|
- Cloudflare
+ Cloudflare
+ {% include badge.html
+ link="https://codeberg.org/crimeflare/cloudflare-tor/"
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ tooltip="Cloudflare is one of the world's largest networks, and a problem considering anonymity and decentralization."
+ %}
|
Anycast (based in
@@ -355,7 +366,12 @@
|
- Quad9
+ Quad9
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ tooltip="Founders include the Global Cyber Alliance, composed of the City of London Police and Manhattan District Attorney's Office."
+ %}
|
Anycast (based in
diff --git a/_includes/sections/file-encryption.html b/_includes/sections/file-encryption.html
index 69c87798..ff9a1da2 100644
--- a/_includes/sections/file-encryption.html
+++ b/_includes/sections/file-encryption.html
@@ -55,10 +55,21 @@
Worth Mentioning
- - Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
+ - Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://github.com/cryptomator/cryptomator-android/issues/1#issuecomment-257979375"
+ tooltip="Cryptomator's mobile apps are not open-source."
+ %}
- Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
- Tomb - A simple zsh script for making LUKS containers on the commandline.
- Hat.sh - A cross-platform, serverless JavaScript web application that provides secure file encryption using the AES-256-GCM algorithm in your browser. It can also be downloaded and run offline.
- - Keka - A macOS-only, file archiver with the ability to encrypt files.
-
+ - Keka - A macOS-only, file archiver with the ability to encrypt files.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://github.com/aonez/Keka#so-where-is-the-source-code"
+ tooltip="This software is no longer open source."
+ %}
diff --git a/_includes/sections/file-sharing.html b/_includes/sections/file-sharing.html
index 671b2f5d..619dedc3 100644
--- a/_includes/sections/file-sharing.html
+++ b/_includes/sections/file-sharing.html
@@ -1,52 +1,59 @@
File Sharing
{% include cardv2.html
-title="Firefox Send"
-image="/assets/img/svg/3rd-party/firefox_send.svg"
-labels="color==warning::link==https://send.firefox.com/legal::text==Warning::tooltip==IP addresses are retained in logs for 90 days."
-description="Firefox Send uses end-to-end encryption to keep your data secure from the moment you share to the moment your file is opened. It also offers security controls that you can set. You can choose when your file link expires, the number of downloads, and whether you would like to add a password for an extra layer of security."
-website="https://send.firefox.com/"
-privacy-policy="https://send.firefox.com/legal"
-forum="https://forum.privacytools.io/t/discussion-firefox-send/755"
-github="https://github.com/mozilla/send"
-web="https://send.firefox.com/"
-googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefoxsend"
+ title="Firefox Send"
+ image="/assets/img/svg/3rd-party/firefox_send.svg"
+ labels="color==warning::link==https://send.firefox.com/legal::text==Warning::tooltip==IP addresses are retained in logs for 90 days."
+ description="Firefox Send uses end-to-end encryption to keep your data secure from the moment you share to the moment your file is opened. It also offers security controls that you can set. You can choose when your file link expires, the number of downloads, and whether you would like to add a password for an extra layer of security."
+ website="https://send.firefox.com/"
+ privacy-policy="https://send.firefox.com/legal"
+ forum="https://forum.privacytools.io/t/discussion-firefox-send/755"
+ github="https://github.com/mozilla/send"
+ web="https://send.firefox.com/"
+ googleplay="https://play.google.com/store/apps/details?id=org.mozilla.firefoxsend"
%}
{% include cardv2.html
-title="OnionShare"
-image="/assets/img/svg/3rd-party/onionshare.svg"
-website="https://onionshare.org/"
-tor="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/"
-description="OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files."
-forum="https://forum.privacytools.io/t/discussion-onionshare/754"
-github="https://github.com/micahflee/onionshare"
-windows="https://onionshare.org/#downloads"
-mac="https://onionshare.org/#downloads"
-linux="https://onionshare.org/#downloads"
-freebsd="https://www.freshports.org/www/onionshare/"
-openbsd="http://openports.se/net/onionshare"
+ title="OnionShare"
+ image="/assets/img/svg/3rd-party/onionshare.svg"
+ website="https://onionshare.org/"
+ tor="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/"
+ description="OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files."
