nihilist/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org synced 2024-11-28 22:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update other old badges and fix indenting (#1924)

Browse Source
This commit is contained in:
Daniel Nathan Gray 2020-05-21 02:50:05 +00:00 committed by GitHub
parent d4b86b25c9
commit c299f2f18c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 580 additions and 539 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
_includes/sections/browser-recommendation.html
View File

@ -84,12 +84,13 @@ android="https://www.bromite.org/#download-bromite"
<li>
<a href="https://www.stoutner.com/privacy-browser/">Privacy Browser</a>
- An open-source web browser focused on user privacy. Features include integrated ad blocking with <a href="https://easylist.to/">EasyList</a>, <a href="https://www.stoutner.com/privacy-browser-2-5/">SSL certificate pinning</a>, and <a href='https://guardianproject.info/apps/orbot/'>Tor Orbot proxy support.</a>
<a href="https://play.google.com/store/apps/details?id=com.google.android.webview&hl=en_US">
<span class="badge badge-warning" data-toggle="tooltip" title="Privacy Browser relies on the Android System WebView which needs to be kept up to date to fix security issues. One can update WebView by either installing it from Google Play or Aurora Store which you can get from F-Droid.">
<span class="fas fa-exclamation-triangle"></span>
Keep Android WebView up-to-date
</span>
</a>
{% include badge.html
color="warning"
icon="fas fa-exclamation-triangle"
link="https://play.google.com/store/apps/details?id=com.google.android.webview"
tooltip="Privacy Browser relies on the Android System WebView which needs to be kept up to date to fix security issues. One can update WebView by either installing it from Google Play or Aurora Store which you can get from F-Droid."
text="Keep WebView up-to-date"
%}
</li>
</ul>

112
_includes/sections/email-providers.html
View File

@ -16,31 +16,31 @@
alt="ProtonMail">
</div>
<div class="col">
<h2 id="protonmail" class="anchor"><a href="#protonmail"><i class="fas fa-link anchor-icon"></i></a> ProtonMail <span class="badge badge-info">Free</span></h2>
<h2 id="protonmail" class="anchor"><a href="#protonmail"><i class="fas fa-link anchor-icon"></i></a> ProtonMail {% include badge.html color="info" text="Free" %}</h2>
<p><strong><a href="https://protonmail.com">ProtonMail.com</a></strong> is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since <strong>2013</strong>. ProtonMail is based in Genève, <span class="flag-icon flag-icon-ch"></span> Switzerland. Accounts start with 500 MB storage with their free plan.</p>
<p>Free accounts have some limitations and do not allow the use of the <a href="https://protonmail.com/bridge">ProtonMail Bridge</a>, which is required to use a <a href="/software/email">recommended email client</a> (e.g. Thunderbird) or to search email by body text. Paid accounts are available starting at <strong>€48/y</strong> which include features like ProtonMail Bridge, additional storage, custom domain support, and more. The webmail and mobile apps can only search <code>To:</code>, <code>From:</code>, <code>Date:</code> and <code>Subject:</code> (this is likely to change when <a href="https://reddit.com/comments/cqwk2a/comment/ex21b4e">v4.0</a> of ProtonMail is released).</p>
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Paid ProtonMail users can use their own domain with the service. <a href="https://protonmail.com/support/knowledge-base/catch-all/">Catch-all</a> addresses are supported with custom domains for Professional and Visionary plans. ProtonMail also supports <a href="https://protonmail.com/support/knowledge-base/creating-aliases/">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<h5><span class="badge badge-success">Payment Methods</span></h5>
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
<p>ProtonMail accepts Bitcoin in addition to accepting credit/debit cards and PayPal.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>ProtonMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> <a href="https://protonmail.com/support/knowledge-base/two-factor-authentication/">two factor authentication</a> only. The use of a <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key is not yet supported. ProtonMail is planning to implement U2F upon completion of their <a href="https://reddit.com/comments/cheoy6/comment/feh2lw0/">Single Sign On (SSO)</a> code.</p>
<h5><span class="badge badge-success">Data Security</span></h5>
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
<p>ProtonMail has <a href="https://protonmail.com/blog/zero-access-encryption">zero access encryption at rest</a> for your emails, <a href="https://protonmail.com/blog/encrypted-contacts-manager">address book contacts</a>, and <a href="https://protonmail.com/blog/protoncalendar-security-model">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
<h5><span class="badge badge-success">Email Encryption</span></h5>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>ProtonMail has <a href="https://protonmail.com/support/knowledge-base/how-to-use-pgp">integrated OpenPGP encryption</a> in their webmail. Emails to other ProtonMail users are encrypted automatically, and encryption to non-ProtonMail users with an OpenPGP key can be enabled easily in your account settings. They also allow you to <a href="https://protonmail.com/support/knowledge-base/encrypt-for-outside-users">encrypt messages to non-ProtonMail users</a> without the need for them to sign up for a ProtonMail account or use software like OpenPGP.</p>
<p>ProtonMail also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of ProtonMail to find the OpenPGP keys of ProtonMail users easily, for cross-provider E2EE.</p>
<h5><span class="badge badge-success">.onion Service</span></h5>
<h5>{% include badge.html color="success" text=".onion Service" %}</h5>
<p>ProtonMail is accessible via Tor at <a href="https://protonirockerxow.onion/">protonirockerxow.onion</a>.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>ProtonMail offers a "Visionary" account for €24/Month, which also enables access to ProtonVPN in addition to providing multiple accounts, domains, aliases, and extra storage.</p>
</div>
</div>
@ -54,30 +54,30 @@
alt="Mailbox">
</div>
<div class="col">
<h2 id="mailbox" class="anchor"><a href="#mailbox"><i class="fas fa-link anchor-icon"></i></a> Mailbox.org <span class="badge badge-info">€12/y</span></h2>
<h2 id="mailbox" class="anchor"><a href="#mailbox"><i class="fas fa-link anchor-icon"></i></a> Mailbox.org {% include badge.html color="info" text="€12/y" %}</h2>
<p><strong><a href="https://mailbox.org">Mailbox.org</a></strong> is an email service with a focus on being secure, ad-free, and privately powered by 100% eco-friendly energy. They have been in operation since <strong>2014</strong>. Mailbox.org is based in Berlin, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 2 GB of storage, which can be upgraded as needed.</p>
