diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index 09eb8d455d..b39b749ddb 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -1,8 +1,9 @@ name: 💬 Crowdin Upload on: - push: - branches: [ main ] + workflow_dispatch: + release: + types: [published] jobs: synchronize-with-crowdin: diff --git a/Pipfile b/Pipfile index d03f959069..382d17466e 100644 --- a/Pipfile +++ b/Pipfile @@ -9,7 +9,6 @@ mkdocs-material = {path = "./mkdocs-material"} mkdocs-static-i18n = "*" mkdocs-git-revision-date-localized-plugin = "*" typing-extensions = "*" -mkdocs-rss-plugin = "*" mkdocs-git-committers-plugin-2 = "*" mkdocs-macros-plugin = "*" diff --git a/Pipfile.lock b/Pipfile.lock index d6ac2600ea..92c95cf64c 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "eb017d2eabf57e6fbad3d2ce45b112ab8be6d41fb96f9fe27e21691ab123ee42" + "sha256": "63dbd8a1e6f7ac3ad66d25cb30412c3b901d2e76b2c8a5dddcfed0c528224dd4" }, "pipfile-spec": 6, "requires": { @@ -21,7 +21,7 @@ "sha256:7614553711ee97490f732126dc077f8d0ae084ebc6a96e23db1482afabdb2c51", "sha256:ff56f4892c1c4bf0d814575ea23471c230d544203c7748e8c68f0089478d48eb" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2.10.3" }, "beautifulsoup4": { @@ -29,7 +29,7 @@ "sha256:58d5c3d29f5a36ffeb94f02f0d786cd53014cf9b3b3951d42e0080d8a9498d30", "sha256:ad9aa55b65ef2808eb405f46cf74df7fcb7044d5cbc26487f96eb2ef2e436693" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==4.11.1" }, "certifi": { @@ -37,7 +37,7 @@ "sha256:0d9c601124e5a6ba9712dbc60d9c53c21e34f5f641fe83002317394311bdce14", "sha256:90c1a32f1d68f940488354e36370f6cca89f0f106db09518524c88d6ed83f382" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2022.9.24" }, "charset-normalizer": { @@ -45,7 +45,7 @@ "sha256:5a3d016c7c547f69d6f81fb0db9449ce888b418b5b9952cc5e6e66843e9dd845", "sha256:83e9a75d1911279afd89352c68b45348559d1fc0506b054b346651b5e7fee29f" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2.1.1" }, "click": { @@ -76,7 +76,7 @@ "sha256:8033ad4e853066ba6ca92050b9df2f89301b8fc8bf7e9324d412a63f8bf1a8fd", "sha256:bac2fd45c0a1c9cf619e63a90d62bdc63892ef92387424b855792a6cabe789aa" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==4.0.9" }, "gitpython": { @@ -192,7 +192,7 @@ "sha256:cbb516f16218e643d8e0a95b309f77eb118cb138d39a4f27851e6a63581db874", "sha256:f5da449a6e1c989a4cea2631aa8ee67caa5a2ef855d551c88f9e309f4634c621" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==3.3.7" }, "markdown2": { @@ -254,7 +254,7 @@ "sha256:0096d52e9dad9939c3d975a774666af186eda617e6ca84df4c94dec30004f2a8", "sha256:70775750742b25c0d8f36c55aed03d24c3384d17c951b3175d898bd778ef0307" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==1.3.4" }, "mkdocs": { @@ -301,14 +301,6 @@ "markers": "python_version >= '3.7'", "version": "==1.1" }, - "mkdocs-rss-plugin": { - "hashes": [ - "sha256:2ab14c20bf6b7983acbe50181e7e4a0778731d9c2d5c38107ca7047a7abd2165", - "sha256:4178b3830dcbad9b53b12459e315b1aad6b37d1e7e5c56c686866a10f99878a4" - ], - "index": "pypi", - "version": "==1.5.0" - }, "mkdocs-static-i18n": { "hashes": [ "sha256:119583edee640b5b34834f415669357392e47c01b8a0587c95ccd8d14ef11e33" @@ -321,7 +313,7 @@ "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb", "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==21.3" }, "paginate": { @@ -335,7 +327,7 @@ "sha256:56a8508ae95f98e2b9bdf93a6be5ae3f7d8af858b43e02c5a2ff083726be40c1", "sha256:f643f331ab57ba3c9d89212ee4a2dabc6e94f117cf4eefde99a0574720d14c42" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2.13.0" }, "pymdown-extensions": { @@ -420,7 +412,7 @@ "sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174", "sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==6.0" }, "pyyaml-env-tag": { @@ -428,7 +420,7 @@ "sha256:70092675bda14fdec33b31ba77e7543de9ddc88f2e5b99160396572d11525bdb", "sha256:af31106dec8a4d68c60207c1886031cbf839b68aa7abccdb19868200532c2069" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==0.1" }, "readtime": { @@ -529,7 +521,7 @@ "sha256:fcbd1edff1473d90dc5cf4b52d355cf1f47b74eb7c85ba6e45f45d0116b8edbd", "sha256:fe428822b7a8c486bcd90b334e9ab541ce6cc0d6106993d59f201853e5e14121" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2022.9.13" }, "requests": { @@ -553,7 +545,7 @@ "sha256:2aba19d6a040e78d8b09de5c57e96207b09ed71d8e55ce0959eeee6c8e190d94", "sha256:c840e62059cd3be204b0c9c9f74be2c09d5648eddd4580d9314c3ecde0b30936" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==5.0.0" }, "soupsieve": { @@ -561,7 +553,7 @@ "sha256:3b2503d3c7084a42b1ebd08116e5f81aadfaea95863628c80a3b774a11b7c759", "sha256:fc53893b3da2c33de295667a0e19f078c14bf86544af307354de5fcf12a3f30d" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2.3.2.post1" }, "termcolor": { @@ -616,16 +608,16 @@ "sha256:ed80a1628cee19f5cfc6bb74e173f1b4189eb532e705e2a13e3250312a62e0c9", "sha256:ee3e38a6cc050a8830089f79cbec8a3878ec2fe5160cdb2dc8ccb6def8552658" ], - "markers": "python_full_version >= '3.6.0'", + "markers": "python_version >= '3.6'", "version": "==2.1.9" }, "zipp": { "hashes": [ - "sha256:3a7af91c3db40ec72dd9d154ae18e008c69efe8ca88dde4f9a731bb82fe2f9eb", - "sha256:972cfa31bc2fedd3fa838a51e9bc7e64b7fb725a8c00e7431554311f180e9980" + "sha256:4fcb6f278987a6605757302a6e40e896257570d11c51628968ccb2a47e80c6c1", + "sha256:7a7262fd930bd3e36c50b9a64897aec3fafff3dfdeec9623ae22b40e93f99bb8" ], "markers": "python_version >= '3.7'", - "version": "==3.9.0" + "version": "==3.10.0" } }, "develop": { diff --git a/data/articles.yml b/data/articles.yml deleted file mode 100644 index 1008a0235f..0000000000 --- a/data/articles.yml +++ /dev/null @@ -1,22 +0,0 @@ -extra: - articles: - - name: '"Hide Nothing"' - publisher: Privacy Guides - url: 'blog/2022/06/09/hide-nothing.md' - date: 2022-06-09 - - name: '"Move Fast and Break Things"' - publisher: Privacy Guides - url: 'blog/2022/04/04/move-fast-and-break-things.md' - date: 2022-04-04 - - name: 'Firefox Privacy: 2021 Update' - publisher: Privacy Guides - url: 'blog/2021/12/01/firefox-privacy-2021-update.md' - date: 2021-12-01 - - name: 'Virtual Insanity' - publisher: Privacy Guides - url: 'blog/2021/11/01/virtual-insanity.md' - date: 2021-11-01 - - name: 'Welcome to Privacy Guides' - publisher: Privacy Guides - url: 'blog/2021/09/14/welcome-to-privacy-guides.md' - date: 2021-09-14 diff --git a/docs/articles.en.md b/docs/articles.en.md deleted file mode 100644 index baa85fcaf2..0000000000 --- a/docs/articles.en.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -title: Curated Articles from Around the Web -hide: - - navigation - - feedback ---- - -{% for article in articles %} -- **{{ article.date }}**: [{{ article.name }}]({{ article.url }}) from *{{ article.publisher }}* -{% endfor %} diff --git a/docs/blog/2021/09/14/welcome-to-privacy-guides.md b/docs/blog/2021/09/14/welcome-to-privacy-guides.md deleted file mode 100644 index fb1f2d17b1..0000000000 --- a/docs/blog/2021/09/14/welcome-to-privacy-guides.md +++ /dev/null @@ -1,59 +0,0 @@ ---- -title: Welcome to Privacy Guides -created: "2021-09-14" -author: 'Jonah' -template: overrides/blog.en.html ---- - -We are excited to announce the launch of [Privacy Guides](https://www.privacyguides.org/) and [r/PrivacyGuides](https://www.reddit.com/r/PrivacyGuides/), and welcome the privacy community to participate in our crowdsourced software recommendations and share tips and tricks for keeping your data safe online. Our goal is to be a central resource for privacy and security-related tips that are usable by anybody, and to carry on the trusted legacy of PrivacyTools. - -As we [announced](https://web.archive.org/web/20210729184422/https://blog.privacytools.io/the-future-of-privacytools/) on the PrivacyTools blog in July, we made the decision to migrate off our former privacytools.io domain for various reasons, including an inability to contact the current domain holder for over a year and [growing](http://www.thedarksideof.io/) [issues](https://fortune.com/2020/08/31/crypto-fraud-io-domain-chagos-islands-uk-colonialism-cryptocurrency/) [with the .IO top-level domain](https://github.com/privacytools/privacytools.io/issues/1324). As attempts to regain ownership of the domain have proven fruitless, we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to [www.privacyguides.org](https://www.privacyguides.org/), and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc. - -We chose the name Privacy Guides because it represents two things for us as an organization: An expansion beyond simple recommendation lists, and a goal of acting as the trusted guides to anyone newly learning about protecting their personal data. - -As a name, it moves us past recommendations of various tools and focuses us more on the bigger picture. We want to provide more _education_ — rather than _direction_ — surrounding privacy-related topics. You can see the very beginnings of this work in our new page on [threat modeling](https://www.privacyguides.org/basics/threat-modeling/), or our [VPN](https://www.privacyguides.org/vpn) and [Email Provider](https://www.privacyguides.org/email) recommendations, but this is just the start of what we eventually hope to accomplish. - -## Website Development - -Our project has always been community-oriented and open-sourced. The source code for PrivacyTools is currently archived at [https://github.com/privacytools/privacytools.io](https://github.com/privacytools/privacytools.io). This repository will remain online as an archive of everything on PrivacyTools up to this transition. - -The source code for our new website is available at [https://github.com/privacyguides/privacyguides.org](https://github.com/privacyguides/privacyguides.org). All updates from PrivacyTools have been merged into this new repository, and this is where all future