+ forum="https://forum.privacytools.io/t/discussion-onionshare/754"
+ github="https://github.com/micahflee/onionshare"
+ windows="https://onionshare.org/#downloads"
+ mac="https://onionshare.org/#downloads"
+ linux="https://onionshare.org/#downloads"
+ freebsd="https://www.freshports.org/www/onionshare/"
+ openbsd="http://openports.se/net/onionshare"
%}
{% include cardv2.html
-title="Magic Wormhole"
-image="/assets/img/png/3rd-party/magic_wormhole.png"
-website="https://magic-wormhole.readthedocs.io"
-description="Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: \"Get things from one computer to another, safely.\""
-forum="https://forum.privacytools.io/t/discussion-magic-wormhole/756"
-github="https://github.com/warner/magic-wormhole"
-windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
-mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
-linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
-freebsd="https://www.freshports.org/net/py-magic-wormhole/"
-openbsd="https://pypi.org/project/magic-wormhole/"
-netbsd="https://pypi.org/project/magic-wormhole/"
+ title="Magic Wormhole"
+ image="/assets/img/png/3rd-party/magic_wormhole.png"
+ website="https://magic-wormhole.readthedocs.io"
+ description="Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: \"Get things from one computer to another, safely.\""
+ forum="https://forum.privacytools.io/t/discussion-magic-wormhole/756"
+ github="https://github.com/warner/magic-wormhole"
+ windows="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ mac="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ linux="https://magic-wormhole.readthedocs.io/en/latest/welcome.html#installation"
+ freebsd="https://www.freshports.org/net/py-magic-wormhole/"
+ openbsd="https://pypi.org/project/magic-wormhole/"
+ netbsd="https://pypi.org/project/magic-wormhole/"
%}
Worth Mentioning
- - FramaDrop - Stores a file of any size for 24h. Data is end-to-end encrypted from your browser, powered by LuFi.
+ - FramaDrop - Stores a file of any size for 24h. Data is end-to-end encrypted from your browser, powered by LuFi.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://framasoft.org/en/cgu/"
+ tooltip="FramaDrop logs IP addresses and fingerprints the browser for an unclear amount of time."
+ %}
+
- croc - Easily and securely send arbitrary-sized files from one computer to another. Similar to Magic Wormhole but without dependencies.
- FreedomBox - Designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or XMPP server, to a wiki, or VPN.
diff --git a/_includes/sections/live-operating-systems.html b/_includes/sections/live-operating-systems.html
index f566b552..af0a1014 100644
--- a/_includes/sections/live-operating-systems.html
+++ b/_includes/sections/live-operating-systems.html
@@ -1,13 +1,13 @@
PC Live Operating Systems
{% include cardv2.html
-title="Tails"
-image="/assets/img/svg/3rd-party/tails.svg"
-description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
-badges="info:GNU/Linux"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://tails.boum.org/"
-git="https://git-tails.immerda.ch/tails/"
+ title="Tails"
+ image="/assets/img/svg/3rd-party/tails.svg"
+ description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
+ badges="info:GNU/Linux"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://tails.boum.org/"
+ git="https://git-tails.immerda.ch/tails/"
%}
Worth Mentioning
@@ -15,12 +15,19 @@ git="https://git-tails.immerda.ch/tails/"
-
Fedora Workstation
- GNU/Linux
+ {% include badge.html
+ color="info"
+ text="GNU/Linux"
+ %}
- Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.
+
-
Debian
- GNU/Linux
+ {% include badge.html
+ color="info"
+ text="GNU/Linux"
+ %}
- Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.
diff --git a/_includes/sections/mobile-operating-systems.html b/_includes/sections/mobile-operating-systems.html
index f17d7ab8..91ba166d 100644
--- a/_includes/sections/mobile-operating-systems.html
+++ b/_includes/sections/mobile-operating-systems.html
@@ -5,42 +5,76 @@
{% include cardv2.html
-title="GrapheneOS"
-image="/assets/img/svg/3rd-party/grapheneos.svg"
-image-dark="/assets/img/svg/3rd-party/grapheneos-dark.svg"
-description='GrapheneOS (formerly known as CopperheadOS) is a free and open-source security- and privacy-focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security.'
-badges="info:AOSP"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://grapheneos.org/"
-github="https://github.com/GrapheneOS/"
+ title="GrapheneOS"
+ image="/assets/img/svg/3rd-party/grapheneos.svg"
+ image-dark="/assets/img/svg/3rd-party/grapheneos-dark.svg"
+ description='GrapheneOS (formerly known as CopperheadOS) is a free and open-source security- and privacy-focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security.'
