www.privacyguides.org/videos/2025/03/02/why-you-need-tor/){ .md-button }
-Tor works by routing your internet traffic through volunteer-operated servers instead of making a direct connection to the site you're trying to visit. This obfuscates where the traffic is coming from, and no server in the connection path is able to see the full path of where the traffic is coming from and going to, meaning even the servers you are using to connect cannot break your anonymity.
+Tor works by routing your internet traffic through volunteer-operated servers, instead of making a direct connection to the site you're trying to visit. This obfuscates where the traffic is coming from, and no server in the connection path is able to see the full path of where the traffic is coming from and going to, meaning even the servers you are using to connect cannot break your anonymity.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
@@ -35,13 +35,13 @@ Because we already [generally recommend](../basics/vpn-overview.md) that the vas
Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
-Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal (e.g., through Tor Browser). This creates a connection chain like so:
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
- [x] You → VPN → Tor → Internet
From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
-This is **not** censorship circumvention advice because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
---
@@ -51,7 +51,7 @@ We **very strongly discourage** combining Tor with a VPN in any other manner. Do
- You → VPN → Tor → VPN → Internet
- Any other configuration
-Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (i.e., exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
@@ -60,7 +60,7 @@ Setting up bad configurations like these is difficult to do accidentally, becaus
VPN/SSH Fingerprinting
-The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited because all websites have specific traffic patterns.
+The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
@@ -68,11 +68,11 @@ If you still believe that pluggable transports (bridges) provide additional prot
-Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. To reiterate, though, you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network in most cases. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g., Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
## What Tor is Not
-The Tor network is not the perfect privacy protection tool in all cases and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
### Tor is not a free VPN
@@ -80,26 +80,26 @@ The release of the *Orbot* mobile app has lead many people to describe Tor as a
Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
-As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs. As such, using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
### Tor usage is not undetectable
-**Even if you use bridges and pluggable transports,** the Tor Project doesn't provide any tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
-Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect—they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
### Tor Browser is not the most *secure* browser
-Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (e.g., the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
-Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure virtual machine and protect against leaks.
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
## Path Building to Clearnet Services
@@ -121,7 +121,7 @@ The entry node, often called the guard node, is the first node to which your Tor
Unlike the other nodes, the Tor client will randomly select an entry node and stick with it for two to three months to protect you from certain attacks.[^1]
-[^1]: The first relay in your circuit is called an "entry guard" or "guard". It is a fast and stable relay that remains the first one in your circuit for 2-3 months in order to protect against a known anonymity-breaking attack. The rest of your circuit changes with every new website you visit, and all together these relays provide the full privacy protections of Tor. For more information on how guard relays work, see this [blog post](https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters) and [paper](https://www-users.cs.umn.edu/~hoppernj/single_guard.pdf) on entry guards. ([https://support.torproject.org/tbb/tbb-2](https://support.torproject.org/tbb/tbb-2))
+[^1]: The first relay in your circuit is called an "entry guard" or "guard". It is a fast and stable relay that remains the first one in your circuit for 2-3 months in order to protect against a known anonymity-breaking attack. The rest of your circuit changes with every new website you visit, and all together these relays provide the full privacy protections of Tor. For more information on how guard relays work, see this [blog post](https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters) and [paper](https://www-users.cs.umn.edu/~hoppernj/single_guard.pdf) on entry guards. ([https://support.torproject.org/tbb/tbb-2/](https://support.torproject.org/tbb/tbb-2))
### The Middle Node
@@ -135,13 +135,13 @@ The exit node is the point in which your web traffic leaves the Tor network and
The exit node will be chosen at random from all available Tor nodes ran with an exit relay flag.[^2]
-[^2]: Relay flag: a special (dis-)qualification of relays for circuit positions (for example, "Guard", "Exit", "BadExit"), circuit properties (for example, "Fast", "Stable"), or roles (for example, "Authority", "HSDir"), as assigned by the directory authorities and further defined in the directory protocol specification. ([https://metrics.torproject.org/glossary.html](https://metrics.torproject.org/glossary.html#relay-flag))
+[^2]: Relay flag: a special (dis-)qualification of relays for circuit positions (for example, "Guard", "Exit", "BadExit"), circuit properties (for example, "Fast", "Stable"), or roles (for example, "Authority", "HSDir"), as assigned by the directory authorities and further defined in the directory protocol specification. ([https://metrics.torproject.org/glossary.html](https://metrics.torproject.org/glossary.html))
## Path Building to Onion Services
"Onion Services" (also commonly referred to as "hidden services") are websites which can only be accessed by the Tor browser. These websites have a long randomly generated domain name ending with `.onion`.
-Connecting to an Onion Service in Tor works very similarly to connecting to a clearnet service, but your traffic is routed through a total of **six** nodes before reaching the destination server. Just like before, however, only three of these nodes are contributing to *your* anonymity, the other three nodes protect *the Onion Service's* anonymity, hiding the website's true IP and location in the same manner that Tor Browser is hiding yours.
+Connecting to an Onion Service in Tor works very similarly to connecting to a clearnet service, but your traffic is routed through a total of **six** nodes before reaching the destination server. Just like before however, only three of these nodes are contributing to *your* anonymity, the other three nodes protect *the Onion Service's* anonymity, hiding the website's true IP and location in the same manner that Tor Browser is hiding yours.
@@ -151,15 +151,15 @@ Connecting to an Onion Service in Tor works very similarly to connecting to a cl
## Encryption
-Tor encrypts each packet (a block of transmitted data) three times with the keys from the exit, middle, and entry node in that order.
+Tor encrypts each packet (a block of transmitted data) three times with the keys from the exit, middle, and entry node—in that order.
Once Tor has built a circuit, data transmission is done as follows:
-1. Firstly: When the packet arrives at the entry node, the first layer of encryption is removed. In this encrypted packet, the entry node will find another encrypted packet with the middle node’s address. The entry node will then forward the packet to the middle node.
+1. Firstly: when the packet arrives at the entry node, the first layer of encryption is removed. In this encrypted packet, the entry node will find another encrypted packet with the middle node’s address. The entry node will then forward the packet to the middle node.
-2. Secondly: When the middle node receives the packet from the entry node, it too will remove a layer of encryption with its key, and this time finds an encrypted packet with the exit node's address. The middle node will then forward the packet to the exit node.
+2. Secondly: when the middle node receives the packet from the entry node, it too will remove a layer of encryption with its key, and this time finds an encrypted packet with the exit node's address. The middle node will then forward the packet to the exit node.
-3. Lastly: When the exit node receives its packet, it will remove the last layer of encryption with its key. The exit node will see the destination address and forward the packet to that address.
+3. Lastly: when the exit node receives its packet, it will remove the last layer of encryption with its key. The exit node will see the destination address and forward the packet to that address.
Below is an alternative diagram showing the process. Each node removes its own layer of encryption, and when the destination server returns data, the same process happens entirely in reverse. For example, the exit node does not know who you are, but it does know which node it came from, and so it adds its own layer of encryption and sends it back.
@@ -189,7 +189,7 @@ If you wish to use Tor for browsing the web, we only recommend the **official**
Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
-To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges; they are discovered and blocked relatively frequently, just not immediately.
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
@@ -197,7 +197,7 @@ Contrast this with our recommended scenario, where you connect to Tor via a VPN.
Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
-Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges—you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
diff --git a/docs/ai-chat.md b/docs/ai-chat.md
index 79609eee..d3d43532 100755
--- a/docs/ai-chat.md
+++ b/docs/ai-chat.md
@@ -43,7 +43,7 @@ To run AI locally, you need both an AI model and an AI client.
There are many permissively licensed models available to download. [Hugging Face](https://huggingface.co/models) is a platform that lets you browse, research, and download models in common formats like [GGUF](https://huggingface.co/docs/hub/en/gguf). Companies that provide good open-weights models include big names like Mistral, Meta, Microsoft, and Google. However, there are also many community models and [fine-tuned](https://en.wikipedia.org/wiki/Fine-tuning_(deep_learning)) models available. As mentioned above, quantized models offer the best balance between model quality and performance for those using consumer-grade hardware.
-To help you choose a model that fits your needs, you can look at leaderboards and benchmarks. The most widely-used leaderboard is the community-driven [LM Arena](https://lmarena.ai). Additionally, the [OpenLLM Leaderboard](https://huggingface.co/spaces/open-llm-leaderboard/open_llm_leaderboard) focuses on the performance of open-weights models on common benchmarks like [MMLU-Pro](https://arxiv.org/abs/2406.01574). There are also specialized benchmarks which measure factors like [emotional intelligence](https://eqbench.com), ["uncensored general intelligence"](https://huggingface.co/spaces/DontPlanToEnd/UGI-Leaderboard), and [many others](https://nebuly.com/blog/llm-leaderboards).
+To help you choose a model that fits your needs, you can look at leaderboards and benchmarks. The most widely-used leaderboard is the community-driven [LM Arena](https://lmarena.ai). Additionally, the [OpenLLM Leaderboard](https://huggingface.co/spaces/open-llm-leaderboard/open_llm_leaderboard) focuses on the performance of open-weights models on common benchmarks like [MMLU-Pro](https://arxiv.org/abs/2406.01574). There are also specialized benchmarks which measure factors like [emotional intelligence](https://eqbench.com), ["uncensored general intelligence"](https://huggingface.co/spaces/DontPlanToEnd/UGI-Leaderboard), and [many others](https://www.nebuly.com/blog/llm-leaderboards).
## AI Chat Clients
@@ -66,7 +66,7 @@ To help you choose a model that fits your needs, you can look at leaderboards an
In addition to supporting a large range of text models, Kobold.cpp also supports image generators such as [Stable Diffusion](https://stability.ai/stable-image) and automatic speech recognition tools such as [Whisper](https://github.com/ggerganov/whisper.cpp).
-[:octicons-repo-16: Repository](https://github.com/LostRuins/koboldcpp#readme){ .md-button .md-button--primary }
+[:octicons-home-16: Homepage](https://github.com/LostRuins/koboldcpp){ .md-button .md-button--primary }
[:octicons-info-16:](https://github.com/LostRuins/koboldcpp/wiki){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/LostRuins/koboldcpp){ .card-link title="Source Code" }
[:octicons-lock-16:](https://github.com/LostRuins/koboldcpp/blob/2f3597c29abea8b6da28f21e714b6b24a5aca79b/SECURITY.md){ .card-link title="Security Policy" }
@@ -123,14 +123,14 @@ Ollama simplifies the process of setting up a local AI chat by downloading the A
-{align=right}
+{align=right}
**Llamafile** is a lightweight, single-file executable that allows users to run LLMs locally on their own computers without any setup involved. It is [backed by Mozilla](https://hacks.mozilla.org/2023/11/introducing-llamafile) and available on Linux, macOS, and Windows.
Llamafile also supports LLaVA. However, it doesn't support speech recognition or image generation.
-[:octicons-repo-16: Repository](https://github.com/Mozilla-Ocho/llamafile#readme){ .md-button .md-button--primary }
-[:octicons-info-16:](https://github.com/Mozilla-Ocho/llamafile#quickstart){ .card-link title="Documentation" }
+[:octicons-home-16: Homepage](https://github.com/Mozilla-Ocho/llamafile){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/Mozilla-Ocho/llamafile#llamafile){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/Mozilla-Ocho/llamafile){ .card-link title="Source Code" }
[:octicons-lock-16:](https://github.com/Mozilla-Ocho/llamafile#security){ .card-link title="Security Policy" }
diff --git a/docs/alternative-networks.md b/docs/alternative-networks.md
index 4c7bce4b..0524177f 100644
--- a/docs/alternative-networks.md
+++ b/docs/alternative-networks.md
@@ -34,8 +34,6 @@ The recommended way to access the Tor network is via the official Tor Browser, w
[Tor Browser Info :material-arrow-right-drop-circle:](tor.md){ .md-button .md-button--primary } [Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md){ .md-button }
-You can access the Tor network using other tools; making this determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-
Try it out!
@@ -43,50 +41,12 @@ You can try connecting to *Privacy Guides* via Tor at [xoe4vn5uwdztif6goazfbmogh
-#### Orbot
-
-
-
-{ align=right }
-
-**Orbot** is a mobile application which routes traffic from any app on your device through the Tor network.
-
-[:octicons-home-16: Homepage](https://orbot.app){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://orbot.app/privacy-policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://orbot.app/faqs){ .card-link title="Documentation" }
-[:octicons-code-16:](https://orbot.app/code){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://orbot.app/donate){ .card-link title="Contribute" }
-
-
-Downloads
-
-- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.android)
-- [:simple-appstore: App Store](https://apps.apple.com/app/id1609461599)
-- [:simple-github: GitHub](https://github.com/guardianproject/orbot/releases)
-- [:simple-fdroid: F-Droid](https://guardianproject.info/fdroid)
-
-
-
-
-
-We previously recommended enabling the *Isolate Destination Address* preference in Orbot settings. While this setting can theoretically improve privacy by enforcing the use of a different circuit for each IP address you connect to, it doesn't provide a practical advantage for most applications (especially web browsing), can come with a significant performance penalty, and increases the load on the Tor network. We no longer recommend adjusting this setting from its default value unless you know you need to.[^1]
-
-=== "Android"
-
- Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN kill switch in :gear: **Settings** → **Network & internet** → **VPN** → :gear: → **Block connections without VPN**.
-
- Orbot is often outdated on Google Play and the Guardian Project's F-Droid repository, so consider downloading directly from the GitHub repository instead. All versions are signed using the same signature, so they should be compatible with each other.
-
-=== "iOS"
-
- On iOS, Orbot has some limitations that could potentially cause crashes or leaks: iOS does not have an effective OS-level feature to block connections without a VPN like Android does, and iOS has an artificial memory limit for network extensions that makes it challenging to run Tor in Orbot without crashes. Currently, it is always safer to use Tor on a desktop computer compared to a mobile device.
-
#### Snowflake
-{ align=right }
-{ align=right }
+{ align=right }
+{ align=right }
**Snowflake** allows you to donate bandwidth to the Tor Project by operating a "Snowflake proxy" within your browser.
@@ -150,5 +110,3 @@ Also, unlike Tor, every I2P node will relay traffic for other users by default,
There are downsides to I2P's approach, however. Tor relying on dedicated exit nodes means more people in less safe environments can use it, and the relays that do exist on Tor are likely to be more performant and stable, as they generally aren't run on residential connections. Tor is also far more focused on **browser privacy** (i.e. anti-fingerprinting), with a dedicated [Tor Browser](tor.md) to make browsing activity as anonymous as possible. I2P is used via your [regular web browser](desktop-browsers.md), and while you can configure your browser to be more privacy-protecting, you probably still won't have the same browser fingerprint as other I2P users (there's no "crowd" to blend in with in that regard).
Tor is likely to be more resistant to censorship, due to their robust network of bridges and varying [pluggable transports](https://tb-manual.torproject.org/circumvention). On the other hand, I2P uses directory servers for the initial connection which are varying/untrusted and run by volunteers, compared to the hard-coded/trusted ones Tor uses which are likely easier to block.
-
-[^1]: The `IsolateDestAddr` setting is discussed on the [Tor mailing list](https://lists.torproject.org/pipermail/tor-talk/2012-May/024403) and [Whonix's Stream Isolation documentation](https://whonix.org/wiki/Stream_Isolation), where both projects suggest that it is usually not a good approach for most people.
diff --git a/docs/android/general-apps.md b/docs/android/general-apps.md
index c6ece1bb..646f86e1 100644
--- a/docs/android/general-apps.md
+++ b/docs/android/general-apps.md
@@ -73,7 +73,7 @@ Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular) a
**Secure Camera** is a camera app focused on privacy and security which can capture images, videos, and QR codes. CameraX vendor extensions (Portrait, HDR, Night Sight, Face Retouch, and Auto) are also supported on available devices.
-[:octicons-repo-16: Repository](https://github.com/GrapheneOS/Camera#readme){ .md-button .md-button--primary }
+[:octicons-repo-16: Repository](https://github.com/GrapheneOS/Camera){ .md-button .md-button--primary }
[:octicons-info-16:](https://grapheneos.org/usage#camera){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/GrapheneOS/Camera){ .card-link title="Source Code" }
[:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
@@ -119,7 +119,7 @@ The image orientation metadata is not deleted. If you enable location (in Secure
[Content-Security-Policy](https://en.wikipedia.org/wiki/Content_Security_Policy) is used to enforce that the JavaScript and styling properties within the WebView are entirely static content.
-[:octicons-repo-16: Repository](https://github.com/GrapheneOS/PdfViewer#readme){ .md-button .md-button--primary }
+[:octicons-repo-16: Repository](https://github.com/GrapheneOS/PdfViewer){ .md-button .md-button--primary }
[:octicons-code-16:](https://github.com/GrapheneOS/PdfViewer){ .card-link title="Source Code" }
[:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
diff --git a/docs/android/index.md b/docs/android/index.md
index 0ce91c84..63ac6364 100644
--- a/docs/android/index.md
+++ b/docs/android/index.md
@@ -50,7 +50,7 @@ Ideally, when choosing a custom Android distribution, you should make sure that
[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful Verified Boot. Apps that require root will also modify the system partition, meaning that Verified Boot would have to remain disabled. Having root exposed directly in the user interface also increases the attack surface of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and SELinux policy bypasses.
-Content blockers which modify the [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) (like AdAway) and firewalls which require root access persistently (like AFWall+) are dangerous and should not be used. They are also not the correct way to solve their intended purposes. For content blocking, we suggest encrypted [DNS](../dns.md) or content blocking functionality provided by a VPN instead. TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN), preventing you from using privacy-enhancing services such as [Orbot](../alternative-networks.md#orbot) or a [real VPN provider](../vpn.md).
+Content blockers which modify the [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) (AdAway) and firewalls (AFWall+) which require root access persistently are dangerous and should not be used. They are also not the correct way to solve their intended purposes. For content blocking, we suggest encrypted [DNS](../dns.md) or content blocking functionality provided by a VPN instead. TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN), preventing you from using privacy enhancing services such as [Orbot](../tor.md#orbot) or a [real VPN provider](../vpn.md).
AFWall+ works based on the [packet filtering](https://en.wikipedia.org/wiki/Firewall_(computing)#Packet_filter) approach and may be bypassable in some situations.
diff --git a/docs/basics/account-creation.md b/docs/basics/account-creation.md
index 19a6a485..9fc569f0 100644
--- a/docs/basics/account-creation.md
+++ b/docs/basics/account-creation.md
@@ -42,7 +42,7 @@ You will be responsible for managing your login credentials. For added security,
#### Email aliases
-If you don't want to give your real email address to a service, you have the option to use an alias. We describe them in more detail on our email services recommendation page. Essentially, alias services allow you to generate new email addresses that forward all emails to your main address. This can help prevent tracking across services and help you manage the marketing emails that sometimes come with the sign-up process. Those can be filtered automatically based on the alias they are sent to.
+If you don't want to give your real email address to a service, you have the option to use an alias. We described them in more detail on our email services recommendation page. Essentially, alias services allow you to generate new email addresses that forward all emails to your main address. This can help prevent tracking across services and help you manage the marketing emails that sometimes come with the sign-up process. Those can be filtered automatically based on the alias they are sent to.
Should a service get hacked, you might start receiving phishing or spam emails to the address you used to sign up. Using unique aliases for each service can assist in identifying exactly what service was hacked.
@@ -50,19 +50,19 @@ Should a service get hacked, you might start receiving phishing or spam emails t
### "Sign in with..." (OAuth)
-[Open Authorization (OAuth)](https://en.wikipedia.org/wiki/OAuth) is an authentication protocol that allows you to register for a service without sharing much information with the service provider, if any, by using an existing account you have with another service instead. Whenever you see something along the lines of "Sign in with *provider name*" on a registration form, it's typically using OAuth.
+OAuth is an authentication protocol that allows you to register for a service without sharing much information with the service provider, if any, by using an existing account you have with another service instead. Whenever you see something along the lines of "Sign in with *provider name*" on a registration form, it's typically using OAuth.
When you sign in with OAuth, it will open a login page with the provider you choose, and your existing account and new account will be connected. Your password won't be shared, but some basic information typically will (you can review it during the login request). This process is needed every time you want to log in to the same account.
The main advantages are:
-- **Security**: You don't have to trust the security practices of the service you're logging into when it comes to storing your login credentials because they are stored with the external OAuth provider. Common OAuth providers like Apple and Google typically follow the best security practices, continuously audit their authentication systems, and don't store credentials inappropriately (such as in plain text).
-- **Ease-of-use**: Multiple accounts are managed by a single login.
+- **Security**: you don't have to trust the security practices of the service you're logging into when it comes to storing your login credentials, because they are stored with the external OAuth provider, which when it comes to services like Apple and Google typically follow the best security practices, continuously audit their authentication systems, and don't store credentials inappropriately (such as in plain text).
+- **Ease of use**: multiple accounts are managed by a single login.
But there are disadvantages:
-- **Privacy**: The OAuth provider you log in with will know the services you use.
-- **Centralization**: If the account you use for OAuth is compromised, or you aren't able to log in to it, all other accounts connected to it are affected.
+- **Privacy**: the OAuth provider you log in with will know the services you use.
+- **Centralization**: if the account you use for OAuth is compromised, or you aren't able to log in to it, all other accounts connected to it are affected.
OAuth can be especially useful in those situations where you could benefit from deeper integration between services. Our recommendation is to limit using OAuth to only where you need it, and always protect the main account with [MFA](multi-factor-authentication.md).
diff --git a/docs/basics/common-threats.md b/docs/basics/common-threats.md
index 833810db..5f5380cd 100644
--- a/docs/basics/common-threats.md
+++ b/docs/basics/common-threats.md
@@ -202,7 +202,7 @@ Censorship online can be carried out (to varying degrees) by actors including to
Censorship on corporate platforms is increasingly common, as platforms like Twitter and Facebook give in to public demand, market pressures, and pressures from government agencies. Government pressures can be covert requests to businesses, such as the White House [requesting the takedown](https://nytimes.com/2012/09/17/technology/on-the-web-a-fine-line-on-free-speech-across-globe.html) of a provocative YouTube video, or overt, such as the Chinese government requiring companies to adhere to a strict regime of censorship.
-People concerned with the threat of censorship can use technologies like [Tor](../advanced/tor-overview.md) to circumvent it, and support censorship-resistant communication platforms like [Matrix](../social-networks.md#element), which doesn't have a centralized account authority that can close accounts arbitrarily.
+People concerned with the threat of censorship can use technologies like [Tor](../advanced/tor-overview.md) to circumvent it, and support censorship-resistant communication platforms like [Matrix](../real-time-communication.md#element), which doesn't have a centralized account authority that can close accounts arbitrarily.
Tip
diff --git a/docs/basics/email-security.md b/docs/basics/email-security.md
index d3d0fd2e..9befa955 100644
--- a/docs/basics/email-security.md
+++ b/docs/basics/email-security.md
@@ -5,17 +5,17 @@ icon: material/email
description: Email is insecure in many ways, and these are some of the reasons it isn't our top choice for secure communications.
---
-Email is an insecure form of communication by default. You can improve your email security with tools such as OpenPGP, which add end-to-end encryption to your messages, but OpenPGP still has a number of drawbacks compared to encryption in other messaging applications.
+Email is an insecure form of communication by default. You can improve your email security with tools such as OpenPGP, which add End-to-End Encryption to your messages, but OpenPGP still has a number of drawbacks compared to encryption in other messaging applications.
As a result, email is best used for receiving transactional emails (like notifications, verification emails, password resets, etc.) from the services you sign up for online, not for communicating with others.
## Email Encryption Overview
-The standard way to add E2EE to emails between different email providers is by using OpenPGP. There are different implementations of the OpenPGP standard, the most common being [GnuPG](../encryption.md#gnu-privacy-guard) and [OpenPGP.js](https://openpgpjs.org).
+The standard way to add E2EE to emails between different email providers is by using OpenPGP. There are different implementations of the OpenPGP standard, the most common being [GnuPG](https://en.wikipedia.org/wiki/GNU_Privacy_Guard) and [OpenPGP.js](https://openpgpjs.org).
-Even if you use OpenPGP, it does not support [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), which means if the private key of either you or the message recipient is ever stolen, all previous messages encrypted with it will be exposed. This is why we recommend [instant messengers](../real-time-communication.md) which implement forward secrecy over email for person-to-person communications whenever possible.
+Even if you use OpenPGP, it does not support [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. This is why we recommend [instant messengers](../real-time-communication.md) which implement forward secrecy over email for person-to-person communications whenever possible.
-There is another standard which is popular with business called [S/MIME](https://en.wikipedia.org/wiki/S/MIME), however it requires a certificate issued from a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not all of them issue S/MIME certificates, and often a yearly payment is required). In some cases it is more usable than PGP because it has support in popular/mainstream email applications like Apple Mail, [Google Workplace](https://support.google.com/a/topic/9061730), and [Outlook](https://support.office.com/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480). However, S/MIME does not solve the issue of lack of forward secrecy, and isn't particularly more secure than PGP.