work will take place. - -## Services - -PrivacyTools also runs a number of online services in use by many users. Some of these services are federated, namely Mastodon, Matrix, and PeerTube. Due to the technical nature of federation, it is impossible for us to change the domain name on these services, and because we cannot guarantee the future of the privacytools.io domain name we will be shutting down these services in the coming months. - -We strongly urge users of these services to migrate to alternative providers in the near future. We hope that we will be able to provide enough time to make this as seamless of a transition as possible for our users. - -At this time we do not plan on launching public Matrix, Mastodon, or PeerTube instances under the Privacy Guides domain. Any users affected by this transition can get in touch with [@jonah:aragon.sh](https://matrix.to/#/@jonah:aragon.sh) on Matrix if any assistance is needed. - -Other services being operated by PrivacyTools currently will be discontinued. This includes Searx, WriteFreely, and GhostBin. - -Our future direction for online services is uncertain, but will be a longer-term discussion within our community after our work is complete on this initial transition. We are very aware that whatever direction we move from here will have to be done in a way that is sustainable in the very long term. - -## r/PrivacyGuides - -PrivacyTools has a sizable community on Reddit, but to ensure a unified image we have created a new Subreddit at [r/PrivacyGuides](https://www.reddit.com/r/PrivacyGuides/) that we encourage all Reddit users to join. - -In the coming weeks our current plan is to wind down discussions on r/privacytoolsIO. We will be opening r/PrivacyGuides to lots of the discussions most people are used to shortly, but encouraging general “privacy news” or headline-type posts to be posted on [r/Privacy](https://www.reddit.com/r/privacy/) instead. In our eyes, r/Privacy is the “who/what/when/where” of the privacy community on Reddit, the best place to find the latest news and information; while r/PrivacyGuides is the “how”: a place to share and discuss tools, tips, tricks, and other advice. We think focusing on these strong points will serve to strengthen both communities, and we hope the good moderators of r/Privacy agree 🙂 - -## Final Thoughts - -The former active team at PrivacyTools universally agrees on this direction towards Privacy Guides, and will be working exclusively on Privacy Guides rather than any “PrivacyTools” related projects. We intend to redirect PriavcyTools to new Privacy Guides properties for as long as possible, and archive existing PrivacyTools work as a pre-transition snapshot. - -Privacy Guides additionally welcomes back PrivacyTools’ former sysadmin [Jonah](https://twitter.com/JonahAragon), who will be joining the project’s leadership team. - -We are not accepting sponsorships or donations at this time, while we work out our financial plan. We will be in touch with existing sponsors on PrivacyTools’ OpenCollective to determine what the best way forward is soon. - -We are all very excited about this new brand and direction, and hope to have your continued support through all of this. If you have any questions, concerns, or suggestions, please reach out to us. We are always happy to receive guidance and input from our community! ❀ - ---- - -**_Privacy Guides_** _is a socially motivated website that provides information for protecting your data security and privacy._ - -- [Join r/PrivacyGuides on Reddit](https://www.reddit.com/r/privacyguides) -- [Follow @privacy_guides on Twitter](https://twitter.com/privacy_guides) -- [Collaborate with us on GitHub](https://github.com/privacyguides/privacyguides.org) -- [Join our chat on Matrix](https://matrix.to/#/#privacyguides:aragon.sh) diff --git a/docs/blog/2021/11/01/virtual-insanity.jpg b/docs/blog/2021/11/01/virtual-insanity.jpg deleted file mode 100644 index 08c3c79356..0000000000 Binary files a/docs/blog/2021/11/01/virtual-insanity.jpg and /dev/null differ diff --git a/docs/blog/2021/11/01/virtual-insanity.md b/docs/blog/2021/11/01/virtual-insanity.md deleted file mode 100644 index 86bbb3008c..0000000000 --- a/docs/blog/2021/11/01/virtual-insanity.md +++ /dev/null @@ -1,33 +0,0 @@ ---- -title: Virtual Insanity -image: 'blog/2021/11/01/virtual-insanity.jpg' -created: "2021-11-01" -author: 'Freddy' -template: overrides/blog.en.html ---- - -Not so long ago, the world was predicting the end for Facebook. Now it is no more. Gone from the face of the planet – never to be seen again. Except it isn’t. - -Facebook has not disappeared. No, not even the damning ‘Facebook Papers’ can shut it down. Mark Zuckerberg stood up on stage, and announced that it had changed its name to: Meta. - -A key part of this new vision for the company is the idea of the metaverse. If