+ badges="info:AOSP"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://grapheneos.org/"
+ github="https://github.com/GrapheneOS/"
%}
{% include cardv2.html
-title="LineageOS"
-image="/assets/img/svg/3rd-party/lineageos.svg"
-description='LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of the Android Open Source Project. It is the continuation of the CyanogenMod project.'
-badges="info:AOSP"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://www.lineageos.org/"
-privacy-policy="https://www.lineageos.org/legal/"
-github="https://github.com/LineageOS"
+ title="LineageOS"
+ image="/assets/img/svg/3rd-party/lineageos.svg"
+ description='LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of the Android Open Source Project. It is the continuation of the CyanogenMod project.'
+ badges="info:AOSP"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://www.lineageos.org/"
+ privacy-policy="https://www.lineageos.org/legal/"
+ github="https://github.com/LineageOS"
%}
{% include cardv2.html
-title="Ubuntu Touch"
-image="/assets/img/svg/3rd-party/ubuntu.svg"
-description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported."
-badges="info:GNU/Linux"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://ubuntu-touch.io/"
-privacy-policy="https://ubports.com/privacy"
-github="https://github.com/ubports"
+ title="Ubuntu Touch"
+ image="/assets/img/svg/3rd-party/ubuntu.svg"
+ description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported."
+ badges="info:GNU/Linux"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://ubuntu-touch.io/"
+ privacy-policy="https://ubports.com/privacy"
+ github="https://github.com/ubports"
%}
Worth Mentioning
- - Replicant AOSP - An open-source operating system based on Android, aiming to replace all proprietary components with free software.
- - OmniROM AOSP contrib - A free-software operating system for smartphones and tablet computers, based on the Android mobile platform.
- - MicroG Add-on Package contrib - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at Lineage for microG.
+ - Replicant
+ {% include badge.html
+ color="info"
+ text="AOSP"
+ %}
+ - An open-source operating system based on Android, aiming to replace all proprietary components with free software.
+
+
+ -
+ OmniROM
+ {% include badge.html
+ color="info"
+ text="AOSP"
+ %}
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ text="contrib"
+ tooltip="This software may depend on or recommend non-free software."
+ %}
+ - A free-software operating system for smartphones and tablet computers, based on the Android mobile platform.
+
+
+ -
+ MicroG
+ {% include badge.html
+ color="info"
+ text="Add-on Package"
+ %}
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ text="contrib"
+ tooltip="This software may depend on or recommend non-free software."
+ %}
+ - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at Lineage for microG.
+
diff --git a/_includes/sections/operating-systems.html b/_includes/sections/operating-systems.html
index 487a432f..3f1209c7 100644
--- a/_includes/sections/operating-systems.html
+++ b/_includes/sections/operating-systems.html
@@ -7,44 +7,80 @@
{% include cardv2.html
title="Qubes OS"
image="/assets/img/svg/3rd-party/qubes_os.svg"
-description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
-badges="info:Xen"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://www.qubes-os.org/"
-privacy-policy="https://www.qubes-os.org/privacy/"
-github="https://github.com/QubesOS"
-tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
+ description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
+ badges="info:Xen"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://www.qubes-os.org/"
+ privacy-policy="https://www.qubes-os.org/privacy/"
+ github="https://github.com/QubesOS"
+ tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
%}
{% include cardv2.html
-title="Fedora Workstation"
-image="/assets/img/svg/3rd-party/fedora.svg"
-description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.'
-badges="info:GNU/Linux"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://getfedora.org/"
-privacy-policy="https://fedoraproject.org/wiki/Legal:PrivacyPolicy?rd=Legal/PrivacyPolicy"
-git="https://src.fedoraproject.org/"
+ title="Fedora Workstation"
+ image="/assets/img/svg/3rd-party/fedora.svg"
+ description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.'
+ badges="info:GNU/Linux"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://getfedora.org/"
+ privacy-policy="https://fedoraproject.org/wiki/Legal:PrivacyPolicy?rd=Legal/PrivacyPolicy"
+ git="https://src.fedoraproject.org/"
%}
{% include cardv2.html
-title="Debian"
-image="/assets/img/svg/3rd-party/debian.svg"
-description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
-badges="info:GNU/Linux"
-website="https://www.debian.org/"
-privacy-policy="https://www.debian.org/legal/privacy"
-tor="http://sejnfjrq6szgca7v.onion"
-gitlab="https://salsa.debian.org/qa/debsources"
+ title="Debian"
+ image="/assets/img/svg/3rd-party/debian.svg"
+ description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
+ badges="info:GNU/Linux"
+ website="https://www.debian.org/"
+ privacy-policy="https://www.debian.org/legal/privacy"
+ tor="http://sejnfjrq6szgca7v.onion"
+ gitlab="https://salsa.debian.org/qa/debsources"
%}
Worth Mentioning
- - OpenBSD BSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
- - Arch Linux GNU/Linux contrib - A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. Parabola is a
- completely open source version of Arch Linux.
