vikarti.anatra/safing-web
1
0
Fork 0
mirror of https://github.com/safing/web synced 2025-04-12 15:09:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Clean up markdown of old blog posts

Browse source
This commit is contained in:
davegson 2021-04-21 18:17:11 +02:00
parent 851c72a008
commit 7189c8e9dd
11 changed files with 88 additions and 91 deletions

2
_layouts/blog.html
View file

@ -6,7 +6,7 @@ layout: page_container
<h1 class="text-5xl tracking-tight font-extrabold leading-none pb-2 pt-8 text-center">{{ page.title }}</h1>
{% if page.summary %}
<p class="text-left max-w-2xl mx-auto">
{{ page.summary }}
{{ page.summary | markdownify }}
</p>
{% endif %}
<p>{{ page.date | date: "%B %-d, %Y" }} • Written by <a href="{{ site.team_url }}#{{ page.author | slugify }}">{{ page.author | capitalize }}</a></p>

26
_publications/2019-11-30-hiring-a-designer-from-the-privacy-community.md
View file

@ -9,29 +9,29 @@ custom_thumbnail_name: hiring-a-designer-from-the-privacy-community
cover_image_source: https://unsplash.com/photos/66O6CE7QvwI
redirect_from:
- /blog/2019/11/29/hiring-a-designer-from-the-privacy-community/
summary: >
_Sidenote: shoutout to [The Hated One](https://www.youtube.com/channel/UCjr2bPAyPV7t35MvcgT3W8Q/), this would not have happened without him!_
---
_Sidenote: shoutout to [The Hated One](https://www.youtube.com/channel/UCjr2bPAyPV7t35MvcgT3W8Q/), this would not have happened without him!_
## First, We Applied for a Big Grant
### First, We Applied for a Big Grant
Back in June we applied for our biggest grant so far. If it was successful, we would receive a grant of around 160.000€ with an additional 150.000€ loan which we would need to pay back in the next years. This meant - with over 300K to work with - we could hire our first employees, pay a code audit, pay our lawyer and even pay us founders our first salaries - which we'd see as a very welcome change indeed. So after weeks and months of preparation and work, on the 5th of June 2019 we sent off our application.
## A Long and Uncertain Wait
### A Long and Uncertain Wait
So off it went, and even though finishing an application was relieving, we knew this did not mean much. It was only a _chance_ of getting this money. And on top of that, we knew we would have to wait until September to get the notice. So we still had to count with a negative and it was with this mentality we went into the next few months.
## We Decided to Gamble
### We Decided to Gamble
Then August came around. We were invited to an official review of our application. This meant we made it to the second round - 🎉 (but still no certainty). In the application we already mentioned we would hire three employees, but only one of them we already had a candidate for. As a result, they told us *if* we received the grant, we would have to fill one of the positions until they would send us the first batch. Hiring is no easy feat, and we were beginners at that. Was it worth taking the risk of investing a lot of hours into hiring a person if we may not even get the grant in the end? We would waste our time and the time of applicants. We made a leap of faith and just went for it.
## The Hiring Process Starts
### The Hiring Process Starts
The next days I worked on our job description. A big shoutout to ghost.org - [their style and structure](https://careers.ghost.org/visual-designer/en) was great inspiration! After we distributed it through a few channels we for a responses. Raphael pre-filtered many of the applications and with a few we set up a video call. The grant was restricted to Austria 🇦🇹, so even though we are open for remote workers, this position needed to be filled anywhere in Austria.
It was fun getting to dive into this area from an employers perspective. So far we've only sat on the other side of the table. One thing I learned was that you really get much more interested if an application sticks out from standard, generic descriptions. And then in our situation you _really_ stick out if you are already into privacy and burning for our mission. We had two applicants who restricted their work to _only_ privacy projects. One of them could not move to Austria, which was a dealbreaker, and the other one was Luke.
## Then Luke Appeared on the Scene
### Then Luke Appeared on the Scene
_Sidenote: [Luke talks all about his side of the story in the podcast]({{ site.podcast_url }}2019/11/29/hiring-a-designer-from-the-privacy-community/)_
@ -41,13 +41,13 @@ The even crazier thing about this was, Luke found out about us and the job via T
After plenty of interviews and rounds we had the two most promising candidates remaining. The other applicant lived nearby, so we could meet in person, but Luke we only meat digitally.
## Flying Him In
### Flying Him In
Since it's easy to pull off a show for a few hours online, we really wanted to get to know Luke in person before making our decision. We offered him to fly in over the weekend, which he accepted after some suspicion.
We booked the flight the day before we received the result about the grant, which increased the gamble, but hey: [the next day we got it]({{ site.ownership_url }}#influences) 🎉
## His Weekend in Austria
### His Weekend in Austria
The weekend was very fun! For me at least - I know Luke rather very nervous in the beginning. He arrived Friday evening, and all of us met on Saturday for lunch at a pizza place. Luke accidentally ordered a pizza, which turned out to be rather complicated to eat, which made him stress out even more. Imagine his situation: You're going to an interview for a job you're excited about. You know you and another candidate are the only ones left. And then all three founders and you go grab some lunch. All eyes on you - and then you're having troubles eating your pizza.
@ -57,19 +57,19 @@ Luke had to be sure about this too, since it meant he would have to move to anot
The next day we dropped him off at the airport. And that Sunday evening all involved knew: the big decision would be made the next day.
## His Burning for Privacy Was the Dealbreaker
### His Burning for Privacy Was the Dealbreaker
It is rather obvious by now that we decided to hire Luke. But both candidates were promising: both had strengths and weaknesses in different areas and both were outspoken. Being blunt turns out to be especially helpful when us founders are rather hardheaded. So what was the dealbreaker? Luke is burning for privacy. He has a personal privacy project which [you should check out too](https://latestprivacy.org/).
## Starting out in Austria
### Starting out in Austria
It took Luke a few weeks to pack up his things and move to Austria, but soon enough, at the beginning of October he became our lead designer. We are very grateful for his work so far and see him as a perfect fit for the job.
He made us reconsider [our old designs]({{ site.img_url }}/archive/previous_designs/homepage_v2.png) and revamped everything to [look more professional]({{ site.img_url }}/archive/previous_designs/homepage_v3.png), while still being approachable.
He made us reconsider [our old designs]({{ site.img_url }}archive/previous_designs/homepage_v2.png) and revamped everything to [look more professional]({{ site.img_url }}archive/previous_designs/homepage_v3.png), while still being approachable.
_Sidenote: [Luke talks all about his side of the story in the podcast]({{ site.podcast_url }}2019/11/29/hiring-a-designer-from-the-privacy-community/). Also, you can [follow him on Twitter.](https://twitter.com/LukeSeers/)_
## Wrap Up
### Wrap Up
Again, this would not have been possible without [The Hated One](https://www.youtube.com/channel/UCjr2bPAyPV7t35MvcgT3W8Q/)! It was a pleasure talking to him and if you don't know him already, check out his videos. They're a great resource for privacy and related topics.