it sounds like something out of a sci-fi movie or novel, that’s because it is. The term was first coined by author Neal Stephenson in his 1992 book _Snow Crash_. Zuckerberg’s only problem is that novel was dystopian. Here’s a brief snippet of Stephenson’s description of the metaverse: - -> “Your avatar can look any way you want it to, up to the limitations of your equipment. If you’re ugly, you can make your avatar beautiful. If you’ve just gotten out of bed, your avatar can still be wearing beautiful clothes and professionally applied makeup. You can look like a gorilla or a dragon or a giant talking penis in the Metaverse. Spend five minutes walking down the Street and you will see all of these.” - -In fairness, that doesn’t seem unlike the sort of content you see on Facebook today. Compare this to what Zuckerberg [wrote](https://about.fb.com/news/2021/10/founders-letter/) in his 2021 Founders Letter: - -> “In this future, you will be able to teleport instantly as a hologram to be at the office without a commute, at a concert with friends, or in your parents’ living room to catch up. This will open up more opportunity no matter where you live. You’ll be able to spend more time on what matters to you, cut down time in traffic, and reduce your carbon footprint.” - -The similarities are uncanny. - -This wouldn’t be the first time that Facebook has been described as dystopian. One _Mashable_ article [called](https://mashable.com/article/facebook-dystopia) the social media giant ‘Orwellian and Huxleyan at the same time.’ Quite a feat. - -The ‘Facebook Papers’ have some pretty shocking - though not entirely surprising - revelations as well. The leaked documents demonstrate the extent to which Facebook values engagement above all else (including a good experience). For instance, we learnt that the algorithm is [optimised](https://www.wired.com/story/facebook-transparency-biggest-sites-pages-links/) for low quality content, [prioritises](https://www.washingtonpost.com/technology/2021/10/26/facebook-angry-emoji-algorithm/) rage over happiness for profit, and [promotes](https://www.theatlantic.com/ideas/archive/2021/10/facebook-papers-democracy-election-zuckerberg/620478/) extremist content. Most alarming was that the firm [failed](https://apnews.com/article/the-facebook-papers-covid-vaccine-misinformation-c8bbc569be7cc2ca583dadb4236a0613) to reduce disinformation during the pandemic even when given the opportunity. Zuckerberg said no to this, presumably because it would reduce engagement and, in turn, Facebook’s advertising revenue. - -Let’s not forget all Facebook’s previous scandals. From the Cambridge Analytica kerfuffle to [conducting](https://www.theregister.com/2014/06/29/researchers_mess_with_facebook_users_emotions/) manipulative social experiments in secret. - -In light of this, the name change makes sense. It deceives you into thinking the company has evolved into a benevolent corporation, when it simply hasn’t. Zuckerberg would much prefer you to think about Meta as a playful universe where you can meet with friends across the globe in virtual reality. Where humans train themselves to sound like heavily discounted robots. Where Facebook is not a Horrid Company. - -Despite all this: Meta _is_ Facebook, just worse. It doesn’t matter about the new name, the company has not changed. It will still be violating our privacy, daily, on an unprecedented scale. It will still be as reliably scandalous as a Carry On film. It will still be terrible. Plus it will have all the added claptrap of a sub-par holographic universe attached. diff --git a/docs/blog/2021/12/01/firefox-privacy-2021-update.md b/docs/blog/2021/12/01/firefox-privacy-2021-update.md deleted file mode 100644 index 67571a7ab8..0000000000 --- a/docs/blog/2021/12/01/firefox-privacy-2021-update.md +++ /dev/null @@ -1,63 +0,0 @@ ---- -title: 'Firefox Privacy: 2021 Update' -image: 'blog/2021/12/01/firefox-privacy-2021-update.png' -created: "2021-12-01" -author: 'Daniel' -template: overrides/blog.en.html ---- - -A lot changed between 2019 and now, not least in regards to Firefox. Since our last post, Mozilla has [improved](https://blog.mozilla.org/en/products/firefox/latest-firefox-rolls-out-enhanced-tracking-protection-2-0-blocking-redirect-trackers-by-default/) privacy with [Enhanced Tracking Protection (ETP)](https://blog.mozilla.org/en/products/firefox/firefox-now-available-with-enhanced-tracking-protection-by-default/). Earlier this year Mozilla introduced [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/) (Dynamic First Party Isolation dFPI). This was then further tightened with [Enhanced Cookie Clearing](https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/). We’re also looking very forward to [Site Isolation](https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/) (code named Fission) being