They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Benjamin Franklin, Memoirs of the life & writings of Benjamin Franklin
This website is not logging any data, is not using any scripts/applications for tracking its visitors and does not place any cookies on your computer.
The access and error logs are disabled in nginx so there is absolutely no trace of any of the visitors of this website; I suggest you do the same thing if you can.
access_log off; error_log /dev/null;
When specifically requested, all data is served over the HTTPS protocol, encrypting all data between the browser and the server. Your network provider will still be able to see that you are downloading data from this website, but they will not be able to see the content.
Do Not Track
This website uses the LetsEncrypt Certificate Authority, which is itself DNT-compliant and does not log your browser checking the validity of this website’s HTTPS certificate.
This website is using meta tags to strip referer information (yes, that’s how the HTTP header IS spelled) from all outgoing links as well as placing
rel="noreferrer" on the same anchor links, therefore not passing any referral data from this website to any external websites.
<meta name="referrer" content="never" /> <meta name="referrer" content="no-referrer" />
HTTP Strict Transport Security (HSTS)
HSTS lets you avoid man-in-the-middle (MITM) attacks that use SSL stripping. SSL stripping is a technique where an attacker forces the browser to connect to a site using HTTP so that they can sniff packets and intercept or modify sensitive information. HSTS is disabled for a simple reason: this website is static and doesn’t serve or process any sensitive information (logins, credit cards, etc).
This may be controversial, but I strongly believe in allowing access to this website via both HTTPS and HTTP. Unencrypted HTTP can be accessed by extremely low-power machines and extremely simple software. TLS is very important, but it does come with a non-trivial complexity and computational cost.
Currently HTTP traffic is NOT redirected to HTTPS (80 to 443).
DDoS Guard is providing protection against DDoS attacks and obscures the origin server for my privacy and safety.
Tor hidden service traffic is served from another machine, OS and country but the logging rules stay the same: no logging whatsoever.
This page is also translated into the following languages:
- Català ➝ Política de privacitat