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Mailbox.org lets users use their own domain and they support <a href="https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain">catch-all</a> addresses. Mailbox.org also supports <a href="https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<h5><span class="badge badge-warning">Payment Methods</span></h5>
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
<p>Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Mailbox.org supports <a href="https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA">two factor authentication</a> for their webmail only. You can use either <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or a <a href="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> via the <a href="https://www.yubico.com/products/services-software/yubicloud">Yubicloud</a>. Web standards such as <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <a href="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
<h5><span class="badge badge-warning">Data Security</span></h5>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>Mailbox.org allows for encryption of incoming mail using their <a href="https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox">encrypted mailbox</a>. New messages that you receive will then be immediately encrypted with your public key.</p>
<p>However, <a href="https://en.wikipedia.org/wiki/Open-Xchange">Open-Exchange</a>, the software platform used by Mailbox.org, <a href="https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book">does not support</a> the encryption of your address book and calendar. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate for that information.</p>
<h5><span class="badge badge-success">Email Encryption</span></h5>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>Mailbox.org has <a href="https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow <a href="https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP">remote recipients to decrypt an email</a> on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.</p>
<p>Mailbox.org also supports the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.</p>
<h5><span class="badge badge-warning">.onion Service</span></h5>
<h5>{% include badge.html color="warning" text=".onion Service" %}</h5>
<p>You can access your Mailbox.org account via IMAP/SMTP using <a href="https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org">their .onion service</a>. However, their webmail interface cannot be accessed via their .onion service, and users may experience TLS certificate errors.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>All accounts come with limited cloud storage that <a href="https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive">can be encrypted</a>. Mailbox.org also offers the alias <a href="https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely">@secure.mailbox.org</a>, which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports <a href="https://en.wikipedia.org/wiki/Exchange_ActiveSync">Exchange ActiveSync</a> in addition to standard access protocols like IMAP and POP3.</p>
</div>
</div>
@ -91,29 +91,29 @@
alt="Posteo">
</div>
<div class="col">
<h2 id="posteo" class="anchor"><a href="#posteo"><i class="fas fa-link anchor-icon"></i></a> Posteo <span class="badge badge-info">€12/y</span></h2>
<h2 id="posteo" class="anchor"><a href="#posteo"><i class="fas fa-link anchor-icon"></i></a> Posteo {% include badge.html color="info" text="€12/y" %}</h2>
<p><strong><a href="https://posteo.de">Posteo.de</a></strong> is an email provider that focuses on anonymous, secure, and private email. Their servers are powered by 100% sustainable energy. They have been in operation since <strong>2009</strong>. Posteo is based in <span class="flag-icon flag-icon-de"></span> Germany and has a free 14-day trial. Posteo comes with 2 GB for the monthly cost and an extra gigabyte can be purchased for €0.25 per month.</p>
<h5><span class="badge badge-warning">Domains and Aliases</span></h5>
<h5>{% include badge.html color="warning" text="Domains and Aliases" %}</h5>
<p>Posteo does <a href="https://posteo.de/en/site/faq">not allow the use of custom domains</a>, however users may still make use of <a href="https://posteo.de/en/help/what-is-an-email-alias">subaddressing</a>.</p>
<h5><span class="badge badge-warning">Payment Methods</span></h5>
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
<p>Posteo does not accept Bitcoin or other cryptocurrencies as a form of payment, however they do accept cash-by-mail. They also accept credit/debit cards, bank transfers, and PayPal, and remove PII (personally identifiable information) <a href="https://posteo.de/en/site/payment">that they receive</a> in connection with these payment methods.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Posteo supports <a href="https://posteo.de/en/help/what-is-two-factor-authentication-and-how-do-i-set-it-up">two factor authentication</a> for their webmail only. You can use either <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> a <a href="https://en.wikipedia.org/wiki/YubiKey">Yubikey</a> with TOTP. Web standards such as <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> and <a href="https://en.wikipedia.org/wiki/WebAuthn">WebAuthn</a> are not yet supported.</p>
<h5><span class="badge badge-warning">Data Security</span></h5>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>Posteo has <a href="https://posteo.de/en/site/encryption#cryptomailstorage">zero access encryption</a> for email storage. This means the messages stored in your account are only readable by you.</p>
<p>Posteo also supports the encryption of your <a href="https://posteo.de/en/site/features#featuresaddressbook">address book contacts</a> and <a href="https://posteo.de/en/site/features#featurescalendar">calendars</a> at rest. However, Posteo still uses standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> for calendars and contacts. These protocols do not support <a href="https://en.wikipedia.org/wiki/End-to-end_encryption">E2EE (End-To-End Encryption)</a>. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropiate.</p>
<h5><span class="badge badge-success">Email Encryption</span></h5>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>Posteo has <a href="https://posteo.de/en/site/encryption#pgp_webmailer">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also support the discovery of public keys via HTTP from their <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a>. This allows users outside of Posteo to find the OpenPGP keys of Posteo users easily, for cross-provider E2EE.</p>
<h5><span class="badge badge-danger">.onion Service</span></h5>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>Posteo does not operate a .onion service.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>Posteo allows users to <a href="https://posteo.de/en/help/does-posteo-offer-mailing-lists">set up their own mailing lists</a>. Each account can create one list for free.</p>
</div>
</div>
@ -127,29 +127,29 @@
alt="Soverin">
</div>
<div class="col">
<h2 id="soverin" class="anchor"><a href="#soverin"><i class="fas fa-link anchor-icon"></i></a> Soverin <span class="badge badge-info">€29/y</span></h2>