enabled by default in the coming releases. - -Now that so many privacy features are built into the browser, there is little need for extensions made by third-party developers. Accordingly, we have updated our very outdated [browser](../../../../desktop-browsers.md) section. If you’ve got an old browser profile we suggest **creating a new one**. Some of the old advice may make your browser _more_ unique. - -#### Privacy Tweaks “about:config” - -We’re no longer recommending that users set `about:config` switches manually. Those switches need to be up to date and continuously maintained. They should be studied before blindly making modifications. Sometimes their behaviour changes in between Firefox releases, is superseded by other keys or they are removed entirely. We do not see any point in duplicating the efforts of the community [Arkenfox](https://github.com/arkenfox/user.js) project. Arkenfox has very good documentation in their [wiki](https://github.com/arkenfox/user.js/wiki) and we use it ourselves. - -#### LocalCDN and Decentraleyes - -These extensions aren’t required with Total Cookie Protection (TCP), which is enabled if you’ve set Enhanced Tracking Protection (ETP) to **Strict**. - -Replacing scripts on CDNs with local versions is not a comprehensive solution and is a form of [enumeration of badness](https://www.ranum.com/security/computer_security/editorials/dumb/). While it may work with some scripts that are included it doesn’t help with most other third-party connections. - -CDN extensions never really improved privacy as far as sharing your IP address was concerned and their usage is fingerprintable as this Tor Project developer [points out](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22089#note_2639603). They are the wrong tool for the job and are not a substitute for a good VPN or Tor. Its worth noting the [resources](https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources) for Decentraleyes are hugely out of date and would not be likely used anyway. - -#### NeatURLs and ClearURLS - -Previously we recommended ClearURLs to remove tracking parameters from URLs you might visit. These extensions are no longer needed with uBlock Origin’s [`removeparam`](https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam) feature. - -#### HTTPS Everywhere - -The EFF announced back in September they were [deprecating HTTPS-Everywhere](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) as most browsers now have an HTTPS-Only feature. We are pleased to see privacy features built into the browser and Firefox 91 introduced [HTTPS by Default in Private Browsing](https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-https-by-default-in-private-browsing/). - -#### Multi Account Containers and Temporary Containers - -Container extensions aren’t as important as they used to be for privacy now that we have [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/). - -Multi Account Container will still have some use if you use [Mozilla VPN](https://en.wikipedia.org/wiki/Mozilla_VPN) as it is going to be [integrated](https://github.com/mozilla/multi-account-containers/issues/2210) allowing you to configure specified containers to use a particular VPN server. Another use might be if you want to login to multiple accounts on the same domain. - -#### Just-In-Time Compilation (JIT) - -What is “Disable JIT” in Bromite? This option disables the JavaScript performance feature [JIT](https://en.wikipedia.org/wiki/Just-in-time_compilation). It can increase security but at the cost of performance. Those trade-offs vary wildly and are explored in [this](https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/) publication by Johnathan Norman from the Microsoft Edge team. This option is very much a security vs performance option. - -#### Mozilla browsers on Android - -We don’t recommend any Mozilla based browsers on Android. This is because we don’t feel that [GeckoView](https://mozilla.github.io/geckoview) is quite as secure as it could be as it doesn’t support [site isolation](https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture), soon to be coming in desktop browsers or [isolated processes](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196). - -We also noticed that there isn’t an option for [HTTPS-Only mode](https://github.com/mozilla-mobile/fenix/issues/16952#issuecomment-907960218). The only way to get something similar is to install the [deprecated](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) extension [HTTPS Everywhere](https://www.eff.org/https-everywhere). - -There are places which Firefox on Android shines for example browsing news websites where you may want to _partially_ load some JavaScript (but not all) using medium or hard [blocking mode](https://github.com/gorhill/uBlock/wiki/Blocking-mode). The [reader