+There is another standard which is popular with business called [S/MIME](https://en.wikipedia.org/wiki/S/MIME), however, it requires a certificate issued from a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not all of them issue S/MIME certificates, and often a yearly payment is required). In some cases it is more usable than PGP because it has support in popular/mainstream email applications like Apple Mail, [Google Workplace](https://support.google.com/a/topic/9061730), and [Outlook](https://support.office.com/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480). However, S/MIME does not solve the issue of lack of forward secrecy, and isn't particularly more secure than PGP.
## What is the Web Key Directory standard?
@@ -23,13 +23,13 @@ The [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD) standard allows email
In addition to the [email clients we recommend](../email-clients.md) which support WKD, some webmail providers also support WKD. Whether *your own* key is published to WKD for others to use depends on your domain configuration. If you use an [email provider](../email.md#openpgp-compatible-services) which supports WKD, such as Proton Mail or Mailbox.org, they can publish your OpenPGP key on their domain for you.
-If you use your own custom domain, you will need to configure WKD separately. If you control your domain name, you can set up WKD regardless of your email provider. One easy way to do this is to use the "[WKD as a Service](https://keys.openpgp.org/about/usage#wkd-as-a-service)" feature from the `keys.openpgp.org` server: Set a CNAME record on the `openpgpkey` subdomain of your domain pointed to `wkd.keys.openpgp.org`, then upload your key to [keys.openpgp.org](https://keys.openpgp.org). Alternatively, you can [self-host WKD on your own web server](https://wiki.gnupg.org/WKDHosting).
+If you use your own custom domain, you will need to configure WKD separately. If you control your domain name, you can set up WKD regardless of your email provider. One easy way to do this is to use the "[WKD as a Service](https://keys.openpgp.org/about/usage#wkd-as-a-service)" feature from keys.openpgp.org, by setting a CNAME record on the `openpgpkey` subdomain of your domain pointed to `wkd.keys.openpgp.org`, then uploading your key to [keys.openpgp.org](https://keys.openpgp.org). Alternatively, you can [self-host WKD on your own web server](https://wiki.gnupg.org/WKDHosting).
-If you use a shared domain from a provider which doesn't support WKD, like `@gmail.com`, you won't be able to share your OpenPGP key with others via this method.
+If you use a shared domain from a provider which doesn't support WKD, like @gmail.com, you won't be able to share your OpenPGP key with others via this method.
### What Email Clients Support E2EE?
-Email providers which allow you to use standard access protocols like IMAP and SMTP can be used with any of the [email clients we recommend](../email-clients.md). Depending on the authentication method, this may lead to decreased security if either the provider or the email client does not support [OAuth](account-creation.md#sign-in-with-oauth) or a bridge application as [multifactor authentication](multi-factor-authentication.md) is not possible with plain password authentication.
+Email providers which allow you to use standard access protocols like IMAP and SMTP can be used with any of the [email clients we recommend](../email-clients.md). Depending on the authentication method, this may lead to the decrease security if either the provider or the email client does not support OATH or a bridge application as [multifactor authentication](multi-factor-authentication.md) is not possible with plain password authentication.
### How Do I Protect My Private Keys?
@@ -39,14 +39,14 @@ It is advantageous for the decryption to occur on the smart card to avoid possib
## Email Metadata Overview
-Email metadata is stored in the [message header](https://en.wikipedia.org/wiki/Email#Message_header) of the email message and includes some visible headers that you may have seen such as `To`, `From`, `Cc`, `Date`, and `Subject`. There are also a number of hidden headers included by many email clients and providers that can reveal information about your account.
+Email metadata is stored in the [message header](https://en.wikipedia.org/wiki/Email#Message_header) of the email message and includes some visible headers that you may have seen such as: `To`, `From`, `Cc`, `Date`, `Subject`. There are also a number of hidden headers included by many email clients and providers that can reveal information about your account.
Client software may use email metadata to show who a message is from and what time it was received. Servers may use it to determine where an email message must be sent, among [other purposes](https://en.wikipedia.org/wiki/Email#Message_header) which are not always transparent.
### Who Can View Email Metadata?
-Email metadata is protected from outside observers with [opportunistic TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS), but it is still able to be seen by your email client software (or webmail) and any servers relaying the message from you to any recipients including your email provider. Sometimes email servers will also use third-party services to protect against spam, which generally also have access to your messages.
+Email metadata is protected from outside observers with [Opportunistic TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS) protecting it from outside observers, but it is still able to be seen by your email client software (or webmail) and any servers relaying the message from you to any recipients including your email provider. Sometimes email servers will also use third-party services to protect against spam, which generally also have access to your messages.
### Why Can't Metadata be E2EE?
-Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into standard email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt some of this email metadata required for identifying the parties communicating. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as whom you're emailing, when you're emailing, etc.
+Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt some of this email metadata required for identifying the parties communicating. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as whom you're emailing, when you're emailing, etc.
diff --git a/docs/basics/passwords-overview.md b/docs/basics/passwords-overview.md
index 9416dd90..2ca9ae28 100644
--- a/docs/basics/passwords-overview.md
+++ b/docs/basics/passwords-overview.md
@@ -1,16 +1,16 @@
---
-title: Introduction to Passwords
-icon: material/form-textbox-password
+title: "Introduction to Passwords"
+icon: 'material/form-textbox-password'
description: These are some tips and tricks on how to create the strongest passwords and keep your accounts secure.
---
-Passwords are an essential part of our everyday digital lives. We use them to protect our accounts, our devices, and our secrets. Despite often being the only thing between us and an adversary who's after our private information, not a lot of thought is put into them, which often leads to people using passwords that can be easily guessed or brute-forced.
+Passwords are an essential part of our everyday digital lives. We use them to protect our accounts, our devices and our secrets. Despite often being the only thing between us and an adversary who's after our private information, not a lot of thought is put into them, which often leads to people using passwords that can be easily guessed or brute-forced.
## Best Practices
### Use unique passwords for every service
-Imagine this: You sign up for an account with the same e-mail and password on multiple online services. If one of those service providers is malicious, or their service has a data breach that exposes your password in an unencrypted format, all a bad actor would have to do is try that e-mail and password combination across multiple popular services until they get a hit. It doesn't matter how strong that one password is, because they already have it.
+Imagine this; you sign up for an account with the same e-mail and password on multiple online services. If one of those service providers is malicious, or their service has a data breach that exposes your password in an unencrypted format, all a bad actor would have to do is try that e-mail and password combination across multiple popular services until they get a hit. It doesn't matter how strong that one password is, because they already have it.
This is called [credential stuffing](https://en.wikipedia.org/wiki/Credential_stuffing), and it is one of the most common ways that your accounts can be compromised by bad actors. To avoid this, make sure that you never re-use your passwords.
@@ -73,9 +73,9 @@ You should **not** re-roll words until you get a combination of words that appea
-If you don't have access to or would prefer to not use real dice, you can use your password manager's built-in password generator, as most of them have the option to generate diceware passphrases in addition to regular passwords. We recommend setting the generated passphrase length to at least 6 words.
+If you don't have access to or would prefer to not use real dice, you can use your password manager's built-in password generator, as most of them have the option to generate diceware passphrases in addition to regular passwords.
-We also recommend using [EFF's large word list](https://eff.org/files/2016/07/18/eff_large_wordlist.txt) to generate your diceware passphrases, as it offers the exact same security as the original list, while containing words that are easier to memorize. There are also [word lists in different languages](https://theworld.com/~reinhold/diceware.html#Diceware%20in%20Other%20Languages|outline), if you do not want your passphrase to be in English.
+We recommend using [EFF's large word list](https://eff.org/files/2016/07/18/eff_large_wordlist.txt) to generate your diceware passphrases, as it offers the exact same security as the original list, while containing words that are easier to memorize. There are also [word lists in different languages](https://theworld.com/~reinhold/diceware.html#Diceware%20in%20Other%20Languages|outline), if you do not want your passphrase to be in English.
Explanation of entropy and strength of diceware passphrases
diff --git a/docs/basics/vpn-overview.md b/docs/basics/vpn-overview.md
index e05293aa..94a4d1e9 100644
--- a/docs/basics/vpn-overview.md
+++ b/docs/basics/vpn-overview.md
@@ -7,7 +7,7 @@ description: Virtual Private Networks shift risk away from your ISP to a third-p
Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-[:material-movie-open-play-outline: Video: Do you need a VPN?](https://www.privacyguides.org/videos/2024/12/12/do-you-need-a-vpn){ .md-button }
+[:material-movie-open-play-outline: Video: Do you need a VPN?](https://www.privacyguides.org/videos/2024/12/12/do-you-need-a-vpn/){ .md-button }
Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
diff --git a/docs/basics/why-privacy-matters.md b/docs/basics/why-privacy-matters.md
index c309d97f..04191c08 100644
--- a/docs/basics/why-privacy-matters.md
+++ b/docs/basics/why-privacy-matters.md
@@ -11,7 +11,7 @@ Privacy is ultimately about human information, and this is important because we
Many people get the concepts of **privacy**, **security**, and **anonymity** confused. You'll see people criticize various products as "not private" when really they mean it doesn't provide anonymity, for example. On this website, we cover all three of these topics, but it is important you understand the difference between them, and when each one comes into play.
-[:material-movie-open-play-outline: Video: Stop Confusing Privacy, Anonymity, and Security](https://www.privacyguides.org/videos/2025/03/14/stop-confusing-privacy-anonymity-and-security){ .md-button }
+[:material-movie-open-play-outline: Video: Stop Confusing Privacy, Anonymity, and Security](https://www.privacyguides.org/videos/2025/03/14/stop-confusing-privacy-anonymity-and-security/){ .md-button }
**Privacy**
@@ -52,7 +52,7 @@ Take cookie consent forms, for example. You may encounter these dozens of times
Privacy is something we need to have baked into the [software and services](../tools.md) we use by default, you can't bend most apps into being private on your own.
-[:material-movie-open-play-outline: Video: 5 Steps to Improve Your Privacy](https://www.privacyguides.org/videos/2025/02/14/5-easy-steps-to-protect-yourself-online){ class="md-button" }
+[:material-movie-open-play-outline: Video: 5 Steps to Improve Your Privacy](https://www.privacyguides.org/videos/2025/02/14/5-easy-steps-to-protect-yourself-online/){ class="md-button" }
## Sources
diff --git a/docs/cloud.md b/docs/cloud.md
index 160770f3..8e4a049d 100644
--- a/docs/cloud.md
+++ b/docs/cloud.md
@@ -10,7 +10,7 @@ cover: cloud.webp
- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
-Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure end-to-end encryption.
+Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -27,9 +27,7 @@ Nextcloud is [still a recommended tool](document-collaboration.md#nextcloud) for
{ align=right }
-**Proton Drive** is an encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail).
-
-The initial free storage is limited to 2 GB, but with the completion of [certain steps](https://proton.me/support/more-free-storage-existing-users), additional storage can be obtained up to 5 GB.
+**Proton Drive** is an encrypted cloud storage provider from the popular encrypted email provider [Proton Mail](email.md#proton-mail). The initial free storage is limited to 2 GB, but with the completion of [certain steps](https://proton.me/support/more-free-storage-existing-users), additional storage can be obtained up to 5 GB.
[:octicons-home-16: Homepage](https://proton.me/drive){ .md-button .md-button--primary }
[:octicons-eye-16:](https://proton.me/drive/privacy-policy){ .card-link title="Privacy Policy" }
@@ -48,7 +46,9 @@ The initial free storage is limited to 2 GB, but with the completion of [certai
-The Proton Drive web application has been independently audited by Securitum in [2021](https://proton.me/community/open-source), but the brand new mobile clients have not yet been publicly audited by a third party.
+The Proton Drive web application has been independently audited by Securitum in [2021](https://proton.me/community/open-source).
+
+Proton Drive's brand new mobile clients have not yet been publicly audited by a third party.
## Tresorit
@@ -83,9 +83,7 @@ Tresorit has received a number of independent security audits:
- Computest discovered two vulnerabilities which have been resolved.
- [2019](https://tresorit.com/blog/ernst-young-review-verifies-tresorits-security-architecture): Penetration Testing by Ernst & Young.
- This review analyzed the full source code of Tresorit and validated that the implementation matches the concepts described in Tresorit's [white paper](https://prodfrontendcdn.azureedge.net/202208011608/tresorit-encryption-whitepaper.pdf).
- - Ernst & Young additionally tested the web, mobile, and desktop clients. They concluded:
-
- > Test results found no deviation from Tresorit’s data confidentiality claims.
+ - Ernst & Young additionally tested the web, mobile, and desktop clients: "Test results found no deviation from Tresorit’s data confidentiality claims."
[^1]: [ISO/IEC 27001](https://en.wikipedia.org/wiki/ISO/IEC_27001):2013 compliance relates to the company's [information security management system](https://en.wikipedia.org/wiki/Information_security_management) and covers the sales, development, maintenance and support of their cloud services.
@@ -133,7 +131,7 @@ Peergos was [audited](https://peergos.org/posts/security-audit-2024) in November
### Minimum Requirements
-- Must enforce E2EE.
+- Must enforce end-to-end encryption.
- Must offer a free plan or trial period for testing.
- Must support TOTP or FIDO2 multifactor authentication, or passkey logins.
- Must offer a web interface which supports basic file management functionality.
@@ -144,8 +142,8 @@ Peergos was [audited](https://peergos.org/posts/security-audit-2024) in November
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
- Clients should be open source.
-- Clients should be audited in their entirety by an independent third party.
+- Clients should be audited in their entirety by an independent third-party.
- Should offer native clients for Linux, Android, Windows, macOS, and iOS.
- These clients should integrate with native OS tools for cloud storage providers, such as Files app integration on iOS, or DocumentsProvider functionality on Android.
-- Should support easy file sharing with other users.
+- Should support easy file-sharing with other users.
- Should offer at least basic file preview and editing functionality on the web interface.
diff --git a/docs/data-redaction.md b/docs/data-redaction.md
index 3da24613..cec0a88b 100644
--- a/docs/data-redaction.md
+++ b/docs/data-redaction.md
@@ -33,7 +33,7 @@ You should **never** use blur to redact [text in images](https://bishopfox.com/b
Downloads
-- [:fontawesome-brands-windows: Windows](https://pypi.org/project/mat2#metadata-and-privacy)
+- [:fontawesome-brands-windows: Windows](https://pypi.org/project/mat2)
- [:simple-apple: macOS](https://0xacab.org/jvoisin/mat2#requirements-setup-on-macos-os-x-using-homebrew)
- [:simple-linux: Linux](https://pypi.org/project/mat2)
- [:octicons-globe-16: Web](https://0xacab.org/jvoisin/mat2#web-interface)
@@ -50,10 +50,10 @@ You should **never** use blur to redact [text in images](https://bishopfox.com/b
**ExifEraser** is a modern, permissionless image metadata erasing application for Android.
-It currently supports JPEG, PNG, and WebP files.
+It currently supports JPEG, PNG and WebP files.
-[:octicons-repo-16: Repository](https://github.com/Tommy-Geenexus/exif-eraser#readme){ .md-button .md-button--primary }
-[:octicons-info-16:](https://github.com/Tommy-Geenexus/exif-eraser#description){ .card-link title="Documentation" }
+[:octicons-repo-16: Repository](https://github.com/Tommy-Geenexus/exif-eraser){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/Tommy-Geenexus/exif-eraser#readme){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/Tommy-Geenexus/exif-eraser){ .card-link title="Source Code" }
diff --git a/docs/desktop-browsers.md b/docs/desktop-browsers.md
index 6d386b59..d72b550b 100644
--- a/docs/desktop-browsers.md
+++ b/docs/desktop-browsers.md
@@ -88,11 +88,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
-Like [Tor Browser](tor.md), Mullvad Browser is designed to prevent fingerprinting by making your browser fingerprint identical to all other Mullvad Browser users, and it includes default settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*.
-
-Therefore, it is imperative that you do not modify the browser at all outside adjusting the default [security levels](https://tb-manual.torproject.org/security-settings). When adjusting the security level, you **must** always restart the browser before continuing to use it. Otherwise, [the security settings may not be fully applied](https://www.privacyguides.org/articles/2025/05/02/tor-security-slider-flaw), putting you at a higher risk of fingerprinting and exploits than you may expect based on the setting chosen.
-
-Modifications other than adjusting this setting would make your fingerprint unique, defeating the purpose of using this browser. If you want to configure your browser more heavily and fingerprinting is not a concern for you, we recommend [Firefox](#firefox) instead.
+Like [Tor Browser](tor.md), Mullvad Browser is designed to prevent fingerprinting by making your browser fingerprint identical to all other Mullvad Browser users, and it includes default settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*. Therefore, it is imperative that you do not modify the browser at all outside adjusting the default [security levels](https://tb-manual.torproject.org/security-settings). Other modifications would make your fingerprint unique, defeating the purpose of using this browser. If you want to configure your browser more heavily and fingerprinting is not a concern for you, we recommend [Firefox](#firefox) instead.
### Anti-Fingerprinting
@@ -352,7 +348,7 @@ We recommend disabling search suggestions in Brave for the same reason we recomm
-- [ ] Uncheck **Continue running background apps when Brave is closed** to disable background apps (1)
+- [ ] Uncheck **Continue running apps when Brave is closed** to disable background apps (1)
diff --git a/docs/desktop.md b/docs/desktop.md
index bcaae049..d765c168 100644
--- a/docs/desktop.md
+++ b/docs/desktop.md
@@ -14,25 +14,23 @@ Linux distributions are commonly recommended for privacy protection and software
## Traditional Distributions
-### Fedora Linux
+### Fedora Workstation
{ align=right }
-**Fedora Linux** is our recommended desktop distribution for people new to Linux. Fedora generally adopts newer technologies (e.g., [Wayland](https://wayland.freedesktop.org) and [PipeWire](https://pipewire.org)) before other distributions. These new technologies often come with improvements in security, privacy, and usability in general.
+**Fedora Workstation** is our recommended distribution for people new to Linux. Fedora generally adopts newer technologies (e.g., [Wayland](https://wayland.freedesktop.org) and [PipeWire](https://pipewire.org)) before other distributions. These new technologies often come with improvements in security, privacy, and usability in general.
-[:octicons-home-16: Homepage](https://fedoraproject.org){ .md-button .md-button--primary }
-[:octicons-info-16:](https://docs.fedoraproject.org/en-US/docs){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://whatcanidoforfedora.org){ .card-link title="Contribute" }
+[:octicons-home-16: Homepage](https://fedoraproject.org/workstation){ .md-button .md-button--primary }
+[:octicons-info-16:](https://docs.fedoraproject.org/en-US/docs){ .card-link title=Documentation}
+[:octicons-heart-16:](https://whatcanidoforfedora.org){ .card-link title=Contribute }
-Fedora comes in two primary desktop editions, [Fedora Workstation](https://fedoraproject.org/workstation), which uses the GNOME desktop environment, and [Fedora KDE Plasma Desktop](https://fedoraproject.org/kde), which uses KDE. Historically, Fedora Workstation has been more popular and widely recommended, but KDE has been gaining in popularity and provides an experience more similar to Windows, which may make transitioning to Linux easier for some. The security and privacy benefits of both editions are very similar, so it mostly comes down to personal preference.
-
-Fedora has a semi-rolling release cycle. While some packages like the desktop environment are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
+Fedora has a semi-rolling release cycle. While some packages like [GNOME](https://gnome.org) are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
### openSUSE Tumbleweed
@@ -45,8 +43,8 @@ Fedora has a semi-rolling release cycle. While some packages like the desktop en
openSUSE Tumbleweed uses [Btrfs](https://en.wikipedia.org/wiki/Btrfs) and [Snapper](https://en.opensuse.org/openSUSE:Snapper_Tutorial) to ensure that snapshots can be rolled back should there be a problem.
[:octicons-home-16: Homepage](https://get.opensuse.org/tumbleweed){ .md-button .md-button--primary }
-[:octicons-info-16:](https://doc.opensuse.org){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://shop.opensuse.org){ .card-link title="Contribute" }
+[:octicons-info-16:](https://doc.opensuse.org){ .card-link title=Documentation}
+[:octicons-heart-16:](https://shop.opensuse.org){ .card-link title=Contribute }
@@ -63,8 +61,8 @@ Tumbleweed follows a rolling release model where each update is released as a sn
**Arch Linux** is a lightweight, do-it-yourself (DIY) distribution, meaning that you only get what you install. For more information see their [FAQ](https://wiki.archlinux.org/title/Frequently_asked_questions).
[:octicons-home-16: Homepage](https://archlinux.org){ .md-button .md-button--primary }
-[:octicons-info-16:](https://wiki.archlinux.org){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://archlinux.org/donate){ .card-link title="Contribute" }
+[:octicons-info-16:](https://wiki.archlinux.org){ .card-link title=Documentation}
+[:octicons-heart-16:](https://archlinux.org/donate){ .card-link title=Contribute }
@@ -89,8 +87,8 @@ A large portion of [Arch Linux’s packages](https://reproducible.archlinux.org)
**Fedora Atomic Desktops** are variants of Fedora which use the `rpm-ostree` package manager and have a strong focus on containerized workflows and Flatpak for desktop applications. All of these variants follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
[:octicons-home-16: Homepage](https://fedoraproject.org/atomic-desktops){ .md-button .md-button--primary }
-[:octicons-info-16:](https://docs.fedoraproject.org/en-US/emerging){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://whatcanidoforfedora.org){ .card-link title="Contribute" }
+[:octicons-info-16:](https://docs.fedoraproject.org/en-US/emerging){ .card-link title=Documentation}
+[:octicons-heart-16:](https://whatcanidoforfedora.org){ .card-link title=Contribute }
@@ -115,8 +113,8 @@ As an alternative to Flatpaks, there is the option of [Toolbx](https://docs.fedo
NixOS is an independent distribution based on the Nix package manager with a focus on reproducibility and reliability.
[:octicons-home-16: Homepage](https://nixos.org){ .md-button .md-button--primary }
-[:octicons-info-16:](https://nixos.org/learn.html){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://nixos.org/donate.html){ .card-link title="Contribute" }
+[:octicons-info-16:](https://nixos.org/learn.html){ .card-link title=Documentation}
+[:octicons-heart-16:](https://nixos.org/donate.html){ .card-link title=Contribute }
@@ -144,8 +142,8 @@ Nix is a source-based package manager; if there’s no pre-built available in th
[:octicons-home-16: Homepage](https://whonix.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion){ .card-link title="Onion Service" }
-[:octicons-info-16:](https://whonix.org/wiki/Documentation){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://whonix.org/wiki/Donate){ .card-link title="Contribute" }
+[:octicons-info-16:](https://whonix.org/wiki/Documentation){ .card-link title=Documentation}
+[:octicons-heart-16:](https://whonix.org/wiki/Donate){ .card-link title=Contribute }
@@ -166,8 +164,8 @@ Whonix is best used [in conjunction with Qubes](https://whonix.org/wiki/Qubes/Wh
**Tails** is a live operating system based on Debian that routes all communications through Tor, which can boot on on almost any computer from a DVD, USB stick, or SD card installation. It uses [Tor](tor.md) to preserve privacy and [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } while circumventing censorship, and it leaves no trace of itself on the computer it is used on after it is powered off.
[:octicons-home-16: Homepage](https://tails.net){ .md-button .md-button--primary }
-[:octicons-info-16:](https://tails.net/doc/index.en.html){ .card-link title="Documentation" }
-[:octicons-heart-16:](https://tails.net/donate){ .card-link title="Contribute" }
+[:octicons-info-16:](https://tails.net/doc/index.en.html){ .card-link title=Documentation}
+[:octicons-heart-16:](https://tails.net/donate){ .card-link title=Contribute }
@@ -203,9 +201,9 @@ By design, Tails is meant to completely reset itself after each reboot. Encrypte
[:octicons-home-16: Homepage](https://qubes-os.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion){ .card-link title="Onion Service" }
[:octicons-eye-16:](https://qubes-os.org/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://qubes-os.org/doc){ .card-link title="Documentation" }
+[:octicons-info-16:](https://qubes-os.org/doc){ .card-link title=Documentation }
[:octicons-code-16:](https://github.com/QubesOS){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://qubes-os.org/donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://qubes-os.org/donate){ .card-link title=Contribute }
@@ -246,9 +244,9 @@ While we [recommend against](os/linux-overview.md#release-cycle) "perpetually ou
[:octicons-home-16: Homepage](https://kicksecure.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://kicksecure.com/wiki/Privacy_Policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://kicksecure.com/wiki/Documentation){ .card-link title="Documentation" }
+[:octicons-info-16:](https://kicksecure.com/wiki/Documentation){ .card-link title=Documentation }
[:octicons-code-16:](https://github.com/Kicksecure){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://kicksecure.com/wiki/Donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://kicksecure.com/wiki/Donate){ .card-link title=Contribute }
diff --git a/docs/device-integrity.md b/docs/device-integrity.md
index cb7ec4ce..75cabcff 100644
--- a/docs/device-integrity.md
+++ b/docs/device-integrity.md
@@ -187,4 +187,4 @@ It is important to note that Auditor can only effectively detect changes **after
No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-If your [threat model](basics/threat-modeling.md) requires hiding your IP address from the attestation service, you could consider using [Orbot](alternative-networks.md#orbot) or a [VPN](vpn.md).