<h2 id="soverin" class="anchor"><a href="#soverin"><i class="fas fa-link anchor-icon"></i></a> Soverin {% include badge.html color="info" text="€29/y" %}</h2>
<p><strong><a href="https://soverin.net">Soverin.net</a></strong> is an email provider which focuses on being private, ad-free, and powered by sustainable energy. They have been in operation since <strong>2015</strong>. Soverin is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam and does not have a free trial. Accounts start at 25 GB.</p>
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Soverin lets users use their own domain. Soverin users can also use <a href="https://support.soverin.net/hc/en-us/articles/115004811093-How-can-I-setup-a-catch-all-on-my-domain-">catch-all</a> and <a href="https://support.soverin.net/hc/en-us/articles/115004811073-How-can-I-add-an-alias-to-my-domain-">aliases</a> for domains they own. Soverin also allows for <a href="https://support.soverin.net/hc/en-us/articles/115004811033-Do-support-the-plus-syntax-subaddressing-">subaddressing</a>, which is useful for users who don't want to purchase a domain.</p>
<h5><span class="badge badge-success">Payment Methods</span></h5>
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
<p>Soverin accepts Bitcoin as payment. They also accept credit/debit cards, PayPal, and the Netherlands-specific payment gateway iDEAL.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Soverin supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://support.soverin.net/hc/en-us/articles/360008819553-Setting-up-2-Factor-Authentication-2FA-Webmail-only">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<h5><span class="badge badge-warning">Data Security</span></h5>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>Soverin has <a href="https://support.soverin.net/hc/en-us/articles/115004810713-Technical-details-about-Soverin">encryption at rest</a> however it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
<p>Soverin also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<h5><span class="badge badge-success">Email Encryption</span></h5>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>Soverin has integrated encryption in their webmail, which simplifies sending messages to users. However, Soverin has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.<p>
<h5><span class="badge badge-danger">.onion Service</span></h5>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>Soverin does not operate a .onion service.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>Soverin also providers users with space for a personal webpage.</p>
</div>
</div>
@ -164,29 +164,29 @@
alt="Disroot">
</div>
<div class="col">
<h2 id="disroot" class="anchor"><a href="#disroot"><i class="fas fa-link anchor-icon"></i></a> Disroot <span class="badge badge-info">Free</span></h2>
<h2 id="disroot" class="anchor"><a href="#disroot"><i class="fas fa-link anchor-icon"></i></a> Disroot {% include badge.html color="info" text="Free" %}</h2>
<p><strong><a href="https://disroot.org/en/services/email">Disroot</a></strong> offers email amongst <a href="https://disroot.org/en/#services">other services</a>. The service is maintained by volunteers and its community. They have been in operation since <strong>2015</strong>. Disroot is based in <span class="flag-icon flag-icon-nl"></span> Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. Users support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.</p>
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Disroot lets users use their own domain. They have aliases, however you must <a href="https://disroot.org/en/forms/alias-request-form">manually apply</a> for them.</p>
<h5><span class="badge badge-success">Payment Methods</span></h5>
<h5>{% include badge.html color="success" text="Payment Methods" %}</h5>
<p>Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Disroot supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication for webmail only. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<h5><span class="badge badge-warning">Data Security</span></h5>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>Disroot uses full disk encryption. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have.</p>
<p>Disroot also uses the standard <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a> and <a href="https://en.wikipedia.org/wiki/CardDAV">CardDAV</a> protocols for calendars and contacts, which do not support E2EE. A <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<h5><span class="badge badge-success">Email Encryption</span></h5>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a <a href="https://wiki.gnupg.org/WKD">Web Key Directory (WKD)</a> for users on their platform.</p>
<h5><span class="badge badge-danger">.onion Service</span></h5>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>Disroot does not operate a .onion service.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>They offer <a href="https://disroot.org/en/#services">other services</a> such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app <a href="https://f-droid.org/packages/org.disroot.disrootapp/">available in F-Droid</a>.</p>
</div>
</div>
@ -201,32 +201,32 @@
alt="Tutanota">
</div>
<div class="col">
<h2 id="tutanota" class="anchor"><a href="#tutanota"><i class="fas fa-link anchor-icon"></i></a> Tutanota <span class="badge badge-info">Free</span></h2>
<h2 id="tutanota" class="anchor"><a href="#tutanota"><i class="fas fa-link anchor-icon"></i></a> Tutanota {% include badge.html color="info" text="Free" %}</h2>
<p><strong><a href="https://tutanota.com">Tutanota.com</a></strong> is an email service with a focus on security and privacy through the use of encryption. Tutanota has been in operation since <strong>2011</strong> and is based in Hanover, <span class="flag-icon flag-icon-de"></span> Germany. Accounts start with 1GB storage with their free plan.</p>
<p>Tutanota <a href="https://tutanota.com/faq/#imap">doesn't allow</a> the use of third-party <a href="/software/email/">email clients</a>. There are plans to allow Tutanota pull email from <a href="https://github.com/tutao/tutanota/issues/544">external email accounts</a> using the <a href="https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol">IMAP</a> protocol. <a href="https://github.com/tutao/tutanota/issues/630">Email import</a> is currently not possible.</p>
<p>Emails can be exported <a href="https://tutanota.com/howto#generalMail">individually or by bulk selection</a>. Tutanota does not allow for <a href="https://github.com/tutao/tutanota/issues/927">subfolders</a> as you might expect with other email providers.</p>
<p>Tutanota is working on a <a href="https://tutanota.com/blog/posts/desktop-clients/">desktop client</a> and they have an app <a href="https://f-droid.org/packages/de.tutao.tutanota">available in F-Droid</a>. They also have their app in conventional stores such as <a href="https://apps.apple.com/us/app/tutanota/id922429609">App Store</a> on iOS and <a href="https://play.google.com/store/apps/details?id=de.tutao.tutanota">Google Play</a> for Android.</p>