view](https://support.mozilla.org/en-US/kb/view-articles-reader-view-firefox-android) is also pretty cool. We expect things will change in the future, so we’re keeping a close eye on this. - -#### Fingerprinting - -Firefox has the ability to block known third party [fingerprinting resources](https://blog.mozilla.org/security/2020/01/07/firefox-72-fingerprinting/). Mozilla has [advanced protection](https://support.mozilla.org/kb/firefox-protection-against-fingerprinting) against fingerprinting (RFP is enabled with Arkenfox). - -We do not recommend extensions that promise to change your [browser fingerprint](https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/). Some of those extensions [are detectable](https://www.cse.chalmers.se/~andrei/codaspy17.pdf) by websites through JavaScript and [CSS](https://hal.archives-ouvertes.fr/hal-03152176/file/style-fingerprinting-usenix.pdf) methods, particularly those which inject anything into the web content. - -This includes **all** extensions that try to change the user agent or other browser behaviour to prevent fingerprinting. We see these often recommended on Reddit and would like to say that they will likely make you more unique and can be circumvented. Arkenfox has [a good list](https://github.com/arkenfox/user.js/wiki/4.1-Extensions#small_orange_diamond-%EF%B8%8F-anti-fingerprinting-extensions-fk-no) of extensions you shouldn’t be using. They also have [another list](https://github.com/arkenfox/user.js/wiki/4.1-Extensions#small_orange_diamond-dont-bother) of extensions you needn’t bother with either. We also like to say testing sites which show you how unique you are in a set of users are often using hugely tainted results that are not indicative of real-world usage. - ----------- - -_Special thanks to [Thorin-Oakenpants](https://github.com/Thorin-Oakenpants) and [Tommy](https://tommytran.io) for their help with providing advice and further documentation during the research phase. diff --git a/docs/blog/2021/12/01/firefox-privacy-2021-update.png b/docs/blog/2021/12/01/firefox-privacy-2021-update.png deleted file mode 100644 index 778a79fc19..0000000000 Binary files a/docs/blog/2021/12/01/firefox-privacy-2021-update.png and /dev/null differ diff --git a/docs/blog/2022/04/04/move-fast-and-break-things.jpg b/docs/blog/2022/04/04/move-fast-and-break-things.jpg deleted file mode 100644 index d67d160bbe..0000000000 Binary files a/docs/blog/2022/04/04/move-fast-and-break-things.jpg and /dev/null differ diff --git a/docs/blog/2022/04/04/move-fast-and-break-things.md b/docs/blog/2022/04/04/move-fast-and-break-things.md deleted file mode 100644 index 166c9e2b79..0000000000 --- a/docs/blog/2022/04/04/move-fast-and-break-things.md +++ /dev/null @@ -1,31 +0,0 @@ ---- -title: '"Move Fast and Break Things"' -image: 'blog/2022/04/04/move-fast-and-break-things.jpg' -created: "2022-04-04" -author: 'Freddy' -template: overrides/blog.en.html ---- - -Mark Zuckerberg does not look comfortable on stage. Yet, there he was proclaiming that “the future is private”. If someone has to tell you that they care about your privacy, they probably don’t. - -For someone trying not to appear like a cartoon villain, Zuckerberg doesn’t do a great job. He gives the impression of some strange cyborg algorithmically attempting to impersonate human life. His movements are not quite robotic, but he lacks the charisma you might expect from one of the most powerful people on the planet. A _New Yorker_ [profile](https://www.newyorker.com/magazine/2018/09/17/can-mark-zuckerberg-fix-facebook-before-it-breaks-democracy) of him revealed that he had an affinity for Emperor Augustus, an ancient Roman tyrant. ‘Through a really harsh approach, [Augustus] established two hundred years of world peace,’ he said. - -It’s the first part of that sentence that is worrying. - -Is this what Zuckerberg sees himself as: a modern-day emperor hellbent on using any means he can to gain world peace? Probably not, but it would have been reassuring if he just told us he liked doing Sudoku and dad-dancing with his daughter (interestingly named August). - -The Zuck once [joked](https://www.esquire.com/uk/latest-news/a19490586/mark-zuckerberg-called-people-who-handed-over-their-data-dumb-f/) to a friend that he could get them ‘info’ about anyone in Harvard. He had email addresses, pictures, real addresses: the lot. When the friend asked how, this was his riposte: ‘People just submitted it. I don’t know why. They trust me. Dumb f*cks.’ We now live in a reality where Zuckerberg can get ‘info’ about almost anyone in the world. - -Like a depraved tabloid journalist fishing through a minor celebrity’s trash, Facebook collects everything it can about its users. Even if it means sifting through garbage, they want that data. But Facebook is not technically in the data business. It is in what author and professor Carissa VĂ©liz [terms](https://aeon.co/essays/privacy-matters-because-it-empowers-us-all) ‘the business of power’ – which sounds rather more sinister than flogging off mildly irritating adverts. - -VĂ©liz argues that privacy is a form of power. It is the power to influence you, show you adverts and predict your behaviour. In this sense, personal data is being used to make us do things we otherwise would not do: to buy a certain product or to vote a certain way. Filmmaker Laura Poitras [described](https://www.washingtonpost.com/news/the-switch/wp/2014/10/23/snowden-filmmaker-laura-poitras-facebook-is-a-gift-to-intelligence-agencies/) Facebook as ‘a gift to intelligence agencies’. It allows governments to arrest people planning to participate in protests before they have even begun. - -The social media giant is tip-toeing ever closer into our personal lives. When Facebook encountered competition it just bought it, adding Instagram and WhatsApp to its roster. The company even tried to make its own cryptocurrency so that one day the Facebook would control all our purchases too. Earlier this year, the project was [killed](https://www.ft.com/content/a88fb591-72d5-4b6b-bb5d-223adfb893f3) by regulators. It is worth noting that when Zuckerberg purchased WhatsApp and Instagram, they had no revenue. Author Tim Wu notes in his book _The Attention Merchants_ that Facebook is ‘a business with an exceedingly low ratio of invention to success’. Perhaps that is a part of Zuck’s genius. - -‘Move fast and break things’ was the old company motto. When there were a few too many scandals, they moved fast and [rebranded](https://www.privacyguides.org/blog/2021/11/01/virtual-insanity) to Meta. No one expected online privacy to be the ‘thing’ they broke. - -Before it became a global behemoth, Facebook started out as a dorm-room project. Zuckerberg sat at his keyboard after a few drinks and built it mainly because he could. It now has nearly three billion users. In the same way, Facebook [conducted](https://www.theguardian.com/technology/2014/jul/02/facebook-apologises-psychological-experiments-on-users) social experiments seemingly just for fun. Why he did it doesn’t really matter. As John Lanchester [put it](https://www.lrb.co.uk/the-paper/v39/n16/john-lanchester/you-are-the-product): he simply did it _because_. - -It is unfair to say that Zuckerberg does not care about privacy – he does. That’s why he [spared](https://www.theguardian.com/technology/2013/oct/11/mark-zuckerberg-facebook-neighbouring-houses) no expense buying the houses that surrounded his home. Zuckerberg knows the power of privacy, which is painfully ironic given he has built his career on exploiting it. For Zuckerberg, at least, the future is private. It’s the rest of us that should be worried. diff --git a/docs/blog/2022/06/09/hide-nothing.jpg b/docs/blog/2022/06/09/hide-nothing.jpg deleted file mode 100644 index fef2352918..0000000000 Binary files a/docs/blog/2022/06/09/hide-nothing.jpg and /dev/null differ diff --git a/docs/blog/2022/06/09/hide-nothing.md b/docs/blog/2022/06/09/hide-nothing.md deleted file mode 100644 index e98000f3c6..0000000000 --- a/docs/blog/2022/06/09/hide-nothing.md +++ /dev/null @@ -1,45 +0,0 @@ ---- -title: '"Hide Nothing"' -image: 'blog/2022/06/09/hide-nothing.jpg' -created: "2022-06-09" -author: 'Dan Arel' -template: overrides/blog.en.html ---- - -In the wake of the September 11, 2001, attack on the United States, the US government enacted laws that weakened citizen privacy in the name of national emergency. This sent up many red flags for human rights and privacy advocates. - -These concerns were met with “if you have nothing to hide, you have nothing to fear.” The argument goes that if you're not doing anything illegal, then these violations of your privacy shouldn't bother you. If you care about privacy, you clearly can't be up to anything good. - -On the surface, this seems true to many people – but the reality is very different. We may not have had anything to hide in the immediate aftermath of 9/11, but that was not the only information being sought after by governments. Indeed, following the passage of the Patriot Act in the US, the FBI issued 192,499 [National Security Letters](https://www.aclu.org/other/national-security-letters), meaning they collected the records and online activity of nearly 200,000 people. - -In the end it only convicted one person. - -Now, many have argued that stopping one terrorist might be worth giving up some security for, but [according](https://www.aclu.org/issues/national-security/privacy-and-surveillance/surveillance-under-patriot-act) to the ACLU, the conviction would have occurred without the Patriot Act. - -Many legal actions you take today could be deemed illegal by future laws or future government. In the US today there is discussion around the