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
diff --git a/docs/dns.md b/docs/dns.md
index 3ccfd648..f077843f 100644
--- a/docs/dns.md
+++ b/docs/dns.md
@@ -1,7 +1,7 @@
---
title: "DNS Resolvers"
icon: material/dns
-description: We recommend choosing these encrypted DNS providers to replace your ISP's default configuration.
+description: These are some encrypted DNS providers we recommend switching to, to replace your ISP's default configuration.
cover: dns.webp
global:
- [randomize-element, "table tbody"]
@@ -16,43 +16,23 @@ Encrypted DNS with third-party servers should only be used to get around basic [
## Recommended Providers
-These are our favorite public DNS resolvers based on their privacy and security characteristics, and their worldwide performance. Some of these services offer basic DNS-level blocking of malware or trackers depending on the server you choose, but if you want to be able to see and customize what is blocked, you should use a dedicated DNS filtering product instead.
+These are our favorite public DNS resolvers based on their privacy and security characteristics, and their worldwide performance. Some of these services offer basic DNS-level blocking of malware or trackers depending on the server you choose, but if you want to be able to see and customize what is blocked you should use a dedicated DNS filtering product instead.
| DNS Provider | Protocols | Logging / Privacy Policy | [ECS](advanced/dns-overview.md#what-is-edns-client-subnet-ecs) | Filtering | Signed Apple Profile |
|---|---|---|---|---|---|
-| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
-| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
-| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:simple-apple: iOS](https://docs.controld.com/docs/ios-platform) [:material-apple-finder: macOS](https://docs.controld.com/docs/macos-platform#manual-setup-profile) |
-| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
-| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://github.com/mullvad/encrypted-dns-profiles) |
-| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice. Malware blocking is included by default. | Yes [:simple-apple: iOS](https://docs.quad9.net/Setup_Guides/iOS/iOS_14_and_later_(Encrypted)) [:material-apple-finder: macOS](https://docs.quad9.net/Setup_Guides/MacOS/Big_Sur_and_later_(Encrypted)) |
+| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
+| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
+| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
+| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
+| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
+| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
-[^1]:
- AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested within the last 24 hours.
- > We need this information to identify and block new trackers and threats.
- > We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters.
-
- AdGuard DNS: [*Privacy Policy*](https://adguard-dns.io/en/privacy.html)
-[^2]:
- Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours.
-
- 1.1.1.1 Public DNS Resolver: [*Cloudflare’s commitment to privacy*](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
-[^3]:
- Control D only logs specific account data for Premium resolvers with custom DNS profiles. Free resolvers do not retain any data.
-
- Control D: [*Privacy Policy*](https://controld.com/privacy)
-[^4]:
- DNS0.eu collects some data for their threat intelligence feeds to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any personally identifiable information.
-
- DNS0.eu: [*Privacy Policy*](https://dns0.eu/privacy)
-[^5]:
- Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way.
-
- Mullvad: [*No-logging of user activity policy*](https://mullvad.net/en/help/no-logging-data-policy)
-[^6]:
- Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared for purposes like furthering their security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable.
-
- Quad9: [*Data and Privacy Policy*](https://quad9.net/privacy/policy)
+[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
+[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
+[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
+[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
+[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
+[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
## Self-Hosted DNS Filtering
@@ -111,18 +91,18 @@ These DNS filtering solutions offer a web dashboard where you can customize the
[:octicons-home-16: Homepage](https://controld.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://controld.com/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://docs.controld.com/docs/getting-started){ .card-link title="Documentation" }
+[:octicons-info-16:](https://docs.controld.com/docs/getting-started){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/Control-D-Inc/ctrld){ .card-link title="Source Code" }
Downloads
-- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.controld.setuputility)
-- [:simple-appstore: App Store](https://apps.apple.com/app/1518799460)
-- [:simple-github: GitHub](https://github.com/Control-D-Inc/ctrld/releases)
- [:fontawesome-brands-windows: Windows](https://docs.controld.com/docs/gui-setup-utility)
- [:simple-apple: macOS](https://docs.controld.com/docs/gui-setup-utility)
- [:simple-linux: Linux](https://docs.controld.com/docs/ctrld)
+- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.controld.setuputility)
+- [:simple-appstore: App Store](https://apps.apple.com/app/1518799460)
+- [:simple-github: GitHub](https://github.com/Control-D-Inc/ctrld/releases)
@@ -138,17 +118,17 @@ These DNS filtering solutions offer a web dashboard where you can customize the
[:octicons-home-16: Homepage](https://nextdns.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://nextdns.io/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://help.nextdns.io){ .card-link title="Documentation" }
+[:octicons-info-16:](https://help.nextdns.io){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/nextdns/nextdns){ .card-link title="Source Code" }
Downloads
-- [:simple-appstore: App Store](https://apps.apple.com/app/nextdns/id1463342498)
-- [:simple-github: GitHub](https://github.com/nextdns/nextdns/releases)
- [:fontawesome-brands-windows: Windows](https://github.com/nextdns/nextdns/wiki/Windows)
- [:simple-apple: macOS](https://apps.apple.com/us/app/nextdns/id1464122853)
- [:simple-linux: Linux](https://github.com/nextdns/nextdns/wiki)
+- [:simple-appstore: App Store](https://apps.apple.com/app/nextdns/id1463342498)
+- [:simple-github: GitHub](https://github.com/nextdns/nextdns/releases)
@@ -156,9 +136,9 @@ These DNS filtering solutions offer a web dashboard where you can customize the
When used with an account, NextDNS will enable insights and logging features by default (as some features require it). You can choose retention time and log storage location for any logs you choose to keep, or disable logs altogether.
-NextDNS's free plan is fully functional, but should not be relied upon for security or other critical filtering applications, because after 300,000 DNS queries in a month all filtering, logging, and other account-based functionality are disabled. It can still be used as a regular DNS provider after that point, so your devices will continue to function and make secure queries via DNS-over-HTTPS (DoH), just without your filter lists.
+NextDNS's free plan is fully functional, but should not be relied upon for security or other critical filtering applications, because after 300,000 DNS queries in a month all filtering, logging, and other account-based functionality is disabled. It can still be used as a regular DNS provider after that point, so your devices will continue to function and make secure queries via DNS-over-HTTPS, just without your filter lists.
-NextDNS also offers a public DoH service at `https://dns.nextdns.io` and DNS-over-TLS/QUIC (DoT/DoQ) at `dns.nextdns.io`, which are available by default in Firefox and Chromium, and subject to their default, no-logging [privacy policy](https://nextdns.io/privacy).
+NextDNS also offers public DNS-over-HTTPS service at `https://dns.nextdns.io` and DNS-over-TLS/QUIC at `dns.nextdns.io`, which are available by default in Firefox and Chromium, and subject to their default no-logging [privacy policy](https://nextdns.io/privacy).
## Encrypted DNS Proxies
@@ -171,11 +151,11 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
{ align=right }
{ align=right }
-**RethinkDNS** is an open-source Android client that supports [DoH](advanced/dns-overview.md#dns-over-https-doh), [DoT](advanced/dns-overview.md#dns-over-tls-dot), [DNSCrypt](advanced/dns-overview.md#dnscrypt) and DNS Proxy. It also provides additional functionality such as caching DNS responses, locally logging DNS queries, and using the app as a firewall.
+**RethinkDNS** is an open-source Android client that supports [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), [DNS-over-TLS](advanced/dns-overview.md#dns-over-tls-dot), [DNSCrypt](advanced/dns-overview.md#dnscrypt) and DNS Proxy. It also provides additional functionality such as caching DNS responses, locally logging DNS queries, and using the app as a firewall.
[:octicons-home-16: Homepage](https://rethinkdns.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://rethinkdns.com/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://docs.rethinkdns.com){ .card-link title="Documentation" }
+[:octicons-info-16:](https://docs.rethinkdns.com){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/celzero/rethink-app){ .card-link title="Source Code" }
@@ -196,12 +176,12 @@ While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot
{ align=right }
-**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DoH](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
+**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
-[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy#readme){ .md-button .md-button--primary }
-[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title="Documentation" }
+[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/DNSCrypt/dnscrypt-proxy){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://opencollective.com/dnscrypt/contribute){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://opencollective.com/dnscrypt/contribute){ .card-link title=Contribute }
Downloads
@@ -225,14 +205,14 @@ The anonymized DNS feature does [not](advanced/dns-overview.md#why-shouldnt-i-us
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
-All DNS products...
+All DNS products must support:
-- Must support [DNSSEC](advanced/dns-overview.md#what-is-dnssec).
-- Must support [QNAME Minimization](advanced/dns-overview.md#what-is-qname-minimization).
-- Must anonymize [ECS](advanced/dns-overview.md#what-is-edns-client-subnet-ecs) or disable it by default.
+- [DNSSEC](advanced/dns-overview.md#what-is-dnssec).
+- [QNAME Minimization](advanced/dns-overview.md#what-is-qname-minimization).
+- Anonymize [ECS](advanced/dns-overview.md#what-is-edns-client-subnet-ecs) or disable it by default.
-Additionally, all public providers...
+Additionally, all public providers:
-- Must not log any personal data to disk.
- - As noted in the footnotes, some providers collect query information for purposes like security research, but in that case the data must not be associated with any PII such as IP address, etc.
-- Should support [anycast](https://en.wikipedia.org/wiki/Anycast) or geo-steering.
+- Prefer [anycast](https://en.wikipedia.org/wiki/Anycast#Addressing_methods) support or geo-steering support.
+- Must not log any personal data to disk
+ - As noted in our footnotes, some providers collect query information for example, for purposes like security research, but in that case that data must not be associated with any PII such as IP address, etc.
diff --git a/docs/document-collaboration.md b/docs/document-collaboration.md
index 4c31f57a..839c011b 100644
--- a/docs/document-collaboration.md
+++ b/docs/document-collaboration.md
@@ -53,7 +53,7 @@ We don't recommend using the [E2EE App](https://apps.nextcloud.com/apps/end_to_e
{ align=right }
-**CryptPad** is a private-by-design alternative to popular office tools. All content on this web service is end-to-end encrypted and can be shared with other users easily. [:material-star-box: Read our latest CryptPad review.](https://www.privacyguides.org/articles/2025/02/07/cryptpad-review)
+**CryptPad** is a private-by-design alternative to popular office tools. All content on this web service is end-to-end encrypted and can be shared with other users easily. [:material-star-box: Read our latest CryptPad review.](https://www.privacyguides.org/articles/2025/02/07/cryptpad-review/)
[:octicons-home-16: Homepage](https://cryptpad.fr){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptpad.fr/pad/#/2/pad/view/GcNjAWmK6YDB3EO2IipRZ0fUe89j43Ryqeb4fjkjehE){ .card-link title="Privacy Policy" }
diff --git a/docs/email-aliasing.md b/docs/email-aliasing.md
index 5e027f63..f0cad43d 100644
--- a/docs/email-aliasing.md
+++ b/docs/email-aliasing.md
@@ -9,34 +9,7 @@ cover: email-aliasing.webp
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
-An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md).
-
-Email aliasing can also act as a safeguard in case your email provider ever ceases operation. In that scenario, you can easily re-route your aliases to a new email address. In turn, however, you are placing trust in the aliasing service to continue functioning.
-
-## Benefits
-
-Using a service which allows you to individually manage email aliases has a number of benefits over conventional mailbox management/filtering methods:
-
-### Over Plus Addressing
-
-True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
-
-### Over Catch-All Aliases
-
-Using a dedicated email aliasing service has a number of benefits over a catch-all alias on a custom domain:
-
-- Aliases can be turned on and off individually when you need them, preventing websites from emailing you randomly.
-- Replies are sent from the alias address, shielding your real email address.
-
-### Over Temporary Email Services
-
-Email aliasing services also have a number of benefits over "temporary email" services:
-
-- Aliases are permanent and can be turned on again if you need to receive something like a password reset.
-- Emails are sent to your trusted mailbox rather than stored by the alias provider.
-- Temporary email services typically have public mailboxes which can be accessed by anyone who knows the address, while aliases are private to you.
-
-## Recommended Providers
+An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
@@ -45,7 +18,20 @@ Email aliasing services also have a number of benefits over "temporary email" se
-Our email aliasing recommendations are providers that allow you to create aliases on domains they control, as well as on your own custom domain(s) for a modest yearly fee. They can also be self-hosted if you want maximum control. However, using a custom domain can have privacy-related drawbacks: If you are the only person using your custom domain, your actions can be easily tracked across websites simply by looking at the domain name in the email address and ignoring everything before the `@` symbol.
+Email aliasing can also act as a safeguard in case your email provider ever ceases operation. In that scenario, you can easily re-route your aliases to a new email address. In turn, however, you are placing trust in the aliasing service to continue functioning.
+
+Using a dedicated email aliasing service also has a number of benefits over a catch-all alias on a custom domain:
+
+- Aliases can be turned on and off individually when you need them, preventing websites from emailing you randomly.
+- Replies are sent from the alias address, shielding your real email address.
+
+They also have a number of benefits over "temporary email" services:
+
+- Aliases are permanent and can be turned on again if you need to receive something like a password reset.
+- Emails are sent to your trusted mailbox rather than stored by the alias provider.
+- Temporary email services typically have public mailboxes which can be accessed by anyone who knows the address, while aliases are private to you.
+
+Our email aliasing recommendations are providers that allow you to create aliases on domains they control, as well as on your own custom domain(s) for a modest yearly fee. They can also be self-hosted if you want maximum control. However, using a custom domain can have privacy-related drawbacks: If you are the only person using your custom domain, your actions can be easily tracked across websites simply by looking at the domain name in the email address and ignoring everything before the at (@) sign.
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
@@ -55,31 +41,29 @@ Using an aliasing service requires trusting both your email provider and your al
{ align=right }
-**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited ["standard" aliases](https://addy.io/faq/#what-is-a-standard-alias).
+**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://addy.io/faq){ .card-link title="Documentation" }
+[:octicons-info-16:](https://addy.io/faq){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/anonaddy){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://addy.io/donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://addy.io/donate){ .card-link title=Contribute }
Downloads
-- [:simple-googleplay: Google Play](https://addy.io/faq/#is-there-an-android-app)
-- [:simple-appstore: App Store](https://addy.io/faq/#is-there-an-ios-app)
+- [:simple-android: Android](https://addy.io/faq/#is-there-an-android-app)
+- [:material-apple-ios: iOS](https://addy.io/faq/#is-there-an-ios-app)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/addy_io)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/iadbdpnoknmbdeolbapdackdcogdmjpe)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/addyio-anonymous-email-fo/iadbdpnoknmbdeolbapdackdcogdmjpe)
-The number of shared aliases (which end in a shared domain like `@addy.io`) that you can create depends on the [plan](https://addy.io/#pricing) you are subscribed to. You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
+The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
-You can create unlimited standard aliases which end in a domain like `@[username].addy.io` or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service.
-
-Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
+You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
Notable free features:
@@ -101,7 +85,7 @@ If you cancel your subscription, you will still enjoy the features of your paid
[:octicons-home-16: Homepage](https://simplelogin.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://simplelogin.io/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://simplelogin.io/docs){ .card-link title="Documentation" }
+[:octicons-info-16:](https://simplelogin.io/docs){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/simple-login){ .card-link title="Source Code" }
@@ -112,18 +96,18 @@ If you cancel your subscription, you will still enjoy the features of your paid
- [:simple-github: GitHub](https://github.com/simple-login/Simple-Login-Android/releases)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/simplelogin)
- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/dphilobhebphkdjbpfohgikllaljmgbn)
-- [:fontawesome-brands-edge: Edge](https://microsoftedge.microsoft.com/addons/detail/diacfpipniklenphgljfkmhinphjlfff)
+- [:fontawesome-brands-edge: Edge](https://microsoftedge.microsoft.com/addons/detail/simpleloginreceive-sen/diacfpipniklenphgljfkmhinphjlfff)
- [:simple-safari: Safari](https://apps.apple.com/app/id6475835429)
-SimpleLogin was [acquired by Proton AG](https://proton.me/news/proton-and-simplelogin-join-forces) as of April 8, 2022. If you use Proton Mail for your primary mailbox, SimpleLogin is a great choice. As both products are now owned by the same company you now only have to trust a single entity. We also expect that SimpleLogin will be more tightly integrated with Proton's offerings in the future. SimpleLogin continues to support forwarding to any email provider of your choosing.
+SimpleLogin was [acquired by Proton AG](https://proton.me/news/proton-and-simplelogin-join-forces) as of April 8, 2022. If you use Proton Mail for your primary mailbox, SimpleLogin is a great choice. As both products are now owned by the same company you now only have to trust a single entity. We also expect that SimpleLogin will be more tightly integrated with Proton's offerings in the future. SimpleLogin continues to support forwarding to any email provider of your choosing. Securitum [audited](https://simplelogin.io/blog/security-audit) SimpleLogin in early 2022 and all issues [were addressed](https://simplelogin.io/audit2022/web.pdf).
-You can link your SimpleLogin account in the settings with your Proton account. If you have Proton Pass Plus, Proton Unlimited, or any multi-user Proton plan, you will have SimpleLogin Premium for free. You can also purchase a voucher code for SimpleLogin Premium anonymously via their official reseller [ProxyStore](https://simplelogin.io/faq).
+You can link your SimpleLogin account in the settings with your Proton account. If you have Proton Pass Plus, Proton Unlimited, or any multi-user Proton plan, you will have SimpleLogin Premium for free.
-Securitum [audited](https://simplelogin.io/blog/security-audit) SimpleLogin in early 2022 and all issues [were addressed](https://simplelogin.io/audit2022/web.pdf).
+You can also purchase a voucher code for SimpleLogin Premium anonymously via their official reseller, [ProxyStore](https://simplelogin.io/faq).
Notable free features:
@@ -136,6 +120,6 @@ When your subscription ends, all aliases you created will still be able to recei
## Criteria
-**Please note we are not affiliated with any of the providers we recommend.** In addition to [our standard criteria](about/criteria.md), we evaluate email aliasing providers to the same standard as our regular [email provider criteria](email.md#criteria) where applicable. We suggest you familiarize yourself with this list before choosing an email aliasing service, and conduct your own research to ensure the provider you choose is the right choice for you.
+**Please note we are not affiliated with any of the providers we recommend.** In addition to [our standard criteria](about/criteria.md), we evaluate email aliasing providers to the same standard as our regular [email provider criteria](email.md#criteria) where applicable. We suggest you familiarize yourself with this list before choosing an email service, and conduct your own research to ensure the provider you choose is the right choice for you.
[^1]: Automatic PGP encryption allows you to encrypt non-encrypted incoming emails before they are forwarded to your mailbox, making sure your primary mailbox provider never sees unencrypted email content.
diff --git a/docs/email-clients.md b/docs/email-clients.md
index de11542f..f5986f03 100644
--- a/docs/email-clients.md
+++ b/docs/email-clients.md
@@ -9,7 +9,7 @@ cover: email-clients.webp
- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
-The **email clients** we recommend support both [OpenPGP](encryption.md#openpgp) and strong authentication such as [Open Authorization (OAuth)](basics/account-creation.md#sign-in-with-oauth). OAuth allows you to use [Multi-Factor Authentication](basics/multi-factor-authentication.md) to prevent account theft.
+The **email clients** we recommend support both [OpenPGP](encryption.md#openpgp) and strong authentication such as [Open Authorization (OAuth)](https://en.wikipedia.org/wiki/OAuth). OAuth allows you to use [Multi-Factor Authentication](basics/multi-factor-authentication.md) to prevent account theft.
Email does not provide forward secrecy
diff --git a/docs/email.md b/docs/email.md
index 61bda2c9..cd19066d 100644
--- a/docs/email.md
+++ b/docs/email.md
@@ -19,19 +19,19 @@ Email is practically a necessity for using any online service, however we do not
For everything else, we recommend a variety of email providers based on sustainable business models and built-in security and privacy features. Read our [full list of criteria](#criteria) for more information.
-| Provider | OpenPGP / WKD | IMAP / SMTP | Zero-Access Encryption | Anonymous Payment Methods |
+| Provider | OpenPGP / WKD | IMAP / SMTP | Zero Access Encryption | Anonymous Payments |
|---|---|---|---|---|
| [Proton Mail](#proton-mail) | :material-check:{ .pg-green } | :material-information-outline:{ .pg-blue } Paid plans only | :material-check:{ .pg-green } | Cash |
| [Mailbox.org](#mailboxorg) | :material-check:{ .pg-green } | :material-check:{ .pg-green } | :material-information-outline:{ .pg-blue } Mail only | Cash |
-| [Tuta](#tuta) | :material-alert-outline:{ .pg-orange } | :material-alert-outline:{ .pg-orange } | :material-check:{ .pg-green } | Monero Cash via third party |
+| [Tuta](#tuta) | :material-alert-outline:{ .pg-orange } | :material-alert-outline:{ .pg-orange } | :material-check:{ .pg-green } | Monero & Cash via third-party |
-In addition to (or instead of) an email provider recommended here, you may wish to consider a dedicated [email aliasing service](email-aliasing.md#recommended-providers) to protect your privacy. Among other things, these services can help protect your real inbox from spam, prevent marketers from correlating your accounts, and encrypt all incoming messages with PGP.
+In addition to (or instead of) an email provider recommended here, you may wish to consider a dedicated [email aliasing service](email-aliasing.md) to protect your privacy. Among other things, these services can help protect your real inbox from spam, prevent marketers from correlating your accounts, and encrypt all incoming messages with PGP.
- [More Information :material-arrow-right-drop-circle:](email-aliasing.md)
## OpenPGP Compatible Services
-These providers natively support OpenPGP encryption/decryption and the [Web Key Directory (WKD) standard](basics/email-security.md#what-is-the-web-key-directory-standard), allowing for provider-agnostic end-to-end encrypted emails. For example, a Proton Mail user could send an E2EE message to a Mailbox.org user, or you could receive OpenPGP-encrypted notifications from internet services which support it.
+These providers natively support OpenPGP encryption/decryption and the [Web Key Directory (WKD) standard](basics/email-security.md#what-is-the-web-key-directory-standard), allowing for provider-agnostic E2EE emails. For example, a Proton Mail user could send an E2EE message to a Mailbox.org user, or you could receive OpenPGP-encrypted notifications from internet services which support it.
@@ -45,9 +45,7 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
When using E2EE technology like OpenPGP your email will still have some metadata that is not encrypted in the header of the email, generally including the subject line! Read more about [email metadata](basics/email-security.md#email-metadata-overview).
-OpenPGP also does not support forward secrecy, which means if the private key of either you or the message recipient is ever stolen, all previous messages encrypted with it will be exposed.
-
-- [How do I protect my private keys?](basics/email-security.md#how-do-i-protect-my-private-keys)
+OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. [How do I protect my private keys?](basics/email-security.md#how-do-i-protect-my-private-keys)
@@ -57,9 +55,7 @@ OpenPGP also does not support forward secrecy, which means if the private key of
{ align=right }
-**Proton Mail** is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since 2013. Proton AG is based in Geneva, Switzerland.
-
-The Proton Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
+**Proton Mail** is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since 2013. Proton AG is based in Geneva, Switzerland. The Proton Mail Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
[:octicons-home-16: Homepage](https://proton.me/mail){ .md-button .md-button--primary }
[:simple-torbrowser:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title="Onion Service" }
@@ -82,9 +78,9 @@ The Proton Free plan comes with 500 MB of Mail storage, which you can increase u
-Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g., Thunderbird). Paid accounts include features like Proton Mail Bridge, additional storage, and custom domain support. If you have the Proton Unlimited plan or any multi-user Proton plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free.
+Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g. Thunderbird). Paid accounts include features like Proton Mail Bridge, additional storage, and custom domain support. A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton Mail's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
-A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton Mail's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
+If you have the Proton Unlimited plan or any multi-user Proton plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free.
Proton Mail has internal crash reports that are **not** shared with third parties. This can be disabled in the web app: :gear: → **All Settings** → **Account** → **Security and privacy** → **Privacy and data collection**.
@@ -94,7 +90,7 @@ Paid Proton Mail subscribers can use their own domain with the service or a [cat
#### :material-check:{ .pg-green } Private Payment Methods
-Proton Mail [accepts](https://proton.me/support/payment-options) **cash** by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
+Proton Mail [accepts](https://proton.me/support/payment-options) cash by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
#### :material-check:{ .pg-green } Account Security
@@ -110,7 +106,7 @@ Certain information stored in [Proton Contacts](https://proton.me/support/proton
Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to-use-pgp) in their webmail. Emails to other Proton Mail accounts are encrypted automatically, and encryption to non-Proton Mail addresses with an OpenPGP key can be enabled easily in your account settings. Proton also supports automatic external key discovery with WKD. This means that emails sent to other providers which use WKD will be automatically encrypted with OpenPGP as well, without the need to manually exchange public PGP keys with your contacts. They also allow you to [encrypt messages to non-Proton Mail addresses without OpenPGP](https://proton.me/support/password-protected-emails), without the need for them to sign up for a Proton Mail account.