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Paid Tutanota accounts can use up to 5 <a href="https://tutanota.com/faq#alias">aliases</a> and <a href="https://tutanota.com/faq#custom-domain">custom domains</a>. Tutanota doesn't allow for <a href="https://tutanota.com/faq#plus">subaddressing (plus addresses)</a>, but you can use a <a href="https://tutanota.com/howto#settings-global">catch-all</a> with a custom domain.</p>
<h5><span class="badge badge-danger">Payment Methods</span></h5>
<h5>{% include badge.html color="danger" text="Payment Methods" %}</h5>
<p>Tutanota accepts only credit cards and PayPal.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>Tutanota supports <a href="https://tutanota.com/faq#2fa">two factor authentication</a>. Users can either use <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> or <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a>. U2F support is <a href="https://github.com/tutao/tutanota/issues/443">not yet available on Android</a>.</p>
<h5><span class="badge badge-success">Data Security</span></h5>
<h5>{% include badge.html color="success" text="Data Security" %}</h5>
<p>Tutanota has <a href="https://tutanota.com/faq#what-encrypted">zero access encryption at rest</a> for your emails, <a href="https://tutanota.com/faq#encrypted-address-book">address book contacts</a>, and <a href="https://tutanota.com/faq#calendar">calendars</a>. This means the messages and other data stored in your account are only readable by you. </p>
<h5><span class="badge badge-warning">Email Encryption</span></h5>
<h5>{% include badge.html color="warning" text="Email Encryption" %}</h5>
<p>Tutanota <a href="https://www.tutanota.com/faq/#pgp">does not use OpenPGP</a>. Tutanota users can only receive encrypted emails when external users send them through a <a href="https://www.tutanota.com/howto/#encrypted-email-external">temporary Tutanota mailbox</a>.</p>
<p>Tutanota <a href="https://github.com/tutao/tutanota/issues/198">does have plans</a> to support <a href="https://autocrypt.org">AutoCrypt</a>. This would allow for external users to send encrypted emails to Tutanota users as long as their email client supports the AutoCrypt headers.</p>
<h5><span class="badge badge-danger">.onion Service</span></h5>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>Tutanota does not operate a .onion service but <a href="https://github.com/tutao/tutanota/issues/528">may consider</a> it in the future.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>Tutanota offers the business version of <a href="https://tutanota.com/blog/posts/secure-email-for-non-profit">Tutanota to non-profit organizations</a> for free or with a heavy discount.</p>
<p>Tutanota also has a business feature called <a href="https://tutanota.com/secure-connect/">Secure Connect</a>. This ensures customer contact to the business uses E2EE. The feature costs €240/y.</p>
@ -243,30 +243,30 @@
alt="StartMail">
</div>
<div class="col">
<h2 id="startmail" class="anchor"><a href="#startmail"><i class="fas fa-link anchor-icon"></i></a> StartMail <span class="badge badge-info">Personal USD $59.95/y</span></h2>
<h2 id="startmail" class="anchor"><a href="#startmail"><i class="fas fa-link anchor-icon"></i></a> StartMail {% include badge.html color="info" text="Personal USD $59.95/y" %}</h2>
<p><strong><a href="https://startmail.com">StartMail.com</a></strong> is an email service with a focus on security and privacy through the use of standard OpenPGP encryption. StartMail has been in operation since <strong>2014</strong> and is based in Boulevard 11, Zeist <span class="flag-icon flag-icon-nl"></span> Netherlands. Accounts start with 10GB. They offer a 30-day trial.</p>
<h5><span class="badge badge-success">Domains and Aliases</span></h5>
<h5>{% include badge.html color="success" text="Domains and Aliases" %}</h5>
<p>Personal accounts can use <a href="https://support.startmail.com/hc/en-us/articles/360007297457-Aliases">Custom or Generated</a> aliases. Business accounts can use <a href="https://support.startmail.com/hc/en-us/articles/360006840058">Domain aliases</a>.</p>
<h5><span class="badge badge-warning">Payment Methods</span></h5>
<h5>{% include badge.html color="warning" text="Payment Methods" %}</h5>
<p>StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other <a href="https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods">payment options</a> such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.</p>
<h5><span class="badge badge-success">Account Security</span></h5>
<h5>{% include badge.html color="success" text="Account Security" %}</h5>
<p>StartMail supports <a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a> two factor authentication <a href="https://support.startmail.com/hc/en-us/articles/360006682158-Two-factor-authentication-2FA">for webmail only</a>. They do not allow <a href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">U2F</a> security key authentication.</p>
<h5><span class="badge badge-warning">Data Security</span></h5>
<h5>{% include badge.html color="warning" text="Data Security" %}</h5>
<p>StartMail has <a href="https://www.startmail.com/en/whitepaper/#_Toc458527835">zero access encryption at rest</a>, using their "user vault" system. When a user logs in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.</p>
<p>StartMail supports importing <a href="https://support.startmail.com/hc/en-us/articles/360006495557-Import-contacts">contacts</a> however, they are only accessible in the webmail and not through protocols such as <a href="https://en.wikipedia.org/wiki/CalDAV">CalDAV</a>. Contacts are also not stored using zero knowledge encryption, so a <a href="/software/calendar-contacts/">standalone option</a> may be more appropriate.</p>
<h5><span class="badge badge-success">Email Encryption</span></h5>
<h5>{% include badge.html color="success" text="Email Encryption" %}</h5>
<p>StartMail has <a href="https://support.startmail.com/hc/en-us/sections/360001889078-Encryption">integrated encryption</a> in their webmail, which simplifies sending messages to users with public OpenPGP keys.</p>
<h5><span class="badge badge-danger">.onion Service</span></h5>
<h5>{% include badge.html color="danger" text=".onion Service" %}</h5>
<p>StartMail does not operate a .onion service.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>StartMail allows for proxying of images within emails. If a user allows the remote image to be loaded, the sender won't know what the user's IP address is.</p>
</div>
</div>

44
_includes/sections/self-contained-networks.html
View File

@ -61,15 +61,43 @@ github="https://github.com/freenet/"
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://zeronet.io/">ZeroNet</a> - Open, free, and uncensorable websites, using Bitcoin cryptography and BitTorrent network. <span class="badge badge-danger" data-toggle="tooltip" title="Your IP address isn't hidden by default and won't be, unless you enforce Tor usage.">privacy warning <span class="far fa-question-circle"></span></span></li>
<li>
<a href="https://zeronet.io/">ZeroNet</a> - Open, free, and uncensorable websites, using Bitcoin cryptography and BitTorrent network.