possibility of Roe v. Wade being overturned, allowing states to outlaw abortions. You may not currently feel the need to hide internet searches, menstrual cycle apps, or donations to women's health clinics today because it's not illegal, but tomorrow that information could be used against you. - -In countries were organizing around political dissent is legal, that doesn't mean the government is tracking those taking part and using that information to create informants or infiltrate such groups. Or worse, when or if laws change, using that surveillance to punish those involved. - -And even if you break away from the legal aspects, we all have something to hide. You may not be ready to reveal your sexual or gender identity, but your internet usage could potentially do that for you. You don't want to make your bank account public; you have that information to hide. And you can continue to list things about your life you'd just rather not make public, regardless of potential legality. - -In July of 2021, a Catholic priest by the name of Jeffrey Burrill lost his job and was forced to resign after data collected through his cell phone showed that he was active on the gay dating app Grindr, and that he had visited multiple gay bars in the area. [According](https://www.washingtonpost.com/religion/2021/07/20/bishop-misconduct-resign-burrill/) to the *Washington Post*: - -> “A mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 —– at both his USCCB office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities,” the Pillar reported. - -> “The data obtained and analyzed by The Pillar conveys mobile app date signals during two 26-week periods, the first in 2018 and the second in 2019 and 2020. The data was obtained from a data vendor and authenticated by an independent data consulting firm contracted by The Pillar,” the site reported. It did not identify who the vendor was or if the site bought the information or got it from a third party. - -> The Pillar story says app data “correlated” to Burrill's phone shows the priest visited gay bars, including while traveling for the USCCB. - -While it was not clear who was tracking Burrill's device, the Post went on to say that: - -> Privacy experts have long raised concerns about “anonymized” data collected by apps and sold to or shared with aggregators and marketing companies. While the information is typically stripped of obviously identifying fields, like a user's name or phone number, it can contain everything from age and gender to a device ID. It's possible for experts to de-anonymize some of this data and connect it to real people. - -While Burrill was without a doubt in violation of his work's own code of conduct, he did decide on his own to be a priest. However, his personal life was not harming others and was just that, his personal life. While the question looms about who was tracking him to begin with and why, the fact it was so easy to do is alarming. - -What if Burrill wasn't a priest, but just happened to work for someone who held anti-homosexual views who used this data to out him, humiliate him, and fire him under false pretenses? This data, which should be private could (and likely did in the real-life circumstance) ruin his life. - -That is what makes internet privacy so important. It's not hiding nefarious activity, it's that we all have an innate right to our privacy. - -You might not feel today that you have anything to hide, but you might not feel that way tomorrow and once something is public, it cannot be made private again. diff --git a/mkdocs.production.yml b/mkdocs.production.yml index 443ff968ba..092844bef9 100644 --- a/mkdocs.production.yml +++ b/mkdocs.production.yml @@ -1,7 +1,8 @@ INHERIT: mkdocs.yml plugins: + meta: {} privacy: - externals_assets_exclude: + external_assets_exclude: - cdn.jsdelivr.net/npm/mathjax@3/* - api.privacyguides.net/* - giscus.app/* @@ -11,12 +12,6 @@ plugins: git-revision-date-localized: exclude: - index.en.md - rss: - match_path: "blog/.*" - pretty_print: true - date_from_meta: - as_creation: "created" - datetime_format: "%Y-%m-%d" social: cards: !ENV [CARDS, false] cards_color: @@ -73,4 +68,3 @@ watch: - theme - includes - mkdocs.yml - - data diff --git a/mkdocs.yml b/mkdocs.yml index 2941a7ca91..7db6cf4e7a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -62,6 +62,7 @@ watch: plugins: i18n: default_language: en + default_language_only: true material_alternate: true languages: en: @@ -69,10 +70,6 @@ plugins: build: false tags: {} search: {} - macros: - on_error_fail: true - include_yaml: - - data/articles.yml markdown_extensions: admonition: {} @@ -190,4 +187,4 @@ nav: - 'about/privacy-policy.md' - 'Donate': '/about/donate/' - 'Forum': 'https://discuss.privacyguides.org/' - - 'Blog': 'https://discuss.privacyguides.org/c/blog/10' + - 'Blog': 'https://blog.privacyguides.org/'