privacyguides · dngray · Dec 25, 2021 · Oct 13, 2021
diff --git a/_data/nav/2_software.yml b/_data/nav/2_software.yml
@@ -45,9 +45,9 @@ items:
     icon: fad fa-briefcase
     file: legacy_pages/software/productivity.html
   - type: link
-    title: Real-Time Communication Platforms
+    title: Real-Time Communication
     icon: fad fa-comments-alt
-    file: legacy_pages/software/real-time-communication.html
+    file: _evergreen/real-time-communication.html
   - type: link
     title: Self-Contained Networks
     icon: fad fa-chart-network

diff --git a/_data/software/messengers/1_signal.yml b/_data/software/messengers/1_signal.yml
@@ -0,0 +1,35 @@
+title: Signal
+type: Recommendation
+logo: /assets/img/messengers/signal.svg
+labels: 'color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==All communications pass through a single host. |
+         color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.'
+description: |
+  <strong>Signal</strong> is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling.
+
+  All communications are E2EE. Contact lists are encrypted using your login PIN and the server does not have access to it. Personal profiles are also encrypted and only shared with contacts who add you.
+
+  Signal has minimal metadata when <a href="https://signal.org/blog/sealed-sender/">Sealed Sender</a> is enabled. The sender address is encrypted along with the message body, and only the reciepient address is visible to the server.
+
+  <h4>Notes</h4>
+    <p>Signal requires your phone number as a personal identifier.</p>
+    <p><a href="https://signal.org/blog/sealed-sender/">Sealed Sender</a> is only enabled for users on your contact list but can be enabled for all recipients with the increased risk of receiving spam.</p>
+
+  <h4>Technical information</h4>
+  The protocol was independently <a href="https://eprint.iacr.org/2016/1013.pdf">audited</a> in 2016. The specification for the Signal protocol can be founded in their <a href="https://signal.org/docs/">documentation</a>.
+website: 'https://signal.org'
+privacy_policy: 'https://signal.org/legal'
+downloads:
+  - icon: fab fa-windows
+    url: 'https://signal.org/download'
+  - icon: fab fa-apple
+    url: 'https://signal.org/download'
+  - icon: fab fa-linux
+    url: 'https://signal.org/download'
+  - icon: fab fa-android
+    url: 'https://signal.org/android/apk/#apk-danger'
+  - icon: fab fa-google-play
+    url: 'https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms'
+  - icon: fab fa-app-store-ios
+    url: 'https://apps.apple.com/app/id874139669'
+  - icon: fab fa-github
+    url: 'https://github.com/signalapp'
diff --git a/_data/software/messengers/2_element.yml b/_data/software/messengers/2_element.yml
@@ -0,0 +1,40 @@
+title: Element
+type: Recommendation
+logo: /assets/img/messengers/element.svg
+labels: 'color==info::icon==fas fa-fw fa-wifi::text==Federated::tooltip==Your communications pass through one of a network of hosts that intercommunicate.|color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==One-on-one voice and video calls are peer-to-peer (option can be disabled).|color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.'
+description: |
+  <strong>Element</strong> is the reference client for the <a href="https://matrix.org/docs/guides/introduction">Matrix</a> protocol, an <a href="https://matrix.org/docs/spec">open standard</a> for secure decentralized real-time communication.
+
+  Messages and files shared in private rooms (those which require an invite) are by default E2EE as are 1 to 1 voice and video calls.
+
+  <h4>Notes</h4>
+  Profile pictures, reactions, and nicknames not encrypted.
+
+  Group voice and video calls are <a href="https://github.com/vector-im/element-web/issues/12878">not</a> E2EE, and use Jitsi, but this is expected to change with <a href="https://github.com/matrix-org/matrix-doc/pull/3401">Native Group VoIP Signalling</a>.
+
+  Native Group VoIP Signalling
+
+  When using <a href="https://github.com/vector-im/element-web">element-web</a>, you must trust the server hosting the Element client. If your <a href="/threat-modeling">threat model</a> requires stronger protection then use a desktop or mobile client instead.
+
+  <h4>Technical information</h4>
+  The protocol was independently <a href="https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last">audited</a> in 2016. The specification for the Matrix protocol can be founded in their <a href="https://spec.matrix.org/latest/">documentation</a>. The <a href="https://matrix.org/docs/projects/other/olm">Olm</a> cryptographic ratchet used by Matrix is an implementation of Signal's <a href="https://signal.org/docs/specifications/doubleratchet/">Double Ratchet algorithm</a>.
+
+website: 'https://element.io'
+privacy_policy: 'https://element.io/privacy'
+downloads:
+  - icon: fab fa-windows
+    url: 'https://element.io/get-started'
+  - icon: fab fa-apple
+    url: 'https://element.io/get-started'
+  - icon: fab fa-linux
+    url: 'https://element.io/get-started'
+  - icon: fab fa-android
+    url: 'https://f-droid.org/packages/im.vector.app/'
+  - icon: fab fa-google-play
+    url: 'https://play.google.com/store/apps/details?id=im.vector.app'
+  - icon: fab fa-app-store-ios
+    url: 'https://apps.apple.com/app/vector/id1083446067'
+  - icon: fas fa-globe-americas
+    url: 'https://app.element.io'
+  - icon: fab fa-github
+    url: 'https://github.com/vector-im/element-web'
diff --git a/_data/software/messengers/3_briar.yml b/_data/software/messengers/3_briar.yml
@@ -0,0 +1,25 @@
+title: Briar
+type: Recommendation
+logo: /assets/img/messengers/briar.svg
+labels: 'color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==Senders and recipients connect directly with no middlemen (can be disabled).|color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together (can be disabled).'
+description: |
+  <strong>Briar</strong> is an encrypted instant messenger that <a href="https://briarproject.org/how-it-works/">connects</a> to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar's local mesh mode can be useful when internet availability is a problem.
+
+  <h4>Notes</h4>
+  To <a href="https://briarproject.org/manual/">add a contact</a> on Briar, you must both add each other first. You can either exchange <code>briar://</code> links or scan a contact's QR code if they are nearby.
+
+  <h4>Technical information</h4>
+  The client software was independently <a href="https://briarproject.org/news/2017-beta-released-security-audit/">audited</a> and the anonymous routing protocol uses the Tor network which has also been audited.
+
+  Briar has a fully <a href="https://code.briarproject.org/briar/briar-spec">published specification</a>.
+
+  Briar supports perfect forward secrecy by using the Bramble <a href="https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md">Handshake</a> and <a href="https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md">Transport</a> protocol.
+website: 'https://briarproject.org'
+privacy_policy: 'https://briarproject.org/privacy-policy'
+downloads:
+  - icon: fab fa-android
+    url: 'https://f-droid.org/packages/org.briarproject.briar.android'
+  - icon: fab fa-google-play
+    url: 'https://play.google.com/store/apps/details?id=org.briarproject.briar.android'
+  - icon: fab fa-git
+    url: 'https://code.briarproject.org/briar/briar'
diff --git a/_data/software/messengers/4_session.yml b/_data/software/messengers/4_session.yml
@@ -0,0 +1,34 @@
+title: Session
+type: Recommendation
+logo: /assets/img/messengers/session.svg
+labels: 'color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together.'
+description: |
+  <strong>Session</strong> is an encrypted instant messenger that uses three random  <a href="https://getsession.org/blog/onion-requests-session-new-message-routing-solution"> service nodes</a> to route messages anonymously on the <a href="https://oxen.io">Oxen Network</a>.
+
+  Session allows for E2EE in one-to-one or closed rooms that allow up to 100 members.
+
+  Open rooms have no restriction on the number of members, but anyone can join.
+
+  <h4>Notes</h4>
+  Session does <a href="https://getsession.org/blog/session-protocol-technical-information">not</a> support forward secrecy. The key pair for each conversation is not rotated.
+
+  <h4>Technical information</h4>
+  Session was independently <a href="https://getsession.org/session-code-audit/">audited</a> in 2020. The protocol is described in a <a href="https://arxiv.org/abs/2002.04609">whitepaper</a>.
+
+website: 'https://getsession.org/'
+privacy_policy: 'https://getsession.org/privacy-policy'
+downloads:
+  - icon: fab fa-windows
+    url: 'https://getsession.org/windows'
+  - icon: fab fa-apple
+    url: 'https://getsession.org/mac'
+  - icon: fab fa-linux
+    url: 'https://www.getsession.org/linux'
+  - icon: fab fa-android
+    url: 'https://fdroid.getsession.org/'
+  - icon: fab fa-google-play
+    url: 'https://play.google.com/store/apps/details?id=network.loki.messenger'
+  - icon: fab fa-app-store-ios
+    url: 'https://apps.apple.com/app/id1470168868'
+  - icon: fab fa-github
+    url: 'https://github.com/oxen-io/session-desktop'
diff --git a/_includes/badge.html b/_includes/badge.html
@@ -1,10 +1,11 @@
 {% if include.link %}
 <a
-  href="{{ include.link }}" class="text-decoration-none link-{{ include.color | default: "info" }}"
+  href="{{ include.link }}" class="text-decoration-none badge rounded-pill bg-{{ include.color | default: "info" }}"
   {% if include.tooltip %}
   data-bs-toggle="tooltip"
   title="{{ include.tooltip }}"><i class="{{ include.icon | default: "fad fa-question-circle"}}"></i> {{ include.text }}
-{% else %}><i class="{{ include.icon | default: "fas fa-external-link-alt"}}"></i> <span class="text-decoration-underline">{{ include.text }}</span>{% endif %}
+{% else %}><i class="{{ include.icon | default: "fas fa-external-link-alt"}}"></i> {{ include.text }}
+{% endif %}
 </a>
 {% else %}
 <span