14
_publications/2019-12-06-the-next-5-steps-for-safing.md
View file

@ -9,31 +9,31 @@ custom_thumbnail_name: the-next-5-steps-for-safing
cover_image_source: https://pixabay.com/photos/architecture-stone-blocks-block-3481302/
---
## A Rough Estimate of What Might Happen in 2020
### A Rough Estimate of What Might Happen in 2020
With our Kickstarter around the corner - launching on the 2nd of January 2020 - we thought this might be a good time to communicate what our next steps are going to be. These are no far fetched, crazy dreams, but instead executable plans. In 2020, we will surely finish several of these steps. And if the campaign goes well enough, we could gain sufficient resources to hire additional talent, helping us complete them all!
## 1. The Safing Privacy Network
#### 1. The Safing Privacy Network
First and foremost, our first step is going to be launching the SPN in June. It is a feature packed privacy network which protects your web connections from meta-data extraction as they travel through the Internet. With the SPN your ISP and the Wi-Fi operator of your local coffee shop cannot collect and sell your browsing habits. It protects the connections of your whole computer, not only you those of the browser. It also enforces DNS over TLS. We're looking forward to completing this first step, but it's just the beginning.
_For more information, you can read [more about our tech]({{ site.portmaster_url }}) or [the SPN whitepaper]({{ site.whitepaper_url }})._
## 2. Community Nodes
#### 2. Community Nodes
As we will start out with hosting all of the servers of this multi-hop network ourselves, this means your meta-data is spread across all of our servers. Even though we open sourced our code and made it very difficult, it is in theory still possible for us to extract your browsing habits. As this is not good enough for us, our primary focus will be adding community nodes to the system. Volunteers will be welcomed to join our cause, creating a decentralized network without a single point of trust. And the best thing about it, we will as a second step split our revenue with contributing community nodes, further encouraging this decentralized network.
_Disclaimer: we would love to launch the community nodes and immediately pay them, but this requires additional development and would slow us down in becoming a trust-less system, which is why we decided to take one step first - then the other_
## 3. Linux Support
#### 3. Linux Support
We will initially be launching the SPN on Windows. Although there will be a Linux version as well, we will wait for the full support until a few months after the launch. This means we can bundle all our resources on polishing Windows. People will still be able to experiment with the Linux version, but non-crucial bug fixes and quality of life improvements will have to wait until the full support. This step will probably be achieved around the time as we also introduce the community nodes - so the wait will not be too long.
## 4. Mac Support
#### 4. Mac Support
The first three steps are our main focus, but as soon as we complete them, we will fully dive into also supporting Mac OS - achieving full desktop support. This moment will be super exciting! I cannot wait for the day where every desktop user can come to our homepage and download the Safing app. We really do not want to exclude any users because of limited support.
## 5. Integrated Application Firewall
#### 5. Integrated Application Firewall
After achieving overall desktop support we will help your computer in becoming a privacy stealth machine. It is a great step to protect your meta-data on its way through the web, but what about all those nasty connections that should never have left your computer in the first place? Connections that are only here to track your behavior. Analytics trackers have infiltrated almost all software we currently use. It is the norm not asking you about it and simply uploading your every mouse move, or even your content to another persons computer - oh wait, right: "the cloud".
@ -41,7 +41,7 @@ As we already intercept your connections, why not enable you to block the faulty
And the best it will be totally free to use. We totally get that not everyone will be able to pay for the SPN and its servers - but why not enable them to get stealthy privacy too? There is no reason not to!
## Our Dream for Stage 1. and further Plans
### Our Dream for Stage 1. and further Plans
That will complete the first stage of our plans. At this point we can finally give away an open source, powerful application firewall. Free for anyone to use, supporting all desktop operating systems. And those who like what we do and can afford it, can then pay for the SPN to support us. We truly cannot wait!