- - Trisquel GNU/Linux - Derived from Ubuntu, this project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.
- - Whonix GNU/Linux - A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation"
- and a Tor "Gateway". All communication are forced through the Tor network to accomplish this.
+ - OpenBSD
+ {% include badge.html
+ color="info"
+ text="BSD"
+ %}
+ - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
+
+
+ -
+ Arch Linux
+ {% include badge.html
+ color="info"
+ text="GNU/Linux"
+ %}
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ text="contrib"
+ tooltip="This software may depend on or recommend non-free software."
+ %}
+ - A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. Parabola is a
+ completely open source version of Arch Linux.
+
+
+ -
+ Trisquel
+ {% include badge.html
+ color="info"
+ text="GNU/Linux"
+ %}
+ - Derived from Ubuntu, this project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.
+
+
+ -
+ Whonix
+ {% include badge.html
+ color="info"
+ text="GNU/Linux"
+ %}
+ - A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation"
+ and a Tor "Gateway". All communication are forced through the Tor network to accomplish this.
+
diff --git a/_includes/sections/router-firmware.html b/_includes/sections/router-firmware.html
index cb19f6d5..c2dbea93 100644
--- a/_includes/sections/router-firmware.html
+++ b/_includes/sections/router-firmware.html
@@ -1,41 +1,62 @@
Open Source Router Firmware
{% include cardv2.html
-title="OpenWrt"
-image="/assets/img/svg/3rd-party/openwrt.svg"
-image-dark="/assets/img/svg/3rd-party/openwrt-dark.svg"
-description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
-badges="info:Linux"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://openwrt.org/"
-git="https://git.openwrt.org/"
+ title="OpenWrt"
+ image="/assets/img/svg/3rd-party/openwrt.svg"
+ image-dark="/assets/img/svg/3rd-party/openwrt-dark.svg"
+ description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
+ badges="info:Linux"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://openwrt.org/"
+ git="https://git.openwrt.org/"
%}
{% include cardv2.html
-title="pfSense"
-image="/assets/img/svg/3rd-party/pfsense.svg"
-image-dark="/assets/img/svg/3rd-party/pfsense-dark.svg"
-description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
-badges="info:BSD"
-labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
-website="https://www.pfsense.org/"
-privacy-policy="https://www.pfsense.org/privacy.html"
-github="https://github.com/pfsense/"
+ title="pfSense"
+ image="/assets/img/svg/3rd-party/pfsense.svg"
+ image-dark="/assets/img/svg/3rd-party/pfsense-dark.svg"
+ description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
+ badges="info:BSD"
+ labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
+ website="https://www.pfsense.org/"
+ privacy-policy="https://www.pfsense.org/privacy.html"
+ github="https://github.com/pfsense/"
%}
{% include cardv2.html
-title="LibreCMC"
-image="/assets/img/svg/3rd-party/librecmc.svg"
-image-dark="/assets/img/svg/3rd-party/librecmc-dark.svg"
-description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
-badges="info:GNU/Linux"
-website="https://librecmc.org"
-git="https://gogs.librecmc.org/libreCMC/libreCMC"
+ title="LibreCMC"
+ image="/assets/img/svg/3rd-party/librecmc.svg"
+ image-dark="/assets/img/svg/3rd-party/librecmc-dark.svg"
+ description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
+ badges="info:GNU/Linux"
+ website="https://librecmc.org"
+ git="https://gogs.librecmc.org/libreCMC/libreCMC"
%}
Worth Mentioning
- - OpenBSD BSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
- - DD-WRT Linux contrib - A Linux-based open-source firmware compatible with several models of routers and access points.
+ -
+ OpenBSD
+ {% include badge.html
+ color="info"
+ text="BSD"
+ %}
+ - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
+
+
+ -
+ DD-WRT
+ {% include badge.html
+ color="info"
+ text="GNU/Linux"
+ %}
+ {% include badge.html
+ color="warning"
+ icon="far fa-question-circle"
+ text="contrib"
+ tooltip="This software may depend on or recommend non-free software."