diff --git a/_includes/legacy/card.html b/_includes/legacy/card.html
@@ -12,7 +12,7 @@ <h3 class="h5">{{include.title}}</h3>
             {% assign labels = include.labels | replace:", ", "," | split:"," %}
             <div class="mb-1">
                 {% for label in labels %}
-                    {% assign label_data = label | split:":" %}
+                    {% assign label_data = label | split:";" %}
                     {% assign color = label_data[0] %}
                     {% assign text = label_data[1] %}
                     {% assign tooltip = label_data[2] | default: "" %}

diff --git a/_includes/legacy/sections/email-warning.html b/_includes/legacy/sections/email-warning.html
@@ -5,6 +5,6 @@
       <p class="card-text text-danger">When using end-to-end encryption (E2EE) technology like <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy">OpenPGP</a>, email will still have some metadata that is not encrypted in the header of the email. <a href="/providers/email/#metadata">Read more about email metadata.</a></p>
       <p class="card-text text-danger">OpenPGP also does not support <a href="https://en.wikipedia.org/wiki/Forward_secrecy">Forward secrecy</a>, which means if either your or the recipient's private key is ever stolen, <strong>all</strong> previous messages encrypted with it will be exposed. <a href="/providers/email/#email-encryption">How do I protect my private keys?</a></p>
       <p class="card-text text-info">Rather than use email for prolonged conversations, consider using a medium that does support Forward secrecy.</p>
-      <a href="/software/real-time-communication/" class="btn btn-outline-info">Recommended Instant Messengers</a>
+      <a href="/real-time-communication/" class="btn btn-outline-info">Recommended Instant Messengers</a>
     </div>
 </div>