-Proton Mail also publishes the public keys of Proton accounts via HTTP from their WKD. This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily for cross-provider E2EE. This only applies to email addresses ending in one of Proton's own domains, like `@proton.me`. If you use a custom domain, you must [configure WKD](basics/email-security.md#what-is-the-web-key-directory-standard) separately.
+Proton Mail also publishes the public keys of Proton accounts via HTTP from their WKD. This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE. This only applies to email addresses ending in one of Proton's own domains, like @proton.me. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
#### :material-information-outline:{ .pg-blue } Account Termination
@@ -118,7 +114,9 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
#### :material-information-outline:{ .pg-blue } Additional Functionality
-Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimited) plan also enables access to other Proton services in addition to providing multiple custom domains, unlimited hide-my-email aliases, and 500 GB of storage.
+Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimited) plan also enables access to other Proton services in addition to providing multiple custom domains, unlimited hide-my-email aliases, and 500 GB of storage.
+
+Proton Mail doesn't offer a digital legacy feature.
### Mailbox.org
@@ -126,9 +124,7 @@ Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimite
{ align=right }
-**Mailbox.org** is an email service with a focus on being secure, ad-free, and powered by 100% eco-friendly energy. They have been in operation since 2014. Mailbox.org is based in Berlin, Germany.
-
-Accounts start with up to 2 GB storage, which can be upgraded as needed.
+**Mailbox.org** is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since 2014. Mailbox.org is based in Berlin, Germany. Accounts start with up to 2 GB storage, which can be upgraded as needed.
[:octicons-home-16: Homepage](https://mailbox.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mailbox.org/en/data-protection-privacy-policy){ .card-link title="Privacy Policy" }
@@ -149,23 +145,23 @@ Mailbox.org lets you use your own domain, and they support [catch-all](https://k
#### :material-check:{ .pg-green } Private Payment Methods
-Mailbox.org doesn't accept any cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept **cash** by mail, **cash** payment to bank account, bank transfer, credit card, PayPal, and a couple of German-specific processors: Paydirekt and Sofortüberweisung.
+Mailbox.org doesn't accept any cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and a couple of German-specific processors: paydirekt and Sofortüberweisung.
#### :material-check:{ .pg-green } Account Security
-Mailbox.org supports [two-factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. You can use either TOTP or a [YubiKey](https://en.wikipedia.org/wiki/YubiKey) via the [YubiCloud](https://yubico.com/products/services-software/yubicloud). Web standards such as [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) are not yet supported.
+Mailbox.org supports [two-factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. You can use either TOTP or a [YubiKey](https://en.wikipedia.org/wiki/YubiKey) via the [YubiCloud](https://yubico.com/products/services-software/yubicloud). Web standards such as [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) are not yet supported.
#### :material-information-outline:{ .pg-blue } Data Security
Mailbox.org allows for encryption of incoming mail using their [encrypted mailbox](https://kb.mailbox.org/en/private/e-mail-article/your-encrypted-mailbox). New messages that you receive will then be immediately encrypted with your public key.
-However, [Open-Xchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that data.
+However, [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that information.
#### :material-check:{ .pg-green } Email Encryption
Mailbox.org has [integrated encryption](https://kb.mailbox.org/en/private/e-mail-article/send-encrypted-e-mails-with-guard) in their webmail, which simplifies sending messages to people with public OpenPGP keys. They also allow [remote recipients to decrypt an email](https://kb.mailbox.org/en/private/e-mail-article/my-recipient-does-not-use-pgp) on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
-Mailbox.org also supports the discovery of public keys via HTTP from their WKD. This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily for cross-provider E2EE. This only applies to email addresses ending in one of Mailbox.org's own domains, like `@mailbox.org`. If you use a custom domain, you must [configure WKD](basics/email-security.md#what-is-the-web-key-directory-standard) separately.
+Mailbox.org also supports the discovery of public keys via HTTP from their WKD. This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE. This only applies to email addresses ending in one of Mailbox.org's own domains, like @mailbox.org. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
#### :material-information-outline:{ .pg-blue } Account Termination
@@ -177,7 +173,7 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/en/private/drive-article/encrypt-files-on-your-drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/en/private/e-mail-article/ensuring-e-mails-are-sent-securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs, providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
## More Providers
@@ -196,9 +192,7 @@ These providers store your emails with zero-knowledge encryption, making them gr
{ align=right }
{ align=right }
-**Tuta** (formerly *Tutanota*) is an email service with a focus on security and privacy through the use of encryption. Tuta has been in operation since 2011 and is based in Hanover, Germany.
-
-Free accounts start with 1 GB of storage.
+**Tuta** (formerly *Tutanota*) is an email service with a focus on security and privacy through the use of encryption. Tuta has been in operation since 2011 and is based in Hanover, Germany. Free accounts start with 1 GB of storage.
[:octicons-home-16: Homepage](https://tuta.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://tuta.com/privacy){ .card-link title="Privacy Policy" }
@@ -229,7 +223,7 @@ Paid Tuta accounts can use either 15 or 30 aliases depending on their plan and u
#### :material-information-outline:{ .pg-blue } Private Payment Methods
-Tuta only directly accepts credit cards and PayPal, however [**cryptocurrency**](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tuta.com/support/#cryptocurrency) with ProxyStore.
+Tuta only directly accepts credit cards and PayPal, however [cryptocurrency](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tuta.com/support/#cryptocurrency) with ProxyStore.
#### :material-check:{ .pg-green } Account Security
@@ -237,7 +231,7 @@ Tuta supports [two-factor authentication](https://tuta.com/support#2fa) with eit
#### :material-check:{ .pg-green } Data Security
-Tuta has [zero-access encryption at rest](https://tuta.com/support#what-encrypted) for your emails, [address book contacts](https://tuta.com/support#encrypted-address-book), and [calendars](https://tuta.com/support#calendar). This means the messages and other data stored in your account are only readable by you.
+Tuta has [zero access encryption at rest](https://tuta.com/support#what-encrypted) for your emails, [address book contacts](https://tuta.com/support#encrypted-address-book), and [calendars](https://tuta.com/support#calendar). This means the messages and other data stored in your account are only readable by you.
#### :material-information-outline:{ .pg-blue } Email Encryption
@@ -251,6 +245,63 @@ Tuta will [delete inactive free accounts](https://tuta.com/support#inactive-acco
Tuta offers the business version of [Tuta to non-profit organizations](https://tuta.com/blog/secure-email-for-non-profit) for free or with a heavy discount.
+Tuta doesn't offer a digital legacy feature.
+
+## Self-Hosting Email
+
+Advanced system administrators may consider setting up their own email server. Mail servers require attention and continuous maintenance in order to keep things secure and mail delivery reliable. In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
+
+- [Setting up a mail server with OpenSMTPD, Dovecot and Rspamd](https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd) (2019)
+- [How To Run Your Own Mail Server](https://www.c0ffee.net/blog/mail-server-guide) (August 2017)
+
+### Stalwart
+
+
+
+{ align=right }
+
+**Stalwart** is a newer mail server written in Rust which supports JMAP in addition to the standard IMAP, POP3, and SMTP. It has a wide variety of configuration options, but it also defaults to very reasonable settings (in terms of both security and features) making it easy to use immediately. It has web-based administration with TOTP 2FA support, and it allows you to enter your public PGP key to encrypt **all** incoming messages.
+
+[:octicons-home-16: Homepage](https://stalw.art){ .md-button .md-button--primary }
+[:octicons-info-16:](https://stalw.art/docs/get-started){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/stalwartlabs){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://github.com/sponsors/stalwartlabs){ .card-link title="Contribute" }
+
+
+
+Stalwart's [PGP implementation](https://stalw.art/docs/encryption/overview) is unique among our self-hosted recommendations, and allows you to operate your own mail server with zero-knowledge message storage. If you additionally configure Web Key Directory on your domain, and if you use an email client which supports PGP and Web Key Directory for outgoing mail (like Thunderbird), then this is the easiest way to get self-hosted E2EE compatibility with all [Proton Mail](#proton-mail) users.
+
+Stalwart does **not** have an integrated webmail, so you will need to use it with a [dedicated email client](email-clients.md) (or find an open-source webmail to self-host, like Nextcloud's Mail app). We use Stalwart for our own internal email at *Privacy Guides*.
+
+### Mailcow
+
+
+
+{ align=right }
+
+**Mailcow** is a more advanced mail server perfect for those with a bit more Linux experience. It has everything you need in a Docker container: a mail server with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support.
+
+[:octicons-home-16: Homepage](https://mailcow.email){ .md-button .md-button--primary }
+[:octicons-info-16:](https://docs.mailcow.email){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/mailcow/mailcow-dockerized){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://servercow.de/mailcow?lang=en#sal){ .card-link title="Contribute" }
+
+
+
+### Mail-in-a-Box
+
+
+
+{ align=right }
+
+**Mail-in-a-Box** is an automated setup script for deploying a mail server on Ubuntu. Its goal is to make it easier for people to set up their own mail server.
+
+[:octicons-home-16: Homepage](https://mailinabox.email){ .md-button .md-button--primary }
+[:octicons-info-16:](https://mailinabox.email/guide.html){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/mail-in-a-box/mailinabox){ .card-link title="Source Code" }
+
+
+
## Criteria
**Please note we are not affiliated with any of the providers we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements for any email provider wishing to be recommended, including implementing industry best practices, modern technology and more. We suggest you familiarize yourself with this list before choosing an email provider, and conduct your own research to ensure the email provider you choose is the right choice for you.
@@ -261,22 +312,22 @@ We regard these features as important in order to provide a safe and optimal ser
**Minimum to Qualify:**
-- Must encrypt email account data at rest with zero-access encryption.
-- Must be capable of exporting emails as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
-- Must operate on owned infrastructure, i.e. not built upon third-party email service providers.
+- Encrypts email account data at rest with zero-access encryption.
+- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
+- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
-- Should encrypt all account data (contacts, calendars, etc.) at rest with zero-access encryption.
-- Should provide integrated webmail E2EE/PGP encryption as a convenience.
-- Should support WKD to allow improved discovery of public OpenPGP keys via HTTP. GnuPG users can get a key with this command: `gpg --locate-key example_user@example.com`.
-- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
-- Should support [sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
-- Should allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
+- Encrypts all account data (Contacts, Calendars, etc.) at rest with zero-access encryption.
+- Integrated webmail E2EE/PGP encryption provided as a convenience.
+- Support for WKD to allow improved discovery of public OpenPGP keys via HTTP.
+ GnuPG users can get a key by typing: `gpg --locate-key example_user@example.com`
+- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
+- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
+- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
-- Should use standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
-- Email provider's services should be available via an [onion service](https://en.wikipedia.org/wiki/.onion).
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Privacy
@@ -284,30 +335,30 @@ We prefer our recommended providers to collect as little data as possible.
**Minimum to Qualify:**
-- Must protect sender's IP address, which can involve filtering it from showing in the `Received` header field.
-- Must not require personally identifiable information (PII) besides a username and a password.
-- Privacy policy must meet the requirements defined by the GDPR.
+- Protect sender's IP address, which can involve filtering it from showing in the `Received` header field.
+- Don't require personally identifiable information (PII) besides a username and a password.
+- Privacy policy that meets the requirements defined by the GDPR.
**Best Case:**
-- Should accept [anonymous payment options](advanced/payments.md) ([cryptocurrency](cryptocurrency.md), cash, gift cards, etc.)
-- Should be hosted in a jurisdiction with strong email privacy protection laws.
+- Accepts [anonymous payment options](advanced/payments.md) ([cryptocurrency](cryptocurrency.md), cash, gift cards, etc.)
+- Hosted in a jurisdiction with strong email privacy protection laws.
### Security
-Email servers deal with a lot of very sensitive data. We expect that providers will adopt industry best practices in order to protect their customers.
+Email servers deal with a lot of very sensitive data. We expect that providers will adopt best industry practices in order to protect their customers.
**Minimum to Qualify:**
-- Protection of webmail with 2FA, such as [TOTP](basics/multi-factor-authentication.md#time-based-one-time-password-totp).
-- Zero-access encryption, which builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
+- Protection of webmail with 2FA, such as TOTP.
+- Zero access encryption, which builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) support.
- No TLS errors or vulnerabilities when being profiled by tools such as [Hardenize](https://hardenize.com), [testssl.sh](https://testssl.sh), or [Qualys SSL Labs](https://ssllabs.com/ssltest); this includes certificate related errors and weak DH parameters, such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
-- A server suite preference (optional on TLS 1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
+- A server suite preference (optional on TLSv1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
- A valid [MTA-STS](https://tools.ietf.org/html/rfc8461) and [TLS-RPT](https://tools.ietf.org/html/rfc8460) policy.
- Valid [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) records.
- Valid [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) and [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) records.
-- Must have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
+- Have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
- A server suite preference of TLS 1.2 or later and a plan for [RFC8996](https://datatracker.ietf.org/doc/rfc8996).
- [SMTPS](https://en.wikipedia.org/wiki/SMTPS) submission, assuming SMTP is used.
- Website security standards such as:
@@ -317,10 +368,10 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
**Best Case:**
-- Should support hardware authentication, i.e. U2F and [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online).
+- Support for hardware authentication, i.e. U2F and [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online).
- [DNS Certification Authority Authorization (CAA) Resource Record](https://tools.ietf.org/html/rfc6844) in addition to DANE support.
-- Should implement [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), which is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
-- Published security audits from a reputable, third-party firm.
+- Implementation of [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), which is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
+- Published security audits from a reputable third-party firm.
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
- Website security standards such as:
- [Content Security Policy (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
@@ -345,15 +396,18 @@ With the email providers we recommend, we like to see responsible marketing.
**Minimum to Qualify:**
- Must self-host analytics (no Google Analytics, Adobe Analytics, etc.).
-- Must not have any irresponsible marketing, which can include the following:
- - Claims of "unbreakable encryption." Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
- - Guarantees of protecting anonymity 100%. When someone makes a claim that something is 100%, it means there is no certainty for failure. We know people can quite easily de-anonymize themselves in a number of ways, e.g.:
- - Reusing personal information e.g. (email accounts, unique pseudonyms, etc.) that they accessed without anonymity software such as Tor
- - [Browser fingerprinting](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
+
+Must not have any irresponsible marketing, which can include the following:
+
+- Claims of "unbreakable encryption." Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
+- Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know people can quite easily de-anonymize themselves in a number of ways, e.g.:
+
+ - Reusing personal information e.g. (email accounts, unique pseudonyms, etc.) that they accessed without anonymity software (Tor, VPN, etc.)
+ - [Browser fingerprinting](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
**Best Case:**
-- Clear and easy-to-read documentation for tasks like setting up 2FA, email clients, OpenPGP, etc.
+- Clear and easy to read documentation for tasks like setting up 2FA, email clients, OpenPGP, etc.
### Additional Functionality
diff --git a/docs/encryption.md b/docs/encryption.md
index a9d2b801..c3658bc4 100644
--- a/docs/encryption.md
+++ b/docs/encryption.md
@@ -64,7 +64,7 @@ Cryptomator's documentation details its intended [security target](https://docs.
**Picocrypt** is a small and simple encryption tool that provides modern encryption. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security. It uses Go's standard x/crypto modules for its encryption features.
-[:octicons-repo-16: Repository](https://github.com/Picocrypt/Picocrypt#readme){ .md-button .md-button--primary }
+[:octicons-repo-16: Repository](https://github.com/Picocrypt/Picocrypt){ .md-button .md-button--primary }
[:octicons-code-16:](https://github.com/Picocrypt/Picocrypt){ .card-link title="Source Code" }
[:octicons-heart-16:](https://opencollective.com/picocrypt){ .card-link title="Contribute" }
@@ -206,7 +206,7 @@ We advise against using your iCloud account for recovery; instead, you should se
**LUKS** is the default FDE method for Linux. It can be used to encrypt full volumes, partitions, or create encrypted containers.
-[:octicons-repo-16: Repository](https://gitlab.com/cryptsetup/cryptsetup#what-the-){ .md-button .md-button--primary }
+[:octicons-home-16: Homepage](https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/README.md){ .md-button .md-button--primary }
[:octicons-info-16:](https://gitlab.com/cryptsetup/cryptsetup/-/wikis/home){ .card-link title="Documentation" }
[:octicons-code-16:](https://gitlab.com/cryptsetup/cryptsetup){ .card-link title="Source Code" }
diff --git a/docs/frontends.md b/docs/frontends.md
index e0fa7989..20d25318 100644
--- a/docs/frontends.md
+++ b/docs/frontends.md
@@ -89,7 +89,7 @@ ProxiTok is useful if you want to disable JavaScript in your browser, such as [T
There are a number of public instances, with some that offer a [Tor](tor.md) onion service or an [I2P](alternative-networks.md#i2p-the-invisible-internet-project) eepsite.
[:octicons-home-16: Homepage](https://invidious.io){ .md-button .md-button--primary }
-[:octicons-server-16:](https://docs.invidious.io/instances){ .card-link title="Public Instances" }
+[:octicons-server-16:](https://instances.invidious.io){ .card-link title="Public Instances" }
[:octicons-info-16:](https://docs.invidious.io){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/iv-org/invidious){ .card-link title="Source Code" }
[:octicons-heart-16:](https://invidious.io/donate){ .card-link title="Contribute" }
@@ -123,7 +123,7 @@ Invidious is useful if you want to disable JavaScript in your browser, such as [
Piped requires JavaScript in order to function and there are a number of public instances.
[:octicons-repo-16: Repository](https://github.com/TeamPiped/Piped){ .md-button .md-button--primary }
-[:octicons-server-16:](https://github.com/TeamPiped/documentation/blob/main/content/docs/public-instances/index.md){ .card-link title="Public Instances" }
+[:octicons-server-16:](https://github.com/TeamPiped/Piped/wiki/Instances){ .card-link title="Public Instances" }
[:octicons-info-16:](https://docs.piped.video/docs){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/TeamPiped/Piped){ .card-link title="Source Code" }
[:octicons-heart-16:](https://github.com/TeamPiped/Piped#donations){ .card-link title="Contribute" }
diff --git a/docs/health-and-wellness.md b/docs/health-and-wellness.md
index 3a03edde..b54a8957 100644
--- a/docs/health-and-wellness.md
+++ b/docs/health-and-wellness.md
@@ -1,8 +1,8 @@
---
-meta_title: "Privacy-Respecting Health and Wellness apps for Android and iOS - Privacy Guides"
-title: "Health and Wellness"
+meta_title: "Privacy Respecting Health and Wellness apps for Android and iOS - Privacy Guides"
+title: "Health and Wellness Apps"
icon: material/heart-pulse
-description: These applications are what we currently recommend for all health- and fitness-related activites on your phone.
+description: These applications are what we currently recommend for all health and fitness-related activites on your phone.
cover: health.webp
---
Protects against the following threat(s):
@@ -102,7 +102,7 @@ These general purpose apps can do everything from counting steps and tracking sl
Downloads
-- [:simple-fdroid: F-Droid](https://f-droid.org/packages/nodomain.freeyourgadget.gadgetbridge)
+- [:simple-android: F-Droid](https://f-droid.org/packages/nodomain.freeyourgadget.gadgetbridge)
diff --git a/docs/index.md b/docs/index.md
index e7464db4..04876f84 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -113,6 +113,6 @@ In the modern age of digital data exploitation, your privacy has never been more
Many people get the concepts of privacy, security, and anonymity confused. You'll see people criticize various products as "not private" when really they mean it doesn't provide anonymity, for example. On this website, we cover all three of these topics, but it is important you understand the difference between them, and when each one comes into play.
-[:material-movie-open-play-outline: Video: 5 Steps to Improve Your Privacy](https://www.privacyguides.org/videos/2025/02/14/5-easy-steps-to-protect-yourself-online){ class="md-button" }
+[:material-movie-open-play-outline: Video: 5 Steps to Improve Your Privacy](https://www.privacyguides.org/videos/2025/02/14/5-easy-steps-to-protect-yourself-online/){ class="md-button" }
diff --git a/docs/language-tools.md b/docs/language-tools.md
index bc280d8f..160d8923 100644
--- a/docs/language-tools.md
+++ b/docs/language-tools.md
@@ -9,7 +9,7 @@ cover: language-tools.webp
- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
-Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time and sold to third parties. The language tools listed on this page do not store your submitted text on a server and can be self-hosted and used offline for maximum control of your data.
+Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time and sold to third parties. The language tools listed on this page do not store your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
@@ -22,7 +22,7 @@ Text inputted to grammar, spelling, and style checkers, as well as translation s
[:octicons-home-16: Homepage](https://languagetool.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://languagetool.org/legal/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://languagetooler.freshdesk.com/en/support/solutions){ .card-link title="Documentation" }
+[:octicons-info-16:](https://languagetooler.freshdesk.com/en/support/solutions){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/languagetool-org){ .card-link title="Source Code" }
@@ -32,7 +32,7 @@ Text inputted to grammar, spelling, and style checkers, as well as translation s
- [:fontawesome-brands-windows: Windows](https://languagetool.org/windows-desktop)
- [:simple-apple: macOS](https://languagetool.org/mac-desktop)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/languagetool)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/oldceeleldhonbafppcapldpdifcinji)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/grammar-and-spell-checker/oldceeleldhonbafppcapldpdifcinji)
- [:fontawesome-brands-edge: Edge](https://microsoftedge.microsoft.com/addons/detail/hfjadhjooeceemgojogkhlppanjkbobc)
- [:simple-safari: Safari](https://apps.apple.com/app/id1534275760)
diff --git a/docs/maps.md b/docs/maps.md
index 39996da3..1c411f23 100644
--- a/docs/maps.md
+++ b/docs/maps.md
@@ -19,7 +19,7 @@ The recommendations here either do not collect any user data or at least do not
{ align=right }
-**Organic Maps** is an open-source, community-developed map display and satnav-style navigation app for walkers, drivers, and cyclists. The app offers worldwide, offline maps based on OpenStreetMap data, and navigation with privacy — no location tracking, no data collection, and no ads. The app can be used completely offline.
+**Organic Maps** is an open source, community-developed map display and satnav-style navigation app for walkers, drivers, and cyclists. The app offers worldwide offline maps based on OpenStreetMap data, and navigation with privacy — no location tracking, no data collection, and no ads. The app can be used completely offline.
Features include cycling routes, hiking trails and walking paths, turn-by-turn navigation with voice guidance, and public transport route planning (only available in supported regions and cities).
@@ -47,7 +47,7 @@ Please note that Organic Maps is a simple, basic app that lacks certain features
{ align=right }
-**OsmAnd** is an offline map and navigation application based on OpenStreetMap that offers turn-by-turn navigation for walking, cycling, driving, as well as public transport. It is open source and does not collect any user data.
+**OsmAnd** is an offline map and navigation application based on OpenStreetMap, offering turn-by-turn navigation for walking, cycling, driving, as well as public transport. It is open-source and does not collect any user data.
[:octicons-home-16: Homepage](https://osmand.net){ .md-button .md-button--primary }
[:octicons-eye-16:](https://osmand.net/docs/legal/privacy-policy){ .card-link title="Privacy Policy" }
@@ -59,15 +59,13 @@ Please note that Organic Maps is a simple, basic app that lacks certain features
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=net.osmand)
- [:simple-android: Android](https://osmand.net/docs/versions/free-versions)
-- [:simple-appstore: App Store](https://apps.apple.com/us/app/id934850257)
+- [:simple-appstore: App Store](https://apps.apple.com/us/app/osmand-maps-travel-navigate/id934850257)
-OsmAnd allows you to overlay or underlay external map data, such as satellite images from Microsoft or [traffic data](https://themm.net/public/osmand_traffic) from Google, although the latter is ignored by the automatic route planning. OsmAnd also has an optional integration of street view images provided by [Mapillary](https://mapillary.com).
-
-You can find a detailed overview of OsmAnd's supported [features](https://wiki.openstreetmap.org/wiki/OsmAnd#Features) on the OpenStreet Map Wiki.
+Compared to Organic Maps, OsmAnd has more [features](https://wiki.openstreetmap.org/wiki/OsmAnd#Features) but is also more complicated to use. One noteworthy feature is the ability to overlay or underlay external map data, such as satellite images from Microsoft or [traffic data](https://web.archive.org/web/20211203063453/http://themm.net/public/osmand_traffic) from Google, although the latter is ignored by the automatic route planning. OsmAnd also has an optional integration of street view images provided by [Mapillary](https://mapillary.com).
## Criteria
diff --git a/docs/meta/admonitions.md b/docs/meta/admonitions.md
index e53b5505..af1ab973 100644
--- a/docs/meta/admonitions.md
+++ b/docs/meta/admonitions.md
@@ -3,7 +3,7 @@ title: Admonitions
description: A guide for website contributors on creating admonitions.
---
-**Admonitions** (or "call-outs") are tools that writers can use to include side content in an article without interrupting the document flow.
+**Admonitions** (or "call-outs") are a choice writers can use to include side content in an article without interrupting the document flow.
Example Admonition
@@ -41,7 +41,7 @@ ENCLOSED TEXT
```
-The `TITLE` must be specified; if you don't want a specific title you can set it to the same text as the `TYPE` (see below) in title case, e.g. `Note`. The `ENCLOSED TEXT` should be Markdown formatted.