{% include badge.html
color="danger"
icon="fas fa-exclamation-triangle"
tooltip="Your IP address isn't hidden by default and won't be, unless you enforce Tor usage."
text="Not anonymous"
%}
</li>
<li><a href="https://retroshare.cc/">RetroShare</a> - An open source, cross-platform, friend-to-friend, secure, and decentralized communication platform.</li>
<li><a href="https://i2pbote.xyz/">I2P-Bote</a> - End-to-end encrypted decentralized mail system within the I2P network.</li>
<li><a href="https://gnunet.org/">GNUnet</a> - GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy.</li>
<li><a href="https://ipfs.io/">IPFS</a> <em>and</em> <a href="https://github.com/ipfs-shipyard/ipfs-companion">IPFS Companion</a>- A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. IPFS Companion is a browser extension for redirecting queries to a gateway of your choice (generally local). <a href="https://github.com/privacytools/privacytools.io/pull/361#issuecomment-344414022">
<span class="badge badge-danger" data-toggle="tooltip" title="">
<span class="fas fa-exclamation-triangle"></span>
Important privacy warning
</span>
</a></li>
<li><a href="https://yggdrasil-network.github.io/">Yggdrasil</a> - An early-stage implementation of a fully end-to-end encrypted IPv6 network. It is lightweight, self-arranging, supported on multiple platforms, and allows pretty much any IPv6-capable application to communicate securely with other Yggdrasil nodes. Yggdrasil does not require you to have IPv6 Internet connectivity - it also works over IPv4. <span class="badge badge-warning" data-toggle="tooltip" title="The project is currently in early stages but it is being actively developed.">experimental <i class=\"far fa-question-circle\"></i></span> <span class="badge badge-danger" data-toggle="tooltip" title="Yggdrasil doesn't have a goal of providing anonymity and your peers know your IP address unless you are only using Tor/I2P peers.">privacy warning <i class="far fa-question-circle"></i></span></li>
<li>
<a href="https://ipfs.io/">IPFS</a> <em>and</em> <a href="https://github.com/ipfs-shipyard/ipfs-companion">IPFS Companion</a>- A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. IPFS Companion is a browser extension for redirecting queries to a gateway of your choice (generally local).
{% include badge.html
color="warning"
icon="fas fa-exclamation-triangle"
link="https://github.com/privacytools/privacytools.io/pull/361#issuecomment-344414022"
text="Supercookie warning"
%}
</li>
<li>
<a href="https://yggdrasil-network.github.io/">Yggdrasil</a>
- An early-stage implementation of a fully end-to-end encrypted IPv6 network. It is lightweight, self-arranging, supported on multiple platforms, and allows pretty much any IPv6-capable application to communicate securely with other Yggdrasil nodes. Yggdrasil does not require you to have IPv6 Internet connectivity - it also works over IPv4.
{% include badge.html
color="warning"
icon="far fa-question-circle"
tooltip="The project is currently in early stages but it is being actively developed."
text="Experimental"
%}
{% include badge.html
color="danger"
icon="fas fa-exclamation-triangle"
link=""
tooltip="Yggdrasil doesn't provide anonymity by default. Your peers know your IP address unless you configure it to only use Tor/I2P peers."