+ %}
+ - A Linux-based open-source firmware compatible with several models of routers and access points.
+
diff --git a/_includes/sections/voice-video-messenger.html b/_includes/sections/voice-video-messenger.html
index 4c6ec899..e39d9ffc 100644
--- a/_includes/sections/voice-video-messenger.html
+++ b/_includes/sections/voice-video-messenger.html
@@ -39,17 +39,24 @@ ios="https://apps.apple.com/us/app/mumble/id443472808?ls=1"
-
Jitsi Meet - Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application.
- Requires WebRTC
-
-
- Multiparty meetings are not E2EE
-
+
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ text="Requires WebRTC"
+ tooltip="Our Firefox tweaks recommend disabling WebRTC as it can be used to leak your IP address even behind a VPN, which is why Tor Browser disables it."
+ %}
+
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://jitsi.org/security"
+ text="Multiparty meetings are not E2EE"
+ %}
+
See also list of public Jitsi Meet instances.
-
Related Information
diff --git a/pages/providers/dns.html b/pages/providers/dns.html
index db65a9d9..3c8718d9 100644
--- a/pages/providers/dns.html
+++ b/pages/providers/dns.html
@@ -13,10 +13,21 @@ breadcrumb: "DNS"
- DNS-over-TLS (DoT) - A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls. DoT has two modes:
- - Oppurtunistic mode: the client attempts to form a DNS-over-TLS connection to the server on port 853 without performing certificate validation. If it fails, it will use unencrypted DNS.
+ - Oppurtunistic mode: the client attempts to form a DNS-over-TLS connection to the server on port 853 without performing certificate validation. If it fails, it will use unencrypted DNS.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ tooltip="In other words automatic mode leaves your DNS traffic vulnerable to SSL strip and MITM attacks."
+ %}
- Strict mode: the client connects to a specific hostname and performs certificate validation for it. If it fails, no DNS queries are made until it succeeds.
- - DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443.
+ - DNS-over-HTTPS (DoH) - Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://tools.ietf.org/html/rfc8484#section-8.2"
+ tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server."
+ %}
- DNSCrypt - An older yet robust method of encrypting DNS.
@@ -25,9 +36,20 @@ breadcrumb: "DNS"
- DoH / DoT
- - Check DNSLeakTest.com.
+ - Check DNSLeakTest.com.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ tooltip="Your DNS provider may not appear with their own name, so compare the responses to what you know or can find about your DNS provider. Just ensure you don't see your ISP or old unencrypted DNS provider."
+ %}
- Check the website of your DNS provider. They may have a page for telling "you are using our DNS." Examples include AdGuard and Cloudflare.
- - If using Firefox's trusted recursive resolver (TRR), navigate to
about:networking#dns. If the TRR column says "true" for some fields, you are using DoH.
+ - If using Firefox's trusted recursive resolver (TRR), navigate to
about:networking#dns. If the TRR column says "true" for some fields, you are using DoH.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://wiki.mozilla.org/Trusted_Recursive_Resolver"
+ tooltip="Some fields will say 'false' depending on the the value of network.trr.mode in about:config"
+ %}
- dnscrypt-proxy - Check dnscrypt-proxy's wiki on how to verify that your DNS is encrypted.
@@ -40,7 +62,14 @@ breadcrumb: "DNS"
- Encrypted DNS clients for desktop:
- - Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver. Currently Mozilla is conducting studies before enabling DoH by default for all US-based Firefox users.
+ - Firefox comes with built-in DoH support with Cloudflare set as the default resolver, but can be configured to use any DoH resolver.
+ {% include badge.html
+ color="warning"
+ icon="fas fa-exclamation-triangle"
+ link="https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/"
+ tooltip=""Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser.""
+ %}
+ Currently Mozilla is conducting studies before enabling DoH by default for all US-based Firefox users.
- DNS over HTTPS can be enabled in Menu -> Preferences (
about:preferences) -> Network Settings -> Enable DNS over HTTPS. Set "Use Provider" to "Custom", and enter your DoH provider's address.
- Advanced users may enable it in
about:config by setting network.trr.custom_uri and network.trr.uri as the address you find from the documentation of your DoH provider and network.trr.mode as 2. It may also be desirable to set network.security.esni.enabled to True in order to enable encrypted SNI and make sites supporting ESNI a bit more difficult to track.
@@ -49,9 +78,20 @@ breadcrumb: "DNS"
- Encrypted DNS clients for mobile:
| |