I think privacy on the web is a big concern and it is getting harder and harder to achieve. Nearly every website uses Google Analytics or a similar service to track its users. The service itself is free, convenient and provides nice statistics, but you pay with the privacy of your unsuspecting visitors for that. I would like to contribute a little bit to the privacy of the web, by not using any of the following technologies on this website:
Things you will never see here
- No Google Analytics
- No commercial ads of any kind
- No social media buttons
- No commercial comment systems
- No cookies (Except for the captcha in the comment form)
- No Google fonts
- No external scripts from a CDN
- Your IP is not stored
Whenever you include any content that is downloaded automatically from another server, you enable that server to track every user of your site. This content is not free. You pay for it with data about your users, which is sold to the highest bidder. That's the reason why I deliberately choose not use any of the above technologies.
I try to follow best practices and provide TLS for the whole website. I will do my best to protect the private key, but I have no direct control over the hardware this is hosted on. Therefore I cannot guarantee that the key won't be stolen.
The server should be configured to allow and prefer perfect forward secrecy. All broken TLS protocol versions and features should be disabled. You can test the properties of the TLS connection on my server with this handy SSL-Test from SSL Labs.
Tor Hidden Service
This website is also accessible as a Tor hidden service through this onion-link: http://nntfixwu2ssgahlb.onion/.
The purpose of this is not to hide this website, but to enable Tor users to visit the site without leaving the Tor-network through an exit node. It is dangerous to run an exit node and you can easily get in legal trouble for it. So there are much more people who run a simple Tor-relay and good powerful exit nodes are rare and a bottleneck for the whole Tor-network. Additionally malicious exit nodes can act as a man in the middle and attack the traffic that is routed through them.
By using the onion-link you get end-to-end encryption, avoid overloaded and potentially dangerous exit nodes and protect your privacy at the same time.