text="Not anonymous by default"
%}
</li>
</ul>

60
_includes/sections/vpn.html
View File

@ -19,30 +19,30 @@
<div class="col">
<h2 id="mullvad" class="anchor">
<a href="#mullvad"><i class="fas fa-link anchor-icon"></i></a> Mullvad
<span class="badge badge-info">EUR €60/y</span>
{% include badge.html color="info" text="EUR €60/y" %}
</h2>
<p><strong><a href="https://mullvad.net/">Mullvad.net</a> </strong> is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since <strong>2009</strong>. Mullvad is based in <span class="flag-icon flag-icon-se"></span> Sweden and does not have a free trial.</p>
<h5><span class="badge badge-success">35 Countries</span></h5>
<h5>{% include badge.html color="success" text="35 Countries" %}</h5>
<p>Mullvad has <a href="https://mullvad.net/en/servers/">servers in 35 countries</a> at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.</p>
<p>We also think it's better for the security of the VPN provider's private keys if they use <a href="https://en.wikipedia.org/wiki/Dedicated_hosting_service">dedicated servers</a>, instead of cheaper shared solutions (with other customers) such as <a href="https://en.wikipedia.org/wiki/Virtual_private_server">virtual private servers</a>.</p>
<h5><span class="badge badge-success">Independently Audited</span></h5>
<h5>{% include badge.html color="success" text="Independently Audited" %}</h5>
<p>Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report <a href="https://cure53.de/pentest-report_mullvad_v2.pdf">published at cure53.de</a>. The security researchers concluded:</p>
<blockquote class="blockquote">
<p class="mb-0">...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.</p>
</blockquote>
<h5><span class="badge badge-success">Open Source Clients</span></h5>
<h5>{% include badge.html color="success" text="Open Source Clients" %}</h5>
<p>Mullvad provides the source code for their desktop and mobile clients in their <a href="https://github.com/mullvad/mullvadvpn-app">GitHub organization</a>.</p>
<h5><span class="badge badge-success">Accepts Bitcoin</span></h5>
<h5>{% include badge.html color="success" text="Accepts Bitcoin" %}</h5>
<p>Mullvad in addition to accepting credit/debit cards and PayPal, accepts <strong>Bitcoin</strong>, <strong>Bitcoin Cash</strong>, and <strong>cash/local currency</strong> as anonymous forms of payment. They also accept Swish and bank wire transfers.</p>
<h5><span class="badge badge-success">WireGuard Support</span></h5>
<h5>{% include badge.html color="success" text="WireGuard Support" %}</h5>
<p>In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.</p>
<h5><span class="badge badge-success">IPv6 Support</span></h5>
<h5>{% include badge.html color="success" text="IPv6 Support" %}</h5>
<p>Mullvad supports the future of networking <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. Their network allows users to <a href="https://mullvad.net/en/blog/2014/9/15/ipv6-support/">access services hosted on IPv6</a> as opposed to other providers who block IPv6 connections.</p>
<h5><span class="badge badge-success">Remote Port Forwarding</span></h5>
<h5>{% include badge.html color="success" text="Remote Port Forwarding" %}</h5>
<p>Remote <a href="https://en.wikipedia.org/wiki/Port_forwarding">port forwarding</a> is allowed on Mullvad, see <a href="https://mullvad.net/help/port-forwarding-and-mullvad/">Port forwarding with Mullvad VPN</a>.</p>
<h5><span class="badge badge-success">Mobile Clients</span></h5>
<h5>{% include badge.html color="success" text="Mobile Clients" %}</h5>
<p>Mullvad has published <a href ="https://apps.apple.com/app/mullvad-vpn/id1488466513">App Store</a> and <a href="https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn">Google Play</a> clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at <a href="http://xcln5hkbriyklr6n.onion/">xcln5hkbriyklr6n.onion</a>.</p>
</div>
</div>
@ -53,25 +53,25 @@
<div class="col">
<h2 id="protonvpn" class="anchor">
<a href="#protonvpn"><i class="fas fa-link anchor-icon"></i></a> ProtonVPN
<span class="badge badge-info">Free</span>
<span class="badge badge-info">Basic USD $48/y</span>
<span class="badge badge-secondary">Plus USD $96/y</span>
{% include badge.html color="info" text="Free" %}
{% include badge.html color="info" text="Basic USD $48/y" %}
{% include badge.html color="secondary" text="Plus USD $96/y" %}
</h2>
<p><strong><a href="https://protonvpn.com/">ProtonVPN.com</a></strong> is a strong contender in the VPN space, and they have been in operation since <strong>2016</strong>. ProtonVPN is based in <span class="flag-icon flag-icon-ch"></span> Switzerland and offers a limited free pricing tier, as well as premium options. They offer a further 14% discount for buying a 2 year subscription.</p>
<h5><span class="badge badge-success">44 Countries</span></h5>
<h5>{% include badge.html color="success" text="44 Countries" %}</h5>
<p>ProtonVPN has <a href="https://protonvpn.com/vpn-servers">servers in 44 countries</a> at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.</p>
<p>We also think it's better for the security of the VPN provider's private keys if they use <a href="https://en.wikipedia.org/wiki/Dedicated_hosting_service">dedicated servers</a>, instead of cheaper shared solutions (with other customers) such as <a href="https://en.wikipedia.org/wiki/Virtual_private_server">virtual private servers</a>.</p>
<h5><span class="badge badge-success">Independently Audited</span></h5>
<h5>{% include badge.html color="success" text="Independently Audited" %}</h5>
<p>As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at <a href="https://protonvpn.com/blog/open-source/">protonvpn.com</a>.