12
_publications/2019-12-20-announcing-the-privacytools-sponsorship.md
View file

@ -8,29 +8,29 @@ author: David
custom_thumbnail_name: announcing-the-privacytools-sponsorship
---
**Today we announce that we have become a sponsor of [PrivacyTools.io](https://opencollective.com/privacytoolsio)**
###### Today we announce that we have become a sponsor of [PrivacyTools.io](https://opencollective.com/privacytools)
We are delighted to be in a position where we are able to share our resources, and equally enthusiastic that we can start this off by supporting the amazing PrivacyTools venture.
## What is PrivacyTools?
### What is PrivacyTools?
[PrivacyTools](https://privacytools.io) is an endeavor which strives to inform, educate and empower privacy-minded people to withstand today's mass surveillance. Their thriving community members do not only help each other out, but also equip and aid all newcomers into the field. The team's openness in all their decision making, criteria and finances continues to validate their gained trust across the privacy scene. If you are able [to spare time](https://www.privacytools.io/index.html#participate) or [money](https://www.privacytools.io/donate/), we encourage you to support them too!
## Their Work Impacted Us Personally
### Their Work Impacted Us Personally
Before the Safing journey started, the work of PrivacyTools already impacted all three of us founders. Their website helped us in numerous ways. Whether to deepen our understanding of the importance of privacy or about arguments we can make for it. And most importantly, their software recommendations and instructions armed us to better fight today's mass surveillance. I fondly remember the first time I proudly configured my `about:config` of Firefox, enthusiastically heading to the next section to install additional privacy enhancing extensions.
## Sharing is Caring
### Sharing is Caring
Being into our journey for more than two years, it is amazing having a look back and realizing how far we have come. But at the same time it's also humbling to see how much of it cannot be credited to us, but instead to others. Fellow travelers, founders or privacy advocates - all generously shared their time and input to help us grow. They pushed us to rethink our strategies, gave valuable input on our designs or even gave us a platform where our voices were heard.
Shorty after receiving a big grant from the Austrian Institution for Research, PrivacyTools presented their sponsorship program via Github. Excitedly, I knew the time had come for us to start sharing our received resources with fellow privacy advocates. We decided this while fully being aware that this might fuel our journey too, or it might not - that's for every reader of this announcement to decide. But to us, that is not a dealbreaker. In either case we are happily supporting a genuine and caring team!
## We Got Vetted via Chat
### We Got Vetted via Chat
After reaching out to the team, we were invited to a team chat to discuss everything further. Being listed as a sponsor is completely decoupled from their software recommendations, but still both parties wanted to get to know each other beforehand. As their team is spread across the whole globe, the chat spanned a few days, asynchronously. It was a very encouraging experience to meet and get to know fellow travelers, who are just as committed to the cause of privacy. If you want to meet the team or other fellow privacy enthusiasts, feel free to [hop onto their chat](https://chat.privacytools.io/) ;) - it's a great place to hang out.
## Privacy Space, Unite!
### Privacy Space, Unite!
Just as mentioned in [the accompanying podcast](https://safing.io/podcast/2019/12/20/becoming-privacytools-first-sponsor/), I really feel the privacy space is maturing. We are not only growing in numbers, but we are also growing tighter together. It is a great community, where one thing is allowed to fuel the other, all here to support one another. We are really hopeful that the 20s will be the decade where we take back our right to privacy. And you can count on Safing to play its part, not only with some kickass software, but also by supporting more and more projects which strive for the same utopia as all of us.

18
_publications/2020-01-22-how-the-spn-compares-to-tor.md
View file

@ -8,7 +8,7 @@ author: David
custom_thumbnail_name: spn-tor
---
## Tor's Mission is Broad, Safing Focuses on Ease of Use
### Tor's Mission is Broad, Safing Focuses on Ease of Use
Tor's mission statement (from [https://www.torproject.org/](https://www.torproject.org/) - in the footer), declares:
@ -18,7 +18,7 @@ We wholeheartedly agree and appreciate Tor's work and outlined broader mission,
We believe that freedom can only flourish when privacy is the default. And privacy will only be broadly adopted if it is easy to use. So "Easy to use" is our focus: we want my mom and your mom to be able to conveniently withstand mass surveillance without having to venture deep into tech. This is what drives us. This is our mission.
## The SPN Protects Your Whole Computer
### The SPN Protects Your Whole Computer
The Tor browser has great coverage, supporting all major operating systems. It protects the browser habits of its users and is a breeze to set up. When one additionally wants to safeguard the whole computer via the Tor network one has to use the [operating system tails](https://tails.boum.org/install/index.en.html), which is great at what it does, but hard and technical to set up and use.
@ -26,11 +26,11 @@ This is one key difference to the SPN. With it, it's a simple plug and play. You
Another detail is that Tor does not transport everything, notably UDP traffic. The SPN will support TCP and UDP (+ variants) from the get go and we will see if we will need and implement anything else.
## Tor Is Maturer
### Tor Is Maturer
Tor was released in 2002, while the SPN launched in August 2020. It goes without saying that Tor is the far maturer project of the two. The SPN is still in its early days.
## The SPN Minimizes Travel through the Open Web
### The SPN Minimizes Travel through the Open Web
Both Tor and the SPN provide privacy by decoupling the person (ip-address) from the destination. This prevents your Internet Service Provider and everyone else from logging your Internet activities. When no other identification is provided you even arrive at the destination anonymously, meaning the visited server cannot know who you are.
@ -48,16 +48,16 @@ With the SPN however, every connection is calculated individually and leaves the
![SPN community](https://safing.io/assets/img/spn/spn-community-web.png)
## Minor comments
#### Minor comments
**The Dark Web Is a Non-Goal for Safing**
###### The Dark Web Is a Non-Goal for Safing
Tor's mission for anonymity also enables people to host content anonymously through onion domains. This is a non-goal for Safing.
**SPN Enforces DoT and Blocks Ads/Trackers**
###### SPN Enforces DoT and Blocks Ads/Trackers
As the [open source Portmaster app]({{ site.github_url }}/portmaster/), which hosts the SPN, sits at the kernel, it can add all sorts of amazing privacy features. Current modules (free & optional) include a DNS Resolver which enforces all your DNS queries to use DNS over TLS (DoT) and a Privacy Filter which blocks malicious or unwanted connections.
**The SPN Costs Money**
###### The SPN Costs Money
Both the SPN and Tor are FOSS. But Tor is free to use while you have to subscribe to the SPN in order to use it. Be aware you are not only paying for the SPN, but also supporting us to develop the free application firewall and enabling us to continue fighting for a brighter future.
## Conclusion: It Depends on Your Threat Model
### Conclusion: It Depends on Your Threat Model
Tor is a great project which has pioneered privacy technology and is a firm player in the space while the SPN has fresh, innovative solutions which tackle uncharted ground and focuses on ease of use before all. Depending on your threat model, the SPN may be an alternative to Tor. Or it might not.

26
_publications/2020-01-22-how-the-spn-compares-to-vpns.md
View file

@ -9,18 +9,18 @@ custom_thumbnail_name: how-the-spn-compares-to-vpns
cover_image_source: https://pixabay.com/vectors/the-globe-globe-the-internet-free-4790044/
---
## Overview of VPN Technology
### Overview of VPN Technology
### VPNs Were Built for Security, NOT for Privacy
#### VPNs Were Built for Security, NOT for Privacy
The VPN technology was developed to allow remote workers to securely connect to a corporate network to virtually check into the office and access internal resources. It does this by establishing a secure tunnel between the worker and the company. The VPN shields the whole route from the worker to the office, never entering the "open Internet".
### Commercial VPNs Are just Proxy Servers
#### Commercial VPNs Are just Proxy Servers
A commercial VPNs does something rather mundane. As an example, let's say you want to connect to "google.com" via a VPN. The VPN client first creates a safe tunnel to the VPN server, which then calls upon "google.com". So a VPN safeguards your connections up until the VPN server, then unpacks their protection and routes it back into the open Internet.
### VPNs do NOT Protect Your Privacy
#### VPNs do NOT Protect Your Privacy
There are many legitimate use cases for a VPN, like securely connecting to your corporate network or "beaming" into another country to enjoy different content or cheaper prices. But VPNs do *not* protect your privacy.
## The SPN Truly Protects Your Meta Data
### The SPN Truly Protects Your Meta Data
Before diving into the SPN, let's recap: A VPN does protect you from your Internet Service Provider (ISP) to collect and process you browsing activities. But in the end this just delegates the problem: now the VPN that can collect and sell all your data, which many of them do.
@ -32,7 +32,7 @@ The SPN however decouples the person from the destination, resulting in true pri
![SPN community](https://safing.io/assets/img/spn/spn-community-web.png)
## VPN Technology is More Widespread (for now)
### VPN Technology is More Widespread (for now)
The VPN technology is widespread and almost every computer and mobile phone supports connecting to a VPN natively.
@ -40,12 +40,12 @@ When launching in June, the SPN will support Windows, with Linux following short
The VPN and SPN both tunnel connections from your whole computer, not only from your browser.
## SPN ♥ Open Source - Everybody Can Inspect
### SPN ♥ Open Source - Everybody Can Inspect
Many commercial VPN providers use bold and misleading marketing claims without any evidence to back it up. The code on their servers and mostly on their clients cannot be investigated. They demand your trust but give little to no proof in return.
The [SPN however is open source / FOSS]({{ site.github_url }}/spn/). We do not believe users should simply 'trust' companies when it comes to their privacy. Instead they should be able to inspect vendors and hold them accountable publicly. Feel free to [check out all of our Github](https://github.com/Safing/).
## The SPN Minimizes Travel through the Open Web
### The SPN Minimizes Travel through the Open Web
After a connection arrives at the VPN server it still has to travel to the desired website. Depending on where your VPN is located, this may lead to a slower Internet experience. As an example, a person who is located in Europe may be connected to a US VPN server while loading a European website. This means the connection has to cross the Atlantic twice (EU -> US -> EU).
@ -57,17 +57,17 @@ With the SPN however, every connection is calculated individually and leaves the
![SPN community](https://safing.io/assets/img/spn/spn-community-web.png)
## Minor comments
#### Minor comments
**SPN Enforces DoT and Blocks Ads/Trackers**
###### SPN Enforces DoT and Blocks Ads/Trackers
As the [open source Portmaster app]({{ site.github_url }}/portmaster/), which hosts the SPN, sits at the kernel, it can add all sorts of amazing privacy features. Current modules (free & optional) include a DNS Resolver which enforces all your DNS queries to use DNS over TLS (DoT) and a Privacy Filter which blocks malicious or unwanted connections.
**VPN - a Very Precarious Narrative**
###### VPN - a Very Precarious Narrative
There is [a great write up by Dennis Schubert](https://schub.wtf/blog/2019/04/08/very-precarious-narrative.html) showcasing the problem of todays commercial VPNs, both from a privacy and security perspective. Feel free to check it out, it also shows the valid use cases of VPNs.
**The SPN Costs more Because it is a New Product**
###### The SPN Costs more Because it is a New Product
While VPN providers basically rebrand the same basic technologies widely available, we built every aspect of the network from the ground up, by hand. This is a huge investment and will require lots of resources to properly maintain and improve. But this is the only way to achieve real privacy. Thank you for enabling us to continue fighting for a brighter future!
## Conclusion: SPN > VPN
### Conclusion: SPN > VPN
The VPN technology was built to securely connect two company locations. However, the SPN was developed from the ground up to protect user privacy. As a result the SPN can easily outperform VPNs in every aspect.

18
_publications/2020-02-04-the-two-steps-it-takes.md
View file

@ -15,9 +15,9 @@ Even with the rise of the Internet, it still takes years until a company becomes
This is that story. And the story of shortcuts.
## Step 1: Creating a Product
### Step 1: Creating a Product
### Grind it out with R & D
#### Grind it out with R & D
There's one question that every company answers before starting out: "What problem are you trying to solve?"
@ -25,19 +25,19 @@ Then you go to the drafting board, you research deep into the issue, you think t
This process is called Research & Development. Nothing novel out there 'just happened', instead, an idea was cultivated and progressed through plenty of trials and errors until it matured into a workable solution.
### The Shortcut: Just Copy Work
#### The Shortcut: Just Copy Work
But what if you do not have the time for all that? It's rather easy actually, you just copy a current solution. Or you only slightly add functionality to an existing product. The devil's advocate would call this stealing, the marketer would simply describe it as rebranding.
I in no way condemn companies taking this approach, there is still another mountain to climb to become successful. I simply ask them not to claim their copied solution is something novel.
**Conclusion**
#### Conclusion
With a novel or rebranded product, you're ready to move ahead. But nothing is gained yet. You are still far away from actually being a success.
## Step 2: Marketing and Growth
### Step 2: Marketing and Growth
### Listen and Put in Honest Work
#### Listen and Put in Honest Work
If you have the perfect solution to a problem but nobody knows about it, was the problem really solved? Was your solution really any good? Honestly, no. This is the reason why marketing is *necessary*.
@ -47,17 +47,17 @@ But talking to your market has become difficult. In today's information overflow
For generic growth, there is no way around listening to your audience, being honest and open, and ultimately building a relationship with your customers. Only time, genuine effort and persistence will get you there.
### The Shortcut: Just Buy Attention
#### The Shortcut: Just Buy Attention
Oh yeah, there is a way around this too. Instead of putting in the work, just buy yourself into the game: With todays ad industry, you can simply spend hundreds of thousands of dollars to buy people's attention and hopefully convert enough of them into customers.
The catch with this however is that you normally have to turn to venture capital, which focuses more on the investor's profit than your customers. There's [this vicious cycle going on](https://forum.privacytools.io/t/what-privacy-services-have-been-sold-or-taken-on-major-investors-we-should-find-out/1834/9) that, ultimately, forces so many companies to sell out on their customers. Avoid this at all cost.
**Conclusion**
#### Conclusion
Marketing is the act of talking and promoting your product to the market. As a result, growth is *only* possible through good marketing. The ethics behind it all is another story, but I assume you can guess my stance on that topic ;)
## Failing One Step Results in Overall Failure
### Failing One Step Results in Overall Failure
Think about different companies and their approach in both these steps. What about those who chose to copy old technology but market it in an honest way? What about those that took the shortcut in both cases? What about the geniuses who researched a break-through solution but failed to present and market it to the world?

16
_publications/2020-07-07-how-safing-selects-its-default-dns-providers.md
View file

@ -26,7 +26,7 @@ One thing that has also sparked controversy with all these new encrypted DNS cli
But now we have the same decision to make. How can we choose a default DNS provider that all our users are at least OK with? How can we do that while abiding to our high standards of privacy and transparency? One of the answers is this blog post. Another is to listen carefully what our users tell us.
## How We Rate DNS Providers
### How We Rate DNS Providers
We have identified three basic criteria for selecting DNS providers:
@ -34,13 +34,13 @@ We have identified three basic criteria for selecting DNS providers:
- __Freedom__ is about not interfering with queries. Additional blocking of Ads, trackers and Malware is okay, but there is zero tolerance for censorship.
- __Technical Quality__ is a mixture of query performance, stability and global coverage. The default resolver should work well for everyone, no matter where they live or travel.
## Our Selection
### Our Selection
Quite foreseeably, we started by taking a look at the secure resolvers that were already vetted by the PrivacyTools Community: <https://www.privacytools.io/providers/dns/>
Instead of just choosing one or two providers, we chose to select a pool of DNS providers as a working set in order to quickly react to changes in this landscape (sorted alphabetically):
<h3>AdGuard <small>(<a href="https://adguard.com/en/adguard-dns/overview.html">Website</a>)</small></h3>
<h4>AdGuard <small>(<a href="https://adguard.com/en/adguard-dns/overview.html">Website</a>)</small></h4>
__4/5 Privacy__
AdGuard is registered in Cyprus, but is developed by Russians. They value privacy and transparency and develop a wide range of ad blocking software, which usually need to be paid for. Their DNS service is free to use.
@ -54,7 +54,7 @@ __4/5 Technical Quality__
AdGuard operates about a dozen servers, focusing on North America, Europe and South East Asia. Their coverage can be improved, but their query performance is pretty good.
Lacking Coverage.
<h3>Foundation for Applied Privacy <small>(<a href="https://applied-privacy.net/">Website</a>)</small></h3>
<h4>Foundation for Applied Privacy <small>(<a href="https://applied-privacy.net/">Website</a>)</small></h4>
__5/5 Privacy__
The Foundation for Applied Privacy is a nonprofit privacy infrastructure provider based in Austria (which is also where we are). This is the only selected provider that is fully stationed and operated within the EU.
@ -66,7 +66,7 @@ __3/5 Technical Quality__
While their query performance is really good, they are only present in one country and only run one resolver, making them prone to outages.
Lacking Coverage.
<h3>Cloudflare <small>(<a href="https://cloudflare.com/">Website</a>)</small></h3>
<h4>Cloudflare <small>(<a href="https://cloudflare.com/">Website</a>)</small></h4>
__3/5 Privacy__
Cloudflare is one of the biggest traffic handlers on the Internet and is a publicly traded company based in the US. Although one of the goals of their DNS service is to improve online privacy of users, their sheer size creates a centralization that hurts privacy.
@ -81,7 +81,7 @@ Cloudflare provides both malware and family filtering options. While, as far as
__5/5 Technical Quality__
Cloudflare's DNS service easily sets the bar with their unsurpassed query performance and global coverage.
<h3>Quad9 <small>(<a href="https://quad9.net/">Website</a>)</small></h3>
<h4>Quad9 <small>(<a href="https://quad9.net/">Website</a>)</small></h4>
__4/5 Privacy__
Quad9 is a 501(c)(3) nonprofit organization based in the US. Although they value privacy, there is criticism about the influence Quad9 potentially has from its founding organizations.
@ -97,7 +97,7 @@ While Quad9 is operated in locations where PCH is also present, through which th
_You can find the [exact configuration for each provider here](https://github.com/safing/portmaster/wiki/DNS-Server-Settings)._
## Our Primary Default
### Our Primary Default
While we use a working set of DNS providers, only one will be active at a time. If we configure multiple providers in the default settings, additional providers will act as a fallback in case the Portmaster has any issues with the primary resolver.
@ -115,6 +115,6 @@ Not all changes between providers in the defined working set will be communicate
We would highly appreciate any feedback you have on this selection of providers. If you want to set the DNS provider yourself, [here is how you do it](https://github.com/safing/portmaster/wiki/DNS-Server-Settings).
By doing so, the Portmaster will never use anything else until you make changes again (for global DNS queries).
## Conclusion
### Conclusion
Selecting a default DNS provider is really hard. There is no provider that fulfills all our wishes, yet we have to choose. We hope to have given you a better understanding of this process with this blog post and ask you to please provide feedback if you either do not understand the conclusions we come to or feel uncomfortable with how we are going about this. We listen to what you have to say.

12
_publications/2020-07-07-we-are-updating-portmasters-default-dns-servers.md
View file

@ -8,7 +8,7 @@ author: daniel
custom_thumbnail_name: we-are-updating-portmasters-default-dns-servers
---
## TLDR
### TLDR
On Monday, the 13th of July 2020, we will be changing the default DNS resolvers of the Portmaster to AdGuard, Applied Privacy, Cloudflare and Quad9 (sorted alphabetically). This will **affect all users who have NOT configured their own DNS servers**. If you have set your own preference the Portmaster will never use something else until you make changes again.
@ -27,11 +27,11 @@ At release of this post the default DNS providers is set to:
This means the primary resolver is Quad9 (1). Only when issues arise with Quad9, will the Portmaster fall back to Cloudflare (2). The same applies when a third, fourth, etc., provider is configured.
## You Can Set Your Own Preference
### You Can Set Your Own Preference
A lot of information is shared with DNS providers, which is why trust and empowerment are so important. We know one shoe does not fit all, which is why you can set your own DNS providers of choice, overruling all current and future Portmaster defaults in the process. So the Portmaster will never use anything else until you make changes again (for global DNS queries). We set up a [guide to help you in this process](https://github.com/safing/portmaster/wiki/DNS-Server-Settings).
## The Current Default Impacts Performance
### The Current Default Impacts Performance
Quad9's performance is in a good range for normal DNS queries, but there are performance problems with our DNS-over-TLS client and their DNS-over-TLS server implementation. We are in contact with Quad9 to troubleshoot and resolve this problem. Unfortunately, this process is taking longer than expected, and we do not want to sacrifice DNS query encryption by falling back to plain old DNS. But because these issues frequently have a serious impact on the functionality of the Portmaster, we will need to do something about it. So we went on to explore more alternatives, and may eventually switch back to Quad9 as our primary (1) default resolver.
@ -68,11 +68,11 @@ The new working set of DNS providers will go into production with a Portmaster C
### Future Improvements
__Near-term__
###### Near-term
Right now, selecting a custom dns provider is a bit cumbersome, as it requires understand a little syntax and/or copying seemingly obscure and long strings into your settings. We will provide a one-click interface to switch between multiple options near-term. We will also show the currently used DNS on the Portmaster dashboard, so you know at a glance who is resolving your DNS queries.
__Mid-term__
###### Mid-term
We want all our users to know where their data flows to. We make no assumptions that all Portmaster users will read this blog post. Instead, we will invest in informing our users about important default settings and updates directly in the Portmaster App mid-term.
__Long-term__
###### Long-term
No matter what DNS provider we choose as a default, there will always be the possibility of a provider abusing this trust. There just is no way for a provider to technically guarantee their promises. The only way around this is to mask our users from the provider. We are evaluating options to provide a free [SPN]({{ site.spn_url }}) tier that will provide free access to the SPN for DNS queries only in the long-term. Again, this is _not_ certain and _if_ it comes, will take at least two or three years to arrive.

18
_publications/2020-09-02-ama-we-want-your-feedback.md
View file

@ -12,7 +12,7 @@ _Update: [the AMA concluded](https://www.reddit.com/r/privacytoolsIO/comments/iv
---
## We're Doing an AMA
### We're Doing an AMA
What good is a privacy company if it is hiding certain aspects of its business? As we see it, not much really. A (privacy) chain breaks at its weakest link.
@ -20,23 +20,21 @@ That is why you can **Ask Us Anything** in the upcoming AMA event! Ask us things
Learn more about why we do what we do in the first place, what we are up to and what problems we have to face being a privacy first company.
[>>>> Visit the AMA <<<<](https://www.reddit.com/r/privacytoolsIO/comments/iv6mca/we_are_safing_a_forprivacy_counterculture_company/)
[Visit the AMA](https://www.reddit.com/r/privacytoolsIO/comments/iv6mca/we_are_safing_a_forprivacy_counterculture_company/)
## Friday, September 18 at 14:00 UTC
### Friday, September 18 at 14:00 UTC
is when we will be kicking this off on the [r/PrivacytoolsIO](https://www.reddit.com/r/privacytoolsIO/) Subreddit. Don't be disappointed if you won't be able to make it to the start, as it will run for a whole week through September 25.
<div class="notification-podcast">
<img src="{{ site.img_url }}icons/mic.svg">
<p>
Please note that the Portmaster updates itself and that the provided packages are only meant for an initial.
</p>
<img src="{{ site.img_url }}icons/mic.svg">
<p>
Please note that the Portmaster updates itself and that the provided packages are only meant for an initial.
</p>
</div>
If you want a __reminder__, you can [subscribe to our newsletter](#newsletter), [follow us on Twitter](https://twitter.com/SafingIO), or [join our Subreddit](https://www.reddit.com/r/safing/).
We will send out reminders when it launches.
If you're late to the party, don't fret.
If you're late to the party, don't fret.
We always love to read an email from you, just send it to [hello@safing.io](mailto:hello@safing.io).

17
_publications/2021-03-24-broad-spn-access-postponed-to-q3-here-is-why.md
View file

@ -9,16 +9,15 @@ custom_thumbnail_name: broad-spn-access-postponed-to-q3-here-is-why
summary: "Different factors made us prioritize Portmaster before SPN development in the second half of 2020. Since the start of 2021 we are focusing on SPN development again - by Summer a lot will have happened and you will notice all of the impact. We are sorry for this delay."
---
#### In August 2020 We Decided to Shift Our Attention to the Portmaster
### In August 2020 We Decided to Shift Our Attention to the Portmaster
Back in August 2020, we re-evaluated our approach and decided to focus on Portmaster development. There were multiple factors to this:
**1. the SPN is tightly integrated into the Portmaster.**
###### 1. the SPN is tightly integrated into the Portmaster.
The SPN builds on one of the main Portmaster features, intercepting network connections. The SPN relies on this working as much as the Portmaster does. And back then, this aspect was far less mature. So it did not matter how far we would come with the SPN since clients could not reliably connect to the Safing Privacy Network.
**2. the User Experience depends on the Portmaster too**
###### 2. the User Experience depends on the Portmaster too
It is kinda crazy to see where we were at. Remember this?
@ -26,23 +25,23 @@ It is kinda crazy to see where we were at. Remember this?
Our previous User Interface was ok - coming from techy developers - but for broader adoption it was clear we needed something simpler and nicer. You can see how that huge work package progressed over the months in the update blogs of [August](https://safing.io/blog/2020/08/31/progress-update-august/), [September](https://safing.io/blog/2020/10/02/progress-update-september/), [October](https://safing.io/blog/2020/11/02/progress-update-october/) and [November](https://safing.io/blog/2020/12/03/progress-update-november/).
**3. Marketing the SPN with a ugly and buggy Portmaster was very challenging**
###### 3. Marketing the SPN with a ugly and buggy Portmaster was very challenging
On the marketing front, we were fighting an almost impossible battle. Get people to try our software or even pre-order a product which was really not that great. Only the toughest of Early Adopters stayed around - big shoutout to you all! But to truly progress, we simply needed more users to understand and improve the product.
#### In Retrospect We Are Happy About This Decision
### In Retrospect We Are Happy About This Decision
Looking back, we believe this was the right call. The Portmaster has become more mature from a technical perspective which in return benefits the SPN mid-term too. Also, the new Portmaster UI let us present the software on our website and has made the software more accessible.
#### Since 2021 Our Development Focus Returned to the SPN
### Since 2021 Our Development Focus Returned to the SPN
With the new year we re-shifted our technical development towards the SPN. The main thing we had to do in Q1 was to evaluate anomaly detection algorithms. Due to funding from the ESA-BIC we were contractually required to wrap that project up. This was successful and will come in handy down the road.
#### Dedicating Q2 to SPN, A Lot Will Happen There
### Dedicating Q2 to SPN, A Lot Will Happen There
Anyway, we are happy that all this work "for the future" is wrapped up, allowing us to focus on things the SPN needs _today_ in order to stabilize the network and ultimately let more users join. Overall, we can now fully dedicate our technical attention to developing the SPN, while the Portmaster will only receive bug fixes and minor updates. We are sure you will notice the impact of this in the coming months.
#### We Are Sorry For This Delay
### We Are Sorry For This Delay
Again, we are sorry for the caused delay and take full responsibility. If you are already using the Portmaster and/or were excited for the SPN let us know how you feel about all of this. We always appreciate hearing from you.