+The `TITLE` must be specified, if you don't want a specific title you can set it to the same text as the `TYPE` (see below) in title case, e.g. `Note`. The `ENCLOSED TEXT` should be Markdown formatted.
### Regular types
@@ -166,11 +166,11 @@ This format is used to generate recommendation cards. Notably it is missing the
{ align=right }
-**PhotoPrism** is a self-hostable platform for managing photos. It supports album syncing and sharing as well as a variety of other [features](https://photoprism.app/features). It does not include end-to-end encryption, so it's best hosted on a server that you trust and is under your control.
+**PhotoPrism** is a self-hostable platform for managing photos. It supports album syncing and sharing as well as a variety of other [features](https://photoprism.app/features). It does not include E2EE, so it's best hosted on a server that you trust and is under your control.
[:octicons-home-16: Homepage](https://photoprism.app){ .md-button .md-button--primary }
[:octicons-eye-16:](https://photoprism.app/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://photoprism.app/kb){ .card-link title="Documentation" }
+[:octicons-info-16:](https://photoprism.app/kb){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/photoprism){ .card-link title="Source Code" }
@@ -189,11 +189,11 @@ This format is used to generate recommendation cards. Notably it is missing the
{ align=right }
-**PhotoPrism** is a self-hostable platform for managing photos. It supports album syncing and sharing as well as a variety of other [features](https://photoprism.app/features). It does not include end-to-end encryption, so it's best hosted on a server that you trust and is under your control.
+**PhotoPrism** is a self-hostable platform for managing photos. It supports album syncing and sharing as well as a variety of other [features](https://photoprism.app/features). It does not include E2EE, so it's best hosted on a server that you trust and is under your control.
[:octicons-home-16: Homepage](https://photoprism.app){ .md-button .md-button--primary }
[:octicons-eye-16:](https://photoprism.app/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://photoprism.app/kb){ .card-link title="Documentation" }
+[:octicons-info-16:](https://photoprism.app/kb){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/photoprism){ .card-link title="Source Code" }
@@ -209,7 +209,7 @@ This format is used to generate recommendation cards. Notably it is missing the
#### `downloads`
-This is a special type of collapsible admonition which is used to generate sections containing download links. It is only used within recommendation cards, as shown in the example above.
+This is a special type of collapsible admonition, used to generate the download links section. It is only used within recommendation cards, as shown in the example above.
```markdown title="Downloads Section"
@@ -217,7 +217,7 @@ This is a special type of collapsible admonition which is used to generate secti
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/id979659905)
-- [:simple-github: GitHub](https://github.com/ProtonMail/android-mail/releases)
+- [:simple-github: GitHub](https://github.com/ProtonMail/proton-mail-android/releases)
- [:fontawesome-brands-windows: Windows](https://proton.me/mail/bridge#download)
- [:simple-apple: macOS](https://proton.me/mail/bridge#download)
- [:simple-linux: Linux](https://proton.me/mail/bridge#download)
@@ -233,7 +233,7 @@ This is a special type of collapsible admonition which is used to generate secti
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/id979659905)
-- [:simple-github: GitHub](https://github.com/ProtonMail/android-mail/releases)
+- [:simple-github: GitHub](https://github.com/ProtonMail/proton-mail-android/releases)
- [:fontawesome-brands-windows: Windows](https://proton.me/mail/bridge#download)
- [:simple-apple: macOS](https://proton.me/mail/bridge#download)
- [:simple-linux: Linux](https://proton.me/mail/bridge#download)
@@ -245,7 +245,7 @@ This is a special type of collapsible admonition which is used to generate secti
## Old Format
-Throughout the site, you may see some admonitions formatted like the following examples:
+Throughout the site, you may see some admonitions formatted similarly to these examples:
``` markdown title="Admonition"
!!! note
@@ -289,6 +289,6 @@ massa, nec semper lorem quam in massa.
-**This format is no longer used going forward** because it is incompatible with newer versions of our translation software at Crowdin. When adding a new page to the site, only the newer, HTML-based format should be used.
+**This format is no longer used going forward,** because it is incompatible with newer versions of our translation software at Crowdin. When adding a new page to the site, only the newer HTML-based format should be used.
-There is no rush to convert admonitions with the old format to the new format. Pages currently using this formatting should continue to work, but we will be updating them to use the newer, HTML-based format above over time as we continue to update the site.
+There is no rush to convert admonitions with the old format to the new format. Pages currently using this formatting should continue to work, but we will be updating them to use the newer HTML-based format above over time as we continue to update the site.
diff --git a/docs/meta/pr-comments.md b/docs/meta/pr-comments.md
deleted file mode 100644
index 84f01658..00000000
--- a/docs/meta/pr-comments.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: Commenting on PRs
-description: A guide on participating in Pull Request discussions.
----
-Please refrain from using the general **Add a comment** box in GitHub PRs when leaving a comment or performing a review.
-
-
-
-Comments that are left like this are not *threaded*, which makes it difficult to keep track of multiple conversations.
-
-Comments that are instead left in the manner described below will have a built-in reply box to keep conversations in a single thread. These comments can also be marked as resolved afterwards, so that discussion can be tracked more easily.
-
-
-
-## Commenting
-
-To start a threaded comment, you should leave all comments under the :octicons-file-diff-16: **Files changed** tab in a PR.
-
-
-
-To leave a *general* comment on a PR, click the :octicons-comment-16: comment icon to the right of a file:
-
-
-
-If the PR has multiple files changed, comment on the primary or most relevant file changed, or comment on the first file if you can't decide.
-
-To leave a comment *on a specific line* of a PR, hover over the line where you'd like to add a comment, and click the blue comment icon:
-
-
-
-(Optionally, you can add a comment on multiple lines. You can click the line number of the first line you want to comment on and drag down to select a range of lines, then click the blue comment icon on the last line you want to comment on. Alternatively, you can click the blue comment icon next to the first line you want to comment on, then drag down to the last line you want to comment on.)
-
-Then, type your comment and click **Add single comment**.
-
-## Reviewing
-
-When performing a review, follow the same steps as above, but click **Start a review** (and subsequently, **Add a review comment**) instead of **Add single comment**.
-
-Then, click the green **Finish your review** button at the top of the page.
-
-Do not leave any discussion comments in the *Leave a comment* box in the review finalization pop-up. You can leave it blank, or leave a short note if it will not require any follow-up. To comment on something that will require further discussion, add a comment on a file as described above instead.
-
-Then, click **Submit review**.
diff --git a/docs/news-aggregators.md b/docs/news-aggregators.md
index 2f1ce7c6..54c755d8 100644
--- a/docs/news-aggregators.md
+++ b/docs/news-aggregators.md
@@ -41,9 +41,9 @@ A **news aggregator** is software which aggregates digital content from online n
{ align=right }
-**NewsFlash** is an open-source, modern, and easy-to-use news feed reader for Linux. It can be used offline or with services like [Inoreader](https://inoreader.com) or [Nextcloud News](https://apps.nextcloud.com/apps/news). It has a search feature and a pre-defined list of sources that you can add directly.
+**NewsFlash** is an open-source, modern, and easy-to-use news feed reader for Linux. It can be used offline or used with services like [Nextcloud News](https://apps.nextcloud.com/apps/news) or [Inoreader](https://inoreader.com). It has a search feature and a pre-defined list of sources that you can add directly.
-[:octicons-repo-16: Repository](https://gitlab.com/news-flash/news_flash_gtk#newsflash){ .md-button .md-button--primary }
+[:octicons-repo-16: Repository](https://gitlab.com/news-flash/news_flash_gtk){ .md-button .md-button--primary }
[:octicons-code-16:](https://gitlab.com/news-flash/news_flash_gtk){ .card-link title="Source Code" }
@@ -61,11 +61,9 @@ A **news aggregator** is software which aggregates digital content from online n
{ align=right }
-**Feeder** is a modern RSS client for Android that has many [features](https://github.com/spacecowboy/Feeder#features) and works well with folders of RSS feeds.
+**Feeder** is a modern RSS client for Android that has many [features](https://github.com/spacecowboy/Feeder#features) and works well with folders of RSS feeds. It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)), [RDF](https://en.wikipedia.org/wiki/RDF%2FXML), and [JSON Feed](https://en.wikipedia.org/wiki/JSON_Feed).
-It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)), [RDF](https://en.wikipedia.org/wiki/RDF%2FXML), and [JSON Feed](https://en.wikipedia.org/wiki/JSON_Feed).
-
-[:octicons-repo-16: Repository](https://github.com/spacecowboy/Feeder#readme){ .md-button .md-button--primary }
+[:octicons-repo-16: Repository](https://github.com/spacecowboy/Feeder){ .md-button .md-button--primary }
[:octicons-code-16:](https://github.com/spacecowboy/Feeder){ .card-link title="Source Code" }
[:octicons-heart-16:](https://ko-fi.com/spacecowboy){ .card-link title="Contribute" }
@@ -86,12 +84,10 @@ It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedi
{ align=right }
{ align=right }
-**Miniflux** is a web-based news aggregator that you can self-host.
-
-It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)), [RDF](https://en.wikipedia.org/wiki/RDF%2FXML), and [JSON Feed](https://en.wikipedia.org/wiki/JSON_Feed).
+**Miniflux** is a web-based news aggregator that you can self-host. It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)), [RDF](https://en.wikipedia.org/wiki/RDF%2FXML), and [JSON Feed](https://en.wikipedia.org/wiki/JSON_Feed).
[:octicons-home-16: Homepage](https://miniflux.app){ .md-button .md-button--primary }
-[:octicons-info-16:](https://miniflux.app/docs/index#user-guide){ .card-link title="Documentation" }
+[:octicons-info-16:](https://miniflux.app/docs/index){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/miniflux/v2){ .card-link title="Source Code" }
[:octicons-heart-16:](https://miniflux.app/#donations){ .card-link title="Contribute" }
@@ -103,9 +99,7 @@ It supports [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedi
{ align=right }
-**NetNewsWire** is a free and open-source feed reader for macOS and iOS with a focus on a native design and feature set.
-
-It supports conventional feed formats and includes built-in support for Reddit feeds.
+**NetNewsWire** is a free and open-source feed reader for macOS and iOS with a focus on a native design and feature set. It supports the typical feed formats alongside built-in support for Reddit feeds.
[:octicons-home-16: Homepage](https://netnewswire.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://netnewswire.com/privacypolicy){ .card-link title="Privacy Policy" }
@@ -131,7 +125,7 @@ It supports conventional feed formats and includes built-in support for Reddit f
**Newsboat** is an RSS/Atom feed reader for the text console. It's an actively maintained fork of [Newsbeuter](https://en.wikipedia.org/wiki/Newsbeuter). It is very lightweight and ideal for use over [Secure Shell](https://en.wikipedia.org/wiki/Secure_Shell).
[:octicons-home-16: Homepage](https://newsboat.org){ .md-button .md-button--primary }
-[:octicons-info-16:](https://newsboat.org/releases/2.38/docs/newsboat.html){ .card-link title="Documentation" }
+[:octicons-info-16:](https://newsboat.org/releases/2.37/docs/newsboat.html){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/newsboat/newsboat){ .card-link title="Source Code" }
@@ -169,7 +163,7 @@ You can subscribe to YouTube channels without logging in and associating usage i
Example
-To subscribe to a YouTube channel with an RSS client, first look for its [channel code](https://support.google.com/youtube/answer/6180214). The channel code can be found in the expanded description (i.e., the "About" section) of the YouTube channel you wish to subscribe to: **About** → **Share channel** → **Copy channel ID**. Replace `[CHANNEL ID]` below:
+To subscribe to a YouTube channel with an RSS client, first look for its [channel code](https://support.google.com/youtube/answer/6180214). The channel code can be found on the about page of the YouTube channel you wish to subscribe to, under: **About** → **Share** → **Copy channel ID**. Replace `[CHANNEL ID]` below:
```text
https://youtube.com/feeds/videos.xml?channel_id=[CHANNEL ID]
diff --git a/docs/notebooks.md b/docs/notebooks.md
index 9ba7bddf..21cf57b5 100644
--- a/docs/notebooks.md
+++ b/docs/notebooks.md
@@ -1,7 +1,7 @@
---
title: "Notebooks"
icon: material/notebook-edit-outline
-description: These encrypted note-taking apps let you keep track of your notes without giving them to a third party.
+description: These encrypted note-taking apps let you keep track of your notes without giving them to a third-party.
cover: notebooks.webp
---
Protects against the following threat(s):
@@ -10,7 +10,7 @@ cover: notebooks.webp
Keep track of your notes and journals without giving them to a third party.
-If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports end-to-end encryption.
+If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
## Cloud-based
@@ -20,15 +20,13 @@ If you are currently using an application like Evernote, Google Keep, or Microso
{ align=right }
-**Standard Notes** is a simple and private notes app that features cross-platform sync for seamless use. It features E2EE on every platform, and a powerful desktop experience with themes and custom editors.
-
-Standard Notes has also undergone multiple [independent audits](https://standardnotes.com/help/2/has-standard-notes-completed-a-third-party-security-audit).
+**Standard Notes** is a simple and private notes app that makes your notes easy and available everywhere you are. It features E2EE on every platform, and a powerful desktop experience with themes and custom editors. It has also been [independently audited](https://standardnotes.com/help/2/has-standard-notes-completed-a-third-party-security-audit).
[:octicons-home-16: Homepage](https://standardnotes.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://standardnotes.com/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://standardnotes.com/help){ .card-link title="Documentation" }
+[:octicons-info-16:](https://standardnotes.com/help){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/standardnotes){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://standardnotes.com/donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://standardnotes.com/donate){ .card-link title=Contribute }
Downloads
@@ -39,7 +37,7 @@ Standard Notes has also undergone multiple [independent audits](https://standard
- [:fontawesome-brands-windows: Windows](https://standardnotes.com)
- [:simple-apple: macOS](https://standardnotes.com)
- [:simple-linux: Linux](https://standardnotes.com)
-- [:octicons-browser-16: Web](https://app.standardnotes.com)
+- [:octicons-globe-16: Web](https://app.standardnotes.com)
@@ -53,15 +51,13 @@ Standard Notes has [joined Proton AG](https://standardnotes.com/blog/joining-for
{ align=right }
-**Notesnook** is a free (as in speech), open-source, and easy-to-use E2EE note-taking app focused on user privacy.
-
-It features sync functionality that allows you to access your notes on multiple platforms. You can easily import your notes from Evernote, OneNote, and other apps using their [official importer](https://importer.notesnook.com).
+**Notesnook** is a free (as in speech) & open-source note-taking app focused on user privacy & ease of use. It features end-to-end encryption on all platforms with a powerful sync to take your notes on the go. You can easily import your notes from Evernote, OneNote & a lot of other apps using their [official importer](https://importer.notesnook.com).
[:octicons-home-16: Homepage](https://notesnook.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://notesnook.com/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://help.notesnook.com){ .card-link title="Documentation" }
+[:octicons-info-16:](https://help.notesnook.com){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/streetwriters/notesnook){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://opencollective.com/notesnook){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://github.com/streetwriters/notesnook/blob/master/CONTRIBUTING.md){ .card-link title=Contribute }
Downloads
@@ -72,10 +68,10 @@ It features sync functionality that allows you to access your notes on multiple
- [:fontawesome-brands-windows: Windows](https://notesnook.com/downloads)
- [:simple-apple: macOS](https://notesnook.com/downloads)
- [:simple-linux: Linux](https://notesnook.com/downloads)
-- [:simple-flathub: Flathub](https://flathub.org/apps/com.notesnook.Notesnook)
- [:simple-firefoxbrowser: Firefox](https://notesnook.com/notesnook-web-clipper)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/kljhpemdlcnjohmfmkogahelkcidieaj)
-- [:octicons-browser-16: Web](https://app.notesnook.com)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/notesnook-web-clipper/kljhpemdlcnjohmfmkogahelkcidieaj)
+- [:octicons-globe-16: Web](https://app.notesnook.com)
+- [:simple-flathub: Flathub](https://flathub.org/apps/com.notesnook.Notesnook)
@@ -87,15 +83,13 @@ It features sync functionality that allows you to access your notes on multiple
{ align=right }
-**Joplin** is a free, open-source, and fully-featured E2EE note-taking and to-do application which can handle numerous Markdown notes organized into notebooks and tags.
-
-It can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes.
+**Joplin** is a free, open-source, and fully-featured note-taking and to-do application which can handle numerous markdown notes organized into notebooks and tags. It offers E2EE and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes.
[:octicons-home-16: Homepage](https://joplinapp.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://joplinapp.org/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://joplinapp.org/help){ .card-link title="Documentation" }
+[:octicons-info-16:](https://joplinapp.org/help){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/laurent22/joplin){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://joplinapp.org/donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://joplinapp.org/donate){ .card-link title=Contribute }
Downloads
@@ -107,13 +101,14 @@ It can sync through Nextcloud, Dropbox, and more. It also offers easy import fro
- [:simple-apple: macOS](https://joplinapp.org/#desktop-applications)
- [:simple-linux: Linux](https://joplinapp.org/#desktop-applications)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/joplin-web-clipper)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/alofnhikmmkdbbbgpnglcpdollgjjfek)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek)
-Joplin [does not support](https://github.com/laurent22/joplin/issues/289) password/PIN protection for the application itself or individual notes and notebooks. However, your data is still encrypted in transit and at the sync location using your master key. Since January 2023, Joplin [supports biometrics app lock](https://github.com/laurent22/joplin/commit/f10d9f75b055d84416053fab7e35438f598753e9) for Android and iOS.
+Joplin does not [support](https://github.com/laurent22/joplin/issues/289) password/PIN protection for the application itself or individual notes and notebooks. However, your data is still encrypted in transit and at the sync location using your master key.
+Since January 2023, Joplin [supports biometrics](https://github.com/laurent22/joplin/commit/f10d9f75b055d84416053fab7e35438f598753e9) app lock for Android and iOS.
### Cryptee
@@ -122,25 +117,23 @@ Joplin [does not support](https://github.com/laurent22/joplin/issues/289) passwo
{ align=right }
{ align=right }
-**Cryptee** is an open-source, web-based E2EE document editor and photo storage application.
-
-Cryptee offers 100 MB of storage for free, with paid options if you need more. Sign-up doesn't require an e-mail or other personally identifiable information.
+**Cryptee** is an open-source, web-based E2EE document editor and photo storage application. Cryptee is a PWA, which means that it works seamlessly across all modern devices without requiring native apps for each respective platform.
[:octicons-home-16: Homepage](https://crypt.ee){ .md-button .md-button--primary }
[:octicons-eye-16:](https://crypt.ee/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://crypt.ee/help){ .card-link title="Documentation" }
+[:octicons-info-16:](https://crypt.ee/help){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/cryptee){ .card-link title="Source Code" }
Downloads
-- [:octicons-browser-16: Web](https://crypt.ee/download)
+- [:octicons-globe-16: PWA](https://crypt.ee/download)
-Cryptee is a PWA, which means that it works seamlessly across all modern devices without requiring native apps for each respective platform.
+Cryptee offers 100 MB of storage for free, with paid options if you need more. Sign-up doesn't require an e-mail or other personally identifiable information.
## Local notebooks
@@ -150,12 +143,12 @@ Cryptee is a PWA, which means that it works seamlessly across all modern devices
{ align=right }
-**Org-mode** is a [major mode](https://gnu.org/software/emacs/manual/html_node/elisp/Major-Modes.html) for GNU Emacs. Org-mode is for keeping notes, maintaining to-do lists, planning projects, and authoring documents with a fast and effective plain-text system. File synchronization is possible with tools like [Syncthing](file-sharing.md#syncthing-p2p).
+**Org-mode** is a [major mode](https://gnu.org/software/emacs/manual/html_node/elisp/Major-Modes.html) for GNU Emacs. Org-mode is for keeping notes, maintaining to-do lists, planning projects, and authoring documents with a fast and effective plain-text system. Synchronization is possible with [file synchronization](file-sharing.md#file-sync) tools.
[:octicons-home-16: Homepage](https://orgmode.org){ .md-button .md-button--primary }
-[:octicons-info-16:](https://orgmode.org/manuals.html){ .card-link title="Documentation" }
+[:octicons-info-16:](https://orgmode.org/manuals.html){ .card-link title=Documentation}
[:octicons-code-16:](https://git.savannah.gnu.org/cgit/emacs/org-mode.git){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://liberapay.com/bzg){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://liberapay.com/bzg){ .card-link title=Contribute }
diff --git a/docs/os/android-overview.md b/docs/os/android-overview.md
index 502b68ab..329fb23d 100644
--- a/docs/os/android-overview.md
+++ b/docs/os/android-overview.md
@@ -131,7 +131,7 @@ If you have a Google account we suggest enrolling in the [Advanced Protection Pr
The Advanced Protection Program provides enhanced threat monitoring and enables:
-- Stricter two-factor authentication; e.g. that [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) **must** be used and disallows the use of [SMS OTPs](../basics/multi-factor-authentication.md#sms-or-email-mfa), [TOTP](../basics/multi-factor-authentication.md#time-based-one-time-password-totp) and [OAuth](../basics/account-creation.md#sign-in-with-oauth)
+- Stricter two-factor authentication; e.g. that [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) **must** be used and disallows the use of [SMS OTPs](../basics/multi-factor-authentication.md#sms-or-email-mfa), [TOTP](../basics/multi-factor-authentication.md#time-based-one-time-password-totp) and [OAuth](https://en.wikipedia.org/wiki/OAuth)
- Only Google and verified third-party apps can access account data
- Scanning of incoming emails on Gmail accounts for [phishing](https://en.wikipedia.org/wiki/Phishing#Email_phishing) attempts
- Stricter [safe browser scanning](https://google.com/chrome/privacy/whitepaper.html#malware) with Google Chrome
@@ -153,9 +153,7 @@ If you have an EOL device shipped with Android 10 or above and are unable to run
All devices with Google Play Services installed automatically generate an [advertising ID](https://support.google.com/googleplay/android-developer/answer/6048248) used for targeted advertising. Disable this feature to limit the data collected about you.
-On Android distributions with [sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), go to :gear: **Settings** → **Apps** → **Sandboxed Google Play** → **Google Settings** → **All services** → **Ads**.
-
-- [x] Select **Delete advertising ID**
+On Android distributions with [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), go to :gear: **Settings** → **Apps** → **Sandboxed Google Play** → **Google Settings** → **Ads**, and select *Delete advertising ID*.
On Android distributions with privileged Google Play Services (which includes the stock installation on most devices), the setting may be in one of several locations. Check
diff --git a/docs/os/macos-overview.md b/docs/os/macos-overview.md
index 621bf71d..f5c6e9ae 100644
--- a/docs/os/macos-overview.md
+++ b/docs/os/macos-overview.md
@@ -195,7 +195,7 @@ Just because one of an app's processes is sandboxed doesn't mean they all are.
Alternatively, you can check apps before you run them by running this command in the terminal:
``` zsh
-codesign -dvvv --entitlements -
+% codesign -dvvv --entitlements -
```
If an app is sandboxed, you should see the following output:
@@ -215,7 +215,7 @@ The [Hardened Runtime](https://developer.apple.com/documentation/security/harden
You can check if an app uses the Hardened Runtime using this command:
``` zsh
-codesign -dv
+codesign --display --verbose /path/to/bundle.app
```
If Hardened Runtime is enabled, you will see `flags=0x10000(runtime)`. The `runtime` output means Hardened Runtime is enabled. There might be other flags, but the runtime flag is what we're looking for here.
diff --git a/docs/passwords.md b/docs/passwords.md
index 36010e0e..a26f1be9 100644
--- a/docs/passwords.md
+++ b/docs/passwords.md
@@ -127,14 +127,14 @@ schema:
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
-[Introduction to Passwords :material-arrow-right-drop-circle:](basics/passwords-overview.md)
+[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
Info
Built-in password managers in software like browsers and operating systems are sometimes not as good as dedicated password manager software. The advantage of a built-in password manager is good integration with the software, but it can often be very simple and lack privacy and security features that standalone offerings have.
-For example, the password manager in Microsoft Edge doesn't offer end-to-end encryption at all. Google's password manager has [optional](https://support.google.com/accounts/answer/11350823) E2EE, and [Apple's](https://support.apple.com/HT202303) offers E2EE by default.
+For example, the password manager in Microsoft Edge doesn't offer E2EE at all. Google's password manager has [optional](https://support.google.com/accounts/answer/11350823) E2EE, and [Apple's](https://support.apple.com/HT202303) offers E2EE by default.
@@ -166,15 +166,15 @@ These password managers sync your passwords to a cloud server for easy accessibi
- [:simple-linux: Linux](https://bitwarden.com/download)
- [:simple-flathub: Flathub](https://flathub.org/apps/details/com.bitwarden.desktop)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/bitwarden-password-manager)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/nngceckbapebfimnlniiiahkandclblb)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb)
- [:fontawesome-brands-edge: Edge](https://microsoftedge.microsoft.com/addons/detail/jbkfoedolllekgbhcbcoahefnbanhhlh)
-- [:simple-safari: Safari](https://apps.apple.com/app/id1352778147)
+- [:simple-safari: Safari](https://apps.apple.com/us/app/bitwarden/id1352778147)
-Bitwarden uses [PBKDF2](https://bitwarden.com/help/kdf-algorithms/#pbkdf2) as its key derivation function (KDF) algorithm by default. It also offers [Argon2](https://bitwarden.com/help/kdf-algorithms/#argon2id), which is more secure, as an alternative. You can change your account's KDF algorithm in the web vault:
+Bitwarden uses [PBKDF2](https://bitwarden.com/help/kdf-algorithms/#pbkdf2) as its key derivation function (KDF) algorithm by default. It also offers [Argon2](https://bitwarden.com/help/kdf-algorithms/#argon2id), which is more secure, as an alternative. You can change your account's KDF algorithm in the web vault.
- [x] Select **Settings > Security > Keys > KDF algorithm > Argon2id**
@@ -204,11 +204,11 @@ Bitwarden's server-side code is [open source](https://github.com/bitwarden/serve
Downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=proton.android.pass)
-- [:simple-appstore: App Store](https://apps.apple.com/app/id6443490629)
+- [:simple-appstore: App Store](https://apps.apple.com/us/app/proton-pass-password-manager/id6443490629)
- [:fontawesome-brands-windows: Windows](https://proton.me/pass/download)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/proton-pass)
-- [:simple-googlechrome: Chrome](https://chromewebstore.google.com/detail/ghmbeldphafepmbegfdlkpapadhbakde)
-- [:fontawesome-brands-edge: Edge](https://microsoftedge.microsoft.com/addons/detail/gcllgfdnfnllodcaambdaknbipemelie)
+- [:simple-googlechrome: Chrome](https://chromewebstore.google.com/detail/proton-pass-free-password/ghmbeldphafepmbegfdlkpapadhbakde)
+- [:fontawesome-brands-edge: Edge](https://chromewebstore.google.com/detail/proton-pass-free-password/ghmbeldphafepmbegfdlkpapadhbakde)
- [:octicons-browser-16: Web](https://pass.proton.me)
@@ -229,9 +229,7 @@ All issues were addressed and fixed shortly after the [report](https://res.cloud
{ align=right }
-**1Password** is a password manager with a strong focus on security and ease-of-use that allows you to store passwords, passkeys, credit cards, software licenses, and any other sensitive information in a secure digital vault. Your vault is hosted on 1Password's servers for a [monthly fee](https://1password.com/sign-up).
-
-1Password is [audited](https://support.1password.com/security-assessments) on a regular basis and provides exceptional customer support. 1Password is closed source; however, the security of the product is thoroughly documented in their [security white paper](https://1passwordstatic.com/files/security/1password-white-paper.pdf).
+**1Password** is a password manager with a strong focus on security and ease-of-use that allows you to store passwords, passkeys, credit cards, software licenses, and any other sensitive information in a secure digital vault. Your vault is hosted on 1Password's servers for a [monthly fee](https://1password.com/sign-up). 1Password is [audited](https://support.1password.com/security-assessments) on a regular basis and provides exceptional customer support. 1Password is closed source; however, the security of the product is thoroughly documented in their [security white paper](https://1passwordstatic.com/files/security/1password-white-paper.pdf).
[:octicons-home-16: Homepage](https://1password.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://1password.com/legal/privacy){ .card-link title="Privacy Policy" }
@@ -246,16 +244,16 @@ All issues were addressed and fixed shortly after the [report](https://res.cloud
- [:simple-apple: macOS](https://1password.com/downloads/mac)
- [:simple-linux: Linux](https://1password.com/downloads/linux)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/1password-x-password-manager)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/aeblfdkhhhdcdjpifhhbdiojplfjncoa)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/1password-%E2%80%93-password-mana/aeblfdkhhhdcdjpifhhbdiojplfjncoa)
- [:fontawesome-brands-edge: Edge](https://microsoftedge.microsoft.com/addons/detail/dppgmdbiimibapkepcbdbmkaabgiofem)
-- [:simple-safari: Safari](https://apps.apple.com/app/id1569813296)
+- [:simple-safari: Safari](https://apps.apple.com/us/app/1password-for-safari/id1569813296)
- [:octicons-browser-16: Web](https://my.1password.com/signin)
-Traditionally, 1Password has offered the best password manager user experience for people using macOS and iOS; however, it has now achieved feature parity across all platforms. 1Password's clients boast many features geared towards families and less technical people, such as an intuitive UI for ease-of-use and navigation, as well as advanced functionality. Notably, nearly every feature of 1Password is available within its native mobile or desktop clients.
+Traditionally, 1Password has offered the best password manager user experience for people using macOS and iOS; however, it has now achieved feature parity across all platforms. 1Password's clients boast many features geared towards families and less technical people, such as an intuitive UI for ease of use and navigation, as well as advanced functionality. Notably, nearly every feature of 1Password is available within its native mobile or desktop clients.
Your 1Password vault is secured with both your master password and a randomized 34-character security key to encrypt your data on their servers. This security key adds a layer of protection to your data because your data is secured with high entropy regardless of your master password. Many other password manager solutions are entirely reliant on the strength of your master password to secure your data.
@@ -278,7 +276,7 @@ Your 1Password vault is secured with both your master password and a randomized
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.psono.psono)
- [:simple-appstore: App Store](https://apps.apple.com/app/id1545581224)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/psono-pw-password-manager)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/eljmjmgjkbmpmfljlmklcfineebidmlo)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/psonopw-password-manager/eljmjmgjkbmpmfljlmklcfineebidmlo)
- [:simple-docker: Docker Hub](https://hub.docker.com/r/psono/psono-client)
@@ -332,9 +330,9 @@ These options allow you to manage an encrypted password database locally.
- [:fontawesome-brands-windows: Windows](https://keepassxc.org/download/#windows)
- [:simple-apple: macOS](https://keepassxc.org/download/#mac)
- [:simple-linux: Linux](https://keepassxc.org/download/#linux)
-- [:simple-flathub: Flathub](https://flathub.org/apps/details/org.keepassxc.KeePassXC)
+- [:simple-flathub: Flatpak](https://flathub.org/apps/details/org.keepassxc.KeePassXC)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/keepassxc-browser)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/oboonakemofpalcgghocfoadofidjkkk)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk)
@@ -348,7 +346,7 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
{ align=right }
-**KeePassDX** is a lightweight password manager for Android; it allows for editing encrypted data in a single file in KeePass format and can fill in forms securely.
+**KeePassDX** is a lightweight password manager for Android; it allows for editing encrypted data in a single file in KeePass format and can fill in forms securely. The [pro version](https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.pro) of the app allows you to unlock cosmetic content and non-standard protocol features, but more importantly, it helps and encourages development.
[:octicons-home-16: Homepage](https://keepassdx.com){ .md-button .md-button--primary }
[:octicons-info-16:](https://github.com/Kunzisoft/KeePassDX/wiki){ .card-link title="Documentation" }
@@ -365,8 +363,6 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
-The [pro version](https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.pro) of the app allows you to unlock cosmetic content and non-standard protocol features, but more importantly, it helps and encourages development.
-
### Gopass (CLI)
diff --git a/docs/pastebins.md b/docs/pastebins.md
index bf033ed2..4f4e37d0 100644
--- a/docs/pastebins.md
+++ b/docs/pastebins.md
@@ -16,11 +16,11 @@ cover: pastebins.webp
{ align=right }
-**PrivateBin** is a minimalist, open-source, online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin.
+**PrivateBin** is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin.
[:octicons-home-16: Homepage](https://privatebin.info){ .md-button .md-button--primary }
[:octicons-server-16:](https://privatebin.info/directory){ .card-link title="Public Instances"}
-[:octicons-info-16:](https://github.com/PrivateBin/PrivateBin/wiki/FAQ){ .card-link title="Documentation" }
+[:octicons-info-16:](https://github.com/PrivateBin/PrivateBin/wiki/FAQ){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/PrivateBin/PrivateBin){ .card-link title="Source Code" }
@@ -48,11 +48,11 @@ cover: pastebins.webp
### Minimum Requirements
- Must be open source.
-- Must implement "zero-trust" E2EE.
+- Must implement "zero-trust" end-to-end encryption.
- Must support password-protected files.
### Best-Case
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
-- Should have a published audit from a reputable, independent third party.
+- Should have a published audit from a reputable, independent third-party.
diff --git a/docs/photo-management.md b/docs/photo-management.md
index 2c348a73..b1abb0d6 100644
--- a/docs/photo-management.md
+++ b/docs/photo-management.md
@@ -1,7 +1,7 @@
---
title: "Photo Management"
icon: material/image
-description: These photo management tools keep your personal photos safe from the prying eyes of cloud storage providers and other unauthorized parties.
+description: Photo management tools to keep your personal photos safe from the prying eyes of cloud storage providers and other unauthorized access.
cover: photo-management.webp
---
Protects against the following threat(s):
@@ -15,28 +15,27 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
-{ align=right }
+{ align=right }
+{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting).
-
-The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://ente.io/faq){ .card-link title="Documentation" }
+[:octicons-info-16:](https://ente.io/faq){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/ente-io/ente){ .card-link title="Source Code" }
Downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=io.ente.photos)
+- [:simple-android: Android](https://ente.io/download)
- [:simple-appstore: App Store](https://apps.apple.com/app/id1542026904)
- [:simple-github: GitHub](https://github.com/ente-io/ente/releases?q=photos)
-- [:simple-android: Android](https://ente.io/download)
- [:fontawesome-brands-windows: Windows](https://ente.io/download)
- [:simple-apple: macOS](https://ente.io/download)
- [:simple-linux: Linux](https://ente.io/download)
-- [:octicons-browser-16: Web](https://web.ente.io)
+- [:octicons-globe-16: Web](https://web.ente.io)
@@ -51,19 +50,18 @@ Ente Photos underwent an [audit by Cure53](https://ente.io/blog/cryptography-aud
{ align=right }
{ align=right }
-**Stingle** is a gallery and camera application with built-in, E2EE backup and sync functionality for your photos and videos.
-
-Storage starts at 1 GB for free accounts on their cloud, or you can host your own Stingle API server for total independence.
+**Stingle** is a gallery and camera application with built-in, end-to-end encrypted backup and sync functionality for your photos and videos. Storage starts at 1 GB for free accounts on their cloud, or you can host your own Stingle API server for total independence.
[:octicons-home-16: Homepage](https://stingle.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://stingle.org/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://stingle.org/faq){ .card-link title="Documentation" }
+[:octicons-info-16:](https://stingle.org/faq){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/stingle){ .card-link title="Source Code" }
Downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.stingle.photos)
+- [:simple-android: Android](https://f-droid.org/en/packages/org.stingle.photos)
- [:simple-appstore: App Store](https://apps.apple.com/app/id1582535448)
- [:simple-github: GitHub](https://github.com/stingle/stingle-photos-android/releases)
@@ -99,7 +97,7 @@ Storage starts at 1 GB for free accounts on their cloud, or you can host your o
### Minimum Requirements
-- Cloud-hosted providers must enforce E2EE.
+- Cloud-hosted providers must enforce end-to-end encryption.
- Must offer a free plan or trial period for testing.
- Must support TOTP or FIDO2 multifactor authentication, or passkey logins.
- Must offer a web interface which supports basic file management functionality.
@@ -108,4 +106,4 @@ Storage starts at 1 GB for free accounts on their cloud, or you can host your o
### Best Case
-- Should have a published audit from a reputable, independent third party.
+- Should have a published audit from a reputable, independent third-party.
diff --git a/docs/privacy.md b/docs/privacy.md
index 5c20c1ab..6b481d91 100644
--- a/docs/privacy.md
+++ b/docs/privacy.md
@@ -4,7 +4,7 @@ description: We do not sell or share your data with any third-parties.
---
## What is Privacy Guides?
-Privacy Guides is a community project operated by a number of active contributors. The public list of team members [can be found on our forum](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all). Privacy Guides is legally administered by [MAGIC Grants](https://magicgrants.org), a 501(c)(3) public charity acting as our fiscal host.
+Privacy Guides is a community project operated by a number of active contributors. The public list of team members [can be found on our forum](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all). Privacy Guides is legally administered by [MAGIC Grants](https://magicgrants.org/), a 501(c)(3) public charity acting as our fiscal host.
As a project, we make available to the public:
@@ -173,7 +173,7 @@ Privacy Guides does not respond to the (now deprecated) [Do Not Track HTTP heade
## Where does Privacy Guides store data about me?
-Most data is hosted by [Triplebit](https://www.triplebit.org) web services in the United States.
+Most data is hosted by [Triplebit](https://www.triplebit.org/) web services in the United States.
Some publicly accessible data may be hosted by Content Delivery Networks with servers in other jurisdictions. For example, your profile picture may be stored on multiple servers around the world in order to improve the performance for visitors to our website.
@@ -288,16 +288,16 @@ Privacy Guides uses the following subprocessors, and may share personal data wit
| Subprocessor | Service | Function | Processing | Links |
| ------------ | ------- | -------- | ---------- | ----- |
-| [Bunny.net](https://bunny.net) (Slovenia) | [Bunny CDN](https://bunny.net/cdn) | Content Delivery Network services for distributing images and other static assets. | Slovenia, Global | [Privacy Notice](https://bunny.net/privacy), [GDPR Center](https://bunny.net/gdpr) |
-| [Cloudflare](https://cloudflare.com) (USA) | [Authoritative DNS](https://cloudflare.com/application-services/products/dns) | Authoritative DNS services for our domain names. | USA, Global | [Privacy Notice](https://cloudflare.com/privacypolicy), [GDPR Center](https://cloudflare.com/trust-hub/gdpr) |
+| [Bunny.net](https://bunny.net/) (Slovenia) | [Bunny CDN](https://bunny.net/cdn/) | Content Delivery Network services for distributing images and other static assets. | Slovenia, Global | [Privacy Notice](https://bunny.net/privacy/), [GDPR Center](https://bunny.net/gdpr/) |
+| [Cloudflare](https://www.cloudflare.com/) (USA) | [Authoritative DNS](https://www.cloudflare.com/application-services/products/dns/) | Authoritative DNS services for our domain names. | USA, Global | [Privacy Notice](https://www.cloudflare.com/privacypolicy/), [GDPR Center](https://www.cloudflare.com/trust-hub/gdpr/) |
| [Fediverse Communications LLC](https://fediverse.us) (USA) | PeerTube | For hosting public videos produced by Privacy Guides which are shared or embedded on this website. | USA | [More information](https://neat.tube/about/instance) |
-| [GitHub](https://github.com) (USA) | Git Repositories | *For visitors to this website*: sharing information with our visitors about the current release, repo star count, etc. | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
-| [GitHub](https://github.com) (USA) | Git Repositories, Issues, Pull Requests | *For contributors to this website*: hosting our source code and communications platforms such as our issues tracker. | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
-| [GitHub](https://github.com) (USA) | [Sponsors](https://github.com/sponsors/privacyguides) | For collecting payments for gifts to Privacy Guides | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
+| [GitHub](https://github.com/) (USA) | Git Repositories | *For visitors to this website*: sharing information with our visitors about the current release, repo star count, etc. | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
+| [GitHub](https://github.com/) (USA) | Git Repositories, Issues, Pull Requests | *For contributors to this website*: hosting our source code and communications platforms such as our issues tracker. | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
+| [GitHub](https://github.com/) (USA) | [Sponsors](https://github.com/sponsors/privacyguides) | For collecting payments for gifts to Privacy Guides | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
| [Stripe](https://stripe.com) (USA) | Connect | *For certain donations via GitHub Sponsors*: payment processing for donations | USA | [Privacy Notice](https://stripe.com/privacy), [GDPR Center](https://stripe.com/legal/privacy-center) |
-| [Triplebit](https://www.triplebit.org) (USA) | Object Storage | For hosting static websites and static media content, and distributing static content | USA, Poland | [Privacy Notice](https://www.triplebit.org/privacy) |
-| [Triplebit](https://www.triplebit.org) (USA) | [Umami Statistics](https://stats.triplebit.net/share/S80jBc50hxr5TquS/www.privacyguides.org) | For compiling aggregated statistics of our website visitor data based on server-side visitor info submissions | USA | [Privacy Notice](https://www.triplebit.org/privacy) |
-| [Triplebit](https://www.triplebit.org) (USA) | Virtual Private Servers | For hosting our dynamic websites, storing and processing personal data. | USA | [Privacy Notice](https://www.triplebit.org/privacy) |
+| [Triplebit](https://www.triplebit.org/) (USA) | Object Storage | For hosting static websites and static media content, and distributing static content | USA, Poland | [Privacy Notice](https://www.triplebit.org/privacy/) |
+| [Triplebit](https://www.triplebit.org/) (USA) | [Umami Statistics](https://stats.triplebit.net/share/S80jBc50hxr5TquS/www.privacyguides.org) | For compiling aggregated statistics of our website visitor data based on server-side visitor info submissions | USA | [Privacy Notice](https://www.triplebit.org/privacy/) |
+| [Triplebit](https://www.triplebit.org/) (USA) | Virtual Private Servers | For hosting our dynamic websites, storing and processing personal data. | USA | [Privacy Notice](https://www.triplebit.org/privacy/) |
## Does Privacy Guides delete inactive accounts?
diff --git a/docs/real-time-communication.md b/docs/real-time-communication.md
index 6c9afc00..c30235d5 100644
--- a/docs/real-time-communication.md
+++ b/docs/real-time-communication.md
@@ -1,6 +1,6 @@
---
meta_title: "The Best Private Instant Messengers - Privacy Guides"
-title: Real-Time Communication
+title: "Real-Time Communication"
icon: material/chat-processing
description: Encrypted messengers like Signal and SimpleX keep your sensitive communications secure from prying eyes.
cover: real-time-communication.webp
@@ -12,17 +12,21 @@ cover: real-time-communication.webp
- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
-These recommendations for encrypted **real-time communication** are great for securing your sensitive communications. These instant messengers come in the form of many [types of communication networks](advanced/communication-network-types.md).
+These are our recommendations for encrypted **real-time communication**. These come in the form of many [types of communication networks](./advanced/communication-network-types.md).
-[:material-movie-open-play-outline: Video: It's time to stop using SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why){ .md-button }
+[:material-movie-open-play-outline: Video: It's time to stop using SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why/){ .md-button }
-## Signal
+## Encrypted Messengers
+
+These messengers are great for securing your sensitive communications.
+
+### Signal
{ align=right }
-**Signal** is a mobile app developed by Signal Messenger LLC. The app provides instant messaging and calls secured with the Signal protocol, an extremely secure encryption protocol which supports forward secrecy[^1] and post-compromise security.[^2]
+**Signal** is a mobile app developed by Signal Messenger LLC. The app provides instant messaging and calls secured with the Signal Protocol, an extremely secure encryption protocol which supports forward secrecy[^1] and post-compromise security.[^2]
[:octicons-home-16: Homepage](https://signal.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://signal.org/legal/#privacy-policy){ .card-link title="Privacy Policy" }
@@ -49,23 +53,22 @@ Signal requires your phone number for registration, however you should create a
1. In Signal, open the app's settings and tap your account profile at the top.
2. Tap **Username** and choose **Continue** on the "Set up your Signal username" screen.
-3. Enter a username. Your username will always be paired with a unique set of digits to keep your username unique and prevent people from guessing it. For example if you enter "John" your username might end up being `@john.35`. By default, only 2 digits are paired with your username when you create it, but you can add more digits until you reach the username length limit (32 characters).
+3. Enter a username. Your username will always be paired with a unique set of digits to keep your username unique and prevent people from guessing it, for example if you enter "John" your username might end up being `@john.35`. By default, only 2 digits are paired with your username when you create it, but you can add more digits until you reach the username length limit (32 characters).
4. Go back to the main app settings page and select **Privacy**.
-5. Select **Phone Number**.
-6. Change the **Who Can See My Number** setting to **Nobody**.
-7. (Optional) Change the **Who Can Find Me By Number** setting to **Nobody** as well, if you want to prevent people who already have your phone number from discovering your Signal account/username
+5. Select **Phone Number**
+6. Change the **Who Can See My Number** setting to: **Nobody**
+
+You can optionally change the **Who Can Find Me By Number** setting to **Nobody** as well, if you want to prevent people who already have your phone number from discovering your Signal account/username.
+
+Contact lists on Signal are encrypted using your Signal PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts you chat with. Signal supports [private groups](https://signal.org/blog/signal-private-group-system), where the server has no record of your group memberships, group titles, group avatars, or group attributes. Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server. Sealed Sender is only enabled for people in your contacts list, but can be enabled for all recipients with the increased risk of receiving spam.
+
+The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf) in 2016. The specification for the Signal protocol can be found in their [documentation](https://signal.org/docs).
We have some additional tips on configuring and hardening your Signal installation:
[Signal Configuration and Hardening :material-arrow-right-drop-circle:](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening)
-Contact lists on Signal are encrypted using your Signal PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts you chat with.
-
-Signal supports [private groups](https://signal.org/blog/signal-private-group-system), where the server has no record of your group memberships, group titles, group avatars, or group attributes. Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server. Sealed Sender is only enabled for people in your contacts list, but can be enabled for all recipients with the increased risk of receiving spam.
-
-The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf) in 2016. The specification for the Signal protocol can be found in their [documentation](https://signal.org/docs).
-
-### Molly (Android)
+#### Molly (Android)
If you use Android and your threat model requires protecting against [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } you may consider using this alternative app, which features a number of security and usability improvements, to access the Signal network.
@@ -73,7 +76,7 @@ If you use Android and your threat model requires protecting against [:material-
{ align=right }
-**Molly** is an alternative Signal client for Android which allows you to encrypt the local database with a passphrase at rest, to have unused RAM data securely shredded, to route your connection via Tor, and [more](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening#privacy-and-security-features). It also has usability improvements including scheduled backups, automatic locking, and the ability to use your Android phone as a linked device instead of the primary device for a Signal account.
+**Molly** is an alternative Signal client for Android which allows you to encrypt the local database with a passphrase at rest, to have unused RAM data securely shredded, to route your connection via Tor, and [more](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening#privacy-and-security-features). It also has usability improvements including scheduled backups, automatic locking, [UnifiedPush](https://unifiedpush.org) support, and the ability to use your Android phone as a linked device instead of the primary device for a Signal account.
[:octicons-home-16: Homepage](https://molly.im){ .md-button .md-button--primary }
[:octicons-eye-16:](https://signal.org/legal/#privacy-policy){ .card-link title="Privacy Policy" }
@@ -96,15 +99,17 @@ Molly is updated every two weeks to include the latest features and bug fixes fr
Note that you are trusting multiple parties by using Molly, as you now need to trust the Signal team *and* the Molly team to deliver safe and timely updates.
-**Molly-FOSS** is a version of Molly which removes proprietary code like the Google services used by both Signal and Molly at the expense of some features (like battery-saving push notifications via Google Play Services). You can set up push notifications without Google Play Services in either version of Molly with [UnifiedPush](https://unifiedpush.org). Using this notification delivery method requires access to a [MollySocket](https://github.com/mollyim/mollysocket) server, but you can choose a public MollySocket instance for this.[^3]
+There is a version of Molly called **Molly-FOSS** which removes proprietary code like the Google services used by both Signal and Molly, at the expense of some features like battery-saving push notifications via Google Play Services. You can regain push notifications without Google Play Services in either version of Molly with [UnifiedPush](https://unifiedpush.org), but it requires running a separate program called [Mollysocket](https://github.com/mollyim/mollysocket) on another device to function. Mollysocket can either be self-hosted on a separate computer or server (VPS), or alternatively a public Mollysocket instance can be used ([step-by-step tutorial, in German](https://kuketz-blog.de/messenger-wechsel-von-signal-zu-molly-unifiedpush-mollysocket-ntfy)).
-Both versions of Molly provide the same security improvements and support [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds), meaning it's possible to confirm that the compiled APKs match the source code.
+All versions of Molly provide the same security improvements.
-## SimpleX Chat
+Molly and Molly-FOSS support [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds), meaning it's possible to confirm that the compiled APKs match the source code.
+
+### SimpleX Chat
-{ align=right }
+{ align=right }
**SimpleX Chat** is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
@@ -127,27 +132,27 @@ Both versions of Molly provide the same security improvements and support [repro
-SimpleX Chat provides direct messaging, group chats, and E2EE calls secured with the [SimpleX Messaging Protocol](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/simplex-messaging.md), which uses double ratchet encryption with quantum resistance. Additionally, SimpleX Chat provides metadata protection by using unidirectional ["simplex queues"](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/simplex-messaging.md#simplex-queue) to deliver messages.
+SimpleX provides direct messaging, group chats, and E2EE calls secured with the [SimpleX Messaging Protocol](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/simplex-messaging.md), which uses double ratchet encryption with quantum resistance. Additionally, SimpleX Chat provides metadata protection by using unidirectional ["simplex queues"](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/simplex-messaging.md#simplex-queue) to deliver messages.
To participate in conversations on SimpleX Chat, you must scan a QR code or click an invite link. This allows you to verify a contact out-of-band, which protects against man-in-the-middle attacks by network providers. Your data can be exported and imported onto another device, as there are no central servers where this is backed up.
-You can find a full list of the privacy and security [features](https://github.com/simplex-chat/simplex-chat#privacy-and-security-technical-details-and-limitations) implemented in SimpleX Chat in the app's repository.
+You can find a full list of the privacy and security [features](https://github.com/simplex-chat/simplex-chat#privacy-and-security-technical-details-and-limitations) implemented in SimpleX Chat on the app's repository.
SimpleX Chat was independently audited in [July 2024](https://simplex.chat/blog/20241014-simplex-network-v6-1-security-review-better-calls-user-experience.html#simplex-cryptographic-design-review-by-trail-of-bits) and in [October 2022](https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website).
-## Briar
+### Briar
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the [Tor network](alternative-networks.md#tor), making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://code.briarproject.org/briar/briar/-/wikis/home){ .card-link title="Documentation" }
[:octicons-code-16:](https://code.briarproject.org/briar/briar){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://code.briarproject.org/briar/briar#donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://briarproject.org){ .card-link title="Donation options are listed on the bottom of the homepage" }
Downloads
@@ -163,33 +168,120 @@ SimpleX Chat was independently audited in [July 2024](https://simplex.chat/blog/
To add a contact on Briar, you must both add each other first. You can either exchange `briar://` links or scan a contact’s QR code if they are nearby.
-Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec). Briar supports forward secrecy[^1] by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
-
The client software was independently [audited](https://briarproject.org/news/2017-beta-released-security-audit), and the anonymous routing protocol uses the Tor network which has also been audited.
+Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec).
+
+Briar supports forward secrecy[^1] by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
+
+## Additional Options
+
+
+
Warning
+
+These messengers do not have forward secrecy[^1], and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications.
+
+
+
+### Element
+
+
+
+{ align=right }
+
+**Element** is the flagship client for the [Matrix](https://matrix.org/docs/chat_basics/matrix-for-im) protocol, an [open standard](https://spec.matrix.org/latest) for secure decentralized real-time communication.
+
+Messages and files shared in private rooms (those which require an invite) are by default E2EE, as are one-to-one voice and video calls.
+
+[:octicons-home-16: Homepage](https://element.io){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://element.io/privacy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://element.io/help){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/element-hq){ .card-link title="Source Code" }
+
+
+Downloads
+
+- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=im.vector.app)
+- [:simple-appstore: App Store](https://apps.apple.com/app/id1083446067)
+- [:simple-github: GitHub](https://github.com/element-hq/element-android/releases)
+- [:fontawesome-brands-windows: Windows](https://element.io/download)
+- [:simple-apple: macOS](https://element.io/download)
+- [:simple-linux: Linux](https://element.io/download)
+- [:octicons-globe-16: Web](https://app.element.io)
+
+
+
+
+
+Profile pictures, reactions, and nicknames are not encrypted.
+
+With the integration of [Element Call](https://element.io/blog/we-have-lift-off-element-x-call-and-server-suite-are-ready) into Element's web app, desktop apps, and its [rewritten mobile apps](https://element.io/blog/element-x-experience-the-future-of-element), group VoIP and video calls are E2EE by default.
+
+The Matrix protocol itself [theoretically supports forward secrecy](https://gitlab.matrix.org/matrix-org/olm/blob/master/docs/megolm.md#partial-forward-secrecy)[^1], however this is [not currently supported in Element](https://github.com/vector-im/element-web/issues/7101) due to it breaking some aspects of the user experience such as key backups and shared message history.
+
+The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last) in 2016. The specification for the Matrix protocol can be found in their [documentation](https://spec.matrix.org/latest). The [Olm cryptographic ratchet](https://matrix.org/docs/matrix-concepts/end-to-end-encryption) used by Matrix is an implementation of Signal’s [Double Ratchet algorithm](https://signal.org/docs/specifications/doubleratchet).
+
+### Session
+
+
+
+{ align=right }
+
+**Session** is a decentralized messenger with a focus on private, secure, and anonymous communications. Session offers support for direct messages, group chats, and voice calls.
+
+Session uses the decentralized [Oxen Service Node Network](https://oxen.io) to store and route messages. Every encrypted message is routed through three nodes in the Oxen Service Node Network, making it virtually impossible for the nodes to compile meaningful information on those using the network.
+
+[:octicons-home-16: Homepage](https://getsession.org){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://getsession.org/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://getsession.org/faq){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/oxen-io){ .card-link title="Source Code" }
+
+
+Downloads
+
+- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=network.loki.messenger)
+- [:simple-appstore: App Store](https://apps.apple.com/app/id1470168868)
+- [:simple-github: GitHub](https://github.com/oxen-io/session-android/releases)
+- [:fontawesome-brands-windows: Windows](https://getsession.org/download)
+- [:simple-apple: macOS](https://getsession.org/download)
+- [:simple-linux: Linux](https://getsession.org/download)
+
+
+
+
+
+Session allows for E2EE in one-on-one chats or closed groups which allow for up to 100 members. It is also possible to [set up](https://docs.oxen.io/oxen-docs/products-built-on-oxen/session/guides/open-group-setup) or join open groups which can host thousands of members, but messages in these open groups are **not** end-to-end encrypted between participants.
+
+Session was previously based on Signal Protocol before replacing it with their own in December 2020. Session Protocol does [not](https://getsession.org/blog/session-protocol-technical-information) support forward secrecy.[^1]
+
+Oxen requested an independent audit for Session in March 2020. The audit [concluded](https://getsession.org/session-code-audit) in April 2021:
+
+> The overall security level of this application is good and makes it usable for privacy-concerned people.
+
+Session has a [white paper](https://arxiv.org/pdf/2002.04609.pdf) describing the technical details of the app and protocol.
+
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
### Minimum Requirements
-- Must have open-source clients.
-- Must not require sharing personal identifiers (particularly phone numbers or emails) with contacts.
-- Must use E2EE for private messages by default.
-- Must support E2EE for all messages.
-- Must support forward secrecy[^1]
-- Must have a published audit from a reputable, independent third party.
+- Has open-source clients.
+- Does not require sharing personal identifiers (phone numbers or emails in particular) with contacts.
+- Uses E2EE for private messages by default.
+- Supports E2EE for all messages.
+- Has been independently audited.
### Best-Case
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
-- Should support future secrecy (post-compromise security)[^2]
-- Should have open-source servers.
-- Should use a decentralized network, i.e. [federated or P2P](advanced/communication-network-types.md).
-- Should use E2EE for all messages by default.
-- Should support Linux, macOS, Windows, Android, and iOS.
+- Supports forward secrecy[^1]
+- Supports Future Secrecy (Post-Compromise Security)[^2]
+- Has open-source servers.
+- Decentralized, i.e. [federated or P2P](advanced/communication-network-types.md).
+- Uses E2EE for all messages by default.
+- Supports Linux, macOS, Windows, Android, and iOS.
[^1]: [Forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is where keys are rotated very frequently, so that if the current encryption key is compromised, it does not expose **past** messages as well.
-[^2]: Future secrecy (or [post-compromise security](https://eprint.iacr.org/2016/221.pdf)) is a feature where an attacker is prevented from decrypting **future** messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties since they lose access as soon as a key exchange occurs that is not intercepted.
-[^3]: You may refer to this step-by-step tutorial in German on how to set up UnifiedPush as the notification provider for Molly: [https://kuketz-blog.de/messenger-wechsel-von-signal-zu-molly-unifiedpush-mollysocket-ntfy](https://kuketz-blog.de/messenger-wechsel-von-signal-zu-molly-unifiedpush-mollysocket-ntfy).
+[^2]: Future Secrecy (or Post-Compromise Security) is a feature where an attacker is prevented from decrypting **future** messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties, since they lose access as soon as a key exchange occurs that is not intercepted.
diff --git a/docs/security-keys.md b/docs/security-keys.md
index c5828d33..10566671 100644
--- a/docs/security-keys.md
+++ b/docs/security-keys.md
@@ -1,7 +1,7 @@
---
title: "Security Keys"
-icon: material/key-chain
-description: These security keys provide a form of phishing-immune authentication for accounts that support it.
+icon: 'material/key-chain'
+description: Secure your internet accounts with Multi-Factor Authentication without sending your secrets to a third-party.
cover: multi-factor-authentication.webp
---
Protects against the following threat(s):
@@ -19,11 +19,11 @@ A physical **security key** adds a very strong layer of protection to your onlin
{ width="315" }
-The **Yubico Security Key** series is the most cost-effective hardware security key with FIDO Level 2 certification[^1]. It supports FIDO2/WebAuthn and FIDO U2F, and works out of the box with most services that support a security key as a second factor, as well as many password managers.
+The **Yubico Security Key** series is the most cost-effective hardware security key with FIDO Level 2 certification. It supports FIDO2/WebAuthn and FIDO U2F, and works out of the box with most services that support a security key as a second factor, as well as many password managers.
[:octicons-home-16: Homepage](https://yubico.com/products/security-key){ .md-button .md-button--primary }
[:octicons-eye-16:](https://yubico.com/support/terms-conditions/privacy-notice){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://docs.yubico.com){ .card-link title="Documentation" }
+[:octicons-info-16:](https://docs.yubico.com){ .card-link title=Documentation}
@@ -54,21 +54,23 @@ The firmware of Yubico's Security Keys is not updatable. If you want features in
{ width="400" }
-The **YubiKey** series from Yubico are among the most popular security keys with FIDO Level 2 Certification[^1]. The YubiKey 5 Series has a wide range of features such as [Universal 2nd Factor (U2F)](https://en.wikipedia.org/wiki/Universal_2nd_Factor), [FIDO2 and WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online), [Yubico OTP](basics/multi-factor-authentication.md#yubico-otp), [Personal Identity Verification (PIV)](https://developers.yubico.com/PIV), [OpenPGP](https://developers.yubico.com/PGP), and [TOTP and HOTP](https://developers.yubico.com/OATH) authentication.
+The **YubiKey** series from Yubico are among the most popular security keys. The YubiKey 5 Series has a wide range of features such as: [Universal 2nd Factor (U2F)](https://en.wikipedia.org/wiki/Universal_2nd_Factor), [FIDO2 and WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online), [Yubico OTP](basics/multi-factor-authentication.md#yubico-otp), [Personal Identity Verification (PIV)](https://developers.yubico.com/PIV), [OpenPGP](https://developers.yubico.com/PGP), [TOTP and HOTP](https://developers.yubico.com/OATH) authentication.
[:octicons-home-16: Homepage](https://yubico.com/products/yubikey-5-overview){ .md-button .md-button--primary }
[:octicons-eye-16:](https://yubico.com/support/terms-conditions/privacy-notice){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://docs.yubico.com){ .card-link title="Documentation" }
+[:octicons-info-16:](https://docs.yubico.com){ .card-link title=Documentation}
-The [comparison table](https://yubico.com/store/compare) shows how the YubiKeys compare to each other and to Yubico's [Security Key](#yubico-security-key) series in terms of features and other specifications. One of the benefits of the YubiKey series is that one key can do almost everything you could expect from a hardware security key. We encourage you to take their [quiz](https://yubico.com/quiz) before purchasing in order to make sure you choose the right security key.
+The [comparison table](https://yubico.com/store/compare) shows the features and how the YubiKeys compare to each other and to Yubico's [Security Key](#yubico-security-key) series. One of the benefits of the YubiKey series is that one key can do almost everything you could expect from a hardware security key. We encourage you to take their [quiz](https://yubico.com/quiz) before purchasing in order to make sure you make the right choice.
+
+The YubiKey 5 series has FIDO Level 1 certification, which is the most common. However, some governments or other organizations may require a key with Level 2 certification, in which case you'll have to purchase a [YubiKey 5 **FIPS** series](https://yubico.com/products/yubikey-fips) key, or a [Yubico Security Key](#yubico-security-key). Most people do not have to worry about this distinction.
YubiKeys can be programmed using the [YubiKey Manager](https://yubico.com/support/download/yubikey-manager) or [YubiKey Personalization Tools](https://yubico.com/support/download/yubikey-personalization-tools). For managing TOTP codes, you can use the [Yubico Authenticator](https://yubico.com/products/yubico-authenticator). All of Yubico's clients are open source.
-For models which support HOTP and TOTP, there are 2 slots in the OTP interface which could be used for HOTP and 32 slots to store TOTP secrets. These secrets are stored encrypted on the key and never exposed to the devices they are plugged into. Once a seed (shared secret) is given to the Yubico Authenticator, it will only give out the six-digit codes, but never the seed. This security model helps limit what an attacker can do if they compromise one of the devices running the Yubico Authenticator and make the YubiKey resistant to a physical attacker.
+For models which support HOTP and TOTP, there are 2 slots in the OTP interface which could be used for HOTP and 32 slots to store TOTP secrets. These secrets are stored encrypted on the key and never expose them to the devices they are plugged into. Once a seed (shared secret) is given to the Yubico Authenticator, it will only give out the six-digit codes, but never the seed. This security model helps limit what an attacker can do if they compromise one of the devices running the Yubico Authenticator and make the YubiKey resistant to a physical attacker.
Warning
@@ -85,17 +87,17 @@ The firmware of YubiKey is not updatable. If you want features in newer firmware
{ width="300" }
-**Nitrokey** has a security key capable of [FIDO2 and WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) called the **Nitrokey FIDO2**. For PGP support, you need to purchase one of their other keys such as the **Nitrokey Start**, **Nitrokey Pro 2**, or the **Nitrokey Storage 2**.
+**Nitrokey** has a security key capable of [FIDO2 and WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) called the **Nitrokey FIDO2**. For PGP support, you need to purchase one of their other keys such as the **Nitrokey Start**, **Nitrokey Pro 2** or the **Nitrokey Storage 2**.
[:octicons-home-16: Homepage](https://nitrokey.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://nitrokey.com/data-privacy-policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://docs.nitrokey.com){ .card-link title="Documentation" }
+[:octicons-info-16:](https://docs.nitrokey.com){ .card-link title=Documentation}
-The [comparison table](https://nitrokey.com/products/nitrokeys) shows how the different Nitrokey models compare to each other in terms of features and other specifications. The **Nitrokey 3** listed will have a combined feature set.
+The [comparison table](https://nitrokey.com/#comparison) shows the features and how the Nitrokey models compare. The **Nitrokey 3** listed will have a combined feature set.
Nitrokey models can be configured using the [Nitrokey app](https://nitrokey.com/download).
@@ -111,7 +113,7 @@ While Nitrokeys do not release the HOTP/TOTP secrets to the device they are plug
Warning
-Resetting the OpenPGP interface on a Nitrokey [Pro 2](https://docs.nitrokey.com/nitrokeys/pro/factory-reset) or Nitrokey [Start 2](https://docs.nitrokey.com/nitrokeys/storage/factory-reset) will also make the password database inaccessible.
+Resetting the OpenPGP interface on a Nitrokey will also make the password database [inaccessible](https://docs.nitrokey.com/pro/linux/factory-reset).
@@ -121,7 +123,7 @@ Resetting the OpenPGP interface on a Nitrokey [Pro 2](https://docs.nitrokey.com/
### Minimum Requirements
-- Must use high-quality, tamper-resistant hardware security modules.
+- Must use high quality, tamper resistant hardware security modules.
- Must support the latest FIDO2 specification.
- Must not allow private key extraction.
- Devices which cost over $35 must support handling OpenPGP and S/MIME.
@@ -130,9 +132,7 @@ Resetting the OpenPGP interface on a Nitrokey [Pro 2](https://docs.nitrokey.com/
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
-- Should be available in USB-C form factor.
+- Should be available in USB-C form-factor.
- Should be available with NFC.
- Should support TOTP secret storage.
- Should support secure firmware updates.
-
-[^1]: Some governments or other organizations may require a key with Level 2 certification, but most people do not have to worry about this distinction.
diff --git a/docs/self-hosting/email-servers.md b/docs/self-hosting/email-servers.md
deleted file mode 100644
index 7cf55f78..00000000
--- a/docs/self-hosting/email-servers.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Email Servers
-meta_title: "Self-Hosted Email - Privacy Guides"
-icon: material/email
-description: For our more technical readers, self-hosting your own email can provide additional privacy assurances by having maximum control over your data.
-cover: email.webp
----
-Protects against the following threat(s):
-
-- [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
-
-Advanced system administrators may consider setting up their own email server. Mail servers require attention and continuous maintenance in order to keep things secure and mail delivery reliable. In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
-
-- [Setting up a mail server with OpenSMTPD, Dovecot and Rspamd](https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd) (2019)
-- [How To Run Your Own Mail Server](https://www.c0ffee.net/blog/mail-server-guide) (August 2017)
-
-## Stalwart
-
-
-
-{ align=right }
-
-**Stalwart** is a newer mail server written in Rust which supports JMAP in addition to the standard IMAP, POP3, and SMTP. It has a wide variety of configuration options, but also defaults to very reasonable settings in terms of both security and features, making it easy to use immediately. It has web-based administration with TOTP 2FA support and allows you to enter your public PGP key to encrypt **all** incoming messages.
-
-[:octicons-home-16: Homepage](https://stalw.art){ .md-button .md-button--primary }
-[:octicons-info-16:](https://stalw.art/docs/get-started){ .card-link title="Documentation" }
-[:octicons-code-16:](https://github.com/stalwartlabs){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://github.com/sponsors/stalwartlabs){ .card-link title="Contribute" }
-
-
-
-Stalwart's [PGP implementation](https://stalw.art/docs/encryption/overview) is unique among our self-hosted recommendations and allows you to operate your own mail server with zero-knowledge message storage. If you additionally configure Web Key Directory (WKD) on your domain, and if you use an email client which supports PGP and WKD for outgoing mail (like Thunderbird), then this is the easiest way to get self-hosted E2EE compatibility with all [Proton Mail](../email.md#proton-mail) users.
-
-Stalwart does **not** have an integrated webmail, so you will need to use it with a [dedicated email client](../email-clients.md) or find an open-source webmail to self-host, like Nextcloud's Mail app.
-
-We use Stalwart for our own internal email at *Privacy Guides*.
-
-## Mailcow
-
-
-
-{ align=right }
-
-**Mailcow** is an advanced mail server perfect for those with Linux experience. It has everything you need in a Docker container: a mail server with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support.
-
-[:octicons-home-16: Homepage](https://mailcow.email){ .md-button .md-button--primary }
-[:octicons-info-16:](https://docs.mailcow.email){ .card-link title="Documentation" }
-[:octicons-code-16:](https://github.com/mailcow/mailcow-dockerized){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://servercow.de/mailcow?lang=en#sal){ .card-link title="Contribute" }
-
-
-
-## Mail-in-a-Box
-
-
-
-{ align=right }
-
-**Mail-in-a-Box** is an automated setup script for deploying a mail server on Ubuntu. Its goal is to make it easier for people to set up their own mail server.
-
-[:octicons-home-16: Homepage](https://mailinabox.email){ .md-button .md-button--primary }
-[:octicons-info-16:](https://mailinabox.email/guide.html){ .card-link title="Documentation" }
-[:octicons-code-16:](https://github.com/mail-in-a-box/mailinabox){ .card-link title="Source Code" }
-
-
diff --git a/docs/self-hosting/index.md b/docs/self-hosting/index.md
deleted file mode 100644
index 7874dc23..00000000
--- a/docs/self-hosting/index.md
+++ /dev/null
@@ -1,169 +0,0 @@
----
-title: Self-Hosting
-meta_title: "Self-Hosted Software and Services - Privacy Guides"
-description: For our more technical readers, self-hosted software and services can provide additional privacy assurances since you have maximum control over your data.
-cover: router.webp
----
-Protects against the following threat(s):
-
-- [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
-
-Using **self-hosted software and services** can be a way to achieve a higher level of privacy through digital sovereignty, particularly independence from cloud servers controlled by product developers or vendors. By self-hosting, we mean hosting applications and data on your own hardware.
-
-Self-hosting your own solutions requires advanced technical knowledge and a deep understanding of the associated risks. By becoming the host for yourself and possibly others, you take on responsibilities you might not otherwise have. Self-hosting privacy software improperly can leave you worse off than using e.g. an end-to-end encrypted service provider, so it is best avoided if you are not already comfortable doing so.
-
-## :material-email: Email Servers
-
-
-
-[Learn more :material-arrow-right-drop-circle:](email-servers.md)
-
-## :material-account-supervisor-circle-outline: Social Networks
-
-Self-hosting your own instance of a social network software can help circumvent potential [censorship on a server level](../social-networks.md#censorship-resistance) by a public server's administrator or admin team.
-
-### Mastodon
-
-
-
-{ align=right }
-
-**Mastodon** is a social network based on open web protocols and free, open-source software. It uses the decentralized **:simple-activitypub: ActivityPub** protocol.
-
-[:octicons-home-16:](https://joinmastodon.org){ .card-link title="Homepage" }
-[:octicons-info-16:](https://docs.joinmastodon.org/admin/prerequisites){ .card-link title="Admin Documentation" }
-
-
-
-Mastodon [integrates with the Tor network](https://docs.joinmastodon.org/admin/optional/tor) for more extreme scenarios where even your underlying hosting provider is subject to censorship, but this may limit who can access your content to only other servers which integrate with Tor (like most other hidden services).
-
-Mastodon benefits greatly from a large and active self-hosting community, and its administration is comprehensively documented. While many other ActivityPub platforms can require extensive technical knowledge to run and troubleshoot, Mastodon has very stable and tested releases, and it can generally be run securely without issue by anyone who can use the Linux command line and follow step-by-step instructions.
-
-### Element
-
-
-
-{ align=right }
-
-**Element** is the flagship client for the **:simple-matrix: Matrix** protocol, an open standard that enables decentralized communication by way of federated chat rooms.
-
-[:octicons-home-16:](https://element.io){ .card-link title="Homepage" }
-[:octicons-info-16:](https://element-hq.github.io/synapse/latest){ .card-link title="Admin Documentation" }
-[:octicons-code-16:](https://github.com/element-hq){ .card-link title="Source Code" }
-
-
-
-## :material-flip-to-front: Frontends
-
-Self-hosting your own instance of a web-based frontend can help you circumvent rate limits that you may encounter on high-traffic, public instances. It is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting, as other peoples' usage will be linked to your hosting.
-
-
-
-## More Tools...
-
-Tool recommendations in other categories of the website also provide a self-hosted option, so you could consider this if you are confident in your ability to host the software after reading their documentation.
-
-
diff --git a/docs/social-networks.md b/docs/social-networks.md
index 913ec970..c7524b8f 100644
--- a/docs/social-networks.md
+++ b/docs/social-networks.md
@@ -9,43 +9,23 @@ cover: social-networks.webp
- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
-These privacy-respecting **social networks** allow you to participate in online communities without giving up your personal information like your full name, phone number, and other data commonly requested by tech companies.
+These privacy-respecting **social networks** allow you to participate in online communities without giving up your personal information, like your full name, phone number, and other data commonly requested by tech companies.
-A growing problem among social media platforms is censorship in two different forms. First, they often acquiesce to illegitimate censorship requests, either from malicious governments or their own internal policies. Second, they often require accounts to access walled-off content that would otherwise be published freely on the open internet; this effectively censors the browsing activities of privacy-conscious users who are unable to pay the privacy cost of opening an account on these networks.
+A growing problem among social media platforms is censorship in two different forms. First, they often acquiesce to illegitimate censorship requests, either from malicious governments or their own internal policies.
-The social networks we recommend solve the issue of censorship by operating atop an open and decentralized social networking protocol. They also don't require an account merely to view publicly available content.
+Second, they often require accounts to access walled-off content that would otherwise be published freely on the open internet. This effectively censors the browsing activities of privacy-conscious users who are unable to pay the privacy cost of opening an account on these networks.
+
+The social networks we recommend solve the issue of censorship by operating atop an open and decentralized social networking protocol. While it is possible for your account to be banned or silenced by an individual server, there is no central authority which can censor your account across the entire network. They also don't require an account merely to view publicly available content.
You should note that **no** social networks are appropriate for private or sensitive communications. For chatting directly with others, you should use a recommended [instant messenger](real-time-communication.md) with strong end-to-end encryption, and only use direct messages on social media in order to establish a more private and secure chat platform with your contacts.
-## Decentralization
-
-Decentralized social networks are built on an architecture that is fundamentally different than mainstream social media platforms, yet quite similar to the underlying structure of email. Instead of opening an account under a single, unified service like you would for Facebook or Discord, you instead choose an independent, public server to join. The server you join can communicate with and discover other servers; this aspect of decentralization is also known as *federation*.
-
-A significant benefit of this decentralized model is that there is no central authority which can censor your account across the entire network, though it is possible for your account to be banned or silenced by an individual server.
-
-A caveat of this decentralized model is that each server is its own legal entity, with its own privacy policy, terms of use, administration team, and moderators. While many of these servers are far *less* restrictive and more privacy-respecting than traditional social media platforms, some can be far *more* restrictive or potentially *worse* for your privacy. Typically, the software on which the social network runs does not discriminate between these administrators or place any limitations on their powers.
-
-## Censorship Resistance
-
-While censorship in decentralized social networks does not exist on a network level, it is very possible to experience censorship on a server level depending on a server's administrator. Administrators have the power to *defederate* from other servers, which leads to limiting the content you can view and the people you can interact with.
-
-If you are greatly concerned about an existing server censoring your content, the content available to you, or other servers, you generally have two options:
-
-1. **Host the social network software yourself.** This approach gives you the exact same censorship resistance as any other website you can host yourself, which is fairly high.
-
-2. **Use a managed hosting service.** We don't have any specific recommendations, but there are a variety of hosting services which will create a brand-new server on your own domain (or occasionally a subdomain of their domain, but we recommend against this unless registering your own domain presents too much of a burden to your privacy).
-
- Typically, hosting providers will handle the *technical* side of your server, but completely leave the *moderation* side up to you. This often represents a better approach than self-hosting for most people because you can benefit from greater control over your own server without worrying about technical problems or unpatched security vulnerabilities.
-
- You should look closely at your hosting provider's terms of service and acceptable use policies before registering. These are often far more broad than typical hosted server rules, and they are far less likely to be enforced without recourse, but they can still be restrictive in undesirable ways.
-
## Mastodon
{ align=right }
-**Mastodon** is a social network based on open web protocols and free, open-source software. It uses the **:simple-activitypub: ActivityPub** protocol, which is decentralized like email: Users can exist on different servers or even different platforms but still communicate with each other.
+**Mastodon** is a social network based on open web protocols and free, open-source software. It uses the **:simple-activitypub: ActivityPub** protocol, which is decentralized like email: users can exist on different servers or even different platforms but still communicate with each other.
[:octicons-home-16: Homepage](https://joinmastodon.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://docs.joinmastodon.org){ .card-link title="Documentation" }
@@ -60,11 +40,29 @@ We chose to recommend Mastodon over other ActivityPub software as your primary s
2. Mastodon is largely usable with most content types. While it is primarily a microblogging platform, Mastodon easily handles longer posts, image posts, video posts, and most other posts you might encounter when following ActivityPub users who aren't on Mastodon. This makes your Mastodon account an ideal "central hub" for following anyone regardless of the platform they chose to use. In contrast, if you were only using a PeerTube account, you would *only* be able to follow other video channels, for example.
-3. Mastodon has fairly comprehensive privacy controls. It has many built-in features which allow you to limit how and when your data is shared, some of which we'll cover below. They also develop new features with privacy in mind. For example, while other ActivityPub software quickly implemented "quote posts" by merely handling links to other posts with a slightly different embed modal, Mastodon is [developing](https://blog.joinmastodon.org/2025/02/bringing-quote-posts-to-mastodon) a quote post feature which will give you more fine-grained control when your post is quoted.
+3. Mastodon has fairly comprehensive privacy controls. It has many built-in features which allow you to limit how and when your data is shared, some of which we'll cover below. They also develop new features with privacy in mind. For example, while other ActivityPub software quickly implemented "quote posts" by merely handling links to other posts with a slightly different embed modal, Mastodon is [developing](https://blog.joinmastodon.org/2025/02/bringing-quote-posts-to-mastodon/) a quote post feature which will give you more fine-grained control when your post is quoted.
### Choosing an Instance
-To benefit the most from Mastodon, it is critical to choose a server, or "instance," which is well aligned with the type of content you want to post or read about. We do not currently recommend any specific instances, but you may find advice within our communities. We recommend avoiding *mastodon.social* and *mastodon.online* because they are operated by the same company which develops Mastodon itself. From the perspective of decentralization, it is better in the long term to separate software developers and server hosts so that no one party can exert too much control over the network as a whole.
+To benefit the most from Mastodon, it is critical to choose a server, or "instance," which is well aligned with the type of content you want to post or read about. While censorship in Mastodon does not exist on a network level, it is very possible to experience censorship on a server level depending on your server's administrator.
+
+It is critical to understand that Mastodon is not a single, unified service in the way that X (Twitter) or Facebook are. Each server is its own legal entity, with its own privacy policy, terms of use, administration team, and moderators. While many of these servers are far *less* restrictive and more privacy-respecting than traditional social media platforms, some can be far *more* restrictive or potentially *worse* for your privacy. The Mastodon software does not discriminate between these administrators or place any limitations on their powers.
+
+We do not currently recommend any specific instances, but you may find advice within our communities. We recommend avoiding *mastodon.social* and *mastodon.online* because they are operated by the same company which develops Mastodon itself. From the perspective of decentralization, it is better in the long term to separate software developers and server hosts so that no one party can exert too much control over the network as a whole.
+
+If you are greatly concerned about an existing server censoring your content or the content you can view, you generally have two options:
+
+1. **Host Mastodon yourself.** This approach gives you the exact same censorship resistance as any other website you can host yourself, which is fairly high. Mastodon even [integrates with the Tor network](https://docs.joinmastodon.org/admin/optional/tor) for more extreme scenarios where even your underlying hosting provider is subject to censorship, but this may limit who can access your content to only other servers which integrate with Tor, like most other hidden services.
+
+ Mastodon benefits greatly from a large and active self-hosting community, and its administration is comprehensively documented. While many other ActivityPub platforms can require extensive technical knowledge to run and troubleshoot, Mastodon has very stable and tested releases, and it can generally be run securely without issue by anyone who can use the Linux command line and follow [step-by-step instructions](https://docs.joinmastodon.org/admin/prerequisites).
+
+2. **Use a managed hosting service.** We don't have any specific recommendations, but there are a variety of Mastodon hosting services which will create a brand-new Mastodon server on your own domain (or occasionally a subdomain of their domain, but we recommend against this unless registering your own domain presents too much of a burden to your privacy).
+
+ Typically, Mastodon hosting providers will handle the *technical* side of your instance, but they completely leave the *moderation* side up to you. This means that you will be able to follow any content you like, although it may expose you to more spam or unwanted content because you will not have the dedicated moderation team many larger instances will have.
+
+ This often represents a better approach than self-hosting for most people, because you can benefit from greater control over your own instance without worrying about technical problems or unpatched security vulnerabilities.
+
+ You should look closely at your hosting provider's terms of service and acceptable use policies before registering. These are often far more broad than typical hosted instance rules, and they are far less likely to be enforced without recourse, but they can still be restrictive in undesirable ways.
### Recommended Privacy Settings
@@ -76,7 +74,7 @@ There are a number of privacy controls under the **privacy and reach** tab here.
- [ ] **Automatically accept new followers**: You should consider unchecking this box to have a private profile. This will allow you to review who can follow your account before accepting them.
- In contrast to most social media platforms, if you have a private profile you still have the *option* to publish posts which are publicly visible to non-followers and can still be boosted by non-followers. Therefore, unchecking this box is the only way to have the *choice* to publish to either the entire world or a select group of people.
+ In contrast to most social media platforms, if you have a private profile you still have the *option* to publish posts which are publicly visible to non-followers, and which can still be boosted and seen by non-followers. Therefore, unchecking this box is the only way to have the *choice* to publish to either the entire world or a select group of people.
- [ ] **Show follows and followers on profile**: You should uncheck this box to hide your social graph from the public. It is fairly uncommon for the list of people you follow to have some genuine benefit to others, but that information can present a risk to you.
@@ -105,93 +103,17 @@ It is very rare for social media posts older than a few weeks to be read or rele
When publishing a new post, you will have the option to choose from one of these visibility settings:
- **Public**, which publishes your content to anyone on the internet.
-- **Quiet public**, which you should consider equivalent to publicly posting! This is not a technical guarantee, but merely a request you are making to other servers to hide your post from some feeds.
+- **Quiet public**, which you should consider equivalent to publicly posting! This is not a technical guarantee, merely a request you are making to other servers to hide your post from some feeds.
- **Followers**, which publishes your content only to your followers. If you did not follow our recommendation of restricting your followers, you should consider this equivalent to publicly posting!
-- **Specific people**, which only shares the post with people who are specifically mentioned within the post. This is Mastodon's version of direct messages, but should never be relied on for private communications as we covered earlier since Mastodon has no E2EE.
+- **Specific people**, which only shares the post with people who are specifically mentioned within the post. This is Mastodon's version of direct messages, but should never be relied on for private communications as we covered earlier, since Mastodon has no E2EE.
If you used our recommended configuration settings above, you should be posting to **Followers** by default, and only posting to **Public** on an intentional and case-by-case basis.
-## Element
-
-
-
-{ align=right }
-
-**Element** is the flagship client for the **:simple-matrix: [Matrix](https://matrix.org/docs/chat_basics/matrix-for-im)** protocol, an [open standard](https://spec.matrix.org/latest) that enables decentralized communication by way of federated chat rooms. Users can exist on different homeservers but still communicate with each other.
-
-[:octicons-home-16: Homepage](https://element.io){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://element.io/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://element.io/help){ .card-link title="Documentation" }
-[:octicons-code-16:](https://github.com/element-hq){ .card-link title="Source Code" }
-
-
-Downloads
-
-- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=im.vector.app)
-- [:simple-appstore: App Store](https://apps.apple.com/app/id1083446067)
-- [:simple-github: GitHub](https://github.com/element-hq/element-android/releases)
-- [:fontawesome-brands-windows: Windows](https://element.io/download)
-- [:simple-apple: macOS](https://element.io/download)
-- [:simple-linux: Linux](https://element.io/download)
-- [:octicons-browser-16: Web](https://app.element.io)
-
-
-
-
-
-### Choosing a Homeserver
-
-To benefit the most from Matrix, it is critical to choose a homeserver which is well aligned with the subject(s) you want to chat about. We do not currently recommend any specific homeservers, but you may find advice within our communities or third-party resources like [*joinmatrix.org*](https://servers.joinmatrix.org). We recommend avoiding *matrix.org* because they are operated by the same company which develops Matrix itself. From the perspective of decentralization, it is better in the long term to separate software developers and server hosts so that no one party can exert too much control over the network as a whole.
-
-### Recommended Privacy Settings
-
-From Element's web or desktop app, go to :gear: → **All settings** to find these sections:
-
-#### Sessions
-
-By default, when you log in to Element on a new device, the session name will be automatically populated with the Matrix client and platform you used for login. This information may be visible to other users depending on the Matrix client they use.
-
-To prevent revealing information about your personal device to others unnecessarily, consider emptying the session name; this will change the session name to the randomly generated alphanumeric Session ID instead.
-
-#### Preferences
-
-- [ ] Uncheck **Send read receipts**
-- [ ] Uncheck **Send typing notifications**
-
-You should uncheck these options to reduce the exposure of metadata to other users when chatting in a public room.
-
-#### Voice & Video
-
-- [ ] Uncheck **Allow Peer-to-Peer for 1:1 calls**
-- [ ] Uncheck **Allow fallback call assist server (turn.matrix.org)**
-
-If you do decide to use Element for one-to-one communication, we recommend unchecking these settings to prevent the exposure of your IP address to the other party.
-
-#### Security & Privacy
-
-##### Manage integrations (scalar.vector.im)
-
-A Matrix integration manager connects Matrix to third-party services such as bots, bridges, and other enhancements. Element collects information to provide these services to those using an integration manager; you can review its detailed [Privacy Notice](https://element.io/integration-manager-privacy-notice) for the exact information Element collects and the ways it uses such information.
-
-As an end user on a public homeserver, you can consider unchecking the **Enable the integration manager** option, which does not affect the visibility of bots or other third-party services. As a homeserver administrator, consider whether the additional parties with which you share your data are worth the extra functionality.
-
-##### Sessions
-
-- [ ] (Optional) Uncheck **Record the client name, version, and url to recognize sessions for easily in session manager**
-
-Unchecking this option may make it more diffcult to discern your active sessions if you logged in to your Matrix account on multiple devices.
-
-#### Encryption
-
-- [x] (Optional) Check **In encrypted rooms, only send messages to verified users**
-
-With this setting enabled, unverified users (i.e., those who have not used the **Verify User** function) and unverified devices of verified users will not receive your messages in a room with encryption enabled. This may limit the messages you can view and the people you can interact with.
-
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
-- Must be free and open-source software.
+- Must be free and open source software.
- Must use a federated protocol to communicate with other instances of the social networking software.
- Must not have non-technical restrictions on who can be federated with.
- Must be usable within a standard [web browser](desktop-browsers.md).
diff --git a/docs/tools.md b/docs/tools.md
index ced3968d..51da887d 100644
--- a/docs/tools.md
+++ b/docs/tools.md
@@ -9,9 +9,6 @@ description: A complete list of the privacy tools, services, software, and hardw
If you're looking for a specific solution to something, these are the hardware and software tools we recommend in a variety of categories. Our recommended privacy tools are primarily chosen based on security features, with additional emphasis on decentralized and open-source tools. They are applicable to a variety of threat models ranging from protection against global mass surveillance programs and avoiding big tech companies to mitigating attacks, but only you can determine what will work best for your needs.
-
-
-
[VPN Providers](vpn.md){ .md-button }
[Password Managers](passwords.md){ .md-button }
[Email Providers](email.md){ .md-button }
@@ -19,19 +16,6 @@ If you're looking for a specific solution to something, these are the hardware a
[DNS Servers](dns.md){ .md-button }
[Email Aliasing Services](email-aliasing.md){ .md-button }
[Photo Organization Tools](photo-management.md){ .md-button }
-
-
-
-
-
-
-
-
-[Self-hosting recommendations](self-hosting/index.md) have been moved to their own category.
-
-
-
-
If you want assistance figuring out the best privacy tools and alternative programs for your needs, start a discussion on our [forum](https://discuss.privacyguides.net) or our [Matrix](https://matrix.to/#/#privacyguides:matrix.org) community!
@@ -130,6 +114,7 @@ For more details about each project, why they were chosen, and additional tips o
@@ -427,7 +423,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
-#### Cross-Platform Tools
+#### Cross-platform Tools
@@ -491,9 +487,9 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
-- { .twemoji loading=lazy } { .twemoji loading=lazy } [Apple Health](health-and-wellness.md#apple-health)
+- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
-- { .twemoji loading=lazy } { .twemoji loading=lazy } [Apple Health Records](health-and-wellness.md#apple-health-records)
+- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health Records](health-and-wellness.md#apple-health-records)
- { .twemoji loading=lazy } [CommonHealth](health-and-wellness.md#commonhealth)
@@ -608,6 +604,8 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [Signal](real-time-communication.md#signal)
- { .twemoji loading=lazy } [Briar](real-time-communication.md#briar)
- { .twemoji loading=lazy } [SimpleX Chat](real-time-communication.md#simplex-chat)
+- { .twemoji loading=lazy } [Element](real-time-communication.md#element)
+- { .twemoji loading=lazy } [Session](real-time-communication.md#session)
@@ -618,7 +616,6 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
diff --git a/docs/tor.md b/docs/tor.md
index bb59f237..b18c98fe 100644
--- a/docs/tor.md
+++ b/docs/tor.md
@@ -31,7 +31,7 @@ schema:
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md){ .md-button .md-button--primary }
-[:material-movie-open-play-outline: Video: Why You Need Tor](https://www.privacyguides.org/videos/2025/03/02/why-you-need-tor){ .md-button }
+[:material-movie-open-play-outline: Video: Why You Need Tor](https://www.privacyguides.org/videos/2025/03/02/why-you-need-tor/){ .md-button }
Tip
@@ -42,7 +42,7 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } browsing for desktop computers and Android.
-Some of these apps are better than others; making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using mobile browser apps like [Onion Browser](#onion-browser-ios) to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
@@ -52,13 +52,13 @@ If more complete anonymity is paramount to your situation, you should **only** b
{ align=right }
-**Tor Browser** is the top choice if you need anonymity, as it provides you with access to the Tor network and bridges, and it includes default settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*.
+**Tor Browser** is the choice if you need anonymity, as it provides you with access to the Tor network and bridges, and it includes default settings and extensions that are automatically configured by the default security levels: *Standard*, *Safer* and *Safest*.
[:octicons-home-16: Homepage](https://torproject.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
-[:octicons-info-16:](https://tb-manual.torproject.org){ .card-link title="Documentation" }
+[:octicons-info-16:](https://tb-manual.torproject.org){ .card-link title=Documentation }
[:octicons-code-16:](https://gitlab.torproject.org/tpo/applications/tor-browser){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://donate.torproject.org){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://donate.torproject.org){ .card-link title=Contribute }
Downloads
@@ -80,25 +80,63 @@ You should **never** install any additional extensions on Tor Browser or edit `a
-The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings). When modifying the security level setting, you **must** always restart the browser before continuing to use it. Otherwise, [the security settings may not be fully applied](https://www.privacyguides.org/articles/2025/05/02/tor-security-slider-flaw), putting you at a higher risk of fingerprinting and exploits than you may expect based on the setting chosen.
+The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings).
In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+## Orbot
+
+
+
+{ align=right }
+
+**Orbot** is a free Tor VPN for smartphones which routes traffic from any app on your device through the Tor network.
+
+[:octicons-home-16: Homepage](https://orbot.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://orbot.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://orbot.app/faqs){ .card-link title=Documentation}
+[:octicons-code-16:](https://orbot.app/code){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://orbot.app/donate){ .card-link title=Contribute }
+
+
+Downloads
+
+- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.android)
+- [:simple-appstore: App Store](https://apps.apple.com/app/id1609461599)
+- [:simple-github: GitHub](https://github.com/guardianproject/orbot/releases)
+
+
+
+
+
+We previously recommended enabling the *Isolate Destination Address* preference in Orbot settings. While this setting can theoretically improve privacy by enforcing the use of a different circuit for each IP address you connect to, it doesn't provide a practical advantage for most applications (especially web browsing), can come with a significant performance penalty, and increases the load on the Tor network. We no longer recommend adjusting this setting from its default value unless you know you need to.[^1]
+
+
+
Tips for Android
+
+Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN kill switch in :gear: **Settings** → **Network & internet** → **VPN** → :gear: → **Block connections without VPN**.
+
+Orbot is often outdated on the Guardian Project's [F-Droid repository](https://guardianproject.info/fdroid) and [Google Play](https://play.google.com/store/apps/details?id=org.torproject.android), so consider downloading directly from the [GitHub repository](https://github.com/guardianproject/orbot/releases) instead.
+
+All versions are signed using the same signature, so they should be compatible with each other.
+
+
+
+On iOS, Orbot has some limitations that could potentially cause crashes or leaks: iOS does not have an effective OS-level feature to block connections without a VPN like Android does, and iOS has an artificial memory limit for network extensions that makes it challenging to run Tor in Orbot without crashes. Currently, it is always safer to use Tor on a desktop computer compared to a mobile device.
+
## Onion Browser (iOS)
{ align=right }
-**Onion Browser** is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the [Tor Project](https://support.torproject.org/glossary/onion-browser).
-
-[:material-star-box: Read our latest Onion Browser review.](https://www.privacyguides.org/articles/2024/09/18/onion-browser-review)
+**Onion Browser** is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the [Tor Project](https://support.torproject.org/glossary/onion-browser). [:material-star-box: Read our latest Onion Browser review.](https://www.privacyguides.org/articles/2024/09/18/onion-browser-review/)
[:octicons-home-16: Homepage](https://onionbrowser.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://onionbrowser.com/privacy-policy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://onionbrowser.com/faqs){ .card-link title="Documentation" }
+[:octicons-info-16:](https://onionbrowser.com/faqs){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/OnionBrowser/OnionBrowser){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://onionbrowser.com/donate){ .card-link title="Contribute" }
+[:octicons-heart-16:](https://onionbrowser.com/donate){ .card-link title=Contribute }
Downloads
@@ -111,4 +149,6 @@ In addition to installing Tor Browser on your computer directly, there are also
Onion Browser does not provide the same levels of privacy protections as Tor Browser does on desktop platforms. For casual use it is a perfectly fine way to access hidden services, but if you're concerned about being traced or monitored by advanced adversaries you should not rely on this as an anonymity tool.
-[Notably](https://github.com/privacyguides/privacyguides.org/issues/2929), Onion Browser does not *guarantee* all requests go through Tor. When using the built-in version of Tor, [your real IP **will** be leaked via WebRTC and audio/video streams](https://onionbrowser.com/faqs) due to limitations of WebKit. It is *safer* to use Onion Browser alongside [Orbot](alternative-networks.md#orbot), but this still comes with some limitations on iOS.
+[Notably](https://github.com/privacyguides/privacyguides.org/issues/2929), Onion Browser does not *guarantee* all requests go through Tor. When using the built-in version of Tor, [your real IP **will** be leaked via WebRTC and audio/video streams](https://onionbrowser.com/faqs) due to limitations of WebKit. It is *safer* to use Onion Browser alongside Orbot, but this still comes with some limitations on iOS (noted in the Orbot section above).
+
+[^1]: The `IsolateDestAddr` setting is discussed on the [Tor mailing list](https://lists.torproject.org/pipermail/tor-talk/2012-May/024403.html) and [Whonix's Stream Isolation documentation](https://whonix.org/wiki/Stream_Isolation), where both projects suggest that it is usually not a good approach for most people.
diff --git a/docs/vpn.md b/docs/vpn.md
index 6698f6cb..161f2b32 100644
--- a/docs/vpn.md
+++ b/docs/vpn.md
@@ -34,7 +34,7 @@ Our recommended providers use encryption, support WireGuard & OpenVPN, and have
|---|---|---|---|---|---
| [Proton](#proton-vpn) | 112+ | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } Partial Support | :material-information-outline:{ .pg-blue } Limited Support | Cash
| [IVPN](#ivpn) | 37+ | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } | :material-information-outline:{ .pg-blue } Outgoing Only | Monero, Cash
-| [Mullvad](#mullvad) | 49+ | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } | :material-check:{ .pg-green } | Monero, Cash
+| [Mullvad](#mullvad) | 45+ | :material-check:{ .pg-green } | :material-alert-outline:{ .pg-orange } | :material-check:{ .pg-green } | Monero, Cash
### Proton VPN
@@ -108,15 +108,6 @@ Unfortunately, it does not work very well in countries where sophisticated filte
Proton VPN has published [App Store](https://apps.apple.com/app/id1437005085) and [Google Play](https://play.google.com/store/apps/details?id=ch.protonvpn.android) clients, both supporting an easy-to-use interface as opposed to requiring you to manually configure your WireGuard connection. The Android client is also available on [GitHub](https://github.com/ProtonVPN/android-app/releases).
-
-
How to opt out of sharing telemetry
-
-On Android, Proton hides telemetry settings under the misleadingly labeled "**Help us fight censorship**" menu in the settings panel. On other platforms these settings can be found under the "**Usage statistics**" menu.
-
-We are noting this because while we don't necessarily recommend against sharing anonymous usage statistics with developers, it is important that these settings are easily found and clearly labeled.
-
-
-
#### :material-information-outline:{ .pg-blue } Additional Notes
Proton VPN clients support two-factor authentication on all platforms. Proton VPN has their own servers and datacenters in Switzerland, Iceland and Sweden. They offer content blocking and known-malware blocking with their DNS service. Additionally, Proton VPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using [the official Tor Browser](tor.md#tor-browser) for this purpose.
@@ -142,9 +133,8 @@ System crashes [may occur](https://protonvpn.com/support/macos-t2-chip-kill-swit
Downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=net.ivpn.client)
-- [:simple-appstore: App Store](https://apps.apple.com/app/id1193122683)
- [:octicons-moon-16: Accrescent](https://accrescent.app/app/net.ivpn.client)
-- [:simple-github: GitHub](https://github.com/ivpn/android-app/releases)
+- [:simple-appstore: App Store](https://apps.apple.com/app/id1193122683)
- [:fontawesome-brands-windows: Windows](https://ivpn.net/apps-windows)
- [:simple-apple: macOS](https://ivpn.net/apps-macos)
- [:simple-linux: Linux](https://ivpn.net/apps-linux)
diff --git a/includes/abbreviations.en.txt b/includes/abbreviations.en.txt
index de1c9c55..d8a21651 100644
--- a/includes/abbreviations.en.txt
+++ b/includes/abbreviations.en.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system
+*[attack surface]: The total number of possible entry points for unauthorized access to a system.
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
-*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
+*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
+*[digital legacy]: A feature that allows you to give other people access to your data when you die.
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
+*[DPI]: Deep Packet Inspection
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is
+*[entropy]: A measurement of how unpredictable something is.
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently
+*[fork]: A new software project created by copying an existing project and adding to it independently.
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,22 +49,19 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
-*[LLMs]: Large Language Models (AI models such as ChatGPT)
-*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
+*[LUKS]: Linux Unified Key Setup (full disk encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Nonvolatile Memory Express
-*[NAT]: Network address translation
-*[NAT-PMP]: NAT Port Mapping Protocol
+*[NVMe]: Non-Volatile Memory Express
+*[NAT]: Network Address Translation
+*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
-*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -72,12 +69,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy (see OpenPGP)
+*[PGP]: Pretty Good Privacy
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than set intervals
+*[rolling release]: Updates which are released frequently rather than at set intervals.
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -86,12 +83,10 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set Owner User ID
+*[SUID]: Set User Identity
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single sign-on
-*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
-*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
+*[SSO]: Single Sign-On
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/contributors.md b/includes/contributors.md
index f4d3cf98..70c08289 100644
--- a/includes/contributors.md
+++ b/includes/contributors.md
@@ -450,8 +450,6 @@