<h5><span class="badge badge-success">Open Source Clients</span></h5>
<h5>{% include badge.html color="success" text="Open Source Clients" %}</h5>
<p>ProtonVPN provides the source code for their desktop and mobile clients in their <a href="https://github.com/ProtonVPN">GitHub organization</a>.</p>
<h5><span class="badge badge-success">Accepts Bitcoin</span></h5>
<h5>{% include badge.html color="success" text="Accepts Bitcoin" %}</h5>
<p>ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.</p>
<h5><span class="badge badge-success">Mobile Clients</span></h5>
<h5>{% include badge.html color="success" text="Mobile Clients" %}</h5>
<p>In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for <a href="https://apps.apple.com/us/app/protonvpn-fast-secure-vpn/id1437005085">App Store</a> and <a href="https://play.google.com/store/apps/details?id=ch.protonvpn.android&hl=en_US">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <a href="https://f-droid.org/en/packages/ch.protonvpn.android">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducable builds</a>.</p>
<h5><span class="badge badge-warning">No Port Forwarding</span></h5>
<h5>{% include badge.html color="warning" text="No Port Forwarding" %}</h5>
<p>ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using <a href="https://www.torproject.org/">the official Tor Browser</a> for this purpose.</p>
</div>
</div>
@ -82,26 +82,26 @@
<div class="col">
<h2 id="ivpn" class="anchor">
<a href="#ivpn"><i class="fas fa-link anchor-icon"></i></a> IVPN
<span class="badge badge-info">Standard USD $60/y</span>
<span class="badge badge-secondary">Pro USD $100/y</span>
{% include badge.html color="info" text="Standard USD $60/y" %}
{% include badge.html color="secondary" text="Pro USD $100/y" %}
</h2>
<p><strong><a href="https://www.ivpn.net">IVPN.net</a></strong> is another premium VPN provider, and they have been in operation since <strong>2009</strong>. IVPN is based in <span class="flag-icon flag-icon-gi"></span> Gibraltar and offers a 3 day free trial.</p>
<h5><span class="badge badge-success">32 Countries</span></h5>
<h5>{% include badge.html color="success" text="32 Countries" %}</h5>
<p>IVPN has <a href="https://www.ivpn.net/server-locations">servers in 32 countries</a> at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.</p>
<p>We also think it's better for the security of the VPN provider's private keys if they use <a href="https://en.wikipedia.org/wiki/Dedicated_hosting_service">dedicated servers</a>, instead of cheaper shared solutions (with other customers) such as <a href="https://en.wikipedia.org/wiki/Virtual_private_server">virtual private servers</a>.</p>
<h5><span class="badge badge-success">Independently Audited</span></h5>
<h5>{% include badge.html color="success" text="Independently Audited" %}</h5>
<p>IVPN has undergone a <a href="https://cure53.de/audit-report_ivpn.pdf">no-logging audit from Cure53</a> which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a <a href="https://cure53.de/summary-report_ivpn_2019.pdf">comprehensive pentest report Cure53</a> in January 2020. IVPN has also said they plan to have <a href="https://www.ivpn.net/blog/independent-security-audit-concluded">annual reports</a> in the future.</p>
<h5><span class="badge badge-success">Open Source Clients</span></h5>
<h5>{% include badge.html color="success" text="Open Source Clients" %}</h5>
<p>As of Feburary 2020 <a href="https://www.ivpn.net/blog/ivpn-applications-are-now-open-source">IVPN applications are now open source</a>. Source code can be obtained from their <a href="https://github.com/ivpn">GitHub organization</a>.</p>
<h5><span class="badge badge-success">Accepts Bitcoin</span></h5>
<h5>{% include badge.html color="success" text="Accepts Bitcoin" %}</h5>
<p>In addition to accepting credit/debit cards and PayPal, IVPN accepts <strong>Bitcoin</strong> and <strong>cash/local currency</strong> (on annual plans) as anonymous forms of payment.</p>
<h5><span class="badge badge-success">WireGuard Support</span></h5>
<h5>{% include badge.html color="success" text="WireGuard Support" %}</h5>
<p>In addition to standard OpenVPN connections, IVPN supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.</p>
<h5><span class="badge badge-success">Remote Port Forwarding</span></h5>
<h5>{% include badge.html color="success" text="Remote Port Forwarding" %}</h5>
<p>Remote <a href="https://en.wikipedia.org/wiki/Port_forwarding">port forwarding</a> is possible with a Pro plan. Port forwarding <a href="https://www.ivpn.net/knowledgebase/81/How-do-I-activate-port-forwarding.html">can be activated</a> via the client area. Port forwarding is only available on IVPN when <a href="https://www.ivpn.net/knowledgebase/116/Port-forwarding-is-not-working-why.html">using OpenVPN and is disabled on US servers</a>.</p>
<h5><span class="badge badge-success">Mobile Clients</span></h5>
<h5>{% include badge.html color="success" text="Mobile Clients" %}</h5>
<p>In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for <a href="https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683">App Store</a> and <a href="https://play.google.com/store/apps/details?id=net.ivpn.client">Google Play</a> allowing for easy connections to their servers. The mobile client on Android is also available in <a href="https://f-droid.org/en/packages/net.ivpn.client">F-Droid</a>, which ensures that it is compiled with <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">reproducable builds</a>.</p>
<h5><span class="badge badge-info">Extra Functionality</span></h5>
<h5>{% include badge.html color="info" text="Extra Functionality" %}</h5>
<p>The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "<a href="https://www.ivpn.net/antitracker">AntiTracker</a>" functionality, which blocks advertising networks and trackers from the network level.</p>
</div>
</div>

14
pages/providers/email.html
View File

@ -17,7 +17,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
<div class="container">
<div class="row">
<div class="col-12">
<h3><span class="badge badge-info">Jurisdiction</span></h3>
<h3>{% include badge.html color="info" text="Jurisdiction" %}</h3>
<p>Operating outside the five/nine/fourteen-eyes countries is not necessarily a guarantee of privacy, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on <a href="/providers/#ukusa">global mass surveillance and avoiding the US and UK</a> to learn more about why we feel this is important.</p>
</div>
<div class="col-md-6">
@ -35,7 +35,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
</div>
<div class="col-12">
<h3><span class="badge badge-info">Technology</span></h3>
<h3>{% include badge.html color="info" text="Technology" %}</h3>
<p>We regard these features as important in order to provide a safe and optimal service to users. Users should consider the provider which has the features they require.</p>
</div>
<div class="col-md-6">
@ -60,7 +60,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
</div>
<div class="col-12">
<h3><span class="badge badge-info">Privacy</span></h3>
<h3>{% include badge.html color="info" text="Privacy" %}</h3>
<p>We prefer our recommended providers to collect as little data as possible.</p>
</div>
<div class="col-md-6">
@ -79,7 +79,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
</div>
<div class="col-12">
<h3><span class="badge badge-info">Security</span></h3>
<h3>{% include badge.html color="info" text="Security" %}</h3>
<p>Email servers deal with a lot of very sensitive data. We expect that providers will adopt best industry practices in order to protect their users.</p>
</div>
<div class="col-md-6">
@ -118,7 +118,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
</div>
<div class="col-12">
<h3><span class="badge badge-info">Trust</span></h3>
<h3>{% include badge.html color="info" text="Trust" %}</h3>
<p>You wouldn't trust your finances to someone with a fake identity, so why trust them with your email? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.</p>
</div>
<div class="col-md-6">
@ -136,7 +136,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
</div>
<div class="col-12">
<h3><span class="badge badge-info">Marketing</span></h3>
<h3>{% include badge.html color="info" text="Marketing" %}</h3>
<p>With the email providers we recommend we like to see responsible marketing.</p>
</div>
<div class="col-md-6">
@ -162,7 +162,7 @@ description: "Find a secure email provider that will keep your privacy in mind.
</div>
<div class="col-12">
<h3><span class="badge badge-info">Additional Functionality</span></h3>
<h3>{% include badge.html color="info" text="Additional Functionality" %}</h3>
<p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend.</p>
</div>
</div>

44
pages/providers/vpn.html
View File

@ -29,7 +29,7 @@ breadcrumb: "VPN"
<div class="container">
<div class="row">
<div class="col-12">
<h3><span class="badge badge-info">Jurisdiction</span></h3>
<h3>{% include badge.html color="info" text="Jurisdiction" %}</h3>
<p>Operating outside the five/nine/fourteen-eyes countries is not a guarantee of privacy necessarily, and there are other factors to consider. However, we believe that avoiding these countries is important if you wish to avoid mass government dragnet surveillance, especially from the United States. Read our page on <a href="/providers/#ukusa">global mass surveillance and avoiding the US and UK</a> to learn more about why we feel this is important.</p>
</div>
<div class="col-md-6">
@ -47,7 +47,7 @@ breadcrumb: "VPN"
</div>
<div class="col-12">
<h3><span class="badge badge-info">Technology</span></h3>
<h3>{% include badge.html color="info" text="Technology" %}</h3>
<p>We require all our recommended VPN providers to provide OpenVPN configuration files to be used in any client. <strong>If</strong> a VPN provides their own custom client, we require a killswitch to block network data leaks when disconnected.</p>
</div>
<div class="col-md-6">
@ -70,7 +70,7 @@ breadcrumb: "VPN"
</div>
<div class="col-12">
<h3><span class="badge badge-info">Privacy</span></h3>
<h3>{% include badge.html color="info" text="Privacy" %}</h3>
<p>We prefer our recommended providers to collect as little data as possible. Not collecting personal information on registration, and accepting anonymous forms of payment are required.</p>
</div>
<div class="col-md-6">
@ -89,7 +89,7 @@ breadcrumb: "VPN"
</div>
<div class="col-12">
<h3><span class="badge badge-info">Security</span></h3>
<h3>{% include badge.html color="info" text="Security" %}</h3>
<p>A VPN is pointless if it can't even provide adequate security. We require all our recommended providers to abide by current security standards for their OpenVPN connections. Ideally, they would use more future-proof encryption schemes by default. We also require an independent third-party to audit the provider's security, ideally in a very comprehensive manner and on a repeated (yearly) basis.</p>
</div>
<div class="col-md-6">
@ -111,7 +111,7 @@ breadcrumb: "VPN"
</div>
<div class="col-12">
<h3><span class="badge badge-info">Trust</span></h3>
<h3>{% include badge.html color="info" text="Trust" %}</h3>
<p>You wouldn't trust your finances to someone with a fake identity, so why trust them with your internet data? We require our recommended providers to be public about their ownership or leadership. We also would like to see frequent transparency reports, especially in regard to how government requests are handled.</p>
</div>
<div class="col-md-6">
@ -129,7 +129,7 @@ breadcrumb: "VPN"
</div>
<div class="col-12">
<h3><span class="badge badge-info">Marketing</span></h3>
<h3>{% include badge.html color="info" text="Marketing" %}</h3>
<p>With the VPN providers we recommend we like to see responsible marketing.</p>
</div>
<div class="col-md-6">
@ -159,7 +159,7 @@ breadcrumb: "VPN"
</div>
<div class="col-12">
<h3><span class="badge badge-info">Additional Functionality</span></h3>
<h3>{% include badge.html color="info" text="Additional Functionality" %}</h3>
<p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.</p>
</div>
</div>
@ -230,21 +230,33 @@ breadcrumb: "VPN"
<li><a href="https://gist.github.com/kennwhite/1f3bc4d889b02b35d8aa">Don't use LT2P IPSec, use other protocols.</a></li>
<li>
<a href="https://www.top10vpn.com/free-vpn-app-investigation/">Free VPN App Investigation</a>
<span class="badge badge-warning" data-toggle="tooltip" title="This site has affiliate based recommendations">
<a href="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"/>Warning</a>
</span>
{% include badge.html
color="warning"
icon="fas fa-exclamation-triangle"
link="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"
tooltip="This site has affiliate based recommendations. They get paid for referring visitors to specific VPN providers."
text="Affiliate program"
%}
</li>
<li>
<a href="https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/">Hidden VPN owners unveiled: 101 VPN products run by just 23 companies</a>
<span class="badge badge-warning" data-toggle="tooltip" title="This site has affiliate based recommendations">
<a href="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"/>Warning</a>
</span>
{% include badge.html
color="warning"
icon="fas fa-exclamation-triangle"
link="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"
tooltip="This site has affiliate based recommendations. They get paid for referring visitors to specific VPN providers."
text="Affiliate program"
%}
</li>
<li>
<a href="https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/">This Chinese company is secretly behind 24 popular apps seeking dangerous permissions</a>
<span class="badge badge-warning" data-toggle="tooltip" title="This site has affiliate based recommendations">
<a href="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"/>Warning</a>
</span>
{% include badge.html
color="warning"
icon="fas fa-exclamation-triangle"
link="https://blog.privacytools.io/the-trouble-with-vpn-and-privacy-reviews"
tooltip="This site has affiliate based recommendations. They get paid for referring visitors to specific VPN providers."
text="Affiliate program"
%}
